Info about kp19zam-w

Host Details
Hourly Distribution
Packet Stats
Protocols
ICMP Stats
Contacts
HTTP Stats
Service Stats
Monitored Ports
Network Delay
Active Sessions
Contacts Map

IP Address 10.29.119.46 [unicast] [ Purge Asset ]

Custom Host Name

First/Last Seen Mon Apr 28 15:34:42 2025 - Mon Apr 28 18:18:20 2025 [Inactive since 1 day 9:45:17]

Subnet 10.29.119.0/24

MAC Address Network Interface Card (NIC) 90:2B:34:4F:52:6B [GIGA-BYTE TECHNOLOGY CO.,LTD.]

OS Name OS: Windows [Windows 98 / 2000]

NetBios Name KP19ZAM-W (Workstation)

Host Location Local (inside specified/local subnet or known network list)

IP TTL (Time to Live) 1:128 [~0 hop(s)]

Total Data Sent 13.1 MBytes/71,829 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 375 Pkts

Multicast Traffic Sent 43.0 KBytes/400 Pkts

Data Sent Stats

Local 5.0 %

Rem 95.0 %

IP vs. Non-IP Sent

IP 95.3 %

Non-IP 4.7 %

Total Data Rcvd 112.8 MBytes/95,802 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats

0 %

Rem 100 %

IP vs. Non-IP Rcvd

IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts

Sent 42.8 %

Rcvd 57.2 %

Sent vs. Rcvd Data

Sent 10.4 %

Rcvd 89.6 %

Host Type Server
Workstation
Master Browser

Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):

Unexpected packets (e.g. traffic to closed port or connection reset):
[Sent: closed-empty] [Rcvd: port unreac]

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
6 PM	1.2 MBytes	8.9 %	8.7 MBytes	7.7 %
5 PM	5.4 MBytes	40.7 %	41.4 MBytes	36.7 %
4 PM	6.0 MBytes	45.8 %	60.3 MBytes	53.4 %
3 PM	614.8 KBytes	4.6 %	2.5 MBytes	2.2 %
Total

TCP Connections	Directed to		Rcvd From
Attempted	5,138	lo-in-f84.1e100.net lj-in-f94.1e100.net lj-in-f95.1e100.net lt-in-f94.1e100.net 239.255.255.250 lb-in-f95.1e100.net safe.dns.yandex.ru lq-in-f84.1e100.net	4	mdns.mcast.net
Established	4,226 [82 %]	lo-in-f84.1e100.net lj-in-f94.1e100.net lj-in-f95.1e100.net lt-in-f94.1e100.net 239.255.255.250 lb-in-f95.1e100.net safe.dns.yandex.ru lq-in-f84.1e100.net	4 [100 %]	mdns.mcast.net
Terminated	18	lk-in-f97.1e100.net api.music.yandex.net strm...r-28.strm.yandex.net d.mradx.net 104.18.21.226 frontend.vh.yandex.ru avatars.mds.yandex.net strm...9-85.strm.yandex.net	0
SYN	5,138	lo-in-f84.1e100.net lj-in-f94.1e100.net lj-in-f95.1e100.net lt-in-f94.1e100.net 239.255.255.250 lb-in-f95.1e100.net safe.dns.yandex.ru lq-in-f84.1e100.net	4	mdns.mcast.net
RST\|ACK	368	yabs.yandex.ru exte...iabilling.yandex.net music.yandex.ru log.strm.yandex.ru api.music.yandex.net bs.yandex.ru 123....oogleusercontent.com api.browser.yandex.net	0
NULL	2,546	lo-in-f84.1e100.net 239.255.255.250 lj-in-f94.1e100.net lj-in-f95.1e100.net lb-in-f95.1e100.net lq-in-f84.1e100.net safe.dns.yandex.ru lt-in-f94.1e100.net	2,233	lf-in-f94.1e100.net lo-in-f84.1e100.net lj-in-f94.1e100.net safe.dns.yandex.ru lj-in-f95.1e100.net lb-in-f95.1e100.net lq-in-f84.1e100.net lt-in-f94.1e100.net
UDP Pkt to Closed Port	30	178.185.137.136 178.185.137.137 93.186.225.194 178.185.137.136 178.185.137.137 srv133-129-240-87.vk.com	0
Closed Empty TCP Conn.	18	lk-in-f97.1e100.net api.music.yandex.net strm...r-28.strm.yandex.net d.mradx.net 104.18.21.226 frontend.vh.yandex.ru avatars.mds.yandex.net strm...9-85.strm.yandex.net	0
ICMP Port Unreachable	0		30	178.185.137.136 178.185.137.137 93.186.225.194 178.185.137.136 178.185.137.137 srv133-129-240-87.vk.com

