|
199.127.56.236
|
ip
|
2025-11-18 01:36:03
|
ignore
|
No malicious activity detected. All requests were benign and no security rules were triggered.
|
1.0
|
severity: Severity.low
|
|
20.37.96.143
|
ip
|
2025-11-10 22:07:17
|
block
|
All requests from this IP were flagged by WAF, accessing suspicious PHP files including known exploit paths like 'wp-filemanager.php', and triggered a deny security rule (REP_1654538).
|
1.0
|
severity: Severity.critical
|
|
AS15169
|
asn
|
2025-11-04 15:46:51
|
block
|
48% of requests were threatening, all accessed paths flagged by WAF, and a burst-rate IP block rule (IPBLOCK-BURST4-318403) was triggered.
|
0.949999988079071
|
severity: Severity.critical
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 10:16:50
|
watchlist
|
Repeated access to wp-admin/admin-ajax.php, a common target for WordPress reconnaissance, without other immediate threat indicators.
|
0.4000000059604645
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 10:11:43
|
ignore
|
No observed malicious activity, 0 requests, and low initial AI confidence score.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 10:06:41
|
watchlist
|
Accessed sensitive WordPress path 'wp-admin/admin-ajax.php' with 17 requests but no WAF alerts or threat detections. AI confidence and severity are low.
|
0.4000000059604645
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 10:01:42
|
watchlist
|
Accessed a common WordPress admin path (wp-admin/admin-ajax.php) without triggering WAF or security rules, requires further monitoring for potential reconnaissance.
|
0.4000000059604645
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:56:42
|
ignore
|
Entity shows no malicious activity, no WAF flags, no security rule hits, and has a very low AI confidence score, indicating it is likely benign.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:51:56
|
watchlist
|
Accessed wp-admin/admin-ajax.php 17 times, a common target for reconnaissance, but no WAF alerts or security rules were triggered. Warrants minor monitoring.
|
0.20000000298023224
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:46:44
|
ignore
|
No detected threats, WAF alerts, or security rule hits, and a low AI confidence score.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:41:56
|
watchlist
|
Accessed sensitive WordPress admin path 'wp-admin/admin-ajax.php' multiple times without triggering WAF, warrants further monitoring for potential probing.
|
0.30000001192092896
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:36:42
|
ignore
|
No further malicious activity or threat requests observed since being added to the watchlist.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:31:40
|
watchlist
|
Access to sensitive WordPress path (wp-admin/admin-ajax.php) with medium AI confidence, but no WAF alerts or threat requests yet. Requires continued monitoring.
|
0.6499999761581421
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:26:41
|
watchlist
|
Accessed sensitive WordPress administrative path 'wp-admin/admin-ajax.php', which is a common target for reconnaissance or exploitation. No WAF flags detected yet, warrants further monitoring.
|
0.6499999761581421
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:21:39
|
ignore
|
Entity has shown no activity (0 requests) and no security rule hits since being added to the watchlist, with a low initial AI confidence and severity. No longer deemed suspicious.
|
1.0
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:16:39
|
watchlist
|
Accessed a common WordPress administration path (wp-admin/admin-ajax.php) but no WAF alerts or detected threat requests. Low AI confidence score, requiring continued monitoring.
|
0.4000000059604645
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:11:42
|
watchlist
|
Accessed WordPress admin AJAX path, which is a common target for reconnaissance. No WAF alerts or threat detections, but warrants continued monitoring.
|
0.4000000059604645
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:06:46
|
ignore
|
No malicious activity detected, zero WAF flags or security rule hits, and low request count to a common WordPress path. The associated ASN is not on the blocklist.
|
0.949999988079071
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 09:01:50
|
ignore
|
No suspicious activity detected, including WAF flags or threat requests. The accessed path is legitimate for WordPress operation and the entity is not currently in the watchlist.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:56:47
|
ignore
|
No detected threat requests, WAF flags, or security rule hits for this IP address. Despite accessing a common WordPress admin path, no malicious activity was observed.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:51:41
|
watchlist
|
Accessed sensitive WordPress admin path 'wp-admin/admin-ajax.php' without triggering WAF alerts; warrants monitoring for further suspicious activity.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:46:45
|
ignore
|
No malicious activity detected. Entity accessed a common WordPress admin path without triggering any WAF or security alerts.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:41:44
|
ignore
|
No malicious activity detected, no WAF flags, no security rule hits, and not currently on any watchlist.
|
0.949999988079071
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:36:41
|
ignore
|
No observed malicious activity or web requests since being added to the watchlist, indicating a potential false positive or abandoned threat.
