[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #244771 WARN: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Fri Apr 24 07:41:10 IDT 2026
________________________________________
From: nemo-ddos at host.geant.org <nemo-ddos at host.geant.org>
Sent: Friday, April 24, 2026 7:41:02 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #244771 WARN: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Please find the analysis details for the Alert ID: 244771
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
46688100 155627 13.3% 160.119.76.37
32376000 107920 9.2% 160.119.76.35
30453600 101512 8.7% 160.119.76.32
25562100 85207 7.3% 160.119.76.34
24793500 82645 7.0% 160.119.76.38
23890500 79635 6.8% 160.119.76.36
17808000 59360 5.1% 146.75.122.172
6472200 21574 1.8% 72.246.28.224
5949600 19832 1.7% 23.32.238.96
4567500 15225 1.3% 185.199.110.133
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
7007100 23357 2.0% 128.139.225.242
5387400 17958 1.5% 192.114.5.10
3889800 12966 1.1% 132.71.138.174
3756600 12522 1.1% 132.71.138.177
3645000 12150 1.0% 132.71.138.175
3549000 11830 1.0% 132.71.138.168
3413400 11378 1.0% 132.66.253.82
3314700 11049 0.9% 132.71.124.13
3057900 10193 0.9% 192.114.3.241
2740800 9136 0.8% 132.64.72.94
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
146.75.122.172 24622749300
146.75.122.172 80 22806717000
72.246.28.224 443 8603244300
72.246.28.224 8603244300
23.32.238.96 443 8559956100
23.32.238.96 8559956100
128.139.225.242 7350003000
192.114.5.10 6836321100
443 128.139.225.242 6787471500
23.48.23.67 6679772400
Metric Info:
2M Packets/s
Alert Type:
time_window
Alert Description:
High packet rate.
Start Time: 2026-04-24 04:40:48
End Time: ongoing
First Event Seen: 2026-04-24 04:38:00
Last Event Seen: 2026-04-24 04:39:00
Further Details:
https://secondary.nemo.geant.org/alerts/details/244771/
More information about the Nemo-ddos-list
mailing list