Update account takeover detections documentation (#26516)

* Update account takeover detections documentation

Added note about endpoint labels for Account Takeover Detections Ids.

* Update src/content/docs/bots/additional-configurations/detection-ids/account-takeover-detections.mdx

---------

Co-authored-by: Patricia Santa Ana <[email protected]>

Author: SomeBadCoding

src/content/docs/bots/additional-configurations/detection-ids/account-takeover-detections.mdx

@@ -15,6 +15,10 @@ Using the detection IDs below, you can detect and mitigate account takeover atta
 | `201326593`                                 | Observes all login traffic to the zone.  |
 | `201326598`                                 | Sets a dynamic threshold based on the normal traffic that is unique to the zone.<br /><br /> When the ID matches a login failure, Bot Management sets the [bot score](/bots/concepts/bot-score/) to 29 and uses [anomaly detection](/bots/concepts/bot-detection-engines/#anomaly-detection-enterprise) as its score source. |
 
+:::note
+Not all login endpoints are automatically detected. However, endpoints [labeled](/api-shield/management-and-monitoring/endpoint-labels/#categories) as `cf-log-in` will be evaluated for account takeover detection IDs.
+:::
+
 ## Challenges for account takeover detections
 
 Cloudflare's [Managed Challenge](/cloudflare-challenges/challenge-types/challenge-pages/#managed-challenge-recommended) can limit brute-force attacks on your login endpoints.