[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #262499 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Mar 20 18:34:09 IST 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, March 20, 2024 6:34:01 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #262499 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 262499
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
163632000 545440 42.1% 23.223.77.24
23402100 78007 6.0% 72.247.196.67
14028600 46762 3.6% 192.114.23.234
6297300 20991 1.6% 216.58.204.234
5553600 18512 1.4% 68.232.34.200
5025900 16753 1.3% 132.66.253.21
4045200 13484 1.0% 216.58.205.42
3893400 12978 1.0% 52.222.144.9
3651600 12172 0.9% 52.84.151.45
3447000 11490 0.9% 52.222.144.51
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
14094600 46982 3.6% 17.248.213.69
11337900 37793 2.9% 132.64.163.110
9843300 32811 2.5% 192.114.91.213
7226400 24088 1.9% 192.114.5.10
6229500 20765 1.6% 128.139.200.4
5121300 17071 1.3% 128.139.200.5
4795500 15985 1.2% 132.66.253.21
4623300 15411 1.2% 192.114.91.248
4616100 15387 1.2% 132.76.61.53
4521900 15073 1.2% 192.114.105.254
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
---------------------------------------------------------------------
23.223.77.24 443 245044100400
23.223.77.24 245044100400
72.247.196.67 443 35014989300
72.247.196.67 35014989300
443 132.64.163.110 16457837700
132.64.163.110 16457837700
192.114.91.213 12676812300
216.58.204.234 443 8777236200
216.58.204.234 8777236200
128.139.200.4 8411782200
Further Details:
https://primary.nemo.geant.org/alerts/details/262499/
More information about the Nemo-ddos-list
mailing list