Info about 163.30.44.1

Please enable make sure that the ntop html/ directory is properly installed

Info about 163.30.44.1

IP Address 163.30.44.1 [unicast] [ Purge Asset ]

Custom Host Name

First/Last Seen Tue Jun 17 00:00:05 2025 - Tue Jun 17 06:46:46 2025 [Inactive since 2 sec]

Autonomous System 1659 [Tiawan Academic Network (TANet) Information Center]

Subnet 163.30.44.0/24

MAC Address Network Interface Card (NIC) 10:C3:7B:47:57:9A

Origin AS 1659

Host Location Local (inside specified/local subnet or known network list)

Physical Location Taoyüan, Taiwan Flag for Taiwan (TW)

IP TTL (Time to Live) 64:64 [~0 hop(s)]

Total Data Sent 10.3 MBytes/57,977 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 598 Pkts

Data Sent Stats
Local 26.5 %

Rem 73.5 %

IP vs. Non-IP Sent
IP 100 %

Non-IP 0 %

Total Data Rcvd 12.2 MBytes/57,473 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats
Local 9.3 %

Rem 90.7 %

IP vs. Non-IP Rcvd
IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts
Sent 50.2 %

Rcvd 49.8 %

Sent vs. Rcvd Data
Sent 45.7 %

Rcvd 54.3 %

Used Subnet Routers 4C:77:6D:62:EA:41 Network Card
Host Type Name Server DNS
SMTP (Mail) Server Mail (SMTP)
POP Server
IMAP Server
HTTP Server

Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Wrong network mask or bridging enabled
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):
[Sent: udp to closed] [Rcvd: rst] [Rcvd: port unreac] [Rcvd: admin prohib]

Host Traffic Stats

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
6 AM	1.2 MBytes	12.0 %	1.1 MBytes	8.7 %
5 AM	1.7 MBytes	16.9 %	1.4 MBytes	11.8 %
4 AM	1.8 MBytes	17.4 %	2.0 MBytes	16.3 %
3 AM	1.7 MBytes	16.9 %	1.4 MBytes	11.7 %
2 AM	1.2 MBytes	11.3 %	1.5 MBytes	12.2 %
1 AM	1.3 MBytes	12.6 %	3.4 MBytes	27.9 %
12 AM	1.3 MBytes	12.8 %	1.4 MBytes	11.4 %
11 PM	0	0.0 %	0	0.0 %
10 PM	0	0.0 %	0	0.0 %
9 PM	0	0.0 %	0	0.0 %
8 PM	0	0.0 %	0	0.0 %
7 PM	0	0.0 %	0	0.0 %
6 PM	0	0.0 %	0	0.0 %
5 PM	0	0.0 %	0	0.0 %
4 PM	0	0.0 %	0	0.0 %
3 PM	0	0.0 %	0	0.0 %
2 PM	0	0.0 %	0	0.0 %
1 PM	0	0.0 %	0	0.0 %
12 PM	0	0.0 %	0	0.0 %
11 AM	0	0.0 %	0	0.0 %
10 AM	0	0.0 %	0	0.0 %
9 AM	0	0.0 %	0	0.0 %
8 AM	0	0.0 %	0	0.0 %
7 AM	0	0.0 %	0	0.0 %
Total

Packet Statistics

TCP Connections	Directed to		Rcvd From
Attempted	792	74.208.47.60 74.208.47.126 203.145.212.9 216.73.216.30 91.196.152.148 54.200.242.74 45.112.84.5 199.19.54.1	3,902	95.214.55.218 165.154.237.253 83.222.191.134 162.142.125.230 47.251.92.47 134.199.207.187 91.230.168.17 134.199.204.103
Established	319 [40 %]	154.94.235.122 91.196.152.148 54.200.242.74 74.208.47.60 74.208.47.126 203.145.212.9 199.19.54.1 216.73.216.30	1,091 [28 %]	216.73.216.30 66.249.74.67 66.249.74.66 66.249.74.68 168.119.53.160 40.77.167.53 66.249.74.75 78.47.173.76
Terminated	0		124	59.125.187.113 78.40.117.234 185.218.84.178 83.222.191.154 83.222.190.246 91.196.152.148 193.163.125.25 34.38.121.245

TCP Flags	Pkts Sent		Pkts Rcvd
SYN	792	74.208.47.60 74.208.47.126 203.145.212.9 216.73.216.30 91.196.152.148 54.200.242.74 45.112.84.5 199.19.54.1	3,902	95.214.55.218 165.154.237.253 83.222.191.134 162.142.125.230 47.251.92.47 134.199.207.187 91.230.168.17 134.199.204.103
RST\|ACK	1,999	43.133.191.169 165.154.237.253 83.222.191.134 162.142.125.230 47.251.92.47 134.199.207.187 91.230.168.17 134.199.204.103	179	85.215.236.96 144.172.105.141 44.220.188.17 71.6.232.20 44.220.188.11 147.185.132.49 203.145.212.48 45.112.84.5
RST	2	194.187.176.89	1,851	83.222.191.134 193.11.114.68 5.188.206.46 216.73.216.30 165.154.246.246 178.128.158.153 162.240.36.122 165.154.237.253
NULL	0		65	62.100.205.58 165.154.246.249 165.154.246.243 206.168.34.161 128.241.231.45 198.235.24.113 162.142.125.243 162.142.125.245

Anomaly	Pkts Sent to		Pkts Rcvd from
UDP Pkt to Closed Port	113	209.141.56.200 163.30.44.26 VMware, Inc.:BB:92:25 VMware, Inc.:A1:68:B7 163.30.44.7 209.141.62.178 198.235.24.219 198.235.24.226	83	165.154.246.249 206.168.34.161 192.210.187.83 128.241.231.45 198.235.24.113 162.142.125.243 162.142.125.245 71.6.135.131
Tiny Fragments	0		7	204.61.216.100
Closed Empty TCP Conn.	0		124	59.125.187.113 78.40.117.234 185.218.84.178 83.222.191.154 83.222.190.246 91.196.152.148 193.163.125.25 34.38.121.245
ICMP Port Unreachable	83	165.154.246.249 206.168.34.161 192.210.187.83 128.241.231.45 198.235.24.113 162.142.125.243 162.142.125.245 71.6.135.131	113	209.141.56.200 163.30.44.26 VMware, Inc.:BB:92:25 VMware, Inc.:A1:68:B7 163.30.44.7 209.141.62.178 198.235.24.219 198.235.24.226
ICMP Administratively Prohibited	0		4	206.196.177.149

ARP	Packet
Request Sent	0
Reply Rcvd	58 (0.0 %)
Reply Sent	1,341

Protocol Distribution

Protocol

Data Sent

Data Rcvd

TCP

4.7 MBytes

3.0 MBytes

UDP

5.5 MBytes

9.1 MBytes

ICMP

58.1 KBytes

43.8 KBytes

(R)ARP

46.8 KBytes

60.4 KBytes

Protocol Distribution

IP Distribution

ICMP Traffic

Type	Pkt Sent	Pkt Rcvd
Echo Request	246	0
Echo Reply	0	246
Unreach	83	117
Redirect	423	0
Time Exceeded	0	1

IP Fragments Distribution

Protocol	Data Sent	Data Rcvd
UDP	2.0 KBytes	10.9 KBytes
Fragment Distribution
IP Fragment Distribution

Last Contacted Peers

Sent To	IP Address
202.12.27.33	202.12.27.33
192.48.79.30	192.48.79.30
163.30.44.24	163.30.44.24
172.105.65.55	172.105.65.55
163.30.0.1	163.30.0.1
192.26.92.30	192.26.92.30
192.5.6.30	192.5.6.30
172.105.169.72	172.105.169.72
Total Contacts	19465

Received From	IP Address
192.48.79.30	192.48.79.30
192.58.128.30	192.58.128.30
163.30.0.1	163.30.0.1
172.105.65.55	172.105.65.55
192.26.92.30	192.26.92.30
192.5.6.30	192.5.6.30
172.105.169.72	172.105.169.72
163.30.44.24	163.30.44.24
Total Contacts	17822

HTTP Virtual Hosts Traffic

Virtual Host	Sent	Rcvd
www.youporn.com	44	131
	6.1 KBytes	2.6 KBytes
www.tyes.tyc.edu.tw	169.3 KBytes	205.7 KBytes
163.30.44.1:80	66.4 KBytes	68.5 KBytes
dns.tyes.tyc.edu.tw	86.6 KBytes	82.9 KBytes
host1.tyes.tyc.edu.tw	1.4 MBytes	1.6 MBytes
163.30.44.1	303.2 KBytes	293.0 KBytes

NOTE: The above table is not updated in realtime but when connections are terminated.

