(C) 1998-2007 - Luca Deri  
Please enable make sure that the ntop html/ directory is properly installed

 

 

Info about PRESIDENTE

IP Address192.168.1.111   [unicast] [ Purge Asset ]
First/Last SeenWed Jul 16 04:21:28 2025  -  Thu Jul 17 17:07:09 2025 [Inactive since 5 sec]
MAC Address Network Interface Card (NIC)D8:43:AE:BB:DC:15 
OS NameOS: Windows [Windows 2000 Professional SP4] 
Host LocationLocal (inside specified/local subnet)
IP TTL (Time to Live)1:128 [~0 hop(s)]
Total Data Sent250.3 MBytes/1,404,843 Pkts/0 Retran. Pkts [0%]
Broadcast Pkts Sent338 Pkts
Multicast TrafficSent 1.3 MBytes/6,792 Pkts 
Data Sent Stats
0 %
 
Rem 100 %
IP vs. Non-IP Sent
IP 100 %
 
Non-IP 0 %
Total Data Rcvd2.9 GBytes/2,429,585 Pkts/0 Retran. Pkts [0%]
Data Rcvd Stats
0 %
 
Rem 100 %
IP vs. Non-IP Rcvd
IP 100 %
 
Non-IP 0 %
Sent vs. Rcvd Pkts
Sent 36.6 %
  
Rcvd 63.4 %
Sent vs. Rcvd Data
Sent 7.9 %
  
Rcvd 92.1 %
Used Subnet Routers 00:24:8C:DE:84:31 Network Card
Host TypeVoIP Host VoIP
Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
  1. Medium RiskSuspicious activities: too many host contacts
  2. Low RiskUnexpected packets (e.g. traffic to closed port or connection reset):
    [Rcvd: rst] [Sent: closed-empty] [Rcvd: hostnet unreac] 

 

Host Traffic Stats

TimeTot. Traffic Sent% Traffic SentTot. Traffic Rcvd% Traffic Rcvd
5 PM 10.7 KBytes0.3 %8.1 KBytes0.1 %
4 PM 124.0 KBytes3.8 %368.7 KBytes4.6 %
3 PM 277.1 KBytes8.5 %2.0 MBytes24.9 %
2 PM 116.6 KBytes3.6 %169.5 KBytes2.1 %
1 PM 380.0 KBytes11.6 %925.6 KBytes11.5 %
12 PM 107.7 KBytes3.3 %111.4 KBytes1.4 %
11 AM 100.1 KBytes3.1 %116.4 KBytes1.4 %
10 AM 82.0 KBytes2.5 %78.9 KBytes1.0 %
9 AM 117.7 KBytes3.6 %178.1 KBytes2.2 %
8 AM 83.1 KBytes2.5 %79.0 KBytes1.0 %
7 AM 93.2 KBytes2.8 %277.8 KBytes3.5 %
6 AM 75.8 KBytes2.3 %58.9 KBytes0.7 %
5 AM 601.8 KBytes18.4 %2.4 MBytes30.4 %
4 AM 94.2 KBytes2.9 %95.4 KBytes1.2 %
3 AM 96.3 KBytes2.9 %96.8 KBytes1.2 %
2 AM 108.5 KBytes3.3 %137.4 KBytes1.7 %
1 AM 146.3 KBytes4.5 %153.0 KBytes1.9 %
12 AM 82.8 KBytes2.5 %84.8 KBytes1.1 %
11 PM 105.3 KBytes3.2 %115.2 KBytes1.4 %
10 PM 84.3 KBytes2.6 %79.4 KBytes1.0 %
9 PM 115.8 KBytes3.5 %147.0 KBytes1.8 %
8 PM 113.1 KBytes3.5 %167.1 KBytes2.1 %
7 PM 77.6 KBytes2.4 %73.3 KBytes0.9 %
6 PM 83.1 KBytes2.5 %78.9 KBytes1.0 %
Total

 

Packet Statistics

TCP ConnectionsDirected toRcvd From
Attempted8,803 0 
Established4,267 [48 %] 1
Terminated6 0 

TCP FlagsPkts SentPkts Rcvd
SYN8,803 0 
RST|ACK804 151
RST0  28

AnomalyPkts Sent toPkts Rcvd from
Closed Empty TCP Conn.6 0 
ICMP Net Unreachable0  110

ARPPacket
Request Sent1,433
Reply Rcvd1,326 (92.5 %)
Reply Sent2,728

 

Protocol Distribution

ProtocolData SentData Rcvd
TCP244.9 MBytes
97%

 

 2.9 GBytes100
UDP5.2 MBytes
2%

 

 1.3 MBytes 
ICMP9.4 KBytes  15.6 KBytes 
ICMPv60.2 KBytes  0.0 KBytes 
IPv60.2 KBytes  0.0 KBytes 
(R)ARP186.9 KBytes  110.9 KBytes 
IGMP1.2 KBytes  0.0 KBytes 
Protocol Distribution
IP Distribution

 

ICMP Traffic

TypePkt SentPkt Rcvd
Echo Request910
Echo Reply010
Unreach0110
Time Exceeded027

 

Last Contacted Peers

Sent ToIP Address
router15.teamviewer.com 34.151.192.21 
wns2-sg2p.wns.windows.com 4.145.79.80 
224.0.0.251 224.0.0.251 
00:24:8C:DE:84:31 Network Card  
settings-win.data.microsoft.com 52.191.219.104 
200.243.0.10 200.243.0.10 
v10.events.data.microsoft.com 52.182.143.215 
Total Contacts23561
Received FromIP Address
ecs.office.com 52.123.128.14 
settings-win.data.microsoft.com 20.72.205.209 
settings-win.data.microsoft.com 52.191.219.104 
v10.events.data.microsoft.com 52.182.143.215 
bigben-gi-1-1-10-3736-13-acr02.vta.embratel.net.br 200.241.211.30 
router15.teamviewer.com 34.151.192.21 
00:24:8C:DE:84:31 Network Card  
wns2-sg2p.wns.windows.com 4.145.79.80 
Total Contacts21704

 

IP Service Stats: Client Role

 # Loc. Req. Sent# Rem. Req. Sent# Pos. Reply Rcvd# Neg. Reply RcvdLocal RndTripRem RndTrip
DNS4,53956.0%3,45443.0%4,53299.0%50.0%0.0 ms - 1.2 sec0.0 ms - 0.0 ms

 

TCP/UDP Service/Port Usage

IP ServicePort# Client Sess.Last Client Peer# Server Sess.Last Server Peer
domain539188/1.3 MBytes00:24:8C:DE:84:31 Network Card   
www8046168/151.0 MBytesctldl.windowsupdate.com   
ntp1238/384time.windows.com 8/384time.windows.com
https4433235/2.8 GBytesrouter15.teamviewer.com   

 

TCP/UDP - Traffic on Other Ports

Client PortServer Port
     

 

TCP/UDP Recently Used Ports

Client PortServer Port

 

328 Active TCP/UDP Sessions

ClientServerData SentData RcvdActive SinceLast SeenDurationInactiveLatencyL7 ProtoNote
PRESIDENTE  VoIP Medium Risk :50092client.wns.windows.com  HTTP Server Low Risk :https19.4 KBytes25.4 KBytesWed Jul 16 22:45:58 2025Thu Jul 17 17:05:26 202518:19:281:48   SYN ACK PUSH 
PRESIDENTE  VoIP Medium Risk :49675router16.teamviewer.com  HTTP Server :https328.5 KBytes293.4 KBytesWed Jul 16 15:23:08 2025Thu Jul 17 17:07:04 20251 day 1:43:5610 sec   SYN ACK PUSH 

The color of the host link indicates how recently the host was FIRST seen
  0 to 5 minutes     5 to 15 minutes     15 to 30 minutes     30 to 60 minutes     60+ minutes  
Report created on Thu Jul 17 17:07:14 2025 [ntop uptime: 3 days 12:54:38]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include only interface "eth0"