My Private Lab

Appearance

GeoIP

소개

오프라인 원클릭 WHOIS 조회 프로그램

소스코드

https://github.com/ygpark/geoip (비공개)

다운로드

구글 드라이브 : geoip v0.3.zip (암호 kn?12?)

원본 데이터(예시)

log
218.153.133.84 - - [22/Apr/2024:11:43:34 +0900] "GET /analysis/2024/space-threat-assessment/?q=https%3A%2F%2Flogin.live.com%2Flogin.srf%3Fwa%3Dwsignin1.0%26rpsnv%3D150%26ct%3D1713753646%26rver%3D7.5.2156.0%26wp%3DSA_20MIN%26wreply%3Dhttps%253A%252F%252Faccount.live.com%252Fpassword%252FChange%253Fmkt%253Dja-jp%2526uaid%253D36b59791499643be864c963bc0ee5a9b%26lc%3D1033%26id%3D38936%26mkt%3Dja-JP%26uaid%3D36b59791499643be864c963bc0ee5a9b HTTP/1.1" 200 34708
218.153.133.84 - - [22/Apr/2024:11:43:35 +0900] "GET /analysis/2024/space-threat-assessment/?q=https%3A%2F%2Flogincdn.msftauth.net%2Fshared%2F5%2Fjs%2Flogin_ja_BBuBm4TPTdY4JB4iyFTkGw2.js HTTP/1.1" 200 909395
218.153.133.84 - - [22/Apr/2024:11:43:38 +0900] "GET /analysis/2024/space-threat-assessment/?q=https%3A%2F%2Flogincdn.msftauth.net%2F16.000.30171.7%2Fimages%2Ffavicon.ico HTTP/1.1" 200 17174
218.153.133.84 - - [22/Apr/2024:11:45:29 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F HTTP/1.1" 404 336 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84 - - [22/Apr/2024:11:45:29 +0900] "GET /favicon.ico HTTP/1.1" 200 1150 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=@n.comn.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84 - - [22/Apr/2024:11:46:09 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F HTTP/1.1" 200 13554 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84 - - [22/Apr/2024:11:46:10 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Flogin%2Fjs%2Fv2%2Fdefault%2Fdefault_202105.js%3Fv%3D20210813 HTTP/1.1" 200 3413 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84 - - [22/Apr/2024:11:46:10 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Flogin%2Fjs%2Fbvsd.1.3.4.min.js HTTP/1.1" 200 96097 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84 - - [22/Apr/2024:11:46:10 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Flogin%2Fjs%2Fv2%2Fdefault%2Fcommon_202105.js%3Fv%3D20210813 HTTP/1.1" 200 93780 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84 - - [22/Apr/2024:11:46:10 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fstatic.nid.naver.com%2Ftemplate%2Fgnb_utf8.nhn%3F2021.%208.%2010 HTTP/1.1" 200 155293 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84 - - [22/Apr/2024:11:46:10 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Finc%2Fuser%2Fcss%2Fko%2Fhelp_member.css%3F210603 HTTP/1.1" 200 276311 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
185.40.152.177 - - [13/Dec/2024:11:07:10 +0900] "GET /activate/comeon.php?y=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\ HTTP/1.1" 404 305 "http://aaa.hotmetax.o-r.kr/activate/comeon.php?y=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\test@n.com\\&edit=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\test@n.com\\test@n.com.txt" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
192.168.0.1 - - [13/Dec/2024:11:07:10 +0900] "GET /activate/comeon.php?y=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\ HTTP/1.1" 404 305 "http://aaa.hotmetax.o-r.kr/activate/comeon.php?y=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\test@n.com\\&edit=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\test@n.com\\test@n.com.txt" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"

