|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:41:26
|
ignore
|
No malicious activity detected. The entity accessed 'wp-admin/admin-ajax.php' which is a common WordPress administrative path. There were no WAF flags, security rule hits, or detected threat requests across 17 total requests.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:36:18
|
ignore
|
Entity showed no further activity since being added to watchlist, indicating a false positive or cessation of suspicious behavior.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:31:16
|
watchlist
|
Accessed WordPress admin-ajax.php, a common attack vector, but no WAF alerts or threat requests detected yet. AI confidence is medium.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:26:17
|
watchlist
|
Accessed wp-admin/admin-ajax.php, a sensitive WordPress admin path commonly targeted by attackers, warrants further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:21:20
|
ignore
|
No suspicious activity detected; accessed a common WordPress endpoint without triggering WAF or security rules. Entity is not present in the blocklist or watchlist and exhibits benign behavior.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:16:15
|
ignore
|
No new malicious activity observed since being added to watchlist, indicating initial suspicion was not substantiated.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:11:17
|
watchlist
|
Accessed a common WordPress admin path, but no direct threat detections or WAF alerts were triggered, maintaining medium suspicion.
|
0.6499999761581421
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:06:16
|
watchlist
|
Accessed sensitive WordPress admin AJAX path (wp-admin/admin-ajax.php) without triggering WAF alerts or security rules, warrants further monitoring for potential reconnaissance or exploit attempts.
|
0.6499999761581421
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 11:01:23
|
ignore
|
No active malicious behavior detected; 0 threat requests, no WAF flags, and low AI confidence score.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:56:28
|
watchlist
|
Accessed WordPress admin-ajax.php endpoint 17 times; while no WAF alerts were triggered, this path is frequently targeted for reconnaissance.
|
0.30000001192092896
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:51:18
|
ignore
|
No detected threat requests, WAF flags, or security rule hits observed for this entity.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:46:15
|
watchlist
|
Accessed sensitive WordPress admin path 'wp-admin/admin-ajax.php' without triggering WAF alerts, warrants further monitoring.
|
0.6499999761581421
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:41:14
|
ignore
|
Entity has shown no further suspicious activity or requests since being added to the watchlist.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:36:15
|
watchlist
|
Accessed a sensitive WordPress path (wp-admin/admin-ajax.php) which is a common target for attacks, but no direct threats or WAF hits were detected.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:31:16
|
watchlist
|
Accessing sensitive WordPress admin path 'wp-admin/admin-ajax.php', a common target for reconnaissance and exploits. No WAF flags yet, but warrants further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:26:19
|
ignore
|
No activity or detected threats observed since addition to watchlist.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:21:16
|
watchlist
|
Accessing sensitive WordPress admin path without triggering WAF alerts, maintaining medium suspicion for continued monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:16:17
|
watchlist
|
Accessed wp-admin/admin-ajax.php 17 times, a common target for WordPress probes, but without triggering explicit security alerts. Warrants further monitoring for suspicious patterns.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:11:25
|
ignore
|
No observed malicious activity or traffic detected from this IP since it was added to the watchlist (0 total requests, 0 detected threat requests).
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:06:14
|
watchlist
|
No new malicious activity or threat detections observed since being added to the watchlist. Retaining for further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 10:01:16
|
watchlist
|
Access to wp-admin/admin-ajax.php is suspicious, but no WAF alerts or threat detections have been triggered yet. Requires continued monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:56:15
|
watchlist
|
Accessed sensitive WordPress wp-admin/admin-ajax.php path without triggering WAF or security rules; warrants further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:51:14
|
ignore
|
No recent activity or detected threats since being added to the watchlist. Initial suspicious behavior has not materialized into actual malicious traffic.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:46:12
|
watchlist
|
Entity continues to show suspicious behavior with medium confidence, requiring further monitoring.
|
0.699999988079071
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:41:13
|
watchlist
|
Accessed sensitive WordPress path wp-admin/admin-ajax.php with medium AI confidence, but no explicit WAF alerts or threat detections were recorded. Requires further monitoring.
|
0.699999988079071
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:36:14
|
watchlist
|
Accessed sensitive WordPress administrative path (wp-admin/admin-ajax.php) without triggering WAF, suggesting potential reconnaissance or stealthy probing.
