Info about 0.0.0.0

Please enable make sure that the ntop html/ directory is properly installed

Info about 0.0.0.0

IP Address 192.168.1.18 [unicast] [ Purge Asset ]

First/Last Seen Fri Jun 13 04:48:41 2025 - Sat Jun 14 00:19:42 2025 [Inactive since 9 sec]

MAC Address Network Interface Card (NIC) D8:5E:D3:A4:56:93

OS Name OS: Windows [Windows 2000 Professional SP4]

Host Location Local (inside specified/local subnet)

IP TTL (Time to Live) 1:128 [~0 hop(s)]

Total Data Sent 64.9 MBytes/709,841 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 1,723 Pkts

Multicast Traffic Sent 678.1 KBytes/3,808 Pkts

Data Sent Stats
Local 0.9 %

Rem 99.1 %

IP vs. Non-IP Sent
IP 100 %

Non-IP 0 %

Total Data Rcvd 1.7 GBytes/1,274,515 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats
0 %

Rem 100 %

IP vs. Non-IP Rcvd
IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts
Sent 35.8 %

Rcvd 64.2 %

Sent vs. Rcvd Data
Sent 3.6 %

Rcvd 96.4 %

Used Subnet Routers 00:24:8C:DE:84:31 Network Card
Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):

Unexpected packets (e.g. traffic to closed port or connection reset):
[Sent: udp to closed] [Rcvd: rst] [Sent: closed-empty] [Rcvd: port unreac]

Host Traffic Stats

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
12 AM	77.8 KBytes	0.1 %	259.1 KBytes	0.0 %
11 PM	310.0 KBytes	0.5 %	3.7 MBytes	0.2 %
10 PM	177.2 KBytes	0.3 %	456.6 KBytes	0.0 %
9 PM	167.4 KBytes	0.3 %	684.7 KBytes	0.0 %
8 PM	192.4 KBytes	0.3 %	939.5 KBytes	0.1 %
7 PM	182.7 KBytes	0.3 %	762.8 KBytes	0.0 %
6 PM	418.9 KBytes	0.6 %	12.8 MBytes	0.7 %
5 PM	372.7 KBytes	0.6 %	745.8 KBytes	0.0 %
4 PM	205.6 KBytes	0.3 %	699.5 KBytes	0.0 %
3 PM	162.0 KBytes	0.2 %	718.1 KBytes	0.0 %
2 PM	203.9 KBytes	0.3 %	839.9 KBytes	0.0 %
1 PM	159.1 KBytes	0.2 %	636.9 KBytes	0.0 %
12 PM	229.3 KBytes	0.3 %	1.2 MBytes	0.1 %
11 AM	157.8 KBytes	0.2 %	723.0 KBytes	0.0 %
10 AM	165.4 KBytes	0.2 %	755.8 KBytes	0.0 %
9 AM	174.6 KBytes	0.3 %	556.6 KBytes	0.0 %
8 AM	268.5 KBytes	0.4 %	2.2 MBytes	0.1 %
7 AM	3.5 MBytes	5.4 %	25.1 MBytes	1.4 %
6 AM	8.5 MBytes	13.0 %	93.5 MBytes	5.4 %
5 AM	36.5 MBytes	56.2 %	1.1 GBytes	63.6 %
4 AM	12.9 MBytes	19.9 %	485.5 MBytes	28.0 %
3 AM	0	0.0 %	0	0.0 %
2 AM	0	0.0 %	0	0.0 %
1 AM	0	0.0 %	0	0.0 %
Total

Packet Statistics

TCP Connections	Directed to		Rcvd From
Attempted	9,363	x1.c.lencr.org stream-production.avcdn.net stream-production.avcdn.net stream-production.avcdn.net stream-production.avcdn.net settings-win.data.microsoft.com settings-win.data.microsoft.com ncc.avast.com	0
Established	4,541 [48 %]	x1.c.lencr.org stream-production.avcdn.net stream-production.avcdn.net stream-production.avcdn.net stream-production.avcdn.net settings-win.data.microsoft.com settings-win.data.microsoft.com ncc.avast.com	5	v10.events.data.microsoft.com dmp.truoptik.com bttrack.com uipglob.semasio.net grey.erne.co
Terminated	245	waa-pa.clients6.google.com www.bing.com dt.adsafeprotected.com ib.adnxs.com v10.vortex-win.data.microsoft.com dt.adsafeprotected.com secure.adnxs.com dt.adsafeprotected.com	0

TCP Flags	Pkts Sent		Pkts Rcvd
SYN	9,363	x1.c.lencr.org stream-production.avcdn.net stream-production.avcdn.net stream-production.avcdn.net stream-production.avcdn.net settings-win.data.microsoft.com settings-win.data.microsoft.com ncc.avast.com	0
RST\|ACK	1,772	stream-production.avcdn.net settings-win.data.microsoft.com v10.events.data.microsoft.com assets.msn.com stream-production.avcdn.net stream-production.avcdn.net settings-win.data.microsoft.com stream-production.avcdn.net	490	stream-production.avcdn.net ecs.office.com stream-production.avcdn.net stream-production.avcdn.net stream-production.avcdn.net ecs.office.com stream-production.avcdn.net stream-production.avcdn.net
RST	998	stream-production.avcdn.net stream-production.avcdn.net stream-production.avcdn.net s-nuistatic.avcdn.net v10.events.data.microsoft.com stream-production.avcdn.net stream-production.avcdn.net stream-production.avcdn.net	268	static.edge.microsoftapp.net www.bing.com secure.adnxs.com stream-production.avcdn.net windows.msn.com media-eze1-1.cdn.whatsapp.net lanacion.com.ar mtalk.google.com
NULL	54	00:24:8C:DE:84:31 192.168.0.221	0