조회 결과

csv 파일로 저장하기

csv
C:\ > .\geoip.exe -i .\access.log > access.csv

화면에 출력하기

csv
C:\ > .\geoip.exe -i .\access.log

218.153.133.84,"South Korea","KR","KT","Songpa-gu","Seoul","Cable/DSL","37.483600, 127.112200 (5 km)",218.153.133.84 - - [22/Apr/2024:11:43:34 +0900] "GET /analysis/2024/space-threat-assessment/?q=https%3A%2F%2Flogin.live.com%2Flogin.srf%3Fwa%3Dwsignin1.0%26rpsnv%3D150%26ct%3D1713753646%26rver%3D7.5.2156.0%26wp%3DSA_20MIN%26wreply%3Dhttps%253A%252F%252Faccount.live.com%252Fpassword%252FChange%253Fmkt%253Dja-jp%2526uaid%253D36b59791499643be864c963bc0ee5a9b%26lc%3D1033%26id%3D38936%26mkt%3Dja-JP%26uaid%3D36b59791499643be864c963bc0ee5a9b HTTP/1.1" 200 34708
218.153.133.84,"South Korea","KR","KT","Songpa-gu","Seoul","Cable/DSL","37.483600, 127.112200 (5 km)",218.153.133.84 - - [22/Apr/2024:11:43:35 +0900] "GET /analysis/2024/space-threat-assessment/?q=https%3A%2F%2Flogincdn.msftauth.net%2Fshared%2F5%2Fjs%2Flogin_ja_BBuBm4TPTdY4JB4iyFTkGw2.js HTTP/1.1" 200 909395
218.153.133.84,"South Korea","KR","KT","Songpa-gu","Seoul","Cable/DSL","37.483600, 127.112200 (5 km)",218.153.133.84 - - [22/Apr/2024:11:43:38 +0900] "GET /analysis/2024/space-threat-assessment/?q=https%3A%2F%2Flogincdn.msftauth.net%2F16.000.30171.7%2Fimages%2Ffavicon.ico HTTP/1.1" 200 17174
218.153.133.84,"South Korea","KR","KT","Songpa-gu","Seoul","Cable/DSL","37.483600, 127.112200 (5 km)",218.153.133.84 - - [22/Apr/2024:11:45:29 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F HTTP/1.1" 404 336 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84,"South Korea","KR","KT","Songpa-gu","Seoul","Cable/DSL","37.483600, 127.112200 (5 km)",218.153.133.84 - - [22/Apr/2024:11:45:29 +0900] "GET /favicon.ico HTTP/1.1" 200 1150 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=@n.comn.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84,"South Korea","KR","KT","Songpa-gu","Seoul","Cable/DSL","37.483600, 127.112200 (5 km)",218.153.133.84 - - [22/Apr/2024:11:46:09 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F HTTP/1.1" 200 13554 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84,"South Korea","KR","KT","Songpa-gu","Seoul","Cable/DSL","37.483600, 127.112200 (5 km)",218.153.133.84 - - [22/Apr/2024:11:46:10 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Flogin%2Fjs%2Fv2%2Fdefault%2Fdefault_202105.js%3Fv%3D20210813 HTTP/1.1" 200 3413 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84,"South Korea","KR","KT","Songpa-gu","Seoul","Cable/DSL","37.483600, 127.112200 (5 km)",218.153.133.84 - - [22/Apr/2024:11:46:10 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Flogin%2Fjs%2Fbvsd.1.3.4.min.js HTTP/1.1" 200 96097 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84,"South Korea","KR","KT","Songpa-gu","Seoul","Cable/DSL","37.483600, 127.112200 (5 km)",218.153.133.84 - - [22/Apr/2024:11:46:10 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Flogin%2Fjs%2Fv2%2Fdefault%2Fcommon_202105.js%3Fv%3D20210813 HTTP/1.1" 200 93780 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84,"South Korea","KR","KT","Songpa-gu","Seoul","Cable/DSL","37.483600, 127.112200 (5 km)",218.153.133.84 - - [22/Apr/2024:11:46:10 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fstatic.nid.naver.com%2Ftemplate%2Fgnb_utf8.nhn%3F2021.%208.%2010 HTTP/1.1" 200 155293 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
218.153.133.84,"South Korea","KR","KT","Songpa-gu","Seoul","Cable/DSL","37.483600, 127.112200 (5 km)",218.153.133.84 - - [22/Apr/2024:11:46:10 +0900] "GET /MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Finc%2Fuser%2Fcss%2Fko%2Fhelp_member.css%3F210603 HTTP/1.1" 200 276311 "http://mid.xn----vb6em5hs9lf6njmay5kr0ai8i.article-com.eu/MBA/?wreply=test@n.com&m=https%3A%2F%2Fnid.naver.com%2Fnidlogin.login%3Furl%3Dhttp%253A%252F%252Fmail.naver.com%252F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
185.40.152.177,"Russia","RU","Docker","","","Cable/DSL","55.738600, 37.606800 (1000 km)",185.40.152.177 - - [13/Dec/2024:11:07:10 +0900] "GET /activate/comeon.php?y=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\ HTTP/1.1" 404 305 "http://aaa.hotmetax.o-r.kr/activate/comeon.php?y=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\test@n.com\\&edit=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\test@n.com\\test@n.com.txt" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"
192.168.0.1,__private__,__private__,,,,,,192.168.0.1 - - [13/Dec/2024:11:07:10 +0900] "GET /activate/comeon.php?y=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\ HTTP/1.1" 404 305 "http://aaa.hotmetax.o-r.kr/activate/comeon.php?y=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\test@n.com\\&edit=C:\\Users\\Administrator\\AppData\\Roaming\\xampp\\htdocs\\activate\\test@n.com\\test@n.com.txt" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36"