|
0.699999988079071
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:31:14
|
ignore
|
No recent activity or detected threats observed since the entity was added to the watchlist.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:26:25
|
watchlist
|
Entity remains in watchlist due to initial suspicious assessment. No new activity or threats detected since being added to the watchlist, warranting continued monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:21:16
|
watchlist
|
Accessed sensitive WordPress admin-ajax.php path, AI indicates medium confidence and severity, but no direct threat detections or WAF flags yet.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:16:14
|
watchlist
|
Repeated access to sensitive WordPress path (wp-admin/admin-ajax.php) without WAF alerts or threat detections, warrants further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:11:13
|
ignore
|
Entity shows no recorded activity or detected threats since being added to the watchlist. Initial suspicious behavior has not been corroborated by further events.
|
0.8500000238418579
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:06:16
|
watchlist
|
Initial intelligence indicated medium suspicion; no new activity detected to warrant a change in status.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 09:01:11
|
watchlist
|
Entity remains suspicious with medium severity, no new malicious activity detected to justify blocking, nor enough evidence to remove.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:56:11
|
watchlist
|
Entity remains in watchlist with a moderate AI confidence score and medium severity for continued monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:51:13
|
watchlist
|
IP accessed a sensitive WordPress path (wp-admin/admin-ajax.php) without triggering WAF alerts or explicit threat detections. Retaining in watchlist for further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:46:14
|
watchlist
|
Accessed sensitive WordPress admin AJAX path (wp-admin/admin-ajax.php), warrants monitoring for further suspicious activity.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:41:12
|
ignore
|
No recent malicious activity detected, low initial AI confidence score (0.6), and no WAF or security rule hits observed since being added to the watchlist.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:36:15
|
watchlist
|
AI flagged low severity suspicion accessing WordPress admin-ajax path without WAF or security rule hits. Requires further monitoring.
|
0.6000000238418579
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:31:16
|
watchlist
|
Accessed sensitive WordPress path 'wp-admin/admin-ajax.php'. While no WAF or security rule hits were detected, this path is frequently targeted in WordPress attacks, warranting further observation.
|
0.6000000238418579
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:26:23
|
ignore
|
No malicious activity detected, no WAF flags, and no security rule hits. Access to wp-admin/admin-ajax.php is common and not inherently suspicious without further indicators.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:21:17
|
ignore
|
No new malicious activity, WAF alerts, or security rule hits detected since being added to watchlist, despite initial medium AI confidence.
|
0.800000011920929
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:16:12
|
watchlist
|
Accessed a sensitive WordPress path (wp-admin/admin-ajax.php) without triggering WAF or security rules, suggesting potential reconnaissance.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:11:16
|
ignore
|
No detected threats, WAF flags, or security rule hits observed since being added to watchlist, and initial AI confidence was low.
|
0.699999988079071
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:06:16
|
watchlist
|
Accessed sensitive WordPress admin path 'wp-admin/admin-ajax.php' without triggering WAF or security rules, warrants monitoring.
|
0.4000000059604645
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 08:01:15
|
ignore
|
No malicious activity observed since being added to the watchlist.
|
0.8999999761581421
|
severity: Severity.low
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 07:56:08
|
watchlist
|
Entity shows medium confidence suspicious behavior and should remain in the watchlist for further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 07:51:09
|
watchlist
|
Entity is currently in watchlist with medium confidence and severity. No new activity or escalated threats detected to warrant a change.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 07:46:12
|
watchlist
|
No new malicious activity, requests, or WAF alerts detected since being added to watchlist. Continued monitoring is required due to initial medium severity.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 07:41:15
|
watchlist
|
Entity previously identified with medium confidence and severity. No new malicious activity detected in this window, but retained on watchlist for continued monitoring due to access of common attack vectors like wp-admin/admin-ajax.php.
|
0.6000000238418579
|
severity: Severity.medium
|
|
2001:861:5860:e460:5175:54ff:bf15:b615
|
ip
|
2025-11-01 07:36:12
|
watchlist
|
Accessed 'wp-admin/admin-ajax.php' which is a common target for reconnaissance and attack attempts on WordPress sites, warranting further monitoring.
|
0.6000000238418579
|
severity: Severity.medium
|