(C) 1998-2007 - Luca Deri  
Please enable make sure that the ntop html/ directory is properly installed

 

 

Info about client.wns.windows.com

IP Address172.172.255.218 Flag for ISO 3166 code us (from p2c file) [unicast] [ Purge Asset ]
First/Last SeenWed Jun 11 17:08:21 2025  -  Sat Jun 14 00:40:32 2025 [Inactive since 41 sec]
Autonomous System1668
Domainwns.windows.com
Last MAC Address/Router Network Interface Card (NIC)/Router00:24:8C:DE:84:31 
Origin AS1668
Host LocationRemote (outside specified/local subnet)
IP TTL (Time to Live)108:112 [~20 hop(s)]
Total Data Sent2.3 MBytes/10,225 Pkts/0 Retran. Pkts [0%]
Broadcast Pkts Sent0 Pkts
Data Sent Stats
Local 100 %
 
Rem 0 %
IP vs. Non-IP Sent
IP 100 %
 
Non-IP 0 %
Total Data Rcvd1.9 MBytes/16,418 Pkts/0 Retran. Pkts [0%]
Data Rcvd Stats
Local 100 %
 
Rem 0 %
IP vs. Non-IP Rcvd
IP 100 %
 
Non-IP 0 %
Sent vs. Rcvd Pkts
Sent 38.4 %
  
Rcvd 61.6 %
Sent vs. Rcvd Data
Sent 54.8 %
  
Rcvd 45.2 %
Host TypeHTTP Server HTTP Server
Further Host Information[ Whois ] [ ]
Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
  1. Low RiskUnexpected packets (e.g. traffic to closed port or connection reset):
    [Rcvd: rst] [Rcvd: hostnet unreac] 

 

Host Traffic Stats

TimeTot. Traffic Sent% Traffic SentTot. Traffic Rcvd% Traffic Rcvd
12 AM 23.0 KBytes2.2 %21.5 KBytes2.5 %
11 PM 39.1 KBytes3.7 %34.6 KBytes4.0 %
10 PM 33.6 KBytes3.2 %31.5 KBytes3.6 %
9 PM 33.7 KBytes3.2 %31.5 KBytes3.6 %
8 PM 34.2 KBytes3.2 %31.9 KBytes3.6 %
7 PM 33.6 KBytes3.2 %31.4 KBytes3.6 %
6 PM 34.8 KBytes3.3 %32.6 KBytes3.7 %
5 PM 35.4 KBytes3.4 %33.3 KBytes3.8 %
4 PM 45.6 KBytes4.3 %38.3 KBytes4.4 %
3 PM 36.0 KBytes3.4 %33.0 KBytes3.8 %
2 PM 34.2 KBytes3.2 %31.8 KBytes3.6 %
1 PM 38.7 KBytes3.7 %34.5 KBytes3.9 %
12 PM 53.9 KBytes5.1 %42.5 KBytes4.8 %
11 AM 57.1 KBytes5.4 %47.4 KBytes5.4 %
10 AM 47.3 KBytes4.5 %44.0 KBytes5.0 %
9 AM 75.9 KBytes7.2 %58.9 KBytes6.7 %
8 AM 66.3 KBytes6.3 %48.4 KBytes5.5 %
7 AM 44.4 KBytes4.2 %28.6 KBytes3.3 %
6 AM 59.7 KBytes5.7 %44.9 KBytes5.1 %
5 AM 106.9 KBytes10.1 %75.4 KBytes8.6 %
4 AM 57.0 KBytes5.4 %43.6 KBytes5.0 %
3 AM 27.5 KBytes2.6 %22.0 KBytes2.5 %
2 AM 21.5 KBytes2.0 %18.7 KBytes2.1 %
1 AM 16.3 KBytes1.5 %15.5 KBytes1.8 %
Total

 

Packet Statistics

TCP ConnectionsDirected toRcvd From
Attempted0  302
Established0  151 [50 %]

TCP FlagsPkts SentPkts Rcvd
SYN0  302
RST|ACK20 15
RST0  2

AnomalyPkts Sent toPkts Rcvd from
ICMP Net Unreachable0  12

 

Protocol Distribution

ProtocolData SentData Rcvd
TCP2.3 MBytes100% 1.9 MBytes100
ICMP0.0 KBytes  4.0 KBytes 
Protocol Distribution
IP Distribution

 

ICMP Traffic

TypePkt SentPkt Rcvd
Unreach012

 

Last Contacted Peers

Sent ToIP Address
70:71:BC:31:71:53 Network Card  
192.168.1.31 192.168.1.31 
192.168.1.14 192.168.1.14 
2C:F0:5D:99:7A:79 Network Card  
70:71:BC:31:71:72 Network Card  
0.0.0.0 :: 
192.168.1.198 192.168.1.198 
D8:5E:D3:A4:56:94 Network Card  
Total Contacts562
Received FromIP Address
70:71:BC:31:71:53 Network Card  
192.168.1.31 192.168.1.31 
192.168.1.14 192.168.1.14 
2C:F0:5D:99:7A:79 Network Card  
70:71:BC:31:71:72 Network Card  
0.0.0.0 :: 
192.168.1.198 192.168.1.198 
D8:5E:D3:A4:56:94 Network Card  
Total Contacts559

 

TCP/UDP Service/Port Usage

IP ServicePort# Client Sess.Last Client Peer# Server Sess.Last Server Peer
https443  16751/2.7 MBytesD8:5E:D3:A4:56:94 Network Card

 

TCP/UDP Recently Used Ports

Client PortServer Port
     

 

120 Active TCP/UDP Sessions

ClientServerData SentData RcvdActive SinceLast SeenDurationInactiveLatencyL7 ProtoNote
CONS01 Medium Risk :49760client.wns.windows.com  HTTP Server Low Risk :https10.9 KBytes14.6 KBytesFri Jun 13 16:38:24 2025Sat Jun 14 00:39:27 20258:01:031:46   SYN ACK PUSH 
DESKTOP-SJRG11G Medium Risk :52204client.wns.windows.com  HTTP Server Low Risk :https14.4 KBytes18.9 KBytesFri Jun 13 12:37:07 2025Sat Jun 14 00:37:54 202512:00:473:19   SYN ACK PUSH 
CPA-GAROFALO  VoIP Medium Risk P2P Server :57338client.wns.windows.com  HTTP Server Low Risk :https164.5 KBytes193.8 KBytesFri Jun 13 09:36:20 2025Sat Jun 14 00:40:28 202515:04:0845 sec   SYN ACK PUSH 
Archivos [NetBIOS] Medium Risk Users :60445client.wns.windows.com  HTTP Server Low Risk :https49.8 KBytes71.6 KBytesFri Jun 13 09:33:38 2025Sat Jun 14 00:39:43 202515:06:051:30   SYN ACK PUSH 
0.0.0.0  VoIP Medium Risk P2P Server :60928client.wns.windows.com  HTTP Server Low Risk :https19.4 KBytes24.2 KBytesFri Jun 13 23:07:31 2025Sat Jun 14 00:40:32 20251:33:0141 sec   SYN ACK PUSH 

The color of the host link indicates how recently the host was FIRST seen
  0 to 5 minutes     5 to 15 minutes     15 to 30 minutes     30 to 60 minutes     60+ minutes  
Report created on Sat Jun 14 00:41:13 2025 [ntop uptime: 4 days 20:28:27]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include all interfaces (merged)