[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #192930 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Oct 4 14:15:34 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, October 4, 2023 2:15:30 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #192930 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 192930
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
70103100 233677 19.1% 142.250.180.187
66857100 222857 18.3% 216.58.204.155
61320000 204400 16.7% 142.251.209.59
13896000 46320 3.8% 216.58.209.59
9131700 30439 2.5% 132.70.228.201
4574400 15248 1.2% 142.251.209.27
3574800 11916 1.0% 152.199.21.175
3545700 11819 1.0% 142.250.179.138
3373200 11244 0.9% 209.197.3.8
3338700 11129 0.9% 93.184.221.240
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
24898200 82994 6.8% 192.114.101.187
24539400 81798 6.7% 132.71.132.1
19571100 65237 5.3% 192.114.101.209
10822200 36074 3.0% 192.114.101.100
10432500 34775 2.8% 192.114.101.94
10294500 34315 2.8% 192.114.101.96
10211400 34038 2.8% 192.114.101.77
10202700 34009 2.8% 192.114.101.163
10131600 33772 2.8% 192.114.101.90
9952200 33174 2.7% 192.114.101.87
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-----------------------------------------------------------------------
142.250.180.187 443 101720552700
142.250.180.187 101720552700
216.58.204.155 443 97013227200
216.58.204.155 97013227200
142.251.209.59 443 88972659900
142.251.209.59 88972659900
443 192.114.101.187 36123860100
192.114.101.187 36123860100
443 132.71.132.1 36083285700
132.71.132.1 36083285700
Further Details:
https://primary.nemo.geant.org/alerts/details/192930/
More information about the Nemo-ddos-list
mailing list