Info about 0.0.0.0

Please enable make sure that the ntop html/ directory is properly installed

Info about 0.0.0.0

IP Address 192.168.1.24 [unicast] [ Purge Asset ]

First/Last Seen Mon Jul 14 04:55:44 2025 - Wed Jul 16 14:38:11 2025 [Inactive since 3 sec]

MAC Address Network Interface Card (NIC) D8:5E:D3:A4:58:68

OS Name OS: Windows [Windows 2000 Professional SP4]

Host Location Local (inside specified/local subnet)

IP TTL (Time to Live) 1:128 [~0 hop(s)]

Total Data Sent 61.0 MBytes/328,662 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 581 Pkts

Multicast Traffic Sent 1.0 MBytes/6,514 Pkts

Data Sent Stats
Local 1.6 %

Rem 98.4 %

IP vs. Non-IP Sent
IP 100 %

Non-IP 0 %

Total Data Rcvd 446.1 MBytes/454,391 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats
Local 0.6 %

Rem 99.4 %

IP vs. Non-IP Rcvd
IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts
Sent 42.0 %

Rcvd 58.0 %

Sent vs. Rcvd Data
Sent 12.0 %

Rcvd 88.0 %

Used Subnet Routers 00:24:8C:DE:84:31 Network Card
Host Type VoIP Host VoIP

Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Wrong network mask or bridging enabled
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):

Unexpected packets (e.g. traffic to closed port or connection reset):
[Rcvd: rst] [Sent: closed-empty] [Rcvd: port unreac]

Host Traffic Stats

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
2 PM	300.9 KBytes	0.9 %	594.4 KBytes	0.3 %
1 PM	538.9 KBytes	1.7 %	1.2 MBytes	0.6 %
12 PM	581.3 KBytes	1.8 %	1.4 MBytes	0.7 %
11 AM	471.8 KBytes	1.5 %	1.1 MBytes	0.5 %
10 AM	483.9 KBytes	1.5 %	1.0 MBytes	0.5 %
9 AM	599.0 KBytes	1.9 %	1.6 MBytes	0.8 %
8 AM	5.9 MBytes	19.1 %	20.1 MBytes	9.9 %
7 AM	1.4 MBytes	4.5 %	4.6 MBytes	2.3 %
6 AM	7.7 MBytes	24.7 %	54.5 MBytes	26.7 %
5 AM	4.7 MBytes	15.1 %	36.3 MBytes	17.8 %
4 AM	521.3 KBytes	1.6 %	1.1 MBytes	0.5 %
3 AM	456.7 KBytes	1.4 %	700.3 KBytes	0.3 %
2 AM	415.1 KBytes	1.3 %	637.9 KBytes	0.3 %
1 AM	498.0 KBytes	1.6 %	1.9 MBytes	0.9 %
12 AM	502.8 KBytes	1.6 %	920.4 KBytes	0.4 %
11 PM	448.7 KBytes	1.4 %	978.5 KBytes	0.5 %
10 PM	548.4 KBytes	1.7 %	1.6 MBytes	0.8 %
9 PM	1.9 MBytes	6.3 %	65.9 MBytes	32.3 %
8 PM	424.8 KBytes	1.3 %	817.7 KBytes	0.4 %
7 PM	446.4 KBytes	1.4 %	801.7 KBytes	0.4 %
6 PM	862.6 KBytes	2.7 %	1.2 MBytes	0.6 %
5 PM	637.6 KBytes	2.0 %	3.5 MBytes	1.7 %
4 PM	460.2 KBytes	1.4 %	903.0 KBytes	0.4 %
3 PM	465.5 KBytes	1.5 %	822.3 KBytes	0.4 %
Total

Packet Statistics

TCP Connections	Directed to		Rcvd From
Attempted	19,614	jnn-pa.googleapis.com stream-production.avcdn.net accounts.google.com stream-production.avcdn.net safebrowsing.googleapis.com www.youtube.com settings-win.data.microsoft.com settings-win.data.microsoft.com	0
Established	9,419 [48 %]	jnn-pa.googleapis.com stream-production.avcdn.net accounts.google.com stream-production.avcdn.net www.youtube.com safebrowsing.googleapis.com settings-win.data.microsoft.com settings-win.data.microsoft.com	5	www.google.com config.edge.skype.com v10.events.data.microsoft.com ads.stickyadstv.com adventori.com
Terminated	664	00:24:8C:DE:84:31 cs.globalsun.io cm.mgid.com msft-ssp-useast.adnxs.com mail.cpaba.com.ar	0

TCP Flags	Pkts Sent		Pkts Rcvd
SYN	19,614	jnn-pa.googleapis.com stream-production.avcdn.net accounts.google.com stream-production.avcdn.net safebrowsing.googleapis.com www.youtube.com settings-win.data.microsoft.com settings-win.data.microsoft.com	0
RST\|ACK	5,034	arc.msn.com stream-production.avcdn.net stream-production.avcdn.net s-nuistatic.avcdn.net stream-production.avcdn.net stream-production.avcdn.net settings-win.data.microsoft.com settings-win.data.microsoft.com	1,529	stream-production.avcdn.net stream-production.avcdn.net stream-production.avcdn.net config.edge.skype.com edge.microsoft.com stream-production.avcdn.net stream-production.avcdn.net stream-production.avcdn.net
RST	4	tunnel.googlezip.net	687	www.bing.com jnn-pa.googleapis.com safebrowsing.googleapis.com drivefrontend-pa.clients6.google.com www.youtube.com stream-production.avcdn.net www.bing.com stream-production.avcdn.net
NULL	159	00:24:8C:DE:84:31	0

Anomaly	Pkts Sent to		Pkts Rcvd from
UDP Pkt to Closed Port	66	00:24:8C:DE:84:31	0
Closed Empty TCP Conn.	664	00:24:8C:DE:84:31 cs.globalsun.io cm.mgid.com msft-ssp-useast.adnxs.com mail.cpaba.com.ar	0
ICMP Port Unreachable	0		66	00:24:8C:DE:84:31

ARP	Packet
Request Sent	253
Reply Rcvd	38 (15.0 %)
Reply Sent	4,541

Protocol Distribution

Protocol

Data Sent

Data Rcvd

TCP

55.6 MBytes

442.7 MBytes

UDP

5.3 MBytes

3.3 MBytes

ICMP

0.0 KBytes

4.7 KBytes

ICMPv6

0.1 KBytes

0.0 KBytes

IPv6

0.1 KBytes

0.0 KBytes

(R)ARP

215.4 KBytes

125.2 KBytes

IGMP

0.3 KBytes

0.0 KBytes

Protocol Distribution

IP Distribution

ICMP Traffic

Type	Pkt Sent	Pkt Rcvd
Unreach	0	66

Last Contacted Peers

Sent To	IP Address
www.youtube.com	142.251.128.142
mtalk.google.com	64.233.190.188
00:24:8C:DE:84:31
safebrowsing.googleapis.com	172.217.28.10
client.wns.windows.com	4.145.79.80
224.0.0.251	224.0.0.251
settings-win.data.microsoft.com	20.44.239.154
settings-win.data.microsoft.com	13.71.55.58
Total Contacts	26855

Received From	IP Address
www.youtube.com	142.251.128.142
safebrowsing.googleapis.com	172.217.28.10
nos.ns1.ff.avast.com	35.230.116.55
00:24:8C:DE:84:31
stream-production.avcdn.net	170.51.241.11
200.69.128.1	200.69.128.1
settings-win.data.microsoft.com	20.44.239.154
settings-win.data.microsoft.com	13.71.55.58
Total Contacts	22668

IP Service Stats: Client Role

	# Loc. Req. Sent		# Rem. Req. Sent		# Pos. Reply Rcvd		# Neg. Reply Rcvd		Local RndTrip	Rem RndTrip
DNS	8,399	55.0%	6,800	44.0%	11,829	99.0%	62	0.0%	0.0 ms - 80726.6 sec	2.5 ms - 576.8 ms
HTTP	0	0.0%	0	0.0%	365	100.0%	0	0.0%	0.0 ms - 0.0 ms	0.0 ms - 0.0 ms

TCP/UDP Service/Port Usage

IP Service	Port	# Client Sess.	Last Client Peer	# Server Sess.	Last Server Peer
ftp	21	42/663	00:24:8C:DE:84:31
domain	53	23912/3.3 MBytes	00:24:8C:DE:84:31
bootps	67	3/0	00:24:8C:DE:84:31
bootpc	68	3/0	00:24:8C:DE:84:31
tftp	69	3/78	00:24:8C:DE:84:31
www	80	23882/109.3 MBytes	stream-production.avcdn.net
ntp	123	38/1.8 KBytes	time.windows.com	14/672	time.windows.com
netbios-ns	137	3/0	00:24:8C:DE:84:31
netbios-dgm	138	3/0	00:24:8C:DE:84:31
snmp	161	3/0	00:24:8C:DE:84:31
https	443	31709/351.8 MBytes	www.youtube.com
isakmp	500	3/0	00:24:8C:DE:84:31

TCP/UDP - Traffic on Other Ports

Client Port	Server Port
58225

TCP/UDP Recently Used Ports

Client Port	Server Port
58225	mdns

508 Active TCP/UDP Sessions

Client	Server	Data Sent	Data Rcvd	Active Since	Last Seen	Duration	Inactive	Note
0.0.0.0 :54327	client.wns.windows.com :https	115.6 KBytes	157.4 KBytes	Wed Jul 16 04:56:10 2025	Wed Jul 16 14:37:17 2025	9:41:07	57 sec	SYN ACK PUSH
0.0.0.0 :49727	nos.ns1.ff.avast.com :https	90.0 KBytes	131.5 KBytes	Mon Jul 14 04:56:11 2025	Wed Jul 16 14:36:00 2025	2 days 9:39:49	2:14	SYN ACK PUSH
0.0.0.0 :58225	play.google.com :https	8.5 KBytes	5.4 KBytes	Wed Jul 16 14:33:27 2025	Wed Jul 16 14:38:11 2025	4:44	3 sec	SYN ACK PUSH
0.0.0.0 :62102	mtalk.google.com :https	21.2 KBytes	32.0 KBytes	Wed Jul 16 09:08:18 2025	Wed Jul 16 14:37:37 2025	5:29:19	37 sec	SYN ACK PUSH
0.0.0.0 :58226	ncc.avast.com :https	1.2 KBytes	2.9 KBytes	Wed Jul 16 14:36:20 2025	Wed Jul 16 14:36:20 2025	0 sec	1:54	SYN ACK PUSH

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes

Report created on Wed Jul 16 14:38:14 2025 [ntop uptime: 2 days 10:25:38]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include only interface "eth0"