|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 13:11:17
|
watchlist
|
Accessed wp-admin/admin-ajax.php without triggering WAF or security rules; requires continued monitoring.
|
0.6000000238418579
|
severity: Severity.low
|
|
74.176.185.3
|
ip
|
2025-11-01 13:06:18
|
block
|
Extensive probing of suspicious PHP files, 100% of requests flagged by WAF with IPBLOCK deny rule, and associated ASN is already blocked for persistent malicious activity.
|
1.0
|
severity: Severity.critical
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 13:01:20
|
watchlist
|
Accessed sensitive WordPress administrative path (wp-admin/admin-ajax.php); further monitoring is warranted despite no immediate threat detections.
|
0.6000000238418579
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:56:19
|
ignore
|
No observed malicious activity, security rule hits, or requests since addition to watchlist, indicating initial suspicion was not substantiated.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:51:16
|
watchlist
|
Entity remains on watchlist due to moderate AI confidence and medium severity, requiring continued monitoring for suspicious activity.
|
0.699999988079071
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:46:17
|
watchlist
|
Entity remains on watchlist due to existing medium confidence suspicious activity. No new activity observed.
|
0.699999988079071
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:41:17
|
watchlist
|
Entity previously added to watchlist with medium severity and moderate confidence. No new activity or threat indicators observed since last evaluation.
|
0.699999988079071
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:36:20
|
watchlist
|
Persistent access to administrative paths with medium AI confidence, but no explicit WAF alerts or threat requests detected yet. Further monitoring required.
|
0.699999988079071
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:31:20
|
watchlist
|
Accessed wp-admin/admin-ajax.php, a common target for WordPress reconnaissance and exploit attempts, requiring further monitoring.
|
0.699999988079071
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:26:29
|
ignore
|
No malicious activity, WAF alerts, or security rule hits detected. ASN is not on blocklist.
|
1.0
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:21:23
|
ignore
|
No further malicious activity detected, low AI confidence score (0.3), and no WAF flags or threat requests.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:16:21
|
watchlist
|
Accessed WordPress admin-ajax.php path multiple times (17 requests) without triggering WAF or security rules; warrants monitoring for potential reconnaissance.
|
0.30000001192092896
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:11:20
|
ignore
|
Entity has shown no observed activity or detected threat requests since being added to the watchlist. Its threat profile has diminished or was an initial low-confidence flag.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:06:17
|
watchlist
|
Accessed a common WordPress attack path (wp-admin/admin-ajax.php) but no WAF flags or threat requests detected yet. Requires continued monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 12:01:16
|
watchlist
|
Accessed sensitive WordPress wp-admin/admin-ajax.php endpoint. No WAF alerts triggered, but further monitoring is warranted.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:56:19
|
ignore
|
Entity shows no malicious activity, zero detected threat requests, and has a low AI confidence score of 0.3, indicating it no longer warrants watchlist monitoring.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:51:20
|
watchlist
|
Accessed a commonly targeted WordPress administrative path, but no security rule hits or WAF alerts were triggered. AI confidence is low.
|
0.30000001192092896
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:46:28
|
watchlist
|
Observed access to 'wp-admin/admin-ajax.php', a common endpoint for both legitimate and potentially malicious WordPress interactions. While no immediate threats were detected by WAF or security rules, this activity warrants continued monitoring for emerging patterns.
|
0.30000001192092896
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:41:26
|
ignore
|
No malicious activity detected. The entity accessed 'wp-admin/admin-ajax.php' which is a common WordPress administrative path. There were no WAF flags, security rule hits, or detected threat requests across 17 total requests.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:36:18
|
ignore
|
Entity showed no further activity since being added to watchlist, indicating a false positive or cessation of suspicious behavior.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:31:16
|
watchlist
|
Accessed WordPress admin-ajax.php, a common attack vector, but no WAF alerts or threat requests detected yet. AI confidence is medium.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:26:17
|
watchlist
|
Accessed wp-admin/admin-ajax.php, a sensitive WordPress admin path commonly targeted by attackers, warrants further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:21:20
|
ignore
|
No suspicious activity detected; accessed a common WordPress endpoint without triggering WAF or security rules. Entity is not present in the blocklist or watchlist and exhibits benign behavior.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:16:15
|
ignore
|
No new malicious activity observed since being added to watchlist, indicating initial suspicion was not substantiated.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:11:17
|
watchlist
|
Accessed a common WordPress admin path, but no direct threat detections or WAF alerts were triggered, maintaining medium suspicion.