IP Service Stats: Client Role

	# Loc. Req. Sent		# Rem. Req. Sent		# Pos. Reply Rcvd		# Neg. Reply Rcvd		Local RndTrip	Rem RndTrip
DNS	0	0.0%	32,408	100.0%	24,867	80.0%	6,047	19.0%	0.0 ms - 0.0 ms	1.0 ms - 5.0 sec
HTTP	0	0.0%	3	100.0%	1	50.0%	1	50.0%	0.0 ms - 0.0 ms	0.0 ms - 0.0 ms

IP Service Stats: Server Role

# Loc. Req. Rcvd # Rem. Req. Rcvd # Pos. Reply Sent # Neg. Reply Sent Local RndTrip Rem RndTrip

DNS 12,518 99.0% 20 0.0% 4,913 39.0% 7,555 60.0% 0.0 ms - 30.0 sec 0.1 ms - 0.2 ms

HTTP 0 0.0% 247 100.0% 4 33.0% 8 66.0% 0.0 ms - 0.0 ms 0.0 ms - 0.0 ms

TCP/UDP Service/Port Usage

IP Service	Port	# Client Sess.	Last Client Peer	# Server Sess.	Last Server Peer
22	22			1/21	20.64.105.237
25	25	443/169.3 KBytes	203.145.212.9	798/170.0 KBytes	45.112.84.5
53	53	63391/8.4 MBytes	163.30.0.1	25005/2.6 MBytes	163.30.44.24
http	80	1277/1.8 MBytes	192.50.199.248	1189/945.3 KBytes	78.47.173.76
88	88			1/40	165.154.246.252
pop-3	110			25/1.9 KBytes	206.168.34.122
123	123	8/384	118.163.81.61	5/174	192.210.187.83
143	143			18/2.2 KBytes	206.168.34.61
snmp	161			18/3.1 KBytes	135.237.125.195
snmp-trap	162			1/60	165.154.246.243
199	199			6/364	45.79.128.205
389	389			1/51	71.6.135.131
391	391			1/60	165.154.237.251
427	427			2/63	147.185.132.213
https	443			2/1.3 KBytes	165.154.246.249
523	523			1/20	165.154.246.249
587	587			34/3.3 KBytes	147.185.132.49
873	873			73/1.8 KBytes	34.140.38.148
993	993			1/128	20.168.122.88

TCP/UDP - Traffic on Other Ports

Client Port	Server Port
19188	53

TCP/UDP Recently Used Ports

Client Port	Server Port
19188	53

Recent Sessions: Network Delay

Client Mode

Server Mode

Last Time	Service	Last Server Contact	Client Delay [min/avg/max]
Tue Jun 17 01:24:43 2025	HTTP	192.50.199.248	0.01/0.03/0.07 ms

Last Time	Service	Last Client Contact	Server Delay [min/avg/max]
Tue Jun 17 06:44:21 2025	HTTP	66.249.74.75	0.01/0.02/0.04 ms
Tue Jun 17 04:39:40 2025	Mail	206.168.34.122	0.01/0.02/0.03 ms

Scenario: client <--> ntop <--> server
Client Delay: the network delay (computed as RTT/2) taken
by a packet sent by the client to reach ntop
Server Delay: the network delay (computed as RTT/2) taken
by a packet sent by the server to reach ntop
All times are majored during TCP 3-way handshake

Active Sessions

Proto	Client	Server	Data Sent/Rcvd		Active Since	Duration	Inactive	Client/Server Nw Delay		L7 Proto
TCP	216.73.216.30 :44685	163.30.44.1 :3000	955	10.6 KBytes	Tue Jun 17 06:45:50 2025	1 sec	57 sec	90.25 ms	0.02 ms

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes