Wordpress Default Credential Bruteforce

Automated authentication attempt against a WordPress login endpoint using the common default username admin and weak password pattern. Indicative of credential stuffing or default password brute-force activity targeting internet-exposed WordPress installations.

Observed IPs

Avg Confidence

Severity

medium

Top IPs by event countHTTP

IP Address	Risk	Events	Sessions	Country	ASN	Last Seen
162.158.95.136	7%	184	24	🇺🇸 US	AS13335	2026-02-27
172.71.103.96	10%	158	55	🇳🇱 NL	AS13335	2026-03-03
104.23.170.56	10%	145	60	🇳🇱 NL	AS13335	2026-03-03
104.23.172.74	9%	135	50	🇳🇱 NL	AS13335	2026-03-03
104.23.166.42	10%	124	59	🇳🇱 NL	AS13335	2026-03-03
104.23.170.57	10%	109	52	🇳🇱 NL	AS13335	2026-03-03
172.70.250.26	8%	97	34	🇩🇪 DE	AS13335	2026-03-03
172.71.95.77	10%	95	42	🇳🇱 NL	AS13335	2026-03-02
172.71.103.95	9%	91	47	🇳🇱 NL	AS13335	2026-03-02
104.23.166.43	10%	90	47	🇳🇱 NL	AS13335	2026-03-02
172.71.95.78	9%	87	38	🇳🇱 NL	AS13335	2026-03-03
172.68.194.209	7%	81	27	🇩🇪 DE	AS13335	2026-03-02
104.23.168.81	9%	81	28	🇳🇱 NL	AS13335	2026-03-02
172.70.250.27	5%	79	25	🇩🇪 DE	AS13335	2026-02-25
104.23.168.80	9%	74	32	🇳🇱 NL	AS13335	2026-03-03
104.23.172.75	9%	69	33	🇳🇱 NL	AS13335	2026-03-03
172.71.182.50	9%	68	27	🇳🇱 NL	AS13335	2026-03-01
162.159.113.131	9%	67	38	🇳🇱 NL	AS13335	2026-03-01
162.159.113.130	9%	65	36	🇳🇱 NL	AS13335	2026-03-03
172.71.182.51	9%	59	29	🇳🇱 NL	AS13335	2026-03-01