Hi Pho, Very frustrating when this happens. Have you reached out to the contact information on their whois?
APNIC and other RIR’s do not provide DDoS mitigation services, it would be best to speak to your upstream transit suppliers and have them scrub or drop these prefixes from getting to you. I do note these ranges are all in Vietnam so you probably might have easier luck having them filtered by your internet provider/transit providers. From: Pho Tue SoftWare And Technology Solutions Joint Stock Company <[email protected]> Date: Friday, 1 August 2025 at 11:52 am To: [email protected] <[email protected]> Subject: [apnic-talk] Request for Assistance with DDoS Attacks from IP Ranges Managed by APNIC, RIPE NCC, and ARIN Dear APNIC-talk Community, Our network is experiencing DDoS attacks with abnormal traffic originating from IP addresses within ranges managed by APNIC, RIPE NCC, and ARIN. The affected IP ranges are: * IPv4: 163.61.72.0/23, 36.50.26.0/23, 103.161.172.0/23 * IPv6: 2001:df5:e40::/48, 2401:53a0::/32, 2407:5c0::/32 We have logged the source IP addresses involved in these attacks. We kindly request assistance with the following: 1. Where should we report these IP addresses (APNIC, RIPE NCC, ARIN, or other entities) for investigation and mitigation? 2. Does APNIC or other Regional Internet Registries provide tools or processes to help mitigate DDoS attacks from these international IP ranges? 3. To whom and through which channels should we send the access logs for effective coordination and resolution? We are ready to provide detailed access logs or attack patterns if required. We greatly appreciate any support from the community to address this issue. Best regards,
_______________________________________________ APNIC-talk - https://mailman.apnic.net/[email protected]/ To unsubscribe send an email to [email protected]
