IP address
Search at other sites: 
.00027.102.137.150
Shodan(more info)
Passive DNS
- OTX pulses
-
[69dd07742196e34ee1615b73] 2026-04-13 15:10:44.257000 | Live C2 Dump Recovering Every Stage of the Kill Chain: CHM Dropper, VBScript Stager, PowerShell Keylogger
Author name: AlienVault Pulse modified: 2026-04-13 16:04:28.796000 Indicator created: 2026-04-13 15:10:45 Indicator role: None Indicator title: Indicator expiration: 2026-05-13 15:00:00
Threat categories
| TL | Role | Category | Details |
|---|---|---|---|
| No threat category tags assigned | |||
- Origin AS
- AS45996 - GNJ-AS-KR GNJ-AS-KR-KR
- BGP Prefix
- 27.102.0.0/16
- geo
- South Korea
- 🕑 Asia/Seoul
- hostname
- (null)
- Address block ('inetnum' or 'NetRange' in whois database)
- 27.102.0.0 - 27.102.255.255
- last_activity
- 2026-04-28 20:43:14.150000
- rep
- 0.0
- reserved_range
- 0
- Shodan's InternetDB
- Open ports: 80, 135, 443, 5357, 5985
- Tags: –
- CPEs: cpe:/a:openssl:openssl:3.1.3, cpe:/a:php:php:8.0.30, cpe:/a:apache:http_server:2.4.58
- ts_added
- 2026-04-28 20:43:20.335000
- ts_last_update
- 2026-05-16 20:43:30.548000
Warden event timeline
DShield event timeline
OTX pulses