Global Threat Map Dashboard

TOTAL EVENTS

266

CRITICAL

BLOCKED

57%

LIVE BUFFER

ATTACK TYPES

Phishing9

Botnet8

Zero-Day6

Ransomware5

Brute Force5

Malware5

SEVERITY

CRITICAL13

HIGH21

MEDIUM13

LOW5

TOP SOURCES

DRAG TO ROTATE · SCROLL TO ZOOM

Natural Earth Projection · 2D Mode

52 EVENTS TRACKED|DRAG TO ROTATE · SCROLL TO ZOOM

RAW LOG[0052]

06:16:16📜 XSSLOW■ BLOCKED

117.55.249.110(Israel)→120.125.241.138(Canada)HTTPS:443

Stored XSS: malicious script injected into description

06:16:15⚡ DDoSHIGH■ BLOCKED

57.200.22.138(Indonesia)→120.204.68.160(North Korea)HTTP:53

UDP amplification attack: 2500 Gbps traffic spike

06:16:15🤖 BotnetCRITICAL■ BLOCKED

61.131.30.225(Canada)→36.246.228.5(Germany)HTTP:80

Botnet C2: 8127 compromised hosts calling home

06:16:14🎣 PhishingHIGH▲ DETECTED

115.129.67.144(Netherlands)→217.90.108.71(Israel)HTTPS:587

Credential harvesting page: fake Amazon login portal

06:16:13🎣 PhishingMEDIUM■ BLOCKED

223.240.134.87(Russia)→202.84.6.147(Mexico)HTTPS:587

Spear phishing: targeted attack on Legal department

06:16:12🔒 RansomwareHIGH■ BLOCKED

208.170.41.246(Saudi Arabia)→155.13.134.201(Nigeria)TCP:139

LockBit variant detected: lateral movement via RDP

06:16:12🔨 Brute ForceMEDIUM■ BLOCKED

171.178.2.136(North Korea)→98.163.125.205(Russia)FTP:3389

RDP credential stuffing: 6380 login failures

06:16:11🔨 Brute ForceLOW▲ DETECTED

100.137.14.24(Turkey)→149.203.102.79(France)SSH:80

Web login brute force: 2277 attempts on /admin

06:16:10🎣 PhishingMEDIUM▲ DETECTED

102.97.112.251(India)→164.216.189.5(Russia)SMTP:25

Credential harvesting page: fake Microsoft login portal

06:16:10💀 Zero-DayCRITICAL▲ DETECTED

47.66.3.182(South Africa)→16.29.241.127(Vietnam)UDP:80

Unpatched vulnerability exploitation in Windows Server

06:16:10🎣 PhishingHIGH■ BLOCKED

54.162.209.167(Israel)→210.105.92.40(Saudi Arabia)HTTPS:587

Phishing email: spoofed domain secure-wjewgo.com detected

06:16:09🔒 RansomwareHIGH▲ DETECTED

88.195.5.32(France)→4.247.229.203(Germany)TCP:139

Ransomware C2 communication: payment server contacted

06:16:08💉 SQL InjectionHIGH■ BLOCKED

115.166.252.155(Poland)→19.174.21.31(USA)HTTP:3306

Blind SQLi: time-based attack on /api/v1/users

06:16:08💀 Zero-DayCRITICAL▲ DETECTED

192.124.92.26(Indonesia)→14.36.52.4(USA)HTTP:8080

Unknown vulnerability: anomalous payload pattern detected

06:16:07🔒 RansomwareHIGH■ BLOCKED

142.162.178.75(Turkey)→206.209.42.60(China)SMB:4444

File encryption in progress: 9354 files affected

06:16:06⚡ DDoSMEDIUM▲ DETECTED

217.192.184.138(China)→201.97.85.59(Ukraine)UDP:80

SYN flood detected: 9749 packets/sec from 98.52.112.38

06:16:06🕵️ MITMMEDIUM▲ DETECTED

209.223.14.97(Vietnam)→112.177.168.10(North Korea)DNS:8080

Evil twin AP: rogue WiFi access point detected

06:16:05🦠 MalwareHIGH▲ DETECTED

220.44.51.246(China)→47.18.236.15(UK)TCP:4444

Spyware activity: keylogger data exfiltration detected

06:16:05🎣 PhishingCRITICAL■ BLOCKED

198.248.154.99(Japan)→142.24.61.234(Canada)HTTPS:587

Credential harvesting page: fake Amazon login portal

06:16:05🦠 MalwareHIGH■ BLOCKED

35.136.108.57(North Korea)→143.167.143.224(India)TCP:8080

Backdoor.RAT: reverse shell connection established

06:16:04💀 Zero-DayCRITICAL■ BLOCKED

213.94.74.115(Singapore)→141.82.43.55(Netherlands)HTTPS:443

Unknown vulnerability: anomalous payload pattern detected

06:16:04🔒 RansomwareCRITICAL■ BLOCKED

38.137.184.200(Singapore)→93.214.25.223(USA)SMB:4444

LockBit variant detected: lateral movement via RDP

06:16:04💀 Zero-DayCRITICAL■ BLOCKED

2.80.31.254(Singapore)→103.62.20.82(Poland)HTTP:80

Unknown vulnerability: anomalous payload pattern detected

06:16:03⚡ DDoSMEDIUM■ BLOCKED

114.226.212.15(China)→112.244.65.121(Sweden)TCP:53

SYN flood detected: 6781 packets/sec from 73.234.244.214

06:16:02📜 XSSHIGH▲ DETECTED

137.192.200.39(Poland)→105.204.230.232(UK)HTTP:80