Anomaly	Pkts Sent to		Pkts Rcvd from
UDP Pkt to Closed Port	21	00:24:8C:DE:84:31	390	00:24:8C:DE:84:31 200.69.128.1
Closed Empty TCP Conn.	245	waa-pa.clients6.google.com www.bing.com dt.adsafeprotected.com ib.adnxs.com v10.vortex-win.data.microsoft.com dt.adsafeprotected.com secure.adnxs.com dt.adsafeprotected.com	0
ICMP Port Unreachable	390	00:24:8C:DE:84:31 200.69.128.1	21	00:24:8C:DE:84:31

ARP	Packet
Request Sent	384
Reply Rcvd	151 (39.3 %)
Reply Sent	867

Protocol Distribution

Protocol

Data Sent

Data Rcvd

TCP

61.4 MBytes

1.7 GBytes

UDP

3.3 MBytes

1.1 MBytes

ICMP

128.3 KBytes

1.5 KBytes

ICMPv6

0.1 KBytes

0.0 KBytes

IPv6

0.1 KBytes

0.0 KBytes

(R)ARP

56.2 KBytes

27.8 KBytes

Protocol Distribution

IP Distribution

ICMP Traffic

Type	Pkt Sent	Pkt Rcvd
Unreach	390	21

Last Contacted Peers

Sent To	IP Address
settings-win.data.microsoft.com	20.49.150.241
settings-win.data.microsoft.com	40.119.249.228
ncc.avast.com	170.51.241.136
nos.ns1.ff.avast.com	34.159.51.182
00:24:8C:DE:84:31
200.69.128.1	200.69.128.1
stream-production.avcdn.net	170.51.247.41
Total Contacts	11835

Received From	IP Address
200.69.128.1	200.69.128.1
stream-production.avcdn.net	170.51.247.49
00:24:8C:DE:84:31
settings-win.data.microsoft.com	20.49.150.241
settings-win.data.microsoft.com	40.119.249.228
ncc.avast.com	170.51.241.136
nos.ns1.ff.avast.com	34.159.51.182
stream-production.avcdn.net	170.51.247.41
Total Contacts	9946

IP Service Stats: Client Role

	# Loc. Req. Sent		# Rem. Req. Sent		# Pos. Reply Rcvd		# Neg. Reply Rcvd		Local RndTrip	Rem RndTrip
DNS	2,494	42.0%	3,354	57.0%	3,936	99.0%	32	0.0%	0.1 ms - 230322.1 sec	2.7 ms - 540.4 ms
HTTP	0	0.0%	0	0.0%	127	100.0%	0	0.0%	0.0 ms - 0.0 ms	403417.9 sec - 403417.9 sec

TCP/UDP Service/Port Usage

IP Service	Port	# Client Sess.	Last Client Peer	# Server Sess.	Last Server Peer
ftp	21	14/221	00:24:8C:DE:84:31
domain	53	7954/1.1 MBytes	200.69.128.1
bootps	67	1/0	00:24:8C:DE:84:31
bootpc	68	1/0	00:24:8C:DE:84:31
tftp	69	1/26	00:24:8C:DE:84:31
www	80	28054/1.0 GBytes	ncc.avast.com
ntp	123	28/1.3 KBytes	time.windows.com	4/192	time.windows.com
netbios-ns	137	1/0	00:24:8C:DE:84:31
netbios-dgm	138	1/0	00:24:8C:DE:84:31
snmp	161	1/0	00:24:8C:DE:84:31
https	443	7707/658.0 MBytes	stream-production.avcdn.net
isakmp	500	1/0	00:24:8C:DE:84:31

TCP/UDP - Traffic on Other Ports

Client Port	Server Port
55011

TCP/UDP Recently Used Ports

Client Port	Server Port
55011	mdns

136 Active TCP/UDP Sessions

Client	Server	Data Sent	Data Rcvd	Active Since	Last Seen	Duration	Inactive	Note
0.0.0.0 :51585	nos.ns1.ff.avast.com :https	25.8 KBytes	39.8 KBytes	Fri Jun 13 04:48:49 2025	Sat Jun 14 00:19:42 2025	19:30:53	9 sec	SYN ACK PUSH
0.0.0.0 :52350	client.wns.windows.com :https	16.7 KBytes	21.9 KBytes	Fri Jun 13 08:57:13 2025	Sat Jun 14 00:18:39 2025	15:21:26	1:12	SYN ACK PUSH
0.0.0.0 :55011	ncc.avast.com :https	1.2 KBytes	2.6 KBytes	Sat Jun 14 00:19:42 2025	Sat Jun 14 00:19:42 2025	0 sec	9 sec	SYN ACK PUSH

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes

Report created on Sat Jun 14 00:19:51 2025 [ntop uptime: 4 days 20:07:05]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include all interfaces (merged)