|
0.6499999761581421
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:06:16
|
watchlist
|
Accessed sensitive WordPress admin AJAX path (wp-admin/admin-ajax.php) without triggering WAF alerts or security rules, warrants further monitoring for potential reconnaissance or exploit attempts.
|
0.6499999761581421
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:01:23
|
ignore
|
No active malicious behavior detected; 0 threat requests, no WAF flags, and low AI confidence score.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:56:28
|
watchlist
|
Accessed WordPress admin-ajax.php endpoint 17 times; while no WAF alerts were triggered, this path is frequently targeted for reconnaissance.
|
0.30000001192092896
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:51:18
|
ignore
|
No detected threat requests, WAF flags, or security rule hits observed for this entity.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:46:15
|
watchlist
|
Accessed sensitive WordPress admin path 'wp-admin/admin-ajax.php' without triggering WAF alerts, warrants further monitoring.
|
0.6499999761581421
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:41:14
|
ignore
|
Entity has shown no further suspicious activity or requests since being added to the watchlist.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:36:15
|
watchlist
|
Accessed a sensitive WordPress path (wp-admin/admin-ajax.php) which is a common target for attacks, but no direct threats or WAF hits were detected.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:31:16
|
watchlist
|
Accessing sensitive WordPress admin path 'wp-admin/admin-ajax.php', a common target for reconnaissance and exploits. No WAF flags yet, but warrants further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:26:19
|
ignore
|
No activity or detected threats observed since addition to watchlist.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:21:16
|
watchlist
|
Accessing sensitive WordPress admin path without triggering WAF alerts, maintaining medium suspicion for continued monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:16:17
|
watchlist
|
Accessed wp-admin/admin-ajax.php 17 times, a common target for WordPress probes, but without triggering explicit security alerts. Warrants further monitoring for suspicious patterns.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:11:25
|
ignore
|
No observed malicious activity or traffic detected from this IP since it was added to the watchlist (0 total requests, 0 detected threat requests).
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:06:14
|
watchlist
|
No new malicious activity or threat detections observed since being added to the watchlist. Retaining for further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:01:16
|
watchlist
|
Access to wp-admin/admin-ajax.php is suspicious, but no WAF alerts or threat detections have been triggered yet. Requires continued monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:56:15
|
watchlist
|
Accessed sensitive WordPress wp-admin/admin-ajax.php path without triggering WAF or security rules; warrants further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:51:14
|
ignore
|
No recent activity or detected threats since being added to the watchlist. Initial suspicious behavior has not materialized into actual malicious traffic.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:46:12
|
watchlist
|
Entity continues to show suspicious behavior with medium confidence, requiring further monitoring.
|
0.699999988079071
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:41:13
|
watchlist
|
Accessed sensitive WordPress path wp-admin/admin-ajax.php with medium AI confidence, but no explicit WAF alerts or threat detections were recorded. Requires further monitoring.
|
0.699999988079071
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:36:14
|
watchlist
|
Accessed sensitive WordPress administrative path (wp-admin/admin-ajax.php) without triggering WAF, suggesting potential reconnaissance or stealthy probing.
|
0.699999988079071
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:31:14
|
ignore
|
No recent activity or detected threats observed since the entity was added to the watchlist.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:26:25
|
watchlist
|
Entity remains in watchlist due to initial suspicious assessment. No new activity or threats detected since being added to the watchlist, warranting continued monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:21:16
|
watchlist
|
Accessed sensitive WordPress admin-ajax.php path, AI indicates medium confidence and severity, but no direct threat detections or WAF flags yet.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:16:14
|
watchlist
|
Repeated access to sensitive WordPress path (wp-admin/admin-ajax.php) without WAF alerts or threat detections, warrants further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:11:13
|
ignore
|
Entity shows no recorded activity or detected threats since being added to the watchlist. Initial suspicious behavior has not been corroborated by further events.
|
0.8500000238418579
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:06:16
|
watchlist
|
Initial intelligence indicated medium suspicion; no new activity detected to warrant a change in status.
|
0.6000000238418579
|
severity: Severity.medium
|