(C) 1998-2007 - Luca Deri  
Please enable make sure that the ntop html/ directory is properly installed

 

 

Info about Archivos

IP Address192.168.1.198   [unicast] [ Purge Asset ]
First/Last SeenMon Jun 9 04:12:45 2025  -  Sat Jun 14 00:32:30 2025 [Inactive since 11 sec]
MAC Address Network Interface Card (NIC)FC:34:97:E6:3A:C2 
OS NameOS: Windows [Windows XP] 
NetBios NameARCHIVOS (Workstation)
Host LocationLocal (inside specified/local subnet)
IP TTL (Time to Live)1:64 [~0 hop(s)]
Total Data Sent2.9 GBytes/6,162,917 Pkts/0 Retran. Pkts [0%]
Broadcast Pkts Sent3,546 Pkts
Multicast TrafficSent 152.3 KBytes/1,511 Pkts 
Data Sent Stats
0 %
 
Rem 100 %
IP vs. Non-IP Sent
IP 100 %
 
Non-IP 0 %
Total Data Rcvd4.3 GBytes/6,998,226 Pkts/0 Retran. Pkts [0%]
Data Rcvd Stats
0 %
 
Rem 100 %
IP vs. Non-IP Rcvd
IP 100 %
 
Non-IP 0 %
Sent vs. Rcvd Pkts
Sent 46.8 %
  
Rcvd 53.2 %
Sent vs. Rcvd Data
Sent 40.4 %
  
Rcvd 59.6 %
Used Subnet Routers 00:24:8C:DE:84:31 Network Card
Host TypeServer
Workstation
Master Browser
Known Users Users cpainformatica@cpaba.com.ar [ SMTP ]
Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
  1. Medium RiskSuspicious activities: too many host contacts
  2. Medium RiskUnexpected packets (e.g. traffic to closed port or connection reset):
  3. Low RiskUnexpected packets (e.g. traffic to closed port or connection reset):
    [Rcvd: rst] [Sent: closed-empty] [Rcvd: hostnet unreac] 

 

Host Traffic Stats

TimeTot. Traffic Sent% Traffic SentTot. Traffic Rcvd% Traffic Rcvd
12 AM 1.2 MBytes0.2 %2.0 MBytes0.2 %
11 PM 2.2 MBytes0.3 %3.6 MBytes0.4 %
10 PM 3.9 MBytes0.6 %6.4 MBytes0.6 %
9 PM 8.4 MBytes1.2 %13.3 MBytes1.3 %
8 PM 3.7 MBytes0.5 %5.9 MBytes0.6 %
7 PM 2.1 MBytes0.3 %3.5 MBytes0.4 %
6 PM 2.2 MBytes0.3 %3.6 MBytes0.4 %
5 PM 2.1 MBytes0.3 %3.4 MBytes0.3 %
4 PM 1.9 MBytes0.3 %3.3 MBytes0.3 %
3 PM 1.6 MBytes0.2 %2.7 MBytes0.3 %
2 PM 1.5 MBytes0.2 %2.8 MBytes0.3 %
1 PM 1.7 MBytes0.2 %4.2 MBytes0.4 %
12 PM 1.5 MBytes0.2 %3.9 MBytes0.4 %
11 AM 1.5 MBytes0.2 %3.8 MBytes0.4 %
10 AM 1.8 MBytes0.3 %4.4 MBytes0.4 %
9 AM 2.1 MBytes0.3 %4.7 MBytes0.5 %
8 AM 2.3 MBytes0.3 %5.0 MBytes0.5 %
7 AM 2.2 MBytes0.3 %4.8 MBytes0.5 %
6 AM 2.2 MBytes0.3 %4.7 MBytes0.5 %
5 AM 2.1 MBytes0.3 %4.3 MBytes0.4 %
4 AM 2.7 MBytes0.4 %5.4 MBytes0.5 %
3 AM 3.2 MBytes0.5 %7.4 MBytes0.7 %
2 AM 343.8 MBytes48.9 %105.5 MBytes10.5 %
1 AM 305.2 MBytes43.4 %793.5 MBytes79.2 %
Total

 

Packet Statistics

TCP ConnectionsDirected toRcvd From
Attempted8 0 
Terminated4 0 

TCP FlagsPkts SentPkts Rcvd
SYN8 0 
RST|ACK568 137
RST443 3,118
NULL161 0 

AnomalyPkts Sent toPkts Rcvd from
Closed Empty TCP Conn.4 0 
ICMP Net Unreachable0  7

ARPPacket
Request Sent4,636
Reply Rcvd4,197 (90.5 %)
Reply Sent7,057

 

Protocol Distribution

ProtocolData SentData Rcvd
TCP2.9 GBytes100% 4.3 GBytes100
UDP1.1 MBytes  806.7 KBytes 
ICMP0.0 KBytes  0.8 KBytes 
(R)ARP525.3 KBytes  308.1 KBytes 
IGMP16.1 KBytes  0.0 KBytes 
Protocol Distribution
IP Distribution

 

ICMP Traffic

TypePkt SentPkt Rcvd
Unreach07

 

Last Contacted Peers

Sent ToIP Address
router16.teamviewer.com 34.151.192.21 
mail.cpaba.com.ar 182.160.27.251 
224.0.0.251 224.0.0.251 
nustal05.advance.com.ar 200.0.243.10 
00:24:8C:DE:84:31 Network Card  
v10.vortex-win.data.microsoft.com 20.42.73.28 
v10.vortex-win.data.microsoft.com 20.50.73.11 
Total Contacts5536
Received FromIP Address
wns2-bl2p.wns.windows.com 172.172.255.218 
nustal05.advance.com.ar 200.0.243.10 
v10.vortex-win.data.microsoft.com 20.50.73.11 
router16.teamviewer.com 34.151.192.21 
00:24:8C:DE:84:31 Network Card  
settings-win.data.microsoft.com 52.137.106.217 
v10.vortex-win.data.microsoft.com 20.42.73.28 
mail.cpaba.com.ar 182.160.27.251 
Total Contacts3146

 

IP Service Stats: Client Role

 # Loc. Req. Sent# Rem. Req. Sent# Pos. Reply Rcvd# Neg. Reply RcvdLocal RndTripRem RndTrip
DNS3,13872.0%1,18427.0%2,97793.0%2036.0%0.1 ms - 24.0 sec3.2 ms - 174.7 ms
HTTP00.0%00.0%1100.0%00.0%0.0 ms - 0.0 ms0.0 ms - 0.0 ms

 

TCP/UDP Service/Port Usage

IP ServicePort# Client Sess.Last Client Peer# Server Sess.Last Server Peer
smtp25294/18.5 KBytesmail.cpaba.com.ar   
domain537488/866.6 KBytes00:24:8C:DE:84:31 Network Card   
www8050697/323.7 MBytes9.au.download.windowsupdate.com   
ntp1234/192time.windows.com 4/192time.windows.com
https44338062/81.0 MBytesrouter16.teamviewer.com   
microsoft-ds445  28/5.5 KBytes70:71:BC:3B:ED:51 Network Card

 

TCP/UDP - Traffic on Other Ports

Client PortServer Port

 

TCP/UDP Recently Used Ports

Client PortServer Port

 

124 Active TCP/UDP Sessions

ClientServerData SentData RcvdActive SinceLast SeenDurationInactiveLatencyL7 ProtoNote
Archivos [NetBIOS] Medium Risk Users :61933www.cpa.org.ar  Mail (SMTP) HTTP Server Low Risk P2P Server :mysql573744Sat Jun 14 00:31:48 2025Sat Jun 14 00:31:48 20250 sec53 sec   SYN ACK PUSH 
Archivos [NetBIOS] Medium Risk Users :50177router15.teamviewer.com  HTTP Server :https1.1 MBytes1.2 MBytesWed Jun 11 06:52:51 2025Sat Jun 14 00:32:25 20252 days 17:39:3416 sec   SYN ACK PUSH 
Archivos [NetBIOS] Medium Risk Users :60445client.wns.windows.com  HTTP Server Low Risk :https49.4 KBytes71.0 KBytesFri Jun 13 09:33:38 2025Sat Jun 14 00:30:43 202514:57:051:58   SYN ACK PUSH 

The color of the host link indicates how recently the host was FIRST seen
  0 to 5 minutes     5 to 15 minutes     15 to 30 minutes     30 to 60 minutes     60+ minutes  
Report created on Sat Jun 14 00:32:41 2025 [ntop uptime: 4 days 20:19:55]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include all interfaces (merged)