Info about DESKTOP-SJRG11G

Please enable make sure that the ntop html/ directory is properly installed

Info about DESKTOP-SJRG11G

IP Address 192.168.1.14 [unicast] [ Purge Asset ]

First/Last Seen Fri Jun 13 12:37:01 2025 - Fri Jun 13 23:06:22 2025 [Inactive since 12 sec]

MAC Address Network Interface Card (NIC) 70:71:BC:72:1F:8B

OS Name OS: Windows [Windows XP Professional, Build 2600]

Host Location Local (inside specified/local subnet)

IP TTL (Time to Live) 1:64 [~0 hop(s)]

Total Data Sent 12.0 MBytes/40,877 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 869 Pkts

Multicast Traffic Sent 18.9 KBytes/79 Pkts

Data Sent Stats
Local 1.4 %

Rem 98.6 %

IP vs. Non-IP Sent
IP 100 %

Non-IP 0 %

Total Data Rcvd 62.1 MBytes/59,252 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats
0 %

Rem 100 %

IP vs. Non-IP Rcvd
IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts
Sent 40.8 %

Rcvd 59.2 %

Sent vs. Rcvd Data
Sent 16.2 %

Rcvd 83.8 %

Used Subnet Routers 00:24:8C:DE:84:31 Network Card
Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):
[Rcvd: rst]

Host Traffic Stats

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
11 PM	4.1 KBytes	0.0 %	7.9 KBytes	0.0 %
10 PM	89.6 KBytes	0.7 %	137.3 KBytes	0.2 %
9 PM	92.8 KBytes	0.8 %	152.2 KBytes	0.2 %
8 PM	1.0 MBytes	8.7 %	34.3 MBytes	55.3 %
7 PM	81.4 KBytes	0.7 %	125.6 KBytes	0.2 %
6 PM	73.3 KBytes	0.6 %	120.1 KBytes	0.2 %
5 PM	63.1 KBytes	0.5 %	146.8 KBytes	0.2 %
4 PM	76.2 KBytes	0.6 %	136.9 KBytes	0.2 %
3 PM	65.6 KBytes	0.5 %	133.2 KBytes	0.2 %
2 PM	98.9 KBytes	0.8 %	217.3 KBytes	0.3 %
1 PM	64.5 KBytes	0.5 %	129.1 KBytes	0.2 %
12 PM	10.2 MBytes	85.6 %	26.5 MBytes	42.6 %
11 AM	0	0.0 %	0	0.0 %
10 AM	0	0.0 %	0	0.0 %
9 AM	0	0.0 %	0	0.0 %
8 AM	0	0.0 %	0	0.0 %
7 AM	0	0.0 %	0	0.0 %
6 AM	0	0.0 %	0	0.0 %
5 AM	0	0.0 %	0	0.0 %
4 AM	0	0.0 %	0	0.0 %
3 AM	0	0.0 %	0	0.0 %
2 AM	0	0.0 %	0	0.0 %
1 AM	0	0.0 %	0	0.0 %
12 AM	0	0.0 %	0	0.0 %
Total

Packet Statistics

TCP Connections	Directed to		Rcvd From
Attempted	1,356	public.setcce.si edge.microsoft.com v10.events.data.microsoft.com config.edge.skype.com crl.verisign.com array816.prod.do.dsp.mp.microsoft.com ecs.office.com stream-production.avcdn.net	0
Established	673 [50 %]	functional.events.data.microsoft.com public.setcce.si edge.microsoft.com config.edge.skype.com crl.verisign.com array816.prod.do.dsp.mp.microsoft.com ecs.office.com stream-production.avcdn.net	0

TCP Flags	Pkts Sent		Pkts Rcvd
SYN	1,356	public.setcce.si edge.microsoft.com v10.events.data.microsoft.com config.edge.skype.com crl.verisign.com array816.prod.do.dsp.mp.microsoft.com ecs.office.com stream-production.avcdn.net	0
RST\|ACK	164	www.bing.com fd.api.iris.microsoft.com v10.events.data.microsoft.com v10.events.data.microsoft.com settings-win.data.microsoft.com v10.events.data.microsoft.com v10.events.data.microsoft.com v10.events.data.microsoft.com	75	array816.prod.do.dsp.mp.microsoft.com ecs.office.com v10.events.data.microsoft.com ecs.office.com mobile.events.data.microsoft.com v10.events.data.microsoft.com edge.microsoft.com functional.events.data.microsoft.com
RST	0		6	cds.taboola.com mtalk.google.com ecs.office.com

ARP	Packet
Request Sent	67
Reply Rcvd	51 (76.1 %)
Reply Sent	300

Protocol Distribution

Protocol

Data Sent

Data Rcvd

TCP

11.3 MBytes

61.9 MBytes

UDP

665.9 KBytes

214.8 KBytes

ICMP

8.6 KBytes

3.7 KBytes

(R)ARP

16.5 KBytes

9.4 KBytes

IGMP

0.3 KBytes

0.0 KBytes

Protocol Distribution

IP Distribution

ICMP Traffic

Type	Pkt Sent	Pkt Rcvd
Echo Request	83	0
Echo Reply	0	11
Time Exceeded	0	27

Last Contacted Peers

Sent To	IP Address
config.edge.skype.com	13.107.42.16
00:24:8C:DE:84:31
crl.verisign.com	23.54.251.67
array816.prod.do.dsp.mp.microsoft.com	52.137.125.63
client.wns.windows.com	172.172.255.218
ecs.office.com	52.123.129.14
stream-production.avcdn.net	170.51.247.33
Total Contacts	1395

Received From	IP Address
v10.events.data.microsoft.com	20.189.173.28
config.edge.skype.com	13.107.42.16
00:24:8C:DE:84:31
crl.verisign.com	23.54.251.67
array816.prod.do.dsp.mp.microsoft.com	52.137.125.63
client.wns.windows.com	172.172.255.218
ecs.office.com	52.123.129.14
stream-production.avcdn.net	170.51.247.33
Total Contacts	1011

IP Service Stats: Client Role

	# Loc. Req. Sent		# Rem. Req. Sent		# Pos. Reply Rcvd		# Neg. Reply Rcvd		Local RndTrip	Rem RndTrip
DNS	618	75.0%	197	24.0%	796	99.0%	2	0.0%	0.0 ms - 766.0 ms	2.9 ms - 465.2 ms

TCP/UDP Service/Port Usage

IP Service	Port	# Client Sess.	Last Client Peer
domain	53	1600/215.3 KBytes	00:24:8C:DE:84:31
www	80	23862/32.5 MBytes	stream-production.avcdn.net
snmp	161	15/1.1 KBytes	192.168.1.150
https	443	36552/36.0 MBytes	client.wns.windows.com

TCP/UDP - Traffic on Other Ports

Client Port	Server Port
52204

TCP/UDP Recently Used Ports

Client Port	Server Port
netbios-ns	mdns

138 Active TCP/UDP Sessions

Client	Server	Data Sent	Data Rcvd	Active Since	Last Seen	Duration	Inactive	Latency	L7 Proto	Note
DESKTOP-SJRG11G :52204	client.wns.windows.com :https	12.9 KBytes	17.1 KBytes	Fri Jun 13 12:37:07 2025	Fri Jun 13 23:03:14 2025	10:26:07	3:20			SYN ACK PUSH

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes

Report created on Fri Jun 13 23:06:34 2025 [ntop uptime: 4 days 18:53:48]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include all interfaces (merged)