(C) 1998-2007 - Luca Deri  
Please enable make sure that the ntop html/ directory is properly installed

 

 

Info about client.wns.windows.com

IP Address172.211.123.250 Flag for ISO 3166 code us (from p2c file) [unicast] [ Purge Asset ]
First/Last SeenMon Jul 14 10:01:21 2025  -  Wed Jul 16 10:22:50 2025 [Inactive since 1 sec]
Domainwns.windows.com
Last MAC Address/Router Network Interface Card (NIC)/Router00:24:8C:DE:84:31 
Host LocationRemote (outside specified/local subnet)
IP TTL (Time to Live)106:112 [~22 hop(s)]
Total Data Sent1.5 MBytes/7,043 Pkts/0 Retran. Pkts [0%]
Broadcast Pkts Sent0 Pkts
Data Sent Stats
Local 100 %
 
Rem 0 %
IP vs. Non-IP Sent
IP 100 %
 
Non-IP 0 %
Total Data Rcvd1.3 MBytes/12,569 Pkts/0 Retran. Pkts [0%]
Data Rcvd Stats
Local 100 %
 
Rem 0 %
IP vs. Non-IP Rcvd
IP 100 %
 
Non-IP 0 %
Sent vs. Rcvd Pkts
Sent 35.9 %
  
Rcvd 64.1 %
Sent vs. Rcvd Data
Sent 53.1 %
  
Rcvd 46.9 %
Host TypeHTTP Server HTTP Server
Further Host Information[ Whois ] [ ]

 

Host Traffic Stats

TimeTot. Traffic Sent% Traffic SentTot. Traffic Rcvd% Traffic Rcvd
10 AM 16.3 KBytes2.1 %13.8 KBytes2.0 %
9 AM 33.1 KBytes4.3 %30.0 KBytes4.3 %
8 AM 35.9 KBytes4.7 %31.4 KBytes4.5 %
7 AM 39.8 KBytes5.2 %34.2 KBytes4.9 %
6 AM 33.2 KBytes4.3 %29.0 KBytes4.2 %
5 AM 39.6 KBytes5.2 %30.4 KBytes4.4 %
4 AM 29.5 KBytes3.8 %27.4 KBytes4.0 %
3 AM 33.6 KBytes4.4 %30.5 KBytes4.4 %
2 AM 35.2 KBytes4.6 %31.7 KBytes4.6 %
1 AM 28.2 KBytes3.7 %26.9 KBytes3.9 %
12 AM 28.0 KBytes3.7 %26.7 KBytes3.9 %
11 PM 31.7 KBytes4.1 %28.5 KBytes4.1 %
10 PM 37.3 KBytes4.9 %34.0 KBytes4.9 %
9 PM 29.0 KBytes3.8 %27.2 KBytes3.9 %
8 PM 27.9 KBytes3.6 %26.6 KBytes3.8 %
7 PM 27.9 KBytes3.6 %26.6 KBytes3.8 %
6 PM 28.1 KBytes3.7 %26.8 KBytes3.9 %
5 PM 27.9 KBytes3.6 %26.6 KBytes3.8 %
4 PM 28.4 KBytes3.7 %27.1 KBytes3.9 %
3 PM 29.3 KBytes3.8 %27.8 KBytes4.0 %
2 PM 29.2 KBytes3.8 %27.8 KBytes4.0 %
1 PM 29.4 KBytes3.8 %27.9 KBytes4.0 %
12 PM 30.7 KBytes4.0 %29.0 KBytes4.2 %
11 AM 56.8 KBytes7.4 %45.5 KBytes6.6 %
Total

 

Packet Statistics

TCP ConnectionsDirected toRcvd From
Attempted0  56
Established0  28 [50 %]

TCP FlagsPkts SentPkts Rcvd
SYN0  56
RST|ACK1 2

 

Protocol Distribution

ProtocolData SentData Rcvd
TCP1.5 MBytes100% 1.3 MBytes100
Protocol Distribution
IP Distribution

 

Last Contacted Peers

Sent ToIP Address
70:71:BC:31:71:72 Network Card  
3C:7C:3F:15:CB:D6 Network Card  
D8:5E:D3:A4:56:94 Network Card  
D8:5E:D3:2D:52:7D Network Card  
70:71:BC:31:70:0B Network Card  
192.168.1.21 192.168.1.21 
D8:43:AE:BB:DF:31 Network Card  
192.168.1.13 192.168.1.13 
Total Contacts20
Received FromIP Address
70:71:BC:31:71:72 Network Card  
3C:7C:3F:15:CB:D6 Network Card  
D8:5E:D3:A4:56:94 Network Card  
D8:5E:D3:2D:52:7D Network Card  
70:71:BC:31:70:0B Network Card  
192.168.1.21 192.168.1.21 
D8:43:AE:BB:DF:31 Network Card  
192.168.1.13 192.168.1.13 
Total Contacts21

 

TCP/UDP Service/Port Usage

IP ServicePort# Client Sess.Last Client Peer# Server Sess.Last Server Peer
https443  12634/1.7 MBytesD8:5E:D3:A4:56:94 Network Card

 

TCP/UDP Recently Used Ports

Client PortServer Port
     

 

1131 Active TCP/UDP Sessions

ClientServerData SentData RcvdActive SinceLast SeenDurationInactiveLatencyL7 ProtoNote
ADM03  VoIP Medium Risk :55574client.wns.windows.com  HTTP Server :https3.0 KBytes5.1 KBytesWed Jul 16 10:19:02 2025Wed Jul 16 10:19:03 20251 sec3:48   SYN ACK PUSH 
0.0.0.0  VoIP Medium Risk :57697client.wns.windows.com  HTTP Server :https35.6 KBytes44.4 KBytesWed Jul 16 07:22:48 2025Wed Jul 16 10:22:50 20253:00:021 sec   SYN ACK PUSH 
CPA-GSAULO  VoIP Medium Risk Users P2P Server :59088client.wns.windows.com  HTTP Server :https339.2 KBytes408.0 KBytesTue Jul 15 04:45:12 2025Wed Jul 16 10:22:18 20251 day 5:37:0633 sec   SYN ACK PUSH 
Sueldos01 Medium Risk :60014client.wns.windows.com  HTTP Server :https5.0 KBytes7.6 KBytesWed Jul 16 08:04:50 2025Wed Jul 16 10:20:09 20252:15:192:42   SYN ACK PUSH 
0.0.0.0  VoIP Medium Risk :65280client.wns.windows.com  HTTP Server :https31.1 KBytes39.7 KBytesTue Jul 15 04:43:15 2025Wed Jul 16 10:18:48 20251 day 5:35:334:03   SYN ACK PUSH 

The color of the host link indicates how recently the host was FIRST seen
  0 to 5 minutes     5 to 15 minutes     15 to 30 minutes     30 to 60 minutes     60+ minutes  
Report created on Wed Jul 16 10:22:51 2025 [ntop uptime: 2 days 6:10:15]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include only interface "eth0"