Info about 0.0.0.0

Please enable make sure that the ntop html/ directory is properly installed

Info about 0.0.0.0

IP Address 192.168.1.210 [unicast] [ Purge Asset ]

First/Last Seen Mon Jun 9 04:14:28 2025 - Sat Jun 14 12:49:43 2025 [Inactive since 1 sec]

MAC Address Network Interface Card (NIC) 00:10:18:AC:4A:C4

Nw Board Vendor BROADCOM CORPORATION

OS Name OS: Windows [Windows XP]

Host Location Local (inside specified/local subnet)

IP TTL (Time to Live) 1:64 [~0 hop(s)]

Total Data Sent 740.0 MBytes/11,401,902 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 29,128 Pkts

Multicast Traffic Sent 4.9 KBytes/76 Pkts

Data Sent Stats
Local 44.1 %

Rem 55.9 %

IP vs. Non-IP Sent
IP 100 %

Non-IP 0 %

Total Data Rcvd 19.2 GBytes/17,972,434 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats
Local 3.0 %

Rem 97.0 %

IP vs. Non-IP Rcvd
IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts
Sent 38.8 %

Rcvd 61.2 %

Sent vs. Rcvd Data
Sent 3.6 %

Rcvd 96.4 %

Used Subnet Routers 00:24:8C:DE:84:31 Network Card
Host Type VoIP Host VoIP

Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):
[Rcvd: rst] [Sent: closed-empty] [Rcvd: hostnet unreac]

Host Traffic Stats

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
12 PM	4.2 MBytes	3.8 %	151.5 MBytes	4.1 %
11 AM	4.4 MBytes	4.0 %	152.0 MBytes	4.2 %
10 AM	4.5 MBytes	4.0 %	151.9 MBytes	4.2 %
9 AM	4.4 MBytes	3.9 %	152.1 MBytes	4.2 %
8 AM	4.4 MBytes	4.0 %	151.8 MBytes	4.2 %
7 AM	4.6 MBytes	4.1 %	152.0 MBytes	4.2 %
6 AM	4.5 MBytes	4.1 %	152.0 MBytes	4.2 %
5 AM	4.4 MBytes	3.9 %	151.8 MBytes	4.2 %
4 AM	4.6 MBytes	4.1 %	152.0 MBytes	4.2 %
3 AM	4.3 MBytes	3.9 %	151.9 MBytes	4.2 %
2 AM	4.6 MBytes	4.1 %	152.2 MBytes	4.2 %
1 AM	4.6 MBytes	4.1 %	152.1 MBytes	4.2 %
12 AM	4.7 MBytes	4.2 %	152.2 MBytes	4.2 %
11 PM	4.7 MBytes	4.2 %	152.1 MBytes	4.2 %
10 PM	4.5 MBytes	4.0 %	151.7 MBytes	4.2 %
9 PM	4.4 MBytes	4.0 %	151.8 MBytes	4.2 %
8 PM	4.6 MBytes	4.1 %	151.8 MBytes	4.2 %
7 PM	4.6 MBytes	4.1 %	152.1 MBytes	4.2 %
6 PM	4.8 MBytes	4.3 %	152.3 MBytes	4.2 %
5 PM	4.9 MBytes	4.4 %	152.5 MBytes	4.2 %
4 PM	5.0 MBytes	4.5 %	152.6 MBytes	4.2 %
3 PM	5.4 MBytes	4.8 %	153.3 MBytes	4.2 %
2 PM	5.3 MBytes	4.8 %	153.2 MBytes	4.2 %
1 PM	5.1 MBytes	4.6 %	152.7 MBytes	4.2 %
Total

Packet Statistics

TCP Connections	Directed to		Rcvd From
Attempted	63,901	fe2.update.microsoft.com tlu.dl.delivery.mp.microsoft.com fe2.update.microsoft.com housecall7-ssa-p.activeupdate.trendmicro.com autoupdate.wfbs.trendmicro.com autoupdate.wfbs.trendmicro.com update.googleapis.com e2903.dscb.akamaiedge.net	0
Established	31,936 [50 %]	fe2.update.microsoft.com tlu.dl.delivery.mp.microsoft.com fe2.update.microsoft.com housecall7-ssa-p.activeupdate.trendmicro.com autoupdate.wfbs.trendmicro.com autoupdate.wfbs.trendmicro.com update.googleapis.com e2903.dscb.akamaiedge.net	1	35.167.95.80
Terminated	2	217.146.28.141	0

