@b9bfc9fb Without inside information it would be tough. If you had long term data you might be able to get some results from http responses or ping times but that would be measuring symptoms. Many moons ago when I worked in public service, we were the targets of a persistent ddos. They almost took us down -but only almost- so we didn't even acknowledge the attempt.