Info about 163.30.44.1

Please enable make sure that the ntop html/ directory is properly installed

Info about 163.30.44.1

IP Address 163.30.44.1 [unicast - multihomed ] [ Purge Asset ]

Multihomed Addresses
Custom Host Name

First/Last Seen Mon Jun 16 00:00:11 2025 - Mon Jun 16 23:04:20 2025 [Inactive since 1 sec]

Autonomous System 1659 [Tiawan Academic Network (TANet) Information Center]

Subnet 163.30.44.0/24

Main Host MAC Address 10:C3:7B:47:57:9A

Origin AS 1659

Host Location Local (inside specified/local subnet or known network list)

Physical Location Taoyüan, Taiwan Flag for Taiwan (TW)

IP TTL (Time to Live) 63:127 [~0 hop(s)]

Total Data Sent 87.8 MBytes/237,253 Pkts/0 Retran. Pkts [0%]

Broadcast Pkts Sent 7,888 Pkts

Data Sent Stats
Local 10.6 %

Rem 89.4 %

IP vs. Non-IP Sent
IP 100 %

Non-IP 0 %

Total Data Rcvd 44.3 MBytes/211,659 Pkts/0 Retran. Pkts [0%]

Data Rcvd Stats
Local 9.8 %

Rem 90.2 %

IP vs. Non-IP Rcvd
IP 100 %

Non-IP 0 %

Sent vs. Rcvd Pkts
Sent 52.9 %

Rcvd 47.1 %

Sent vs. Rcvd Data
Sent 66.5 %

Rcvd 33.5 %

Used Subnet Routers 4C:77:6D:62:EA:41 Network Card
Host Type Name Server DNS
VoIP Host VoIP
SMTP (Mail) Server Mail (SMTP)
POP Server
IMAP Server
HTTP Server

Host Healthness (Risk Flags) High Risk Medium Risk Low Risk
Wrong network mask or bridging enabled
Suspicious activities: too many host contacts
Unexpected packets (e.g. traffic to closed port or connection reset):
[Sent: udp to closed] [Rcvd: rst] [Rcvd: port unreac] [Rcvd: admin prohib]

Host Traffic Stats

Time	Tot. Traffic Sent	% Traffic Sent	Tot. Traffic Rcvd	% Traffic Rcvd
11 PM	58.7 KBytes	0.1 %	69.5 KBytes	0.2 %
10 PM	2.4 MBytes	2.8 %	1.5 MBytes	3.5 %
9 PM	4.1 MBytes	4.7 %	1.6 MBytes	3.7 %
8 PM	3.0 MBytes	3.4 %	2.3 MBytes	5.1 %
7 PM	1.7 MBytes	1.9 %	3.3 MBytes	7.4 %
6 PM	3.4 MBytes	3.8 %	1.5 MBytes	3.4 %
5 PM	3.9 MBytes	4.4 %	1.7 MBytes	3.9 %
4 PM	1.3 MBytes	1.5 %	1.5 MBytes	3.4 %
3 PM	3.5 MBytes	4.0 %	1.8 MBytes	4.0 %
2 PM	2.0 MBytes	2.3 %	1.6 MBytes	3.6 %
1 PM	2.2 MBytes	2.5 %	3.4 MBytes	7.7 %
12 PM	1.2 MBytes	1.4 %	1.5 MBytes	3.5 %
11 AM	2.4 MBytes	2.7 %	1.4 MBytes	3.1 %
10 AM	1.1 MBytes	1.3 %	1.3 MBytes	2.9 %
9 AM	1.1 MBytes	1.2 %	1.3 MBytes	3.0 %
8 AM	11.1 MBytes	12.6 %	1.8 MBytes	4.0 %
7 AM	11.8 MBytes	13.4 %	3.5 MBytes	7.9 %
6 AM	3.0 MBytes	3.4 %	1.4 MBytes	3.1 %
5 AM	5.9 MBytes	6.7 %	1.6 MBytes	3.6 %
4 AM	4.5 MBytes	5.2 %	1.8 MBytes	4.0 %
3 AM	3.7 MBytes	4.2 %	1.6 MBytes	3.7 %
2 AM	8.8 MBytes	10.1 %	1.9 MBytes	4.2 %
1 AM	3.5 MBytes	4.0 %	3.4 MBytes	7.8 %
12 AM	2.2 MBytes	2.5 %	1.6 MBytes	3.7 %
Total