|
0.949999988079071
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:31:38
|
watchlist
|
Accessed a WordPress administrative path but currently lacks direct malicious indicators from WAF or security rules.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:26:40
|
watchlist
|
Accessed a potentially sensitive WordPress administrative path (wp-admin/admin-ajax.php) without triggering WAF or security alerts, but warrants continued monitoring for potential abuse.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:21:46
|
ignore
|
Entity has recorded zero requests and zero detected threats since being added to the watchlist, combined with a very low initial AI confidence score and severity.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:16:43
|
watchlist
|
Accessed sensitive WordPress admin path 'wp-admin/admin-ajax.php' 17 times. No WAF flags or detected threats yet, but requires continued monitoring.
|
0.25
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:11:54
|
watchlist
|
Accessed sensitive WordPress admin path (wp-admin/admin-ajax.php) from an unknown IP; warrants low-level monitoring despite no current WAF flags or threat detections.
|
0.25
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:06:47
|
ignore
|
Entity exhibits no signs of malicious activity; all requests were benign with no WAF flags or security rule hits.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 08:01:37
|
ignore
|
Watchlisted IP shows no activity, no detected threat requests, and no security rule hits since being added.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:56:39
|
watchlist
|
Accessing a common WordPress administrative path with medium AI confidence, but no explicit WAF flags or threat detections yet.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:51:40
|
watchlist
|
Accessed sensitive WordPress admin path 'wp-admin/admin-ajax.php' without triggering WAF or security rules; requires further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:46:49
|
ignore
|
No suspicious activity detected; no WAF flags or threat requests, despite accessing a common WordPress admin path.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:41:39
|
ignore
|
Entity shows no detected threat requests, no WAF rule hits, and has a low AI confidence score, indicating benign activity.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:36:50
|
watchlist
|
Accessed sensitive WordPress admin path 'wp-admin/admin-ajax.php' 17 times; no WAF flags or detected threats, but warrants monitoring for potential reconnaissance or unusual patterns.
|
0.3499999940395355
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:31:43
|
ignore
|
No further malicious activity or requests observed since being added to watchlist.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:26:38
|
watchlist
|
IP accessed sensitive WordPress admin path without triggering WAF alerts; insufficient new evidence to block or remove.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:21:38
|
watchlist
|
Accessed sensitive WordPress admin AJAX path, but no WAF flags or threat detections. Needs further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:16:39
|
ignore
|
No malicious activity detected, no WAF flags or security rule hits, and low AI confidence/severity for the observed behavior. Only 17 requests to a common WordPress path.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:11:37
|
watchlist
|
Accessed wp-admin/admin-ajax.php 17 times without triggering WAF alerts or specific threat detections; warrants monitoring for further suspicious activity.
|
0.6000000238418579
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:06:46
|
ignore
|
No malicious indicators detected; accessed legitimate WordPress path without triggering WAF or security rules.
|
1.0
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 07:01:45
|
ignore
|
Entity shows no detected threat requests, WAF flags, or security rule hits. Access to 'wp-admin/admin-ajax.php' can be legitimate and no other malicious indicators are present.
|
1.0
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 03:51:32
|
ignore
|
No malicious activity or requests detected since being added to the watchlist.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 03:46:33
|
watchlist
|
Entity previously identified with low AI confidence, accessed wp-admin/admin-ajax.php, but no further WAF alerts or threat detections were recorded in the provided context. Requires continued monitoring.
|
0.6000000238418579
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 03:41:34
|
watchlist
|
Accessed wp-admin/admin-ajax.php, a common target for reconnaissance and exploits, without triggering WAF rules. Requires monitoring.
|
0.6000000238418579
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 03:36:38
|
ignore
|
No suspicious activity detected: zero threat requests, no WAF flags, and associated ASN not on blocklist. Access to 'wp-admin/admin-ajax.php' is a common and legitimate WordPress path.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 03:31:33
|
ignore
|
Entity has shown no further malicious activity since being added to the watchlist. No WAF alerts, no detected threat requests, and a low AI confidence score.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 03:26:39
|
watchlist
|
Accessed sensitive WordPress admin path 'wp-admin/admin-ajax.php'. No WAF hits detected, but warrants further monitoring for suspicious patterns.
|
0.30000001192092896
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-02 03:21:34
|
ignore
|
Entity was added to watchlist with medium AI confidence, but has shown no activity (zero total requests and zero threat requests) since being added.
|
0.8999999761581421
|
severity: Severity.low
|