EULJI MUNDEOK

VHOST SECURITY ANALYSIS & INTRUSION MONITOR

--:--:--

2026-04-19 | qec-0238.cafe24.com

LOG: ACTIVE /var/log/httpd/access_log

CPU Load 1m

1.53

2.01 / 1.93 (5m/15m)

RAM Usage

26.6%

4GB / 15.2GB

Disk Usage

15.2%

35.5GB / 233.3GB

HTTP Reqs (5m)

전체 분석: 1,884건

Scanner Hits

알려진 스캐너 IP

Suspicious Path

수상한 경로 접근 IP

Bot Candidates

자동화 패턴 감지

THREAT SUMMARY

⚡

74.7.227.171 — 알려진 스캐너/봇 도구 감지 832회

iptables -I INPUT -s 74.7.227.171 -j DROP

⚡

74.7.227.27 — 알려진 스캐너/봇 도구 감지 780회

iptables -I INPUT -s 74.7.227.27 -j DROP

⚡

216.73.217.89 — 알려진 스캐너/봇 도구 감지 83회

iptables -I INPUT -s 216.73.217.89 -j DROP

⚠️

74.7.227.27 — 수상한 경로 탐색 11건

/GNU/shop.config.php /OLDBOY/install/install_config.php /M72X2/X2/data/dbconfig.php

iptables -I INPUT -s 74.7.227.27 -j DROP

⚠️

74.7.227.171 — 수상한 경로 탐색 10건

/GNU/shop.config.php /OLDBOY/install/install_config.php /M72X2/X2/data/dbconfig.php

iptables -I INPUT -s 74.7.227.171 -j DROP

⚠️

20.251.200.200 — 수상한 경로 탐색 3건

/wp-includes/theme-compat/wp-login.php /wp-admin/images/admin.php /config.php

iptables -I INPUT -s 20.251.200.200 -j DROP

🤖

20.251.200.200 — 자동화 요청 패턴 감지 평균 1초 간격 stddev 0

iptables -I INPUT -s 20.251.200.200 -j DROP

IP ATTACK WATCH (5분)

IP	Reqs	UA 수	판정
216.73.217.89	54	1	SCANNER PROBE
180.65.72.118	11	2	PROBE
74.7.227.27	9	1	SCANNER PROBE
74.7.227.171	8	1	SCANNER PROBE
116.179.32.170	1	1	SCANNER
74.7.230.45	1	1	SCANNER

SUSPICIOUS PATH PROBE

IP	탐색 경로	건수
74.7.227.27	`/GNU/shop.config.php` `/OLDBOY/install/install_config.php` +9개	11
74.7.227.171	`/GNU/shop.config.php` `/OLDBOY/install/install_config.php` +8개	10
20.251.200.200	`/wp-includes/theme-compat/wp-login.php` `/wp-admin/images/admin.php` +1개	3
216.73.217.89	`/phpmyadmin/` `/phpmyadmin`	2
180.65.72.118	`/phpMyAdmin/index.php?route=/`	2

TOP URI (전체)

Path	Hits
`/OLDBOY/_PAGE/_MAIN/asset/coin_item_list.php?ajax=1`	30
`/`	11
`/robots.txt`	4
`/X2`	4
`/data/file/sexyphoto2013/sexyphoto/1914528273_A27twIhy_www_geosigi_net`	4
`/OLDBOY/adm/member_list_exel_export.php`	2
`/M72X2/X2/plugin/inicert/ini_find_result.php`	2
`/phpMyAdmin/index.php?route=/`	2	PROBE
`/ZIP/X2/plugin/PHPMailer/language/phpmailer.lang-es.php`	2
`/OLDBOY/skin/social/consent_modal.inc.php`	2
`/GNU/plugin/PHPMailer/get_oauth_token.php`	2
`/M72X2/X2/adm/captcha_file_delete.php`	2

USER AGENT 분석

User Agent	Hits
Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GP	1612	SCANNER
-	100
Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Cl	83	SCANNER
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHT	60
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHT	4
Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/s	3	SCANNER
Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWeb	3
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1	3	SCANNER
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHT	2
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHT	2
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bo	2	SCANNER
Mozilla/5.0 zgrab/0.x	2	SCANNER

REQUEST METHOD 분포

GET 1,880 (99.8%)

POST 2 (0.1%)

PROPFIND 1 (0.1%)

t3 1 (0.1%)

HTTP STATUS 분포

200 1,629 (86.5%)

404 135 (7.2%)

500 62 (3.3%)

403 46 (2.4%)

301 8 (0.4%)

302 2 (0.1%)

405 1 (0.1%)

400 1 (0.1%)

LIVE TRAFFIC LOG (5분 최근 30건)

20:41:48 216.73.217.89 GET /GNU/_PAGE/asset/upbit/data_assets.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:42 74.7.227.27 GET /M72X2/X2/shop/mail/orderupdate3.mail.php 500 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:41 116.179.32.170 GET /bbs/board.php?bo_table=tarot_storage&wr_id=2053&sfl=collection_1&stx=%EC%9D%BC%EB%9F%AC%EC%8A%A4%ED 404 Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu. S

20:41:33 216.73.217.89 GET /GNU/adm/ 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:33 216.73.217.89 GET /GNU/adm 301 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:33 216.73.217.89 GET /GNU/_PAGE/stats/average_price_24h.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:32 216.73.217.89 GET /GNU/_PAGE/asset/upbit/chart_line_holding_data_1.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:32 216.73.217.89 GET /GNU/_PAGE/chart/upbit/wall/wall_bar_live_v1.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:22 216.73.217.89 GET /GNU/_PAGE/chart/upbit/quantum 404 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:21 216.73.217.89 GET /GNU/_PAGE/data/on_chain_data/coin_dominance.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:21 216.73.217.89 GET /GNU/_PAGE/maria/upbit_event.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:21 216.73.217.89 GET /GNU/_PAGE/indicators 404 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:17 74.7.227.27 GET /M72X2/X2/shop/itemrecommendmail.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:10 74.7.227.171 GET /OLDBOY/adm/member_list_exel_export.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:41:00 180.65.72.118 GET /OLDBOY/_PAGE/_MAIN/asset/coin_item_list.php?ajax=1 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36

20:41:00 180.65.72.118 GET /OLDBOY/_PAGE/_MAIN/asset/main_asset.php?ajax_mode=get_json&v=1776598860233 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36

20:40:49 74.7.227.27 GET /M72X2/X2/shop/itemuseformupdate.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:31 216.73.217.89 GET /GNU/_PAGE/chart/ 403 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:31 216.73.217.89 GET /GNU/_PAGE/chart 301 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:31 216.73.217.89 GET /GNU/_PAGE/daemon/ 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:30 216.73.217.89 GET /GNU/_PAGE/help 404 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:30 216.73.217.89 GET /GNU/_PAGE/daemon 301 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:29 216.73.217.89 GET /GNU/_PAGE/system 404 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:24 216.73.217.89 GET /GNU/_PAGE/maria/upbit_db.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:24 216.73.217.89 GET /GNU/_PAGE/data/upbit/db/db_data.php?table=daemon_upbit_coin_24h 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:24 216.73.217.89 GET /GNU/_PAGE/monitoring/upbit/market/upbit.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:23 216.73.217.89 GET /GNU/_PAGE/data/upbit/db/db_data.php?table=daemon_upbit_coin_12h 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:22 74.7.227.171 GET /M72X2/X2/plugin/inicert/ini_find_result.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:20 74.7.227.27 GET /M72X2/X2/shop/kakaopay/mobile_orderform.1.php 200 Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatibl S

20:40:00 180.65.72.118 GET /OLDBOY/_PAGE/_MAIN/asset/coin_item_list.php?ajax=1 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36

BLOCK COMMAND GENERATOR