Security Dashboard
Requests by Country (Map)
Recent AI Decisions Feed
IP accessed common WordPress administration and login paths (wp-admin/, wp-login.php) without triggering any explicit threat detections or security alerts. This activity suggests potential reconnaissance or unauthorized access attempts, warranting further monitoring.
Confidence: 60% · 2026-03-14 00:07
All requests detected as threats, probing for common web shell locations and WordPress vulnerabilities. IP has triggered IPBLOCK deny rules, indicating previous malicious activity.
Confidence: 100% · 2026-03-13 23:57
No actual threats detected by WAF or security rules for this entity, despite accessing common WordPress login paths. Low volume of requests (8 total) and no confirmed malicious activity in the current observation period.
Confidence: 80% · 2026-03-13 23:57
IP address accessed sensitive WordPress administration paths (wp-admin/, wp-login.php). No immediate security alerts or WAF flags were triggered, but this pattern is often associated with reconnaissance or attempted unauthorized access. Recommend continued monitoring for suspicious activity.
Confidence: 70% · 2026-03-13 05:34
IP engaged in suspicious activity targeting wp-login.php, flagged by WAF, with 50% of requests detected as threats.
Confidence: 95% · 2026-03-12 22:13
Entity shows a 'last_seen' timestamp in the future, indicating data integrity issues or a sophisticated attempt to evade detection, combined with access to a highly anomalous and obfuscated-looking path (RUug7/gyu/sD-F/cT/Nb_-bi/7bw3bJb9uwf56VXuwa/GSQqEQE/GmkhP/EYCbwwC) commonly associated with vulnerability scanning or exploitation attempts.
Confidence: 90% · 2026-03-12 20:13
Despite an AI confidence score for watchlist inclusion, the entity exhibits no recent activity, zero total requests, zero detected threat requests, and no security rule hits in the provided context. No current evidence supports its malicious nature.
Confidence: 85% · 2026-03-12 20:03
Observed highly suspicious and obfuscated path requests, 4 out of 6 requests detected as threats, and triggered security rule '3991023'. This indicates active malicious activity.
Confidence: 95% · 2026-03-12 20:03
This IP address exhibits highly suspicious behavior, including numerous attempts to access WordPress enumeration paths ('wlwmanifest.xml'), a significantly high number of detected threat requests, and multiple WAF rule hits such as 'BOT-BROWSER-IMPERSONATOR' and 'IPBLOCK-BURST4-318403'. This indicates active malicious scanning and potential exploitation attempts.
Confidence: 95% · 2026-03-12 17:32
Entity remains suspicious based on prior AI confidence score (0.75) and medium severity, despite no recent activity detected on our systems. Further monitoring is required for this watchlist item.
Confidence: 75% · 2026-03-12 10:31
Threat Actions (Alert vs Deny)