Packet Statistics

TCP Connections	Directed to		Rcvd From
Attempted	1,560	192.5.5.241 52.41.105.246 74.208.47.60 74.208.47.126 203.145.212.9 210.61.188.68 192.5.6.30 192.54.112.30	12,792	43.133.191.169 47.251.24.179 8.211.136.192 193.163.125.25 20.168.5.245 216.73.216.30 128.140.41.193 193.34.212.110
Established	648 [42 %]	199.254.50.1 192.5.5.241 52.41.105.246 74.208.47.60 74.208.47.126 210.61.188.68 192.5.6.30 192.54.112.30	2,856 [22 %]	128.140.41.193 66.249.66.77 122.116.196.201 203.204.94.120 78.46.190.63 198.55.98.76 66.249.66.14 216.73.216.30
Terminated	0		452	165.154.246.253 165.154.253.252 20.163.5.243 88.218.193.35 204.188.197.216 42.77.253.218 162.216.150.49 1.163.24.143

TCP Flags	Pkts Sent		Pkts Rcvd
SYN	1,560	192.5.5.241 52.41.105.246 74.208.47.60 74.208.47.126 203.145.212.9 210.61.188.68 192.5.6.30 192.54.112.30	12,792	43.133.191.169 47.251.24.179 8.211.136.192 193.163.125.25 20.168.5.245 216.73.216.30 128.140.41.193 193.34.212.110
RST\|ACK	7,700	193.163.125.17 95.214.55.218 47.251.24.179 8.211.136.192 43.133.191.169 193.163.125.25 20.168.5.245 193.34.212.110	381	45.112.84.5 147.92.179.107 27.53.241.202 209.85.215.170 1.163.21.212 78.153.140.207 162.216.150.190 162.241.143.174
RST	30	199.45.154.153 203.69.197.138 110.93.150.46 60.250.240.251 198.235.24.170 71.6.146.186 3.132.23.201 203.71.9.13	2,427	83.222.191.154 43.133.191.169 159.89.235.169 162.241.149.132 165.154.237.244 178.62.31.208 193.46.255.223 165.154.246.247
NULL	0		246	162.142.125.248 82.153.157.149 146.88.241.90 206.168.34.165 165.154.237.251 162.142.125.240 146.88.241.130 165.154.246.252

Anomaly	Pkts Sent to		Pkts Rcvd from
UDP Pkt to Closed Port	228	163.30.44.26 162.142.125.91 205.210.31.111 163.30.44.7 146.88.241.140 VMware, Inc.:A1:68:B7 47.89.225.11 fe80::7933:6ab8:a11f	334	87.121.84.128 146.88.241.90 206.168.34.165 165.154.237.251 162.142.125.240 146.88.241.130 165.154.246.252 135.237.125.143
UDP Pkt Disgnostic Port	0		4	64.62.156.79 195.37.190.93 65.49.1.81 64.62.197.35
TCP Pkt Disgnostic Port	5	165.154.253.245 193.163.125.2 195.37.190.93	8	165.154.253.245 193.163.125.2 195.37.190.93
Tiny Fragments	0		12	204.61.216.100
Closed Empty TCP Conn.	0		452	165.154.246.253 165.154.253.252 20.163.5.243 88.218.193.35 204.188.197.216 42.77.253.218 162.216.150.49 1.163.24.143
ICMP Port Unreachable	334	87.121.84.128 146.88.241.90 206.168.34.165 165.154.237.251 162.142.125.240 146.88.241.130 165.154.246.252 135.237.125.143	228	163.30.44.26 162.142.125.91 205.210.31.111 163.30.44.7 146.88.241.140 VMware, Inc.:A1:68:B7 47.89.225.11 fe80::7933:6ab8:a11f
ICMP Administratively Prohibited	0		4	45.33.55.247 206.196.177.149

ARP	Packet
Request Sent	0
Reply Rcvd	197 (0.0 %)
Reply Sent	4,478

Protocol Distribution

Protocol

Data Sent

Data Rcvd

TCP

32.2 MBytes

13.6 MBytes

UDP

55.2 MBytes

30.4 MBytes

ICMP

202.6 KBytes

164.6 KBytes

IPsec

0.0 KBytes

0.6 KBytes

(R)ARP

155.6 KBytes

203.3 KBytes

Other (Non IP)

0.0 KBytes

0.2 KBytes

Protocol Distribution

IP Distribution

Unknown Protocols

Data Sent	Data Rcvd
	IP Protocol: 0x41

ICMP Traffic

Type	Pkt Sent	Pkt Rcvd
Echo Request	831	0
Echo Reply	0	831
Unreach	334	232
Redirect	1,458	0
Time Exceeded	0	46

IP Fragments Distribution

Protocol	Data Sent	Data Rcvd
UDP	38.4 MBytes	22.3 KBytes
Fragment Distribution
IP Fragment Distribution

Last Contacted Peers

Sent To	IP Address
193.34.212.110	193.34.212.110
163.30.0.1	163.30.0.1
216.73.216.30	216.73.216.30
205.251.198.171	205.251.198.171
205.251.196.113	205.251.196.113
205.251.199.181	205.251.199.181
205.251.196.101	205.251.196.101
fe80::7933:6ab8:a11f	fe80::7933:6ab8:a11f
Total Contacts	59876

Received From	IP Address
43.133.191.169	43.133.191.169
193.34.212.110	193.34.212.110
216.73.216.30	216.73.216.30
fe80::7933:6ab8:a11f	fe80::7933:6ab8:a11f
205.251.196.113	205.251.196.113
205.251.198.171	205.251.198.171
205.251.199.181	205.251.199.181
205.251.196.101	205.251.196.101
Total Contacts	56585

HTTP Virtual Hosts Traffic

Virtual Host	Sent	Rcvd
dns.tyes.tyc.edu.tw	4.0 KBytes	3.0 KBytes
www.youporn.com	44	131
163.30.44.1:80	105.0 KBytes	100.8 KBytes
www.tyes.tyc.edu.tw	65.9 MBytes	61.4 MBytes
163.30.44.1	2.2 MBytes	2.2 MBytes
host1.tyes.tyc.edu.tw	41.6 MBytes	40.8 MBytes

NOTE: The above table is not updated in realtime but when connections are terminated.

IP Service Stats: Client Role

	# Loc. Req. Sent		# Rem. Req. Sent		# Pos. Reply Rcvd		# Neg. Reply Rcvd		Local RndTrip	Rem RndTrip
DNS	0	0.0%	99,006	100.0%	78,475	80.0%	18,847	19.0%	0.0 ms - 0.0 ms	0.0 ms - 5.0 sec
HTTP	0	0.0%	9	100.0%	4	50.0%	4	50.0%	0.0 ms - 0.0 ms	0.0 ms - 0.0 ms

IP Service Stats: Server Role

# Loc. Req. Rcvd # Rem. Req. Rcvd # Pos. Reply Sent # Neg. Reply Sent Local RndTrip Rem RndTrip

DNS 39,517 99.0% 28 0.0% 14,914 37.0% 24,537 62.0% 0.0 ms - 30.0 sec 0.0 ms - 0.1 ms

