
개요
최근 WordPress 를 운영하면서 악성 봇 접근의 시도가 매우 많이 늘어난 것을 짐작할 수 있었다.
과거부터 악의적인 접근으로 추정되는 IP 대역을 항상 C클래스 대역으로 Cloudflare 를 통해 전체 차단을 걸고 처리를 하였는데 최근 이러한 공격이 더욱 더 가중되었다.
아래와 같은 로그를 보고 판단해볼 수 있었다.
사실 엄청 대단한 내용은 아니고 간단하게 로그를 보고 인터넷을 찾아보면서 검증한 사항이라 이런일도 있구나 정도로 생각하고
게시글을 봤으면 좋겠다.
악성 Bot 로그
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 | 52.178.177.211 - - [01/Jun/2025:00:30:27 +0900] "GET /.well-known/.well-known/owlmailer.php HTTP/2.0" 404 351 "-" "-" 52.178.177.211 - - [01/Jun/2025:00:30:28 +0900] "GET /.well-known/pki-validation/iR7SzrsOUEP.php HTTP/2.0" 404 351 "-" "-" 52.178.177.211 - - [01/Jun/2025:00:30:29 +0900] "GET /.well-known/pki-validation/ibkejxnu.php HTTP/2.0" 404 351 "-" "-" 52.178.177.211 - - [01/Jun/2025:00:30:30 +0900] "GET /.well-known/pki-validation/ckyocyyp.php HTTP/2.0" 404 251 "-" "-" 52.178.177.211 - - [01/Jun/2025:00:30:32 +0900] "GET /.well-known/pki-validation/fond.php HTTP/2.0" 404 351 "-" "-" 52.169.150.195 - - [01/Jun/2025:00:44:30 +0900] "GET /.well-known/pki-validation/wp-scripts.php HTTP/2.0" 404 351 "-" "-" 52.169.150.195 - - [01/Jun/2025:00:44:32 +0900] "GET /.well-known/pki-validation/lang-load-role.php HTTP/2.0" 404 351 "-" "-" 52.169.150.195 - - [01/Jun/2025:00:44:34 +0900] "GET /.well-known/pki-validation/ssl.php HTTP/2.0" 404 351 "-" "-" 52.169.150.195 - - [01/Jun/2025:00:44:35 +0900] "GET /.well-known/pki-validation/amaxx.php HTTP/2.0" 404 351 "-" "-" 52.169.150.195 - - [01/Jun/2025:00:44:35 +0900] "GET /.well-known/zxhfwqyt.php HTTP/2.0" 404 84 "-" "-" 52.169.150.195 - - [01/Jun/2025:00:44:37 +0900] "GET /.well-known/sx.php HTTP/2.0" 404 162 "-" "-" 52.169.150.195 - - [01/Jun/2025:00:44:38 +0900] "GET /.well-known/pki-validation/Newsupway.php HTTP/2.0" 404 351 "-" "-" 52.164.228.23 - - [01/Jun/2025:02:05:43 +0900] "GET /.well-known/ HTTP/2.0" 403 433 "-" "-" 52.164.228.23 - - [01/Jun/2025:02:05:43 +0900] "GET /.well-known//about.php HTTP/2.0" 301 200 "-" "-" 52.164.228.23 - - [01/Jun/2025:02:05:44 +0900] "GET /.well-known/about.php HTTP/2.0" 404 336253 "-" "-" 52.164.228.23 - - [01/Jun/2025:02:05:46 +0900] "GET /.well-known/ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/2.0" 404 336342 "-" "-" 52.164.228.23 - - [01/Jun/2025:02:05:47 +0900] "GET /.well-known/about.php HTTP/2.0" 404 336262 "-" "-" 52.164.228.23 - - [01/Jun/2025:02:05:49 +0900] "GET /.well-known/acme-challenge/ HTTP/2.0" 404 336263 "-" "-" 52.164.228.23 - - [01/Jun/2025:02:05:50 +0900] "GET /.well-known/acme-challenge//.info.php HTTP/2.0" 301 101 "-" "-" 52.164.228.23 - - [01/Jun/2025:02:05:50 +0900] "GET /.well-known/acme-challenge/.info.php HTTP/2.0" 404 336291 "-" "-" 52.169.253.254 - - [01/Jun/2025:05:24:48 +0900] "GET /.well-known/pki-validation/worksec.php HTTP/2.0" 404 336554 "-" "-" 52.169.200.34 - - [01/Jun/2025:06:11:03 +0900] "GET /.well-known/pki-validation/worksec.php HTTP/2.0" 404 351 "-" "-" 52.169.53.14 - - [01/Jun/2025:07:53:10 +0900] "GET /.well-known/ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/2.0" 200 943 "-" "-" 52.169.53.14 - - [01/Jun/2025:07:53:19 +0900] "GET /.well-known/radio.php HTTP/2.0" 200 943 "-" "-" 52.178.179.221 - - [01/Jun/2025:08:26:48 +0900] "GET /.well-known/pki-validation/plugins.php HTTP/2.0" 404 351 "-" "-" 52.164.228.255 - - [01/Jun/2025:08:35:56 +0900] "GET /.well-known/ HTTP/2.0" 403 358 "-" "-" 52.164.228.255 - - [01/Jun/2025:08:35:57 +0900] "GET /.well-known/acme-challenge/ HTTP/2.0" 403 358 "-" "-" 52.138.142.18 - - [01/Jun/2025:14:57:02 +0900] "GET /.well-known/gecko-litespeed.php HTTP/2.0" 404 162 "-" "-" 52.138.216.107 - - [01/Jun/2025:15:21:36 +0900] "GET /.well-known/gecko-litespeed.php HTTP/2.0" 404 336526 "-" "-" 52.164.121.93 - - [01/Jun/2025:15:28:47 +0900] "GET /.well-known/pki-validation/plugins.php HTTP/2.0" 200 943 "-" "-" 52.138.142.18 - - [01/Jun/2025:16:40:05 +0900] "GET /.well-known/gecko-litespeed.php HTTP/2.0" 200 943 "-" "-" 52.178.178.190 - - [01/Jun/2025:17:11:51 +0900] "GET /.well-known/pki-validation/plugins.php HTTP/2.0" 404 351 "-" "-" 52.178.145.63 - - [01/Jun/2025:17:24:34 +0900] "GET /.well-known//.well-known/ HTTP/2.0" 301 376 "-" "-" 52.178.145.63 - - [01/Jun/2025:17:24:36 +0900] "GET /.well-known/.well-known/ HTTP/2.0" 404 336263 "-" "-" 52.178.145.63 - - [01/Jun/2025:17:24:40 +0900] "GET /.well-known/pki-validation/index.php HTTP/2.0" 301 378 "-" "-" 52.178.145.63 - - [01/Jun/2025:17:24:41 +0900] "GET /.well-known/pki-validation/ HTTP/2.0" 404 336245 "-" "-" 52.178.145.63 - - [01/Jun/2025:17:24:44 +0900] "GET /.well-known/idupkfqa.php HTTP/2.0" 404 336514 "-" "-" 52.178.145.63 - - [01/Jun/2025:17:24:48 +0900] "GET /.well-known/fmseuycg.php HTTP/2.0" 404 336505 "-" "-" 52.178.153.83 - - [01/Jun/2025:19:43:10 +0900] "GET /.well-known/pki-validation/xmrlpc.php HTTP/2.0" 200 943 "-" "-" 52.169.211.170 - - [01/Jun/2025:23:45:58 +0900] "GET /.well-known/ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/2.0" 404 336586 "-" "-" 52.169.211.170 - - [01/Jun/2025:23:46:08 +0900] "GET /.well-known/radio.php HTTP/2.0" 404 336514 "-" "-" |
로그가 너무 많아 다 담을 수는 없었지만, 가장 많은 악의적인 접근 기록을 보여줬던 대역은 AS8075(MICROSFOT-CORP-MSN-AS-BLOCK) 으로
Bing 이나 Microsoft 365 같은 정상적인 Microsoft 의 대역도 있지만, 악의적인 봇 대역도 다수 확인되고 있는 봇을 확인할 수 있었다.
대부분 아일랜드 국가의 IP 대역으로 접근해오고 있고
이러한 IP 를 로깅하고 공유하는 AbuseIPDB 에서도
해당 AS8075 의 IP 대역들에 대한 리포트수가 매우 높았음을 알 수 있었다.
크롤링 의심 로그
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 | 222.239.104.101 - - [02/Jun/2025:00:00:52 +0900] "GET / HTTP/2.0" 200 5789 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.139 - - [02/Jun/2025:00:35:04 +0900] "GET / HTTP/2.0" 200 5789 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET / HTTP/2.0" 200 5789 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/favicon128.png HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/5.jpg HTTP/2.0" 304 166 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/4.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/2.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/0.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/1.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/3.jpg HTTP/2.0" 304 166 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/default_avatar.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/6.jpg HTTP/2.0" 304 166 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/7.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/8.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/9.jpg HTTP/2.0" 304 166 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/10.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/11.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/13.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/12.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.227 - - [02/Jun/2025:01:01:07 +0900] "GET /img/friends/14.jpg HTTP/2.0" 304 166 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.215 - - [02/Jun/2025:01:57:09 +0900] "GET / HTTP/2.0" 200 5789 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.202 - - [02/Jun/2025:02:06:04 +0900] "GET / HTTP/2.0" 200 5789 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.212 - - [02/Jun/2025:02:18:29 +0900] "GET / HTTP/2.0" 200 943 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:56 +0900] "GET / HTTP/2.0" 200 5789 "" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:56 +0900] "GET /img/favicon128.png HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:56 +0900] "GET /img/friends/4.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:56 +0900] "GET /img/friends/2.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:56 +0900] "GET /img/friends/5.jpg HTTP/2.0" 304 166 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:56 +0900] "GET /img/friends/3.jpg HTTP/2.0" 304 166 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:56 +0900] "GET /img/friends/0.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:56 +0900] "GET /img/friends/1.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:57 +0900] "GET /img/friends/6.jpg HTTP/2.0" 304 166 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:57 +0900] "GET /img/friends/default_avatar.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:57 +0900] "GET /img/friends/7.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:57 +0900] "GET /img/friends/8.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:57 +0900] "GET /img/friends/9.jpg HTTP/2.0" 304 166 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:57 +0900] "GET /img/friends/10.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:57 +0900] "GET /img/friends/11.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:57 +0900] "GET /img/friends/12.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:57 +0900] "GET /img/friends/13.jpg HTTP/2.0" 304 165 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" 222.239.104.226 - - [02/Jun/2025:03:31:57 +0900] "GET /img/friends/14.jpg HTTP/2.0" 304 166 "https://supersu.kr/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" |
이 IP 대역 역시 로그가 너무 많아 모두 다 담을 수 없었으나
이 로그들이 고작 단 하루의 access.log 에 기록된 접근 로그였다.
같은 C 클래스 대역에서 일정 주기마다 비슷한 index 접근 시도가 반복적으로 접속하고 있었으나
User-Agent 가 일반 사용자와 비슷하게 속여 접근해서 Bot 접속인지 아닌지를 파악하기가 힘들었다.
AbuseIPDB 에서는 해당 IP 대역으로 리포트 된 이력은 없었으나, 유사한 패턴에 대한 문의가 있는지 확인하기 위해
해당 IP 로 구글링 해본 결과 국내 사이트 등지에서 해당 IP 대역을 크롤링 봇으로 간주하고 C클래스 대역을 차단한 걸로 확인된다.
Cloudflare 이력

내 서버상에서는 대략 4,000여개의 접근이 Cloudflare 에 의해 차단되거나 챌린지로 전환이 되었고 이는 전체적인 트래픽의 약 1/4 정도를 차지했다.
이와같이 악성 봇은 대체적으로 일반적인 사용자 ISP 대역이 아닌 호스팅 서버 위주의 기업용 대역에서 잦은 트래픽 접근이 많은 사례다.

지속적인 로그를 통한 관리를 통해 내 서버가 악성코드의 온상지가 되지 않도록 하는것이 중요하고 항상 로그에 대해서는 신경을 쓰는것이 좋아 보인다.
악의적인 Bot 대역
악성 Bot
주의 : 이 악성 Bot 대역은 Microsoft Bing 이나 Microsoft 365 등에서 쓰이는 정상적인 IP 대역도 있으므로 ASN을 전체 차단하는 경우 해당 시스템에 이슈가 있을 수 있습니다.
- 52.169.23.0/24
- 62.178.186.0/24
- 52.169.90.0/24
- 52.178.216.0/24
- 52.164.229.0/24
- 52.178.215.0/24
- 52.138.142.0/24
- 52.178.178.0/24
- 52.178.145.0/24
- 52.138.216.0/24
- 52.169.150.0/24
- 52.164.228.0/24
- 52.169.253.0/24
- 52.169.200.0/24
- 52.164.121.0/24
- 52.169.53.0/24
- 52.178.179.0/24
- 52.178.177.0/24
- 52.169.149.0/24
- 52.169.40.0/24
- 52.164.231.0/24
- 52.178.148.0/24
- 52.138.177.0/24
- 52.169.141.0/24
- 52.138.141.0/24
- 52.138.221.0/24
- 52.169.142.0/24
- 52.169.0.0/24
- 52.178.223.0/24
- 52.178.190.0/24
- 52.169.74.0/24
- 52.178.204.0/24
- 52.164.250.0/24
- 52.138.217.0/24
- 52.138.139.0/24
- 52.240.57.0/24
- 52.156.70.0/24
- 52.254.87.0/24
- 52.149.208.0/24
- 52.249.180.0/24
크롤링 의심 로그
- 222.239.104.0/24
![You are currently viewing [Security] wordpress 를 향한 잦은 크롤링 및 악성 봇 관련 차단일지](https://i0.wp.com/blog.supersu.kr/wp-content/uploads/2025/06/unnamed.png?fit=1024%2C1024&ssl=1)