[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #290356 WARN: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Sat Jun 8 05:48:48 IDT 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Saturday, June 8, 2024 5:48:41 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #290356 WARN: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Please find the analysis details for the Alert ID: 290356
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
2136900 7123 2.9% 104.152.52.139
2116500 7055 2.9% 104.152.52.141
2107800 7026 2.9% 104.152.52.144
2097900 6993 2.8% 104.152.52.226
2095200 6984 2.8% 104.152.52.216
2093100 6977 2.8% 104.152.52.111
2086200 6954 2.8% 104.152.52.193
2085000 6950 2.8% 104.152.52.185
2083800 6946 2.8% 104.152.52.178
2081100 6937 2.8% 104.152.52.244
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
38700 129 0.1% 132.72.6.1
34500 115 0.0% 132.76.61.54
31500 105 0.0% 192.114.1.187
27900 93 0.0% 132.65.240.60
26700 89 0.0% 132.76.61.53
24600 82 0.0% 141.101.196.210
17100 57 0.0% 104.22.48.147
12300 41 0.0% 104.22.49.147
10800 36 0.0% 132.66.251.11
7800 26 0.0% 128.139.225.245
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------
104.152.52.139 54469 85476000
104.152.52.139 85476000
104.152.52.141 54471 84660000
104.152.52.141 84660000
104.152.52.144 54386 84312000
104.152.52.144 84312000
104.152.52.226 54469 83916000
104.152.52.226 83916000
104.152.52.216 54463 83808000
104.152.52.216 83808000
Further Details:
https://primary.nemo.geant.org/alerts/details/290356/
More information about the Nemo-ddos-list
mailing list