IP address
Search at other sites: 
.00027.102.138.45
Shodan(more info)
Passive DNS
- OTX pulses
-
[69dd07742196e34ee1615b73] 2026-04-13 15:10:44.257000 | Live C2 Dump Recovering Every Stage of the Kill Chain: CHM Dropper, VBScript Stager, PowerShell Keylogger
Author name: AlienVault Pulse modified: 2026-04-13 16:04:28.796000 Indicator created: 2026-04-13 15:10:45 Indicator role: None Indicator title: Indicator expiration: 2026-05-13 15:00:00
Threat categories
| TL | Role | Category | Details |
|---|---|---|---|
| No threat category tags assigned | |||
- Origin AS
- AS45996 - GNJ-AS-KR GNJ-AS-KR-KR
- BGP Prefix
- 27.102.0.0/16
- geo
- South Korea
- 🕑 Asia/Seoul
- hostname
- (null)
- Address block ('inetnum' or 'NetRange' in whois database)
- 27.102.0.0 - 27.102.255.255
- last_activity
- 2026-04-28 20:43:14.081000
- rep
- 0.0
- reserved_range
- 0
- Shodan's InternetDB
- Open ports: 22, 53, 80, 110, 111, 143, 443, 465, 587, 993, 995, 2082, 2083, 2086, 2087, 3306
- Tags: starttls, database
- CPEs: cpe:/a:apache:http_server, cpe:/a:openbsd:openssh:8.7, cpe:/a:mariadb:mariadb, cpe:/a:exim:exim:4.99.1
- ts_added
- 2026-04-28 20:43:14.360000
- ts_last_update
- 2026-05-16 20:43:20.339000
Warden event timeline
DShield event timeline
OTX pulses