XSS payload: <script>document.cookie</script> in page

06:16:01🤖 BotnetMEDIUM■ BLOCKED

188.112.114.216(Russia)→71.139.216.44(Singapore)TCP:80

Botnet scan: 9677 hosts probing port 7671

06:16:01💉 SQL InjectionLOW▲ DETECTED

172.89.117.90(USA)→217.44.148.238(India)HTTPS:80

UNION SELECT injection: extracting sessions table data

06:16:01🎣 PhishingLOW■ BLOCKED

207.37.69.204(USA)→83.6.243.65(Ukraine)HTTPS:465

Spear phishing: targeted attack on Executive department

06:16:01💉 SQL InjectionHIGH■ BLOCKED

186.25.114.63(Argentina)→193.166.254.176(Russia)HTTPS:80

Blind SQLi: time-based attack on /api/v1/users

06:16:00🦠 MalwareMEDIUM■ BLOCKED

177.141.157.95(USA)→168.174.233.57(Iran)HTTPS:4444

Backdoor.RAT: reverse shell connection established

06:16:00💀 Zero-DayHIGH■ BLOCKED

194.43.193.139(Vietnam)→203.196.144.45(France)TCP:8443

Zero-day exploit: CVE-2025-76149 targeting Apache

06:16:00💀 Zero-DayCRITICAL■ BLOCKED

34.94.120.55(Brazil)→89.40.185.177(South Africa)UDP:8080

Unknown vulnerability: anomalous payload pattern detected

06:16:00🤖 BotnetMEDIUM■ BLOCKED

180.86.197.2(USA)→196.217.210.135(Taiwan)UDP:443

DGA domain: secure-nrkpsv.com contacted by 7063 bots

06:15:59🕵️ MITMHIGH▲ DETECTED

212.243.81.59(North Korea)→87.125.80.78(South Africa)ARP:443

Evil twin AP: rogue WiFi access point detected

06:15:58💉 SQL InjectionHIGH▲ DETECTED

126.61.39.14(Switzerland)→91.244.38.64(Iran)HTTPS:80

SQLi attempt: ' OR 1=1-- in parameter id

06:15:58🦠 MalwareCRITICAL■ BLOCKED

153.101.57.47(Japan)→4.40.226.243(Ukraine)TCP:1337

Spyware activity: keylogger data exfiltration detected

06:15:57🤖 BotnetHIGH▲ DETECTED

180.27.228.51(China)→124.230.15.161(Turkey)IRC:6697

DGA domain: secure-8r2il1.com contacted by 4269 bots

06:15:57🔨 Brute ForceMEDIUM▲ DETECTED

131.146.243.248(UK)→83.130.68.206(Iran)FTP:80

RDP credential stuffing: 5822 login failures

06:15:57🎣 PhishingHIGH▲ DETECTED

56.145.108.26(North Korea)→178.188.55.143(Sweden)HTTP:25

Business email compromise: CEO impersonation detected

06:15:57🔨 Brute ForceMEDIUM■ BLOCKED

19.121.40.124(Ukraine)→6.171.122.203(Israel)SSH:80

SSH brute force: 8703 failed auth attempts from 131.20.31.180

06:15:56📜 XSSLOW▲ DETECTED

72.203.130.149(Indonesia)→164.245.113.196(Switzerland)HTTPS:80

DOM-based XSS: location.hash manipulation detected

06:15:56🤖 BotnetCRITICAL■ BLOCKED

119.194.20.129(Turkey)→142.74.44.141(Mexico)UDP:443

DGA domain: secure-5tgriv.com contacted by 3491 bots

06:15:55🤖 BotnetHIGH▲ DETECTED

72.15.87.94(Sweden)→50.45.91.62(Iran)TCP:443

Botnet scan: 920 hosts probing port 15590

06:15:55🤖 BotnetHIGH■ BLOCKED

91.186.19.39(USA)→23.170.223.43(Argentina)TCP:6667

DGA domain: secure-hzzuh2.com contacted by 9054 bots

06:15:54⚡ DDoSCRITICAL■ BLOCKED

36.113.135.222(Canada)→147.165.116.225(Iran)ICMP:443

SYN flood detected: 8458 packets/sec from 220.234.167.63

06:15:53📜 XSSMEDIUM▲ DETECTED

145.180.193.46(Russia)→15.222.215.73(Poland)HTTP:443

Reflected XSS: payload in URL parameter user

06:15:53🎣 PhishingCRITICAL▲ DETECTED

117.17.56.112(Switzerland)→15.74.105.110(Argentina)SMTP:587

Credential harvesting page: fake PayPal login portal

06:15:53🔒 RansomwareCRITICAL■ BLOCKED

63.40.27.157(Russia)→1.121.136.186(Canada)TCP:4444

LockBit variant detected: lateral movement via RDP

06:15:53🔨 Brute ForceMEDIUM▲ DETECTED

217.13.118.237(Russia)→175.131.181.162(Iran)FTP:3389

SSH brute force: 1128 failed auth attempts from 16.18.255.105

06:15:53🎣 PhishingHIGH▲ DETECTED

187.193.10.1(Nigeria)→40.7.99.228(Netherlands)SMTP:465

Business email compromise: CEO impersonation detected

06:15:53🤖 BotnetHIGH▲ DETECTED

130.77.156.19(Argentina)→41.234.70.107(USA)HTTP:443

Mirai variant: IoT device NAS recruited to botnet

06:15:52🦠 MalwareHIGH■ BLOCKED

119.180.15.201(Mexico)→183.177.80.187(Russia)HTTP:443

Ransomware signature: encrypted file extension .pay2decrypt