Info about kp19-w7oag0218

Host Details
Hourly Distribution
Packet Stats
Protocols
ICMP Stats
Contacts
Service Stats
Monitored Ports
Network Delay
Active Sessions
Contacts Map

IP Address 10.29.119.54 [unicast] [ Purge Asset ]

Custom Host Name

First/Last Seen Mon Apr 28 15:39:09 2025 - Mon Apr 28 18:18:28 2025 [Inactive since 1 day 16:10:54]

Subnet 10.29.119.0/24

MAC Address Network Interface Card (NIC) 00:0A:48:21:02:18 [Albatron Technology]

OS Name OS: Windows [Windows 98 / 2000]

NetBios Name KP19-W7OAG0218 (Server)

Host Location Local (inside specified/local subnet or known network list)

IP TTL (Time to Live) 1:128 [~0 hop(s)]

Total Data Sent 1.6 MBytes/15,298 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 108 Pkts

Multicast Traffic Sent 16.8 KBytes/182 Pkts

Data Sent Stats

Local 1.6 %

Rem 98.4 %

IP vs. Non-IP Sent

IP 99.2 %

Non-IP 0.8 %

Total Data Rcvd 21.2 MBytes/17,909 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats

0 %

Rem 100 %

IP vs. Non-IP Rcvd

IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts

Sent 46.1 %

Rcvd 53.9 %

Sent vs. Rcvd Data

Sent 6.9 %

Rcvd 93.1 %

Host Type Server
Master Browser

Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Unexpected packets (e.g. traffic to closed port or connection reset):

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
6 PM	102.8 KBytes	6.4 %	111.0 KBytes	0.5 %
5 PM	341.8 KBytes	21.2 %	416.7 KBytes	1.9 %
4 PM	365.4 KBytes	22.7 %	793.6 KBytes	3.7 %
3 PM	799.8 KBytes	49.7 %	19.9 MBytes	93.9 %
Total

TCP Connections	Directed to		Rcvd From
Attempted	345	a2-1...amaitechnologies.com a23-...amaitechnologies.com a2-1...amaitechnologies.com 20.101.57.9 239.255.255.250 89.221.236.25 safe.dns.yandex.ru 89.221.236.26	0
Established	291 [84 %]	a2-1...amaitechnologies.com a2-1...amaitechnologies.com a23-...amaitechnologies.com 20.101.57.9 239.255.255.250 89.221.236.25 safe.dns.yandex.ru 89.221.236.26	0
SYN	345	a2-1...amaitechnologies.com a23-...amaitechnologies.com a2-1...amaitechnologies.com 20.101.57.9 239.255.255.250 89.221.236.25 safe.dns.yandex.ru 89.221.236.26	0
RST\|ACK	1	89.221.236.26	0
NULL	255	safe.dns.yandex.ru 224.0.0.252 239.255.255.250 20.101.57.9	93	safe.dns.yandex.ru 20.101.57.9

ARP	Packets
Request Sent	0
Reply Rcvd	0 (0.0 %)
Reply Sent	249

Protocol

Data Sent

Data Rcvd

TCP

1.5 MBytes

21.2 MBytes

UDP

34.9 KBytes

11.2 KBytes

ICMP

0.1 KBytes

(R)ARP

11.2 KBytes

0.0 KBytes

IGMP

1.5 KBytes

0.0 KBytes

Protocol Distribution

L7 Protocol

Data Sent

Data Rcvd

Unknown

7.5 KBytes

0.0 KBytes

Mail_POP

1.5 MBytes

21.2 MBytes

Mail_SMTP

7.7 KBytes

11.1 KBytes

NTP

0.1 KBytes

SSDP

7.8 KBytes

0.0 KBytes

IP Distribution

Type	Pkt Sent	Pkt Rcvd
Echo Request	2	0
Echo Reply	0	2

Sent To	# Contacts
ctldl.windowsupdate.com	5

Client Role

	# Loc. Req. Sent		# Rem. Req. Sent		# Pos. Reply Rcvd		# Neg. Reply Rcvd		Local RndTrip	Rem RndTrip
DNS	0	0.0%	98	100.0%	80	86.0%	12	13.0%	0.0 ms - 0.0 ms	32.4 ms - 35.6 ms
HTTP	0	0.0%	32	100.0%	28	87.0%	4	12.0%	0.0 ms - 0.0 ms	1322.6 sec - 1322.6 sec

