Info about host

Please enable make sure that the ntop html/ directory is properly installed

Info about host

IP Address 163.30.63.129 Flag for ISO 3166 code tw (from p2c file) [unicast] [ Purge Asset ]

Custom Host Name

First/Last Seen Thu Sep 18 00:00:13 2025 - Thu Sep 18 10:56:41 2025 [Inactive since 1 sec]

Autonomous System 3462

Subnet 163.30.63.128/25

Domain tw

MAC Address Network Interface Card (NIC) 00:26:18:2C:75:E2

Origin AS 3462

Host Location Local (inside specified/local subnet or known network list)

IP TTL (Time to Live) 64:64 [~0 hop(s)]

Total Data Sent 926/4 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 0 Pkts

Data Sent Stats
Local 9.1 %

Rem 90.9 %

IP vs. Non-IP Sent
IP 90.9 %

Non-IP 9.1 %

Total Data Rcvd 18.8 MBytes/143,553 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats
0 %

Rem 100 %

IP vs. Non-IP Rcvd
IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts
0 %

Rcvd 100 %

Sent vs. Rcvd Data
0 %

Rcvd 100 %

Used Subnet Routers 00:5D:73:14:1A:C1 Network Card
Host Type Printer Printer
SMTP (Mail) Server Mail (SMTP)
POP Server
IMAP Server
FTP Server
HTTP Server

Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):
[Rcvd: rst] [Rcvd: port unreac] [Rcvd: admin prohib]

Host Traffic Stats

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
10 AM	870	94.0 %	2.3 MBytes	12.2 %
9 AM	0	0.0 %	2.2 MBytes	11.6 %
8 AM	0	0.0 %	3.6 MBytes	18.9 %
7 AM	0	0.0 %	2.5 MBytes	13.5 %
6 AM	28	3.0 %	1.8 MBytes	9.6 %
5 AM	0	0.0 %	1.2 MBytes	6.6 %
4 AM	0	0.0 %	873.0 KBytes	4.5 %
3 AM	0	0.0 %	1.3 MBytes	6.7 %
2 AM	28	3.0 %	960.0 KBytes	5.0 %
1 AM	0	0.0 %	1.0 MBytes	5.4 %
12 AM	0	0.0 %	1.1 MBytes	6.0 %
11 PM	0	0.0 %	0	0.0 %
10 PM	0	0.0 %	0	0.0 %
9 PM	0	0.0 %	0	0.0 %
8 PM	0	0.0 %	0	0.0 %
7 PM	0	0.0 %	0	0.0 %
6 PM	0	0.0 %	0	0.0 %
5 PM	0	0.0 %	0	0.0 %
4 PM	0	0.0 %	0	0.0 %
3 PM	0	0.0 %	0	0.0 %
2 PM	0	0.0 %	0	0.0 %
1 PM	0	0.0 %	0	0.0 %
12 PM	0	0.0 %	0	0.0 %
11 AM	0	0.0 %	0	0.0 %
Total

Packet Statistics

TCP Connections	Directed to		Rcvd From
Attempted	21	i.gtld-servers.net a.dns-servers.vn d.gtld-servers.net	19,692	189.179.158.33 110.10.130.46 198.46.141.170 92.63.197.46 1.58.109.6 23-94-171-218-host.colocrossing.com 196.251.66.165 198-23-173-226-host.colocrossing.com
Established	21 [100 %]	i.gtld-servers.net a.dns-servers.vn d.gtld-servers.net	13,609 [69 %]	114.119.159.20 crawl-66-249-72-69.googlebot.com 114.119.129.22 178.16.53.142 cm-64-82-182-30.maxxsouthbb.net 114.119.154.186 1.58.109.6 110.10.130.46

TCP Flags	Pkts Sent		Pkts Rcvd
SYN	21	i.gtld-servers.net a.dns-servers.vn d.gtld-servers.net	19,692	189.179.158.33 110.10.130.46 198.46.141.170 92.63.197.46 1.58.109.6 23-94-171-218-host.colocrossing.com 196.251.66.165 198-23-173-226-host.colocrossing.com
RST\|ACK	0		1,008	178.16.53.142 205.210.31.83 azpdsswec9a4.stretchoid.com 66.132.153.130 176.46.138.56 1.58.109.6 scan.cypex.ai 110.10.130.46
RST	0		4,441	cm-64-82-182-30.maxxsouthbb.net 46.8.112.108 1.58.109.6 23-94-171-218-host.colocrossing.com 88.210.63.63 92.63.197.46 196.251.66.165 198-23-173-226-host.colocrossing.com
NULL	0		10	zl-amsc-nl-gp6-wk119c.internet-census.org 185.243.5.117 8.221.142.108 8.219.9.139 195-154-44-173.rev.poneytelecom.eu scanner-14.ch1.censys-scanner.com www.internet-albedo.net 205.210.31.239

Anomaly	Pkts Sent to		Pkts Rcvd from
UDP Pkt to Closed Port	12	ns3.hi-link.ru slave.btcl.com.bd ns02.caspel.com 77.244.112.31	0
TCP Pkt Disgnostic Port	0		1	heartfelt.census.internet-measurement.com
Tiny Fragments	0		13	ns3.afrinic.net
ICMP Port Unreachable	0		12	ns3.hi-link.ru slave.btcl.com.bd ns02.caspel.com 77.244.112.31
ICMP Administratively Prohibited	0		2	sun1.ncu.edu.tw 116.255.254.185

ARP	Packet
Request Sent	0
Reply Rcvd	0 (0.0 %)
Reply Sent	3

Protocol Distribution

Protocol

Data Sent

Data Rcvd

TCP

0.8 KBytes

15.6 MBytes

UDP

0.0 KBytes

2.8 MBytes

ICMP

0.0 KBytes

378.7 KBytes

(R)ARP

0.1 KBytes

Protocol Distribution

IP Distribution

ICMP Traffic

Type	Pkt Sent	Pkt Rcvd
Echo Request	0	4,333
Unreach	0	14
Time Exceeded	0	1

IP Fragments Distribution

Protocol	Data Sent	Data Rcvd
UDP	0.0 KBytes	39.8 KBytes
Fragment Distribution
IP Fragment Distribution

Last Contacted Peers

Sent To	IP Address
00:5D:73:14:1A:C1
1.58.109.6	1.58.109.6
Total Contacts	2

Received From	IP Address
110.10.130.46	110.10.130.46
198.46.141.170	198.46.141.170
43.174.251.117	43.174.251.117
92.63.197.46	92.63.197.46
23-94-171-218-host.colocrossing.com	23.94.171.218
196.251.66.165	196.251.66.165
1.58.109.6	1.58.109.6
198-23-173-226-host.colocrossing.com	198.23.173.226
Total Contacts	15465

TCP/UDP Service/Port Usage

IP Service	Port	# Client Sess.	Last Client Peer	# Server Sess.	Last Server Peer
ftp	21			8/102	ec2-54-221-189-140.compute-1.amazonaws.com
ssh	22			36596/5.7 MBytes	110.10.130.46
smtp	25			550/4.8 KBytes	178.16.53.142
domain	53	8244/2.4 MBytes	dns100.ovh.us	6/913	azpdegwykt5n.stretchoid.com
pop3	110			3/274	ec2-23-22-135-42.compute-1.amazonaws.com
https	443			1/24	5.187.35.27
submission	587			3/250	205.210.31.83

TCP/UDP - Traffic on Other Ports

Client Port	Server Port
	3000

TCP/UDP Recently Used Ports

Client Port	Server Port
62747	ssh

Active TCP/UDP Sessions

Client	Server	Data Sent	Data Rcvd	Active Since	Last Seen	Duration	Inactive	Client/Server Network Delay		L7 Proto	Note
1.58.109.6 :35522	host :ssh	1.5 KBytes	0	Thu Sep 18 10:56:36 2025	Thu Sep 18 10:56:41 2025	5 sec	1 sec				SYN ACK PUSH

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes