[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #220273 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Mon Dec 4 01:02:54 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Monday, December 4, 2023 1:02:49 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #220273 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 220273
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
16407300 54691 11.9% 132.68.74.52
5691900 18973 4.1% 52.17.98.131
3956700 13189 2.9% 142.250.180.170
3595200 11984 2.6% 162.125.69.12
3580500 11935 2.6% 142.251.209.10
2882100 9607 2.1% 216.58.204.138
2513400 8378 1.8% 20.150.125.161
2195400 7318 1.6% 142.250.180.138
2097300 6991 1.5% 13.107.136.10
2077500 6925 1.5% 142.251.209.42
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-----------------------------------------------------
106470900 354903 76.9% 192.114.7.10
64914900 216383 46.9% 192.114.7.91
5442600 18142 3.9% 132.67.252.201
4423500 14745 3.2% 128.139.225.245
4317600 14392 3.1% 132.68.74.52
3356700 11189 2.4% 132.76.61.53
3219900 10733 2.3% 192.114.2.38
2536800 8456 1.8% 132.74.10.101
2513400 8378 1.8% 132.70.19.4
2366700 7889 1.7% 132.66.40.71
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-----------------------------------------------------------------------
132.68.74.52 443 23545634700
132.68.74.52 23545634700
192.114.7.10 6388169700
192.114.7.10 80 6387870000
142.250.180.170 443 5215346400
142.250.180.170 5215346400
128.139.225.245 4993899900
142.251.209.10 443 4949078100
142.251.209.10 4949078100
443 192.114.2.38 4536952200
Further Details:
https://primary.nemo.geant.org/alerts/details/220273/
More information about the Nemo-ddos-list
mailing list