Port Usage

IP Service	Port	# Client Sess.	Last Client Peer
domain	53	190/11.0 KBytes	safe.dns.yandex.ru
www	80	288/330.1 KBytes	146.75.54.133
ntp	123	2/96	20.101.57.9
https	443	20934/20.7 MBytes	89.221.236.26

Traffic on Other Port(s)

Client Port	Server Port
49659

Recently Used Ports

Client Port	Server Port
49659

Recent Sessions: Network Delay

Client Mode

Last Time	Service	Last Server Contact	Client Delay [min/avg/max]
Mon Apr 28 16:09:05 2025	HTTP	146.75.54.133	0.13/0.30/0.43 ms

Scenario: client <--> ntop <--> server
Client Delay: the network delay (computed as RTT/2) taken
by a packet sent by the client to reach ntop
Server Delay: the network delay (computed as RTT/2) taken
by a packet sent by the server to reach ntop
All times are majored during TCP 3-way handshake

Proto	Client	Server	Data Sent/Rcvd		Active Since	Duration	Inactive	L7 Proto
TCP	kp19-w7oag0218 [NetBIOS] :49641	webim.armgs.team :https	43.0 KBytes	53.4 KBytes	Mon Apr 28 17:40:33 2025	37:19	1 day 16:11:30	Mail_POP
TCP	kp19-w7oag0218 [NetBIOS] :49659	webim.armgs.team :https	69.2 KBytes	92.1 KBytes	Mon Apr 28 17:44:41 2025	33:44	1 day 16:10:57	Mail_POP
TCP	kp19-w7oag0218 [NetBIOS] :49696	calendarmsg.armgs.team :https	49.0 KBytes	56.7 KBytes	Mon Apr 28 17:50:56 2025	27:27	1 day 16:10:59	Mail_POP
UDP	kp19-w7oag0218 [NetBIOS] :49474	224.0.0.252 :hostmon	51	0	Mon Apr 28 18:17:40 2025	0 sec	1 day 16:11:42	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :49591	224.0.0.252 :hostmon	70	0	Mon Apr 28 18:17:36 2025	0 sec	1 day 16:11:46	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :49870	224.0.0.252 :hostmon	51	0	Mon Apr 28 18:17:36 2025	0 sec	1 day 16:11:46	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :50178	224.0.0.252 :hostmon	50	0	Mon Apr 28 18:17:40 2025	0 sec	1 day 16:11:42	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :55476	239.255.255.250 :1900	912	0	Mon Apr 28 18:17:51 2025	6 sec	1 day 16:11:25	SSDP
UDP	kp19-w7oag0218 [NetBIOS] :52855	224.0.0.252 :hostmon	51	0	Mon Apr 28 18:17:36 2025	0 sec	1 day 16:11:46	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :54609	224.0.0.252 :hostmon	50	0	Mon Apr 28 18:17:40 2025	0 sec	1 day 16:11:42	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :55179	224.0.0.252 :hostmon	61	0	Mon Apr 28 18:17:36 2025	0 sec	1 day 16:11:46	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :55693	224.0.0.252 :hostmon	61	0	Mon Apr 28 18:17:36 2025	0 sec	1 day 16:11:46	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :57009	224.0.0.252 :hostmon	61	0	Mon Apr 28 18:17:36 2025	0 sec	1 day 16:11:46	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :58109	224.0.0.252 :hostmon	61	0	Mon Apr 28 18:17:36 2025	0 sec	1 day 16:11:46	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :58707	224.0.0.252 :hostmon	70	0	Mon Apr 28 18:17:34 2025	0 sec	1 day 16:11:48	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :59924	224.0.0.252 :hostmon	50	0	Mon Apr 28 18:17:40 2025	0 sec	1 day 16:11:42	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :61759	224.0.0.252 :hostmon	51	0	Mon Apr 28 18:17:36 2025	0 sec	1 day 16:11:46	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :62054	224.0.0.252 :hostmon	51	0	Mon Apr 28 18:17:36 2025	0 sec	1 day 16:11:46	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :62942	224.0.0.252 :hostmon	70	0	Mon Apr 28 18:17:33 2025	0 sec	1 day 16:11:49	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :62961	224.0.0.252 :hostmon	51	0	Mon Apr 28 18:17:36 2025	0 sec	1 day 16:11:46	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :64092	224.0.0.252 :hostmon	61	0	Mon Apr 28 18:17:36 2025	0 sec	1 day 16:11:46	Unknown
UDP	kp19-w7oag0218 [NetBIOS] :65439	224.0.0.252 :hostmon	50	0	Mon Apr 28 18:17:40 2025	0 sec	1 day 16:11:42	Unknown

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes