Info about host

Please enable make sure that the ntop html/ directory is properly installed

Info about host

IP Address 163.30.63.129 Flag for ISO 3166 code tw (from p2c file) [unicast] [ Purge Asset ]

Custom Host Name

First/Last Seen Tue Nov 4 00:00:10 2025 - Tue Nov 4 03:21:18 2025 [Inactive since 1 sec]

Autonomous System 3462

Subnet 163.30.63.128/25

Domain tw

MAC Address Network Interface Card (NIC) 00:26:18:2C:75:E2

Origin AS 3462

Host Location Local (inside specified/local subnet or known network list)

Total Data Sent 28/1 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 0 Pkts

Data Sent Stats
Local 100 %

Rem 0 %

IP vs. Non-IP Sent
0 %

Non-IP 100 %

Total Data Rcvd 5.7 MBytes/41,879 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats
0 %

Rem 100 %

IP vs. Non-IP Rcvd
IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts
0 %

Rcvd 100 %

Sent vs. Rcvd Data
0 %

Rcvd 100 %

Host Type Printer Printer
VoIP Host VoIP
SMTP (Mail) Server Mail (SMTP)
POP Server
FTP Server
HTTP Server

Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):
[Rcvd: rejected] [Rcvd: rst] [Rcvd: port unreac]

Host Traffic Stats

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
3 AM	28	100.0 %	607.9 KBytes	10.4 %
2 AM	0	0.0 %	2.3 MBytes	40.7 %
1 AM	0	0.0 %	1.5 MBytes	25.5 %
12 AM	0	0.0 %	1.3 MBytes	23.3 %
11 PM	0	0.0 %	0	0.0 %
10 PM	0	0.0 %	0	0.0 %
9 PM	0	0.0 %	0	0.0 %
8 PM	0	0.0 %	0	0.0 %
7 PM	0	0.0 %	0	0.0 %
6 PM	0	0.0 %	0	0.0 %
5 PM	0	0.0 %	0	0.0 %
4 PM	0	0.0 %	0	0.0 %
3 PM	0	0.0 %	0	0.0 %
2 PM	0	0.0 %	0	0.0 %
1 PM	0	0.0 %	0	0.0 %
12 PM	0	0.0 %	0	0.0 %
11 AM	0	0.0 %	0	0.0 %
10 AM	0	0.0 %	0	0.0 %
9 AM	0	0.0 %	0	0.0 %
8 AM	0	0.0 %	0	0.0 %
7 AM	0	0.0 %	0	0.0 %
6 AM	0	0.0 %	0	0.0 %
5 AM	0	0.0 %	0	0.0 %
4 AM	0	0.0 %	0	0.0 %
Total

Packet Statistics

TCP Connections	Rcvd From
Attempted	5,989	47.251.93.207 8.211.51.182 194.180.49.219 2.57.122.117 daugherty.probe.onyphe.net 159.65.159.93 114.119.154.186 216.73.216.211
Established	3,344 [56 %]	115.190.57.136 216.73.216.211 114.119.146.244 crawl-66-249-74-42.googlebot.com 1.9.175.180 195.178.110.23 crawl-66-249-74-41.googlebot.com 114.119.154.186
Rejected	1 [0 %]	explorer11.eu.edgewatch.com

TCP Flags	Pkts Rcvd
SYN	5,989	47.251.93.207 8.211.51.182 194.180.49.219 2.57.122.117 daugherty.probe.onyphe.net 159.65.159.93 114.119.154.186 216.73.216.211
RST\|ACK	52	115.190.57.136 139.129.15.19 198.235.24.241 147.185.133.187 147.185.133.104 178.128.203.192 213.209.157.247
RST	1,496	216.73.216.211 ip-40-110.4vendeta.com 194.180.49.220 45.136.68.56 64.227.114.189 194.180.49.145 194.180.49.219 159.65.159.93
NULL	1	118.26.38.251

Anomaly	Pkts Rcvd from
TCP Pkt Disgnostic Port	6	165.154.237.250 york.probe.onyphe.net 205.210.31.141
Tiny Fragments	6	ns3.afrinic.net
ICMP Port Unreachable	1	explorer11.eu.edgewatch.com

ARP	Packet
Request Sent	0
Reply Rcvd	0 (0.0 %)
Reply Sent	1

Protocol Distribution

Protocol

Data Sent

Data Rcvd

TCP

0.0 KBytes

4.7 MBytes

UDP

0.0 KBytes

857.6 KBytes

ICMP

0.0 KBytes

139.2 KBytes

(R)ARP

0.0 KBytes

Protocol Distribution

IP Distribution

ICMP Traffic

Type	Pkt Sent	Pkt Rcvd
Echo Request	0	1,647
Unreach	0	1

IP Fragments Distribution

Protocol	Data Sent	Data Rcvd
UDP	0.0 KBytes	9.3 KBytes
Fragment Distribution
IP Fragment Distribution

Last Contacted Peers

Sent To	IP Address
00:5D:73:14:1A:C1
Total Contacts	1

Received From	IP Address
8.211.51.182	8.211.51.182
194.180.49.219	194.180.49.219
2.57.122.117	2.57.122.117
daugherty.probe.onyphe.net	91.231.89.106
159.65.159.93	159.65.159.93
1.9.175.180	1.9.175.180
114.119.154.186	114.119.154.186
216.73.216.211	216.73.216.211
Total Contacts	5679

TCP/UDP Service/Port Usage

IP Service	Port	# Client Sess.	Last Client Peer	# Server Sess.	Last Server Peer
ftp	21			2/20	scan-70-00.shadowserver.org
ssh	22			13136/2.3 MBytes	1.9.175.180
smtp	25			6/58	213.209.157.247
domain	53	2611/743.7 KBytes	ns-cloud-b3.googledomains.com
http	80			1/91	scan-68-08.shadowserver.org
pop3	110			8/500	138.197.189.46
submission	587			3/14	147.185.133.187

TCP/UDP - Traffic on Other Ports

Client Port	Server Port
	3000

TCP/UDP Recently Used Ports

Client Port	Server Port
63839	ssh

Active TCP/UDP Sessions

Client	Server	Data Sent	Active Since	Last Seen	Duration	Inactive	Note
114.119.154.186 :20331	host :3000	660	Tue Nov 4 03:21:15 2025	Tue Nov 4 03:21:16 2025	1 sec	3 sec	SYN ACK PUSH
180.76.57.253 :54824	host :ssh	164	Tue Nov 4 03:17:19 2025	Tue Nov 4 03:17:19 2025	0 sec	4:00	SYN ACK
1.9.175.180 :57502	host :ssh	1.4 KBytes	Tue Nov 4 03:21:13 2025	Tue Nov 4 03:21:18 2025	5 sec	1 sec	SYN ACK PUSH

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes