Info about CPATRIBUNAL

Please enable make sure that the ntop html/ directory is properly installed

Info about CPATRIBUNAL

IP Address 192.168.1.27 [unicast] [ Purge Asset ]

First/Last Seen Mon Jun 9 04:48:26 2025 - Fri Jun 13 22:53:47 2025 [Inactive since 1 sec]

MAC Address Network Interface Card (NIC) 70:71:BC:72:1F:5B

OS Name OS: Windows [Windows XP Pro, Windows 2000 Pro]

Host Location Local (inside specified/local subnet)

IP TTL (Time to Live) 1:128 [~0 hop(s)]

Total Data Sent 1.6 GBytes/8,042,808 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 165,847 Pkts

Multicast Traffic Sent 1.3 MBytes/3,014 Pkts

Data Sent Stats
Local 0.8 %

Rem 99.2 %

IP vs. Non-IP Sent
IP 100 %

Non-IP 0 %

Total Data Rcvd 13.2 GBytes/13,509,767 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats
0 %

Rem 100 %

IP vs. Non-IP Rcvd
IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts
Sent 37.3 %

Rcvd 62.7 %

Sent vs. Rcvd Data
Sent 10.9 %

Rcvd 89.1 %

Used Subnet Routers 00:24:8C:DE:84:31 Network Card
Host Type VoIP Host VoIP

Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Wrong network mask or bridging enabled
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):

Unexpected packets (e.g. traffic to closed port or connection reset):
[Rcvd: rst] [Sent: closed-empty] [Rcvd: hostnet unreac]

Host Traffic Stats

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
10 PM	2.1 MBytes	0.8 %	1.5 MBytes	0.1 %
9 PM	2.3 MBytes	0.8 %	1.1 MBytes	0.1 %
8 PM	2.2 MBytes	0.8 %	1.1 MBytes	0.1 %
7 PM	2.2 MBytes	0.8 %	1.0 MBytes	0.1 %
6 PM	2.2 MBytes	0.8 %	1.0 MBytes	0.1 %
5 PM	2.6 MBytes	0.9 %	11.6 MBytes	0.6 %
4 PM	2.2 MBytes	0.8 %	1020.0 KBytes	0.0 %
3 PM	8.1 MBytes	2.9 %	281.7 MBytes	14.1 %
2 PM	2.2 MBytes	0.8 %	1.1 MBytes	0.1 %
1 PM	2.2 MBytes	0.8 %	1.0 MBytes	0.1 %
12 PM	6.6 MBytes	2.4 %	75.2 MBytes	3.8 %
11 AM	13.3 MBytes	4.8 %	83.6 MBytes	4.2 %
10 AM	22.9 MBytes	8.3 %	114.0 MBytes	5.7 %
9 AM	30.0 MBytes	10.8 %	130.3 MBytes	6.5 %
8 AM	16.3 MBytes	5.9 %	49.2 MBytes	2.5 %
7 AM	33.8 MBytes	12.2 %	244.6 MBytes	12.2 %
6 AM	45.3 MBytes	16.4 %	384.4 MBytes	19.2 %
5 AM	59.5 MBytes	21.4 %	379.5 MBytes	19.0 %
4 AM	5.5 MBytes	2.0 %	38.7 MBytes	1.9 %
3 AM	2.3 MBytes	0.8 %	1.1 MBytes	0.1 %
2 AM	2.3 MBytes	0.8 %	1.0 MBytes	0.1 %
1 AM	2.3 MBytes	0.8 %	1.0 MBytes	0.1 %
12 AM	6.7 MBytes	2.4 %	194.4 MBytes	9.7 %
11 PM	2.2 MBytes	0.8 %	1.1 MBytes	0.1 %
Total

Packet Statistics

TCP Connections	Directed to		Rcvd From
Attempted	175,101	addons-pa.clients6.google.com accounts.google.com prod-dynamite-prod-02-us-signaler-pa.clients6.google.com waa-pa.clients6.google.com waa-pa.clients6.google.com safebrowsing.googleapis.com clientservices.googleapis.com play.google.com	0
Established	86,811 [50 %]	addons-pa.clients6.google.com accounts.google.com prod-dynamite-prod-02-us-signaler-pa.clients6.google.com waa-pa.clients6.google.com waa-pa.clients6.google.com safebrowsing.googleapis.com clientservices.googleapis.com play.google.com	77	lanacion-ar-d.openx.net cs.yellowblue.io ap.lijit.com secure.adnxs.com track1.aniview.com shb.richaudience.com events.newsroom.bi static.hotjar.com
Terminated	458	ib.adnxs.com secure.adnxs.com sync.kiviads.com secure.adnxs.com secure.adnxs.com secure.adnxs.com ib.adnxs.com secure.adnxs.com	0

TCP Flags	Pkts Sent		Pkts Rcvd
SYN	175,101	addons-pa.clients6.google.com accounts.google.com prod-dynamite-prod-02-us-signaler-pa.clients6.google.com waa-pa.clients6.google.com waa-pa.clients6.google.com safebrowsing.googleapis.com clientservices.googleapis.com play.google.com	0
RST\|ACK	15,825	v10.events.data.microsoft.com settings-win.data.microsoft.com v10.events.data.microsoft.com v10.events.data.microsoft.com nexus.officeapps.live.com settings-win.data.microsoft.com download.microsoft.com v10.events.data.microsoft.com	962	rr1---sn-jup-x1xd.googlevideo.com rr4---sn-ja5gv5g-x1xd.googlevideo.com aax-us-east.amazon-adsystem.com client.teamviewer.com client.teamviewer.com config.teams.microsoft.com config.teams.microsoft.com wdcp.microsoft.com
RST	0		1,995	rr5---sn-x1xe7n76.googlevideo.com visitor.omnitagjs.com us.ck-ie.com stream-production.avcdn.net sync.driftpixel.live ssl.gstatic.com prod-dynamite-prod-02-us-signaler-pa.clients6.google.com signaler-pa.clients6.google.com
NULL	99	stun.l.google.com ec2-52-23-111-175.compute-1.amazonaws.com aa.online-metrix.net	0

Anomaly	Pkts Sent to		Pkts Rcvd from
Closed Empty TCP Conn.	458	ib.adnxs.com secure.adnxs.com sync.kiviads.com secure.adnxs.com secure.adnxs.com secure.adnxs.com ib.adnxs.com secure.adnxs.com	0
ICMP Net Unreachable	0		5	200.80.220.74

ARP	Packet
Request Sent	162,909
Reply Rcvd	29 (0.0 %)
Reply Sent	7,071

Protocol Distribution

Protocol

Data Sent

Data Rcvd

TCP

1.5 GBytes

13.2 GBytes

UDP

71.7 MBytes

19.7 MBytes

ICMP

3.3 KBytes

3.5 KBytes

ICMPv6

0.2 KBytes

0.0 KBytes

IPv6

0.2 KBytes

0.0 KBytes

(R)ARP

7.5 MBytes

194.1 KBytes

IGMP

0.8 KBytes

0.0 KBytes

Protocol Distribution

IP Distribution

ICMP Traffic

Type	Pkt Sent	Pkt Rcvd
Echo Request	32	0
Echo Reply	0	10
Unreach	0	5
Time Exceeded	0	22

Last Contacted Peers

Sent To	IP Address
clientservices.googleapis.com	142.250.79.99
waa-pa.clients6.google.com	142.251.129.106
ssl.gstatic.com	142.251.128.131
play.google.com	216.58.202.78
safebrowsing.googleapis.com	142.251.128.42
router7.teamviewer.com	188.172.244.142
peoplestack-pa.clients6.google.com	142.250.79.138
Total Contacts	552127

Received From	IP Address
play.google.com	216.58.202.78
mail.google.com	142.251.129.101
00:24:8C:DE:84:31
clientservices.googleapis.com	142.250.79.99
waa-pa.clients6.google.com	142.251.129.106
ssl.gstatic.com	142.251.128.131
safebrowsing.googleapis.com	142.251.128.42
peoplestack-pa.clients6.google.com	142.250.79.138
Total Contacts	458087

IP Service Stats: Client Role

	# Loc. Req. Sent		# Rem. Req. Sent		# Pos. Reply Rcvd		# Neg. Reply Rcvd		Local RndTrip	Rem RndTrip
DNS	51,159	56.0%	40,107	43.0%	88,986	99.0%	892	0.0%	0.0 ms - 187743.7 sec	2.7 ms - 1.7 sec
HTTP	0	0.0%	0	0.0%	1	100.0%	0	0.0%	0.0 ms - 0.0 ms	0.0 ms - 0.0 ms

TCP/UDP Service/Port Usage

IP Service	Port	# Client Sess.	Last Client Peer
domain	53	50091/19.6 MBytes	00:24:8C:DE:84:31
www	80	46218/1.4 GBytes	ctldl.windowsupdate.com
snmp	161	2/84	192.168.1.75
https	443	64077/12.3 GBytes	play.google.com

TCP/UDP - Traffic on Other Ports

Client Port	Server Port
54475

TCP/UDP Recently Used Ports

Client Port	Server Port
54475	mdns

P2P Recently Exchanged Files

File Name
<unknown file>

131 Active TCP/UDP Sessions

Client	Server	Data Sent	Data Rcvd	Active Since	Last Seen	Duration	Inactive	Note
CPATRIBUNAL :54435	waa-pa.clients6.google.com :https	87.5 KBytes	50.3 KBytes	Fri Jun 13 22:23:47 2025	Fri Jun 13 22:53:41 2025	29:54	7 sec	SYN ACK PUSH
CPATRIBUNAL :54475	chat.google.com :https	25.2 KBytes	9.1 KBytes	Fri Jun 13 22:53:30 2025	Fri Jun 13 22:53:47 2025	17 sec	1 sec	SYN ACK PUSH
CPATRIBUNAL :57730	mtalk.google.com :https	72.6 KBytes	95.5 KBytes	Fri Jun 13 02:34:05 2025	Fri Jun 13 22:53:07 2025	20:19:02	41 sec	SYN ACK PUSH
CPATRIBUNAL :52458	router8.teamviewer.com :https	1008.7 KBytes	988.3 KBytes	Wed Jun 11 06:52:50 2025	Fri Jun 13 22:53:25 2025	2 days 16:00:35	23 sec	SYN ACK PUSH
CPATRIBUNAL :53993	client.wns.windows.com :https	8.2 KBytes	11.4 KBytes	Fri Jun 13 17:26:48 2025	Fri Jun 13 22:51:07 2025	5:24:19	2:41	SYN ACK PUSH

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes

Report created on Fri Jun 13 22:53:48 2025 [ntop uptime: 4 days 18:41:02]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include all interfaces (merged)