ARP	Packets
Request Sent	0
Reply Rcvd	0 (0.0 %)
Reply Sent	242

Protocol

Data Sent

Data Rcvd

TCP

12.1 MBytes

112.0 MBytes

UDP

468.6 KBytes

813.1 KBytes

ICMP

0.0 KBytes

17.3 KBytes

(R)ARP

10.9 KBytes

0.0 KBytes

IGMP

1.8 KBytes

0.0 KBytes

Protocol Distribution

L7 Protocol

Data Sent

Data Rcvd

Unknown

32.8 KBytes

32.3 KBytes

Mail_POP

12.9 MBytes

112.6 MBytes

Mail_SMTP

100.5 KBytes

166.8 KBytes

MDNS

0.5 KBytes

0.0 KBytes

NTP

0.1 KBytes

SSDP

25.4 KBytes

0.0 KBytes

IP Distribution

Type	Pkt Sent	Pkt Rcvd
Unreach	0	30

Sent To	# Contacts
is-r...vip-sg.i.smailru.net	2037
is-r...vip-sg.i.smailru.net	1708
is-r...vip-sg.i.smailru.net	1537
lo-in-f188.1e100.net	980
lo-in-f95.1e100.net	878
clients2.google.com	712
lm-in-f188.1e100.net	911
lm-in-f95.1e100.net	2022
www.tns-counter.ru	1537
srv4-56-213-95.vk.com	1040
lk-in-f95.1e100.net	980
zv2.consultant.ru	1251
e.mail.ru	1982
ctldl.windowsupdate.com	1036
92.63.176.247	770
portal.mail.ru	771
51.250.110.169	712
medi...s-cdn1.p.smailru.net	770
top-fwz1.mail.ru	1238
ads.adfox.ru	770
mail.yandex.ru	621
lq-in-f188.1e100.net	770
ctldl.windowsupdate.com	1036
lq-in-f94.1e100.net	909
srv151-185-240-87.vk.com	770
lu-in-f104.1e100.net	1373
dns.google	911
62.128.101.35	909
62.128.100.47	1564
62.128.100.49	477
62.128.100.55	621
62.128.100.65	477
62.128.100.92	621
detectportal.firefox.com	2166
lb-in-f136.1e100.net	878
lb-in-f93.1e100.net	1040
x1.c.lencr.org	621
lh-in-f95.1e100.net	612
ip58...147.odnoklassniki.ru	1313
ip1.147.odnoklassniki.ru	477
go.microsoft.com	1835
lj-in-f188.1e100.net	878
safe...wsing.googleapis.com	1040
li-in-f104.1e100.net	998
lg-in-f95.1e100.net	911
ec2-...ompute.amazonaws.com	621
lf-in-f84.1e100.net	771
srv208-137-240-87.vk.com	1238
eb.cert.roskazna.ru	1564
ip13...155.odnoklassniki.ru	705
ip4.155.odnoklassniki.ru	1251
ip24...155.odnoklassniki.ru	998
srv67-132-240-87.vk.com	712
srv78-132-240-87.vk.com	705
ntp.ix.ru	705
77.74.181.141	477
77.74.181.34	2206
195.90.182.235	1564
nr-repo.roskazna.ru	1152
79.133.170.5	1609
ya.ru	1621
e.mail.ru	1152
srv12-5-213-95.vk.com	621
93.158.134.39	621
bs.yandex.ru	2212
45.141.102.99	1814
comm...l.edadeal.yandex.net	1564
player.mediavitrina.ru	477
beat.vitrinabeat.ru	911
31.200.249.235	911
31.200.249.234	1708
mskm...c.ntppool.yandex.net	1896
nr.roskazna.ru	770
lr-in-f139.1e100.net	477
lr-in-f95.1e100.net	771
fina...vices.appex.bing.com	1621
suggest.dzen.ru	771
stat...-api.mediavitrina.ru	612
crl3.digicert.com	1313
fron....slb.maps.yandex.net	705
mc.yandex.ru	1152
stor...e.browser.yandex.net	1925
brow...translate.yandex.net	2166
log.strm.yandex.ru	2842
api.music.yandex.net	2212
mc.yandex.ru	2257
srv6-237-186-93.vk.com	477
srv1-237-186-93.vk.com	705
avatars.mds.yandex.net	1036
srv158-227.vkontakte.ru	1040
le-in-f188.1e100.net	878
le-in-f139.1e100.net	980
le-in-f95.1e100.net	477
dzen.ru	770
avatars.dzeninfra.ru	909
64.236.96.53	712
!	2192
kp19-w7oag0218 [NetBIOS]	980
kp19zam-w [NetBIOS]	1537
10.29.119.35	1251
10.29.119.12	770
10.29.119.108	1771
10.29.119.69	705
ip11...185.odnoklassniki.ru	1238
bs.yandex.ru	909
core...capi.maps.yandex.net	1040
favicon.yandex.net	712
suggest.yandex.net	1893
frontend.vh.yandex.ru	2257
exte...ancer.yandex-team.ru	878
185.12.155.10	2139
bs.yandex.ru	1708
91.232.93.95	1251
195.209.109.24	612
91.232.93.62	771
178.185.137.130	477
5.255.230.28	1893
www.yandex.ru	1609
"	1036
4.207.247.138	770
client.wns.windows.com	770
mq.dataservices.hp.com	911
noip-id.1c-connect.com	770
a2-1...amaitechnologies.com	771

Received From	# Contacts
is-r...vip-sg.i.smailru.net	1882
is-r...vip-sg.i.smailru.net	580
is-r...vip-sg.i.smailru.net	1168
lo-in-f188.1e100.net	1040
lo-in-f95.1e100.net	1124
clients2.google.com	1893
lm-in-f188.1e100.net	580
lm-in-f95.1e100.net	621
www.tns-counter.ru	687
srv4-56-213-95.vk.com	1233
lk-in-f95.1e100.net	1454
zv2.consultant.ru	1695
e.mail.ru	1293
ctldl.windowsupdate.com	333
92.63.176.247	1819
portal.mail.ru	1124
51.250.110.169	1233
medi...s-cdn1.p.smailru.net	687
top-fwz1.mail.ru	2027
ads.adfox.ru	1454
mail.yandex.ru	2968
lq-in-f188.1e100.net	389
ctldl.windowsupdate.com	687
lq-in-f94.1e100.net	629
srv151-185-240-87.vk.com	634
lu-in-f104.1e100.net	1819
dns.google	539
62.128.101.35	580
62.128.100.47	1124
62.128.100.49	634
62.128.100.55	1459
62.128.100.65	629
62.128.100.92	1819
detectportal.firefox.com	1052
lb-in-f136.1e100.net	333
lb-in-f93.1e100.net	712
x1.c.lencr.org	1087
lh-in-f95.1e100.net	684
ip58...147.odnoklassniki.ru	1259
ip1.147.odnoklassniki.ru	389
go.microsoft.com	1449
lj-in-f188.1e100.net	539
safe...wsing.googleapis.com	712
li-in-f104.1e100.net	1233
lg-in-f95.1e100.net	580
ec2-...ompute.amazonaws.com	1933
lf-in-f84.1e100.net	684
srv208-137-240-87.vk.com	634
eb.cert.roskazna.ru	712
ip13...155.odnoklassniki.ru	539
ip4.155.odnoklassniki.ru	580
ip24...155.odnoklassniki.ru	634
srv67-132-240-87.vk.com	1293
srv78-132-240-87.vk.com	623
ntp.ix.ru	1819
77.74.181.141	623
77.74.181.34	1293
195.90.182.235	1259
nr-repo.roskazna.ru	1459
79.133.170.5	2027
ya.ru	333
e.mail.ru	1790
srv12-5-213-95.vk.com	539
93.158.134.39	621
bs.yandex.ru	389
45.141.102.99	1535
comm...l.edadeal.yandex.net	3495
player.mediavitrina.ru	333
beat.vitrinabeat.ru	333
31.200.249.235	621
31.200.249.234	1663
mskm...c.ntppool.yandex.net	1168
nr.roskazna.ru	333
lr-in-f139.1e100.net	634
lr-in-f95.1e100.net	1695
fina...vices.appex.bing.com	2006
suggest.dzen.ru	1259
stat...-api.mediavitrina.ru	3069
crl3.digicert.com	1293
fron....slb.maps.yandex.net	539
mc.yandex.ru	2130
stor...e.browser.yandex.net	687
brow...translate.yandex.net	333
log.strm.yandex.ru	2649
api.music.yandex.net	1726
mc.yandex.ru	1704
srv6-237-186-93.vk.com	389
srv1-237-186-93.vk.com	1124
avatars.mds.yandex.net	621
srv158-227.vkontakte.ru	2027
le-in-f188.1e100.net	580
le-in-f139.1e100.net	1449
le-in-f95.1e100.net	1882
dzen.ru	629
avatars.dzeninfra.ru	687
64.236.96.53	580
!	1168
kp19-w7oag0218 [NetBIOS]	1087
kp19zam-w [NetBIOS]	1427
10.29.119.35	2072
10.29.119.12	621
10.29.119.108	629
10.29.119.69	2130
ip11...185.odnoklassniki.ru	1052
bs.yandex.ru	684
core...capi.maps.yandex.net	1293
favicon.yandex.net	1933
suggest.yandex.net	623
frontend.vh.yandex.ru	684
exte...ancer.yandex-team.ru	1233
185.12.155.10	1052
bs.yandex.ru	712
91.232.93.95	1087
195.209.109.24	333
91.232.93.62	1233
178.185.137.130	1663
5.255.230.28	1168
www.yandex.ru	1459
"	1868
4.207.247.138	1259
client.wns.windows.com	623
mq.dataservices.hp.com	1790
noip-id.1c-connect.com	1293
a2-1...amaitechnologies.com	1040

Virtual Host	Sent	Rcvd
api.browser.yandex.net	2.2 KBytes	3.2 KBytes
sdk-api.apptracer.ru	4.0 KBytes	7.6 KBytes
strm-mar-50.strm.yandex.net	878	956
strm-mar-107.strm.yandex.net	878	957
strm-mar-64.strm.yandex.net	799	1.0 KBytes
strm-mar-28.strm.yandex.net	1.1 MBytes	37.1 KBytes
webntp.yandex.ru	248	1009
sba.yandex.net	600	1.9 KBytes
ad.mail.ru	546	1.0 KBytes
api.browser.yandex.ru	24.4 KBytes	236.3 KBytes

NOTE: The above table is not updated in realtime but when connections are terminated.

Client Role

	# Loc. Req. Sent		# Rem. Req. Sent		# Pos. Reply Rcvd		# Neg. Reply Rcvd		Local RndTrip	Rem RndTrip
DNS	0	0.0%	1,306	100.0%	1,254	99.0%	12	0.0%	0.0 ms - 0.0 ms	31.3 ms - 50.5 ms
HTTP	0	0.0%	17	100.0%	1	100.0%	0	0.0%	0.0 ms - 0.0 ms	0.0 ms - 0.0 ms

Port Usage

IP Service	Port	# Client Sess.	Last Client Peer	# Server Sess.	Last Server Peer
domain	53	2566/162.1 KBytes	safe.dns.yandex.ru
www	80	333/382.0 KBytes	123....oogleusercontent.com
ntp	123	2/96	20.101.57.9	2/96	20.101.57.9
https	443	42845/116.3 MBytes	api.browser.yandex.net

Traffic on Other Port(s)

Client Port	Server Port
49622

Recently Used Ports

Client Port	Server Port
49622	mdns

Recent Sessions: Network Delay

Client Mode

Last Time	Service	Last Server Contact	Client Delay [min/avg/max]
Mon Apr 28 18:11:28 2025	HTTP	lt-in-f94.1e100.net	0.12/0.31/8.43 ms

Scenario: client <--> ntop <--> server
Client Delay: the network delay (computed as RTT/2) taken
by a packet sent by the client to reach ntop
Server Delay: the network delay (computed as RTT/2) taken
by a packet sent by the server to reach ntop
All times are majored during TCP 3-way handshake

Proto	Client	Server	Data Sent/Rcvd		Active Since	Duration	Inactive	Client/Server Nw Delay		L7 Proto
TCP	kp19zam-w [NetBIOS] :50502	api.browser.yandex.ru :https	38.5 KBytes	16.3 KBytes	Mon Apr 28 17:55:25 2025	22:50	1 day 9:45:22	0.26 ms	15.85 ms	Mail_POP
TCP	kp19zam-w [NetBIOS] :49622	lo-in-f188.1e100.net :5228	8.5 KBytes	14.8 KBytes	Mon Apr 28 16:10:47 2025	2:07:31	1 day 9:45:19	0.24 ms	12.54 ms	Unknown

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes