Info about client.wns.windows.com

Please enable make sure that the ntop html/ directory is properly installed

Info about client.wns.windows.com

IP Address 172.172.255.216 Flag for ISO 3166 code us (from p2c file) [unicast] [ Purge Asset ]

First/Last Seen Mon Jun 9 04:56:33 2025 - Sat Jun 14 00:38:10 2025 [Inactive since 3 sec]

Autonomous System 1668

Domain wns.windows.com

Last MAC Address/Router Network Interface Card (NIC)/Router 00:24:8C:DE:84:31

Origin AS 1668

Host Location Remote (outside specified/local subnet)

IP TTL (Time to Live) 107:114 [~21 hop(s)]

Total Data Sent 8.7 MBytes/36,155 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 0 Pkts

Data Sent Stats
Local 100 %

Rem 0 %

IP vs. Non-IP Sent
IP 100 %

Non-IP 0 %

Total Data Rcvd 6.8 MBytes/55,047 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats
Local 100 %

Rem 0 %

IP vs. Non-IP Rcvd
IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts
Sent 39.6 %

Rcvd 60.4 %

Sent vs. Rcvd Data
Sent 56.0 %

Rcvd 44.0 %

Host Type HTTP Server

Further Host Information [ Whois ] [ ]

Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):
[Rcvd: rst]

Host Traffic Stats

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
12 AM	30.3 KBytes	2.4 %	22.6 KBytes	2.2 %
11 PM	30.6 KBytes	2.5 %	27.3 KBytes	2.7 %
10 PM	30.8 KBytes	2.5 %	27.4 KBytes	2.7 %
9 PM	30.6 KBytes	2.5 %	27.3 KBytes	2.7 %
8 PM	30.9 KBytes	2.5 %	27.4 KBytes	2.7 %
7 PM	30.8 KBytes	2.5 %	27.5 KBytes	2.7 %
6 PM	30.8 KBytes	2.5 %	27.5 KBytes	2.7 %
5 PM	36.2 KBytes	2.9 %	31.4 KBytes	3.1 %
4 PM	53.9 KBytes	4.3 %	40.9 KBytes	4.0 %
3 PM	30.8 KBytes	2.5 %	27.4 KBytes	2.7 %
2 PM	36.6 KBytes	2.9 %	32.9 KBytes	3.2 %
1 PM	44.2 KBytes	3.5 %	40.2 KBytes	3.9 %
12 PM	48.3 KBytes	3.9 %	44.6 KBytes	4.4 %
11 AM	51.9 KBytes	4.2 %	47.0 KBytes	4.6 %
10 AM	61.0 KBytes	4.9 %	54.2 KBytes	5.3 %
9 AM	109.6 KBytes	8.8 %	85.9 KBytes	8.4 %
8 AM	95.1 KBytes	7.6 %	70.5 KBytes	6.9 %
7 AM	83.9 KBytes	6.7 %	65.4 KBytes	6.4 %
6 AM	133.2 KBytes	10.7 %	97.8 KBytes	9.6 %
5 AM	70.8 KBytes	5.7 %	50.1 KBytes	4.9 %
4 AM	56.4 KBytes	4.5 %	41.8 KBytes	4.1 %
3 AM	45.5 KBytes	3.7 %	36.9 KBytes	3.6 %
2 AM	36.1 KBytes	2.9 %	31.8 KBytes	3.1 %
1 AM	36.9 KBytes	3.0 %	32.6 KBytes	3.2 %
Total

Packet Statistics

TCP Connections	Directed to		Rcvd From
Attempted	0		1,590	70:71:BC:3B:ED:51 D8:5E:D3:A4:56:93 04:D9:F5:32:79:12 04:7C:16:11:B8:8D 70:71:BC:31:71:72 64:00:6A:10:D8:04 0.0.0.0 70:71:BC:72:1F:5B
Established	0		792 [50 %]	70:71:BC:3B:ED:51 D8:5E:D3:A4:56:93 04:D9:F5:32:79:12 04:7C:16:11:B8:8D 70:71:BC:31:71:72 64:00:6A:10:D8:04 0.0.0.0 70:71:BC:72:1F:5B

TCP Flags	Pkts Sent		Pkts Rcvd
SYN	0		1,590	70:71:BC:3B:ED:51 D8:5E:D3:A4:56:93 04:D9:F5:32:79:12 04:7C:16:11:B8:8D 70:71:BC:31:71:72 64:00:6A:10:D8:04 0.0.0.0 70:71:BC:72:1F:5B
RST\|ACK	51	70:71:BC:31:70:0B 192.168.1.190 64:00:6A:10:D8:04 192.168.1.11 3C:7C:3F:15:CB:D6 18:66:DA:06:EB:53 70:71:BC:3B:ED:51 0.0.0.0	46	04:D9:F5:32:79:12 192.168.1.11 04:7C:16:11:B8:8D 3C:7C:3F:15:CB:D6 18:66:DA:06:EB:53 70:71:BC:3B:ED:51 0.0.0.0 70:71:BC:72:1F:5B
RST	2	192.168.1.198 192.168.1.9	29	2C:F0:5D:99:7A:79 192.168.1.12 D8:5E:D3:A5:15:A7 192.168.1.108 192.168.1.9

Protocol Distribution

Protocol	Data Sent	Data Rcvd
TCP	8.7 MBytes	6.8 MBytes
Protocol Distribution
IP Distribution

Last Contacted Peers

Sent To	IP Address
192.168.1.9	192.168.1.9
70:71:BC:72:1F:5B
D8:5E:D3:A4:56:93
D8:5E:D3:D8:79:24
192.168.1.190	192.168.1.190
70:71:BC:31:71:72
04:D9:F5:32:79:12
0.0.0.0	::
Total Contacts	4633

Received From	IP Address
192.168.1.9	192.168.1.9
70:71:BC:72:1F:5B
D8:5E:D3:A4:56:93
D8:5E:D3:D8:79:24
192.168.1.190	192.168.1.190
70:71:BC:31:71:72
04:D9:F5:32:79:12
0.0.0.0	::
Total Contacts	4596

TCP/UDP Service/Port Usage

IP Service	Port	# Client Sess.	Last Client Peer	# Server Sess.	Last Server Peer
https	443			56631/10.6 MBytes	04:D9:F5:32:79:12

TCP/UDP Recently Used Ports

Client Port	Server Port
	https

125 Active TCP/UDP Sessions

Client	Server	Data Sent	Data Rcvd	Active Since	Last Seen	Duration	Inactive	Note
CPA-FBRECCIA :50870	client.wns.windows.com :https	159.7 KBytes	188.4 KBytes	Fri Jun 13 10:06:09 2025	Sat Jun 14 00:38:10 2025	14:32:01	3 sec	SYN ACK PUSH
0.0.0.0 :52350	client.wns.windows.com :https	16.9 KBytes	22.1 KBytes	Fri Jun 13 08:57:13 2025	Sat Jun 14 00:35:00 2025	15:37:47	3:13	SYN ACK PUSH
CPATRIBUNAL :53993	client.wns.windows.com :https	9.7 KBytes	13.3 KBytes	Fri Jun 13 17:26:48 2025	Sat Jun 14 00:37:28 2025	7:10:40	45 sec	SYN ACK PUSH
Archivos2 :61620	client.wns.windows.com :https	5.9 KBytes	9.5 KBytes	Sat Jun 14 00:17:09 2025	Sat Jun 14 00:38:10 2025	21:01	3 sec	SYN ACK PUSH
CPA-CFUCHILA :62890	client.wns.windows.com :https	17.1 KBytes	22.3 KBytes	Fri Jun 13 08:55:00 2025	Sat Jun 14 00:34:13 2025	15:39:13	4:00	SYN ACK PUSH

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes

Report created on Sat Jun 14 00:38:13 2025 [ntop uptime: 4 days 20:25:27]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include all interfaces (merged)