Info about Archivos2

Please enable make sure that the ntop html/ directory is properly installed

Info about Archivos2

IP Address 192.168.1.9 [unicast] [ Purge Asset ]

First/Last Seen Mon Jun 9 04:12:46 2025 - Sat Jun 14 00:11:02 2025 [Inactive since 8 sec]

MAC Address Network Interface Card (NIC) AC:22:0B:78:A5:3C

OS Name OS: Windows [Windows XP]

Host Location Local (inside specified/local subnet)

IP TTL (Time to Live) 1:64 [~0 hop(s)]

Total Data Sent 17.1 MBytes/101,212 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 1,146 Pkts

Multicast Traffic Sent 121.6 KBytes/1,018 Pkts

Data Sent Stats
Local 5.8 %

Rem 94.2 %

IP vs. Non-IP Sent
IP 96.1 %

Non-IP 3.9 %

Total Data Rcvd 63.5 MBytes/108,246 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats
Local 1.3 %

Rem 98.7 %

IP vs. Non-IP Rcvd
IP 99.4 %

Non-IP 0.6 %

Sent vs. Rcvd Pkts
Sent 48.3 %

Rcvd 51.7 %

Sent vs. Rcvd Data
Sent 21.2 %

Rcvd 78.8 %

Used Subnet Routers 00:24:8C:DE:84:31 Network Card
Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):

Unexpected packets (e.g. traffic to closed port or connection reset):
[Rcvd: rst] [Rcvd: hostnet unreac]

Host Traffic Stats

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
12 AM	8.8 KBytes	0.3 %	32.9 KBytes	0.1 %
11 PM	74.6 KBytes	2.4 %	80.9 KBytes	0.2 %
10 PM	52.5 KBytes	1.7 %	76.9 KBytes	0.2 %
9 PM	67.2 KBytes	2.2 %	73.9 KBytes	0.2 %
8 PM	61.0 KBytes	2.0 %	78.7 KBytes	0.2 %
7 PM	80.5 KBytes	2.6 %	108.9 KBytes	0.3 %
6 PM	70.5 KBytes	2.3 %	75.3 KBytes	0.2 %
5 PM	65.9 KBytes	2.2 %	74.9 KBytes	0.2 %
4 PM	63.9 KBytes	2.1 %	94.9 KBytes	0.3 %
3 PM	68.0 KBytes	2.2 %	102.6 KBytes	0.3 %
2 PM	56.1 KBytes	1.8 %	60.3 KBytes	0.2 %
1 PM	65.8 KBytes	2.2 %	74.0 KBytes	0.2 %
12 PM	65.5 KBytes	2.1 %	77.7 KBytes	0.2 %
11 AM	69.9 KBytes	2.3 %	92.8 KBytes	0.3 %
10 AM	55.3 KBytes	1.8 %	54.9 KBytes	0.2 %
9 AM	65.0 KBytes	2.1 %	77.9 KBytes	0.2 %
8 AM	57.6 KBytes	1.9 %	62.1 KBytes	0.2 %
7 AM	63.8 KBytes	2.1 %	69.0 KBytes	0.2 %
6 AM	58.7 KBytes	1.9 %	54.7 KBytes	0.2 %
5 AM	920.0 KBytes	30.2 %	15.9 MBytes	46.0 %
4 AM	753.4 KBytes	24.7 %	17.0 MBytes	49.3 %
3 AM	79.3 KBytes	2.6 %	119.7 KBytes	0.3 %
2 AM	61.0 KBytes	2.0 %	54.9 KBytes	0.2 %
1 AM	65.3 KBytes	2.1 %	74.8 KBytes	0.2 %
Total

Packet Statistics

TCP Flags	Pkts Sent		Pkts Rcvd
RST\|ACK	7	settings-win.data.microsoft.com www.telecommandsvc.microsoft.com settings-win.data.microsoft.com v10.events.data.microsoft.com settings-win.data.microsoft.com v10.events.data.microsoft.com	165	v10.events.data.microsoft.com v10.events.data.microsoft.com v10.events.data.microsoft.com v10.events.data.microsoft.com client.teamviewer.com v10.events.data.microsoft.com v10.vortex-win.data.microsoft.com v10.vortex-win.data.microsoft.com
RST	1	functional.events.data.microsoft.com	23	go.microsoft.com client.wns.windows.com
NULL	84	cpe-186-22-19-64.telecentro-reversos.com.ar win10.ipv6.microsoft.com udp.ping.teamviewer.com udp.ping.teamviewer.com udp.ping.teamviewer.com udp.ping.teamviewer.com udp.ping.teamviewer.com udp.ping.teamviewer.com	0

Anomaly	Pkts Sent to		Pkts Rcvd from
ICMP Net Unreachable	0		7	200.80.220.74

ARP	Packet
Request Sent	7,761
Reply Rcvd	7,722 (99.5 %)
Reply Sent	7,648

Protocol Distribution

Protocol

Data Sent

Data Rcvd

TCP

15.9 MBytes

62.6 MBytes

UDP

532.5 KBytes

504.1 KBytes

ICMP

0.0 KBytes

0.8 KBytes

(R)ARP

692.2 KBytes

420.2 KBytes

IGMP

7.8 KBytes

0.0 KBytes

Protocol Distribution

IP Distribution

ICMP Traffic

Type	Pkt Sent	Pkt Rcvd
Unreach	0	7

Last Contacted Peers

Sent To	IP Address
client.teamviewer.com	191.235.228.33
nustal05.advance.com.ar	200.0.243.10
wns2-bl2p.wns.windows.com	172.172.255.216
v10.vortex-win.data.microsoft.com	40.79.189.58
time.windows.com	40.119.6.228
router14.teamviewer.com	34.151.192.28
00:24:8C:DE:84:31
Total Contacts	2650

Received From	IP Address
9.au.download.windowsupdate.com	186.158.77.50
client.teamviewer.com	191.235.228.33
nustal05.advance.com.ar	200.0.243.10
router14.teamviewer.com	34.151.192.28
wns2-bl2p.wns.windows.com	172.172.255.216
00:24:8C:DE:84:31
v10.vortex-win.data.microsoft.com	40.79.189.58
time.windows.com	40.119.6.228
Total Contacts	1621

IP Service Stats: Client Role

	# Loc. Req. Sent		# Rem. Req. Sent		# Pos. Reply Rcvd		# Neg. Reply Rcvd		Local RndTrip	Rem RndTrip
DNS	1,522	70.0%	624	29.0%	1,334	89.0%	160	10.0%	0.1 ms - 30.0 sec	3.2 ms - 969.8 ms

TCP/UDP Service/Port Usage

IP Service	Port	# Client Sess.	Last Client Peer	# Server Sess.	Last Server Peer
domain	53	3639/499.6 KBytes	00:24:8C:DE:84:31
www	80	37032/48.5 MBytes	9.au.download.windowsupdate.com
ntp	123	881/41.3 KBytes	time.windows.com	881/41.3 KBytes	time.windows.com
https	443	699/20.9 MBytes	router14.teamviewer.com

TCP/UDP - Traffic on Other Ports

Client Port	Server Port
64894

TCP/UDP Recently Used Ports

Client Port	Server Port
64894	ntp

761 Active TCP/UDP Sessions

Client	Server	Data Sent	Data Rcvd	Active Since	Last Seen	Duration	Inactive	Latency	L7 Proto	Note
Archivos2 :64894	router13.teamviewer.com :https	1.2 MBytes	1.2 MBytes	Wed Jun 11 06:52:46 2025	Sat Jun 14 00:11:02 2025	2 days 17:18:16	8 sec			SYN ACK PUSH
Archivos2 :61475	client.wns.windows.com :https	133.8 KBytes	188.7 KBytes	Fri Jun 13 09:39:38 2025	Sat Jun 14 00:10:41 2025	14:31:03	29 sec			SYN ACK PUSH

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes

Report created on Sat Jun 14 00:11:10 2025 [ntop uptime: 4 days 19:58:24]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include all interfaces (merged)