(C) 1998-2007 - Luca Deri  
Please enable make sure that the ntop html/ directory is properly installed

 

 

Info about fundingchoicesmessages.google.com

IP Address142.251.134.206 Flag for gTLD code com (Guessing from gTLD) [unicast] [ Purge Asset ]
First/Last SeenTue Jul 15 01:07:06 2025  -  Wed Jul 16 10:31:59 2025 [Inactive since 1 sec]
Domaingoogle.com
Last MAC Address/Router Network Interface Card (NIC)/Router00:24:8C:DE:84:31 
OS NameOS: Cisco [Cisco-louche1 ] 
Host LocationRemote (outside specified/local subnet)
IP TTL (Time to Live)64:122 [~0 hop(s)]
Total Data Sent144.9 MBytes/308,595 Pkts/0 Retran. Pkts [0%]
Broadcast Pkts Sent0 Pkts
Data Sent Stats
Local 100 %
 
Rem 0 %
IP vs. Non-IP Sent
IP 100 %
 
Non-IP 0 %
Total Data Rcvd106.0 MBytes/234,306 Pkts/0 Retran. Pkts [0%]
Data Rcvd Stats
Local 100 %
 
Rem 0 %
IP vs. Non-IP Rcvd
IP 100 %
 
Non-IP 0 %
Sent vs. Rcvd Pkts
Sent 56.8 %
  
Rcvd 43.2 %
Sent vs. Rcvd Data
Sent 57.8 %
  
Rcvd 42.2 %
Host TypeHTTP Server HTTP Server
Further Host Information[ Whois ] [ ]
Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
  1. Low RiskUnexpected packets (e.g. traffic to closed port or connection reset):
    [Rcvd: rst] 

 

Host Traffic Stats

TimeTot. Traffic Sent% Traffic SentTot. Traffic Rcvd% Traffic Rcvd
10 AM 4.9 MBytes4.9 %1.4 MBytes1.8 %
9 AM 8.0 MBytes7.9 %2.8 MBytes3.7 %
8 AM 13.4 MBytes13.3 %12.2 MBytes15.9 %
7 AM 6.5 MBytes6.4 %2.6 MBytes3.4 %
6 AM 12.6 MBytes12.5 %5.4 MBytes7.0 %
5 AM 19.3 MBytes19.1 %14.1 MBytes18.4 %
4 AM 5.7 MBytes5.6 %2.3 MBytes3.0 %
3 AM 1.8 MBytes1.8 %2.3 MBytes3.0 %
2 AM 424.1 KBytes0.4 %1.3 MBytes1.7 %
1 AM 2.7 MBytes2.7 %1.3 MBytes1.7 %
12 AM 684.8 KBytes0.7 %1.8 MBytes2.4 %
11 PM 622.8 KBytes0.6 %1.9 MBytes2.4 %
10 PM 425.1 KBytes0.4 %1.3 MBytes1.7 %
9 PM 2.0 MBytes2.0 %2.3 MBytes3.0 %
8 PM 673.1 KBytes0.7 %1.5 MBytes2.0 %
7 PM 769.3 KBytes0.7 %2.2 MBytes2.9 %
6 PM 730.0 KBytes0.7 %2.2 MBytes2.8 %
5 PM 434.2 KBytes0.4 %1.3 MBytes1.7 %
4 PM 1.1 MBytes1.1 %1.4 MBytes1.8 %
3 PM 2.5 MBytes2.4 %1.8 MBytes2.4 %
2 PM 3.1 MBytes3.1 %1.5 MBytes2.0 %
1 PM 3.4 MBytes3.4 %1.9 MBytes2.5 %
12 PM 5.4 MBytes5.3 %6.0 MBytes7.8 %
11 AM 3.8 MBytes3.8 %3.8 MBytes5.0 %
Total

 

Packet Statistics

TCP ConnectionsDirected toRcvd From
Attempted0  3,296
Established0  1,648 [50 %]
Terminated0  2

TCP FlagsPkts SentPkts Rcvd
SYN0  3,296
RST|ACK0  34
RST1 15

AnomalyPkts Sent toPkts Rcvd from
Closed Empty TCP Conn.0  2

 

Protocol Distribution

ProtocolData SentData Rcvd
TCP144.9 MBytes100% 103.3 MBytes
97%

 

UDP0.0 KBytes  2.6 MBytes
2%

 

Protocol Distribution
IP Distribution

 

Last Contacted Peers

Sent ToIP Address
04:D9:F5:32:79:12 Network Card  
192.168.1.201 192.168.1.201 
2C:F0:5D:99:7A:79 Network Card  
D8:43:AE:BB:DE:41 Network Card  
D8:43:AE:BB:DE:38 Network Card  
1C:6F:65:47:D9:D6 Network Card  
192.168.1.21 192.168.1.21 
D8:43:AE:BB:DB:FB Network Card  
Total Contacts906
Received FromIP Address
04:D9:F5:32:79:12 Network Card  
192.168.1.201 192.168.1.201 
2C:F0:5D:99:7A:79 Network Card  
D8:43:AE:BB:DE:41 Network Card  
D8:43:AE:BB:DE:38 Network Card  
1C:6F:65:47:D9:D6 Network Card  
192.168.1.21 192.168.1.21 
D8:43:AE:BB:DB:FB Network Card  
Total Contacts889

 

TCP/UDP Service/Port Usage

IP ServicePort# Client Sess.Last Client Peer# Server Sess.Last Server Peer
www80  7/3.3 KBytes2C:F0:5D:99:7A:79 Network Card
https443  7704/222.3 MBytesD8:43:AE:BB:DB:FB Network Card

 

TCP/UDP Recently Used Ports

Client PortServer Port
     

 

1421 Active TCP/UDP Sessions

ClientServerData SentData RcvdActive SinceLast SeenDurationInactiveLatencyL7 ProtoNote
CPA-GAROFALO  VoIP Medium Risk P2P Server :49327fundingchoicesmessages.google.com  HTTP Server Low Risk :https17.0 KBytes14.4 KBytesWed Jul 16 10:29:59 2025Wed Jul 16 10:31:27 20251:2833 sec   SYN ACK PUSH 
CPA-GAROFALO  VoIP Medium Risk P2P Server :49385fundingchoicesmessages.google.com  HTTP Server Low Risk :https4.4 KBytes10.7 KBytesWed Jul 16 10:30:38 2025Wed Jul 16 10:31:23 202545 sec37 sec   SYN ACK PUSH 
CPA-GAROFALO  VoIP Medium Risk P2P Server :49405fundingchoicesmessages.google.com  HTTP Server Low Risk :https4.2 KBytes12.0 KBytesWed Jul 16 10:31:10 2025Wed Jul 16 10:31:55 202545 sec5 sec   SYN ACK PUSH 
CON05 Medium Risk :49939fundingchoicesmessages.google.com  HTTP Server Low Risk :https40.5 KBytes962.0 KBytesWed Jul 16 10:28:42 2025Wed Jul 16 10:31:59 20253:171 sec   SYN ACK PUSH 
CON05 Medium Risk :50009fundingchoicesmessages.google.com  HTTP Server Low Risk :https5.8 KBytes3.7 KBytesWed Jul 16 10:30:36 2025Wed Jul 16 10:31:21 202545 sec39 sec   SYN ACK PUSH 
CON05 Medium Risk :50236fundingchoicesmessages.google.com  HTTP Server Low Risk :https4.5 KBytes10.2 KBytesWed Jul 16 10:21:29 2025Wed Jul 16 10:26:23 20254:545:37   SYN ACK PUSH 
Tribunal01  VoIP Medium Risk P2P Server :53252fundingchoicesmessages.google.com  HTTP Server Low Risk :https24.7 KBytes346.4 KBytesWed Jul 16 10:26:50 2025Wed Jul 16 10:31:50 20255:0010 sec   SYN ACK PUSH 
Tribunal01  VoIP Medium Risk P2P Server :53254fundingchoicesmessages.google.com  HTTP Server Low Risk :https25.1 KBytes31.9 KBytesWed Jul 16 10:26:51 2025Wed Jul 16 10:31:50 20254:5910 sec   SYN ACK PUSH 
CPA-FBRECCIA  VoIP Medium Risk :57290fundingchoicesmessages.google.com  HTTP Server Low Risk :https3.8 KBytes5.0 KBytesWed Jul 16 10:31:49 2025Wed Jul 16 10:31:49 20250 sec11 sec   SYN ACK PUSH 
192.168.1.44 Medium Risk :61303fundingchoicesmessages.google.com  HTTP Server Low Risk :https10.4 KBytes53.5 KBytesWed Jul 16 10:18:39 2025Wed Jul 16 10:23:34 20254:558:26   SYN ACK PUSH 
192.168.1.21  VoIP Medium Risk :65397fundingchoicesmessages.google.com  HTTP Server Low Risk :https2.2 KBytes8.7 KBytesWed Jul 16 10:31:04 2025Wed Jul 16 10:31:50 202546 sec10 sec   SYN ACK PUSH 

The color of the host link indicates how recently the host was FIRST seen
  0 to 5 minutes     5 to 15 minutes     15 to 30 minutes     30 to 60 minutes     60+ minutes  
Report created on Wed Jul 16 10:32:00 2025 [ntop uptime: 2 days 6:19:24]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include only interface "eth0"