[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #254120 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]

Wed Feb 28 16:10:56 IST 2024



________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, February 28, 2024 2:52:26 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #254120 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]

Please find the analysis details for the Alert ID: 254120

Top-10 Src IPs by Packets:
   Packets   Est. Rate   % of Total           Src IP
---------------------------------------------------
  24345900       81153         4.6%    162.125.69.12
  12143700       40479         2.3%      31.13.84.52
  11794800       39316         2.2%    68.232.34.200
  11129400       37098         2.1%      31.13.84.51
   8726100       29087         1.6%   216.58.204.234
   8696100       28987         1.6%     137.74.17.22
   8602200       28674         1.6%    52.105.150.41
   8079900       26933         1.5%   17.253.122.197
   8073900       26913         1.5%       31.13.84.4
   7827300       26091         1.5%    52.222.144.51

Top-10 Dst IPs by Packets:
    Packets   Est. Rate   % of Total            Dst IP
-----------------------------------------------------
  648130200     2160434       122.4%     128.139.199.9
  409209600     1364032        77.3%    132.77.150.157
   53213100      177377        10.0%     128.139.199.2
   45597600      151992         8.6%   192.114.102.100
   45379800      151266         8.6%    132.74.123.113
   44017800      146726         8.3%    132.70.153.251
   43890600      146302         8.3%    147.233.249.20
   19581900       65273         3.7%      132.72.90.20
   17185500       57285         3.2%      192.114.5.10
   12828900       42763         2.4%    192.114.91.249

Top-10 Possible Targets by Bytes:
  Src IP   Src Port           Dst IP   Dst Port   Sampled Count
-------------------------------------------------------------
                       128.139.199.9               830107370100
                      132.77.150.157               525468728400
                       128.139.199.9               476018264700
                       128.139.199.9               475852983600
                       128.139.199.9        443    353875871100
                 53    128.139.199.9               353813607000
                      132.77.150.157               302152687800
                      132.77.150.157               302091034800
                      132.77.150.157        443    222464280300
                 53   132.77.150.157               222434269800

Further Details:
https://primary.nemo.geant.org/alerts/details/254120/