(C) 1998-2007 - Luca Deri  
Please enable make sure that the ntop html/ directory is properly installed

 

 

Info about CPA-ACICCHINO

IP Address192.168.1.194   [unicast] [ Purge Asset ]
First/Last SeenMon Jul 14 04:12:36 2025  -  Wed Jul 16 23:10:47 2025 [Inactive since 2 sec]
MAC Address Network Interface Card (NIC)D8:5E:D3:2D:52:7D 
Host LocationLocal (inside specified/local subnet)
IP TTL (Time to Live)1:128 [~0 hop(s)]
Total Data Sent1.3 GBytes/8,161,134 Pkts/0 Retran. Pkts [0%]
Broadcast Pkts Sent10,831 Pkts
Multicast TrafficSent 5.0 MBytes/25,186 Pkts 
Data Sent Stats
0 %
 
Rem 100 %
IP vs. Non-IP Sent
IP 100 %
 
Non-IP 0 %
Total Data Rcvd13.9 GBytes/15,900,397 Pkts/0 Retran. Pkts [0%]
Data Rcvd Stats
0 %
 
Rem 100 %
IP vs. Non-IP Rcvd
IP 100 %
 
Non-IP 0 %
Sent vs. Rcvd Pkts
Sent 33.9 %
  
Rcvd 66.1 %
Sent vs. Rcvd Data
Sent 8.5 %
  
Rcvd 91.5 %
Used Subnet Routers 00:24:8C:DE:84:31 Network Card
Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
  1. Medium RiskSuspicious activities: too many host contacts
  2. Medium RiskUnexpected packets (e.g. traffic to closed port or connection reset):
  3. Low RiskUnexpected packets (e.g. traffic to closed port or connection reset):
    [Rcvd: rst] [Sent: closed-empty] 

 

Host Traffic Stats

TimeTot. Traffic Sent% Traffic SentTot. Traffic Rcvd% Traffic Rcvd
11 PM 620.3 KBytes0.1 %267.6 KBytes0.0 %
10 PM 3.5 MBytes0.9 %3.7 MBytes0.1 %
9 PM 3.3 MBytes0.8 %1.3 MBytes0.0 %
8 PM 3.5 MBytes0.9 %1.5 MBytes0.0 %
7 PM 4.7 MBytes1.2 %25.3 MBytes0.5 %
6 PM 3.4 MBytes0.8 %1.4 MBytes0.0 %
5 PM 3.5 MBytes0.9 %1.4 MBytes0.0 %
4 PM 3.5 MBytes0.9 %3.7 MBytes0.1 %
3 PM 3.2 MBytes0.8 %1.2 MBytes0.0 %
2 PM 3.1 MBytes0.8 %1.9 MBytes0.0 %
1 PM 3.7 MBytes0.9 %2.0 MBytes0.0 %
12 PM 38.9 MBytes9.6 %379.5 MBytes7.9 %
11 AM 67.3 MBytes16.5 %856.1 MBytes17.8 %
10 AM 56.2 MBytes13.8 %749.1 MBytes15.6 %
9 AM 13.5 MBytes3.3 %110.1 MBytes2.3 %
8 AM 3.5 MBytes0.9 %4.2 MBytes0.1 %
7 AM 3.6 MBytes0.9 %1.5 MBytes0.0 %
6 AM 39.3 MBytes9.7 %427.8 MBytes8.9 %
5 AM 92.3 MBytes22.7 %1.8 GBytes37.3 %
4 AM 43.4 MBytes10.7 %440.2 MBytes9.1 %
3 AM 3.3 MBytes0.8 %1.4 MBytes0.0 %
2 AM 3.3 MBytes0.8 %1.4 MBytes0.0 %
1 AM 3.2 MBytes0.8 %1.3 MBytes0.0 %
12 AM 3.4 MBytes0.8 %3.6 MBytes0.1 %
Total

 

Packet Statistics

TCP ConnectionsDirected toRcvd From
Attempted42,323 0 
Established20,957 [50 %] 21
Terminated14 0 

TCP FlagsPkts SentPkts Rcvd
SYN42,323 0 
RST|ACK2,394 306
RST0  117
NULL86 0 

AnomalyPkts Sent toPkts Rcvd from
Closed Empty TCP Conn.14 0 

ARPPacket
Request Sent463
Reply Rcvd12 (2.6 %)
Reply Sent6,768

 

Protocol Distribution

ProtocolData SentData Rcvd
TCP1.2 GBytes
96%

 

 13.9 GBytes100
UDP42.6 MBytes
3%

 

 6.2 MBytes 
ICMP0.0 KBytes  0.2 KBytes 
(R)ARP324.8 KBytes  185.1 KBytes 
IGMP0.8 KBytes  0.0 KBytes 
Protocol Distribution
IP Distribution

 

ICMP Traffic

TypePkt SentPkt Rcvd
Time Exceeded02

 

Last Contacted Peers

Sent ToIP Address
chat.google.com 142.251.128.78 
router3.teamviewer.com 188.172.216.81 
prod-dynamite-prod-04-us-signaler-pa.clients6.google.com 142.251.128.74 
prod-dynamite-prod-05-us-signaler-pa.clients6.google.com 142.250.79.74 
ssl.gstatic.com 216.58.202.67 
224.0.0.251 224.0.0.251 
guc3-dealer.g2.spotify.com 35.186.224.46 
mtalk.google.com 172.217.192.188 
Total Contacts206416
Received FromIP Address
00:24:8C:DE:84:31 Network Card  
ssl.gstatic.com 216.58.202.67 
prod-dynamite-prod-04-us-signaler-pa.clients6.google.com 142.251.128.74 
spclient.wg.spotify.com 35.186.224.24 
chat.google.com 142.251.128.78 
router3.teamviewer.com 188.172.216.81 
prod-dynamite-prod-05-us-signaler-pa.clients6.google.com 142.250.79.74 
mtalk.google.com 172.217.192.188 
Total Contacts168738

 

IP Service Stats: Client Role

 # Loc. Req. Sent# Rem. Req. Sent# Pos. Reply Rcvd# Neg. Reply RcvdLocal RndTripRem RndTrip
DNS18,37156.0%14,42443.0%25,35799.0%880.0%0.0 ms - 77891.5 sec2.5 ms - 8.5 sec
HTTP00.0%00.0%1292.0%17.0%0.0 ms - 0.0 ms0.0 ms - 0.0 ms

 

TCP/UDP Service/Port Usage

IP ServicePort# Client Sess.Last Client Peer# Server Sess.Last Server Peer
domain5350947/6.2 MBytes00:24:8C:DE:84:31 Network Card   
www8048672/153.7 MBytescrl3.digicert.com   
ntp1238/384time.windows.com 8/384time.windows.com
https44336759/13.7 GBytesmtalk.google.com   

 

TCP/UDP - Traffic on Other Ports

Client PortServer Port
     

 

TCP/UDP Recently Used Ports

Client PortServer Port

 

P2P Recently Exchanged Files

File Name
  1. <unknown file> Upload Download 

 

411 Active TCP/UDP Sessions

ClientServerData SentData RcvdActive SinceLast SeenDurationInactiveLatencyL7 ProtoNote
CPA-ACICCHINO Medium Risk P2P Server :52796prod-dynamite-prod-05-us-signaler-pa.clients6.google.com  HTTP Server :https3.5 KBytes3.3 KBytesWed Jul 16 23:10:33 2025Wed Jul 16 23:10:33 20250 sec16 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :52797prod-dynamite-prod-05-us-signaler-pa.clients6.google.com  HTTP Server :https7.6 KBytes3.3 KBytesWed Jul 16 23:10:33 2025Wed Jul 16 23:10:33 20250 sec16 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :51885peoplestack-pa.clients6.google.com  HTTP Server :https179.6 KBytes64.9 KBytesWed Jul 16 22:40:31 2025Wed Jul 16 23:10:38 202530:0711 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :51888chat.google.com  HTTP Server Low Risk :https678.3 KBytes155.7 KBytesWed Jul 16 22:40:36 2025Wed Jul 16 23:10:22 202529:4627 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :52788chat.google.com  HTTP Server Low Risk :https8.0 KBytes5.1 KBytesWed Jul 16 23:10:21 2025Wed Jul 16 23:10:21 20250 sec28 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :55407client.wns.windows.com  HTTP Server Low Risk :https24.3 KBytes31.2 KBytesTue Jul 15 23:56:33 2025Wed Jul 16 23:07:32 202523:10:593:17   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :62168247.127.154.104.bc.googleusercontent.com  HTTP Server :https16.6 KBytes20.3 KBytesWed Jul 16 19:17:50 2025Wed Jul 16 23:09:52 20253:52:0257 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :49913mtalk.google.com  HTTP Server :https137.1 KBytes175.1 KBytesTue Jul 15 08:10:55 2025Wed Jul 16 23:10:45 20251 day 14:59:504 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :52785ssl.gstatic.com  HTTP Server Low Risk :https3.8 KBytes3.6 KBytesWed Jul 16 23:10:16 2025Wed Jul 16 23:10:16 20250 sec33 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :52800ssl.gstatic.com  HTTP Server Low Risk :https3.7 KBytes3.6 KBytesWed Jul 16 23:10:36 2025Wed Jul 16 23:10:36 20250 sec13 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :49683router3.teamviewer.com  HTTP Server :https1.7 MBytes1.6 MBytesTue Jul 15 08:09:27 2025Wed Jul 16 23:10:34 20251 day 15:01:0715 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :51429widget-content.spotify.com  HTTP Server :https26.2 KBytes11.0 KBytesWed Jul 16 22:25:19 2025Wed Jul 16 23:10:19 202545:0030 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :51562guc3-spclient.spotify.com  HTTP Server :https38.5 KBytes19.5 KBytesWed Jul 16 22:29:50 2025Wed Jul 16 23:10:10 202540:2039 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :52943guc3-dealer.g2.spotify.com  HTTP Server :https277.2 KBytes181.4 KBytesTue Jul 15 12:37:27 2025Wed Jul 16 23:10:44 20251 day 10:33:175 sec   SYN ACK PUSH 
CPA-ACICCHINO Medium Risk P2P Server :56031guc3-dealer.g2.spotify.com  HTTP Server :https295.8 KBytes287.0 KBytesWed Jul 16 02:48:00 2025Wed Jul 16 23:10:24 202520:22:2425 sec   SYN ACK PUSH 

The color of the host link indicates how recently the host was FIRST seen
  0 to 5 minutes     5 to 15 minutes     15 to 30 minutes     30 to 60 minutes     60+ minutes  
Report created on Wed Jul 16 23:10:49 2025 [ntop uptime: 2 days 18:58:13]
Generated by ntop v.3.3 [x86_64-unknown-linux-gnu]
© 1998-2007 by Luca Deri, built: Aug 6 2008 09:54:10.
Listening on [eth0] for all packets (i.e. without a filtering expression)
Web reports include only interface "eth0"