TCP Flags	Pkts Sent		Pkts Rcvd
SYN	63,901	fe2.update.microsoft.com tlu.dl.delivery.mp.microsoft.com fe2.update.microsoft.com housecall7-ssa-p.activeupdate.trendmicro.com autoupdate.wfbs.trendmicro.com autoupdate.wfbs.trendmicro.com update.googleapis.com e2903.dscb.akamaiedge.net	0
RST\|ACK	31,573	connectivitycheck.gstatic.com housecall7-ssa-p.activeupdate.trendmicro.com autoupdate.wfbs.trendmicro.com autoupdate.wfbs.trendmicro.com fe2.update.microsoft.com fe2.update.microsoft.com e2903.dscb.akamaiedge.net update.googleapis.com	11	fe2.update.microsoft.com fe2cr.update.microsoft.com fe2cr.update.microsoft.com fe2cr.update.microsoft.com fe2cr.update.microsoft.com fe2cr.update.microsoft.com fe2cr.update.microsoft.com
RST	0		158	104.104.51.110 72.246.215.188 217.146.28.141 housecall7-ssa-p.activeupdate.trendmicro.com 23.41.174.60

Anomaly	Pkts Sent to		Pkts Rcvd from
Closed Empty TCP Conn.	2	217.146.28.141	0
ICMP Net Unreachable	0		8	200.80.220.74

ARP	Packet
Request Sent	20,303
Reply Rcvd	16,615 (81.8 %)
Reply Sent	5,558

Protocol Distribution

Protocol

Data Sent

Data Rcvd

TCP

405.4 MBytes

18.6 GBytes

UDP

333.4 MBytes

603.9 MBytes

ICMP

0.0 KBytes

0.9 KBytes

ICMPv6

0.1 KBytes

0.0 KBytes

IPv6

0.1 KBytes

0.0 KBytes

(R)ARP

1.1 MBytes

606.3 KBytes

IGMP

0.6 KBytes

0.0 KBytes

Protocol Distribution

IP Distribution

ICMP Traffic

Type	Pkt Sent	Pkt Rcvd
Unreach	0	8

Last Contacted Peers

Sent To	IP Address
188.172.244.140	188.172.244.140
autoupdate.wfbs.trendmicro.com	35.167.136.34
00:24:8C:DE:84:31
e2903.dscb.akamaiedge.net	2.21.48.124
housecall7-ssa-p.activeupdate.trendmicro.com	23.205.233.55
time.windows.com	40.119.6.228
200.0.243.10	200.0.243.10
Total Contacts	1695

Received From	IP Address
ns1.huaweicloud-dns.org	159.138.208.3
autoupdate.wfbs.trendmicro.com	35.167.136.34
e2903.dscb.akamaiedge.net	2.21.48.124
housecall7-ssa-p.activeupdate.trendmicro.com	23.205.233.55
00:24:8C:DE:84:31
188.172.244.140	188.172.244.140
time.windows.com	40.119.6.228
200.0.243.10	200.0.243.10
Total Contacts	1298

IP Service Stats: Client Role

	# Loc. Req. Sent		# Rem. Req. Sent		# Pos. Reply Rcvd		# Neg. Reply Rcvd		Local RndTrip	Rem RndTrip
DNS	4,378,699	97.0%	114,735	2.0%	116,524	2.0%	4,375,671	97.0%	0.0 ms - 23.0 sec	3.1 ms - 989.1 ms

TCP/UDP Service/Port Usage

IP Service	Port	# Client Sess.	Last Client Peer	# Server Sess.	Last Server Peer
domain	53	7197/575.0 MBytes	00:24:8C:DE:84:31
www	80	4756/12.6 MBytes	housecall7-ssa-p.activeupdate.trendmicro.com
ntp	123	258/12.1 KBytes	time.windows.com	258/12.1 KBytes	time.windows.com
https	443	9110/17.9 GBytes	188.172.244.140

TCP/UDP - Traffic on Other Ports

Client Port	Server Port
60746

TCP/UDP Recently Used Ports

Client Port	Server Port
60746	ntp

129 Active TCP/UDP Sessions

Client	Server	Data Sent	Data Rcvd	Active Since	Last Seen	Duration	Inactive	Latency	L7 Proto	Note
0.0.0.0 :58257	router3.teamviewer.com :https	405.9 KBytes	362.6 KBytes	Fri Jun 13 05:26:28 2025	Sat Jun 14 12:48:55 2025	1 day 7:22:27	49 sec			SYN ACK PUSH

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes

Report created on Sat Jun 14 12:49:44 2025 [ntop uptime: 5 days 8:36:58]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include all interfaces (merged)