HTTP 0 0.0% 1,203 100.0% 5 23.0% 16 76.0% 0.0 ms - 0.0 ms 0.0 ms - 0.0 ms

TCP/UDP Service/Port Usage

IP Service	Port	# Client Sess.	Last Client Peer	# Server Sess.	Last Server Peer
7	7			2/31	64.62.197.35
11	11			1/1	65.49.1.58
13	13			1/1	65.49.1.81
17	17			1/1	65.49.1.55
19	19			1/1	64.62.156.79
ftp	21			1/21	20.84.68.210
telnet	23			1/21	135.233.112.102
25	25	1186/197.5 KBytes	210.61.188.68	2347/1.6 MBytes	162.241.143.174
37	37			1/1	64.62.197.32
53	53	65443/26.5 MBytes	205.251.196.101	12726/8.1 MBytes	163.30.44.9
67	67	2176/598.2 KBytes	185.47.44.198
69	69			5/562	148.113.16.145
http	80	5108/7.0 MBytes	210.231.212.90	25168/27.9 MBytes	128.140.41.193
81	81			2/527	148.113.16.145
88	88			2/218	167.94.138.131
89	89			1/506	148.113.16.145
pop-3	110			52/3.8 KBytes	206.168.34.67
123	123	8/384	118.163.81.61	18/1.2 KBytes	135.237.125.143
netbios-ns	137	12/600	163.30.44.7	12/600	163.30.44.7
143	143			70/7.0 KBytes	20.127.220.170
snmp	161			38648/10.4 MBytes	185.247.137.12
177	177			1/7	64.62.156.94
199	199			2/44	162.142.125.120
389	389			2/91	64.62.197.149
399	399			1/14	162.142.125.241
427	427			1/54	123.58.205.67
https	443	12458/3.3 MBytes	45.88.138.20	3/2.7 KBytes	52.165.80.115
500	500	2/552	47.254.155.21	10/2.9 KBytes	167.94.138.149
502	502			2/1.2 KBytes	74.235.184.174
523	523			1/20	64.62.197.126
587	587			91/12.1 KBytes	78.153.140.207
623	623			6/116	64.62.156.56
705	705			1/60	165.154.246.252
873	873			91/2.9 KBytes	20.163.5.243
993	993			22/3.1 KBytes	165.154.253.252

TCP/UDP - Traffic on Other Ports

Client Port	Server Port
53	53

TCP/UDP Recently Used Ports

Client Port	Server Port
53	53

Recent Sessions: Network Delay

Client Mode

Server Mode

Last Time	Service	Last Server Contact	Client Delay [min/avg/max]
Mon Jun 16 19:23:35 2025	HTTP	210.231.212.90	0.01/0.02/0.06 ms

Last Time	Service	Last Client Contact	Server Delay [min/avg/max]
Mon Jun 16 23:03:35 2025	HTTP	128.140.41.193	0.01/0.02/0.13 ms
Mon Jun 16 22:20:36 2025	Mail	165.154.253.252	0.01/0.01/0.03 ms
Mon Jun 16 21:52:00 2025	BitTorrent	216.73.216.30	0.02/0.02/0.02 ms

Scenario: client <--> ntop <--> server
Client Delay: the network delay (computed as RTT/2) taken
by a packet sent by the client to reach ntop
Server Delay: the network delay (computed as RTT/2) taken
by a packet sent by the server to reach ntop
All times are majored during TCP 3-way handshake

Active Sessions

Proto	Client	Server	Data Sent/Rcvd		Active Since	Duration	Inactive	Client/Server Nw Delay		L7 Proto
TCP	checker-nbg9.uptimerobot.com :55894	163.30.44.1 :http	605	539	Mon Jun 16 23:03:35 2025	0 sec	46 sec	113.23 ms	0.02 ms	HTTP
TCP	216.73.216.30 :53434	163.30.44.1 :3000	631	681	Mon Jun 16 23:04:19 2025	1 sec	1 sec	90.72 ms	0.02 ms
TCP	216.73.216.30 :60408	163.30.44.1 :3000	680	1.4 KBytes	Mon Jun 16 23:03:27 2025	1 sec	53 sec	93.06 ms	0.01 ms

The color of the host link indicates how recently the host was FIRST seen
0 to 5 minutes	5 to 15 minutes	15 to 30 minutes	30 to 60 minutes	60+ minutes