(C) 1998-2008 - Luca Deri  
Please enable make sure that the ntop html/ directory is properly installed

 

 

Info about host

IP Address163.30.63.129 Flag for ISO 3166 code tw (from p2c file) [unicast] [ Purge Asset ]
Custom Host Name
First/Last SeenMon Aug 4 00:00:11 2025  -  Mon Aug 4 06:37:19 2025 [Inactive since 0 sec]
Autonomous System3462
Subnet163.30.63.128/25
Domaintw
MAC Address Network Interface Card (NIC)00:26:18:2C:75:E2 
Origin AS3462
Host LocationLocal (inside specified/local subnet or known network list)
IP TTL (Time to Live)64:64 [~0 hop(s)]
Total Data Sent20.0 KBytes/24 Pkts/0 Retran. Pkts [0%]
Broadcast Pkts Sent0 Pkts
Data Sent Stats
0 %
 
Rem 100 %
IP vs. Non-IP Sent
IP 100 %
 
Non-IP 0 %
Total Data Rcvd171.0 MBytes/1,481,267 Pkts/0 Retran. Pkts [0%]
Data Rcvd Stats
0 %
 
Rem 100 %
IP vs. Non-IP Rcvd
IP 100 %
 
Non-IP 0 %
Sent vs. Rcvd Pkts
0 %
 
Rcvd 100 %
Sent vs. Rcvd Data
0 %
 
Rcvd 100 %
Used Subnet Routers 00:5D:73:14:1A:C1 Network Card
Host TypePrinter Printer
VoIP Host VoIP
SMTP (Mail) Server Mail (SMTP)
POP Server 
IMAP Server 
FTP Server 
HTTP Server HTTP Server
Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
  1. Medium RiskSuspicious activities: too many host contacts
  2. Low RiskUnexpected packets (e.g. traffic to closed port or connection reset):
    [Rcvd: rst] [Rcvd: hostnet unreac] [Rcvd: admin prohib] 

 

Host Traffic Stats

TimeTot. Traffic Sent% Traffic SentTot. Traffic Rcvd% Traffic Rcvd
6 AM 1.5 KBytes7.7 %28.3 MBytes16.6 %
5 AM 6.0 KBytes30.1 %44.2 MBytes25.8 %
4 AM 8374.1 %28.1 MBytes16.4 %
3 AM 2.9 KBytes14.7 %26.1 MBytes15.2 %
2 AM 3.0 KBytes14.8 %24.5 MBytes14.3 %
1 AM 5.7 KBytes28.6 %10.5 MBytes6.2 %
12 AM 00.0 %9.3 MBytes5.4 %
11 PM 00.0 %00.0 %
10 PM 00.0 %00.0 %
9 PM 00.0 %00.0 %
8 PM 00.0 %00.0 %
7 PM 00.0 %00.0 %
6 PM 00.0 %00.0 %
5 PM 00.0 %00.0 %
4 PM 00.0 %00.0 %
3 PM 00.0 %00.0 %
2 PM 00.0 %00.0 %
1 PM 00.0 %00.0 %
12 PM 00.0 %00.0 %
11 AM 00.0 %00.0 %
10 AM 00.0 %00.0 %
9 AM 00.0 %00.0 %
8 AM 00.0 %00.0 %
7 AM 00.0 %00.0 %
Total

 

Packet Statistics

TCP ConnectionsDirected toRcvd From
Attempted18 137,328
Established18 [100 %] 134,496 [98 %]
Terminated0  5

TCP FlagsPkts SentPkts Rcvd
SYN18 137,328
RST|ACK0  148
RST0  2,168
NULL0  5

AnomalyPkts Sent toPkts Rcvd from
TCP Pkt Disgnostic Port0  6
Closed Empty TCP Conn.0  5
ICMP Net Unreachable0  1
ICMP Administratively Prohibited0  5

ARPPacket
Request Sent0
Reply Rcvd0 (0.0 %)
Reply Sent2

 

Protocol Distribution

ProtocolData SentData Rcvd
TCP19.9 KBytes100% 169.3 MBytes
98%

 

UDP0.0 KBytes  1.7 MBytes 
ICMP0.0 KBytes  76.4 KBytes 
(R)ARP0.1 KBytes  0.1 KBytes 
Protocol Distribution
IP Distribution

 

ICMP Traffic

TypePkt SentPkt Rcvd
Echo Request0811
Unreach06

 

Last Contacted Peers

Sent ToIP Address
00:5D:73:14:1A:C1 Network Card  
66.249.71.100 66.249.71.100 
ec2-100-29-192-17.compute-1.amazonaws.com 100.29.192.17 
crawl-192-178-6-3.googlebot.com 192.178.6.3 
crawl-66-249-71-102.googlebot.com 66.249.71.102 
192.178.6.7 192.178.6.7 
192.178.6.4 192.178.6.4 
crawl-66-249-71-97.googlebot.com 66.249.71.97 
Total Contacts14
Received FromIP Address
66.249.71.100 66.249.71.100 
crawl-66-249-71-96.googlebot.com 66.249.71.96 
crawl-192-178-6-10.googlebot.com 192.178.6.10 
crawl-192-178-6-5.googlebot.com 192.178.6.5 
crawl-192-178-6-6.googlebot.com 192.178.6.6 
192.178.6.4 192.178.6.4 
192.178.6.7 192.178.6.7 
216.73.216.76 216.73.216.76 
Total Contacts82518

 

TCP/UDP Service/Port Usage

IP ServicePort# Client Sess.Last Client Peer# Server Sess.Last Server Peer
ftp21  9/686prod14server01.academyforinternetresearch.org
ssh22  18042/2.9 MBytes61.176.22.166
smtp25  73/1.9 KBytes196.251.92.207
domain534760/1.5 MBytesafrinic.authdns.ripe.net 15/2.0 KBytesscan-59-3.security.ipip.net
http80  1/91scan-75-07.shadowserver.org
pop3110  9/984prod14server01.academyforinternetresearch.org
submission587  4/20147.185.133.97

 

TCP/UDP - Traffic on Other Ports

Client PortServer Port
     

 

TCP/UDP Recently Used Ports

Client PortServer Port

 

Active TCP/UDP Sessions

ClientServerData SentData RcvdActive SinceLast SeenDurationInactiveClient/Server Network DelayL7 ProtoNote
crawl-192-178-6-7.googlebot.com :49668host  VoIP Printer Mail (SMTP) HTTP Server Low Risk :30001.0 KBytes0Mon Aug 4 06:37:19 2025Mon Aug 4 06:37:19 20250 sec0 sec    SYN ACK PUSH 
crawl-192-178-6-4.googlebot.com Low Risk :62547host  VoIP Printer Mail (SMTP) HTTP Server Low Risk :30007620Mon Aug 4 06:37:19 2025Mon Aug 4 06:37:19 20250 sec0 sec    SYN ACK PUSH 
crawl-192-178-6-10.googlebot.com :35261host  VoIP Printer Mail (SMTP) HTTP Server Low Risk :30001.1 KBytes0Mon Aug 4 06:37:19 2025Mon Aug 4 06:37:19 20250 sec0 sec    SYN ACK PUSH 
crawl-192-178-6-5.googlebot.com :36193host  VoIP Printer Mail (SMTP) HTTP Server Low Risk :30001.0 KBytes0Mon Aug 4 06:37:19 2025Mon Aug 4 06:37:19 20250 sec0 sec    SYN ACK PUSH 
crawl-192-178-6-6.googlebot.com :40535host  VoIP Printer Mail (SMTP) HTTP Server Low Risk :30007920Mon Aug 4 06:37:19 2025Mon Aug 4 06:37:19 20250 sec0 sec    SYN ACK PUSH 

The color of the host link indicates how recently the host was FIRST seen
  0 to 5 minutes     5 to 15 minutes     15 to 30 minutes     30 to 60 minutes     60+ minutes