JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.180.196.28

139.180.196.28 was found in our database!

This IP was reported 95 times. Confidence of Abuse is 100%: ?

100%

ISP	The Constant Company, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20473
Hostname(s)	139.180.196.28.vultrusercontent.com
Domain Name	constant.com
Country	🇯🇵 Japan
City	Oi, Saitama

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 139.180.196.28

Whois 139.180.196.28

IP Abuse Reports for 139.180.196.28:

This IP address has been reported a total of 95 times from 79 distinct sources. 139.180.196.28 was first reported on June 11th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-13 22:26:22 (6 days ago)		Brute-Force Web App Attack
🇬🇧 openstrike.co.uk	2026-06-13 05:14:13 (1 week ago)	91 attacks on PHP URLs: GET /php.php HTTP/1.1	Web App Attack
Anonymous	2026-06-12 23:06:27 (1 week ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: JP, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: JP, Attack patterns: WordPress scanning, Webshell probing show less	Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-12 22:26:16 (1 week ago)		Brute-Force Web App Attack
🇩🇪 Nevermind	2026-06-12 20:25:52 (1 week ago)	139.180.196.28 - - [12/Jun/2026:22:25:51 +0200] "GET /inputs.php HTTP/1.1" 404 382 "-" "Mozilla/5.0 ... show more 139.180.196.28 - - [12/Jun/2026:22:25:51 +0200] "GET /inputs.php HTTP/1.1" 404 382 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:22:25:51 +0200] "GET /admin.php HTTP/1.1" 404 382 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:22:25:52 +0200] "GET /goods.php HTTP/1.1" 404 382 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:22:25:52 +0200] "GET /file.php HTTP/1.1" 404 382 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇳🇱 Site.eu	2026-06-12 19:30:19 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 MarkGGN	2026-06-12 19:27:23 (1 week ago)	Web attack. 139.180.196.28 - - [12/Jun/2026:21:27:22 +0200] "GET /about.php HTTP/1.1" 404 142 "-" "M ... show more Web attack. 139.180.196.28 - - [12/Jun/2026:21:27:22 +0200] "GET /about.php HTTP/1.1" 404 142 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:21:27:23 +0200] "GET /1.php HTTP/1.1" 404 142 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇸 oralunal	2026-06-12 17:43:43 (1 week ago)	IP banned by Fail2Ban in jail its-suss access.log mvfnds ...	Bad Web Bot Web App Attack
🇵🇱 nfsec.pl	2026-06-12 17:29:01 (1 week ago)	139.180.196.28 - - [12/Jun/2026:17:28:58 +0000] "GET /inputs.php HTTP/1.1" 404 29926 "-" "Mozilla/5. ... show more 139.180.196.28 - - [12/Jun/2026:17:28:58 +0000] "GET /inputs.php HTTP/1.1" 404 29926 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:17:28:59 +0000] "GET /admin.php HTTP/1.1" 404 25565 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:17:28:59 +0000] "GET /goods.php HTTP/1.1" 404 25511 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:17:29:00 +0000] "GET /file.php HTTP/1.1" 404 25570 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:17:29:00 +0000] "GET /adminfuns.php HTTP/1.1" 404 25448 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 S ... show less	Web App Attack Exploited Host
🇫🇷 masterguru	2026-06-12 17:04:58 (1 week ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-193)	Hacking
🇩🇪 yvoictra	2026-06-12 15:56:39 (1 week ago)	139.180.196.28 - - [12/Jun/2026:17:55:42 +0200] "GET /inputs.php HTTP/1.1" 404 23305 "-" "Mozilla/5. ... show more 139.180.196.28 - - [12/Jun/2026:17:55:42 +0200] "GET /inputs.php HTTP/1.1" 404 23305 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:17:55:43 +0200] "GET /admin.php HTTP/1.1" 404 23303 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:17:55:44 +0200] "GET /goods.php HTTP/1.1" 404 23304 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:17:55:45 +0200] "GET /file.php HTTP/1.1" 404 23303 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 139.180.196.28 - - [12/Jun/2026:17:55:45 +0200] "GET /adminfuns.php HTTP/1.1" 404 23307 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 S ... show less	Brute-Force Web App Attack
Anonymous	2026-06-12 15:31:29 (1 week ago)	Fail2Ban wordpress-forbidden on Security-Instance. Persistent malicious activity detected. Evidence: ... show more Fail2Ban wordpress-forbidden on Security-Instance. Persistent malicious activity detected. Evidence: 2026/06/12 17:31:19 [error] 647749#647749: 38091 directory index of "/var/www/html/wordpress_main/wp-includes/fonts/" is forbidden, client: 139.180.196.28, server: dtalens.com, request: "GET /wp-includes/fonts/ HTTP/1.1", host: "dtalens.com" 2026/06/12 17:31:21 [error] 647749#647749: 38091 directory index of "/var/www/html/wordpress_main/wp-content/uploads/" is forbidden, client: 139.180.196.28, server: dtalens.com, request: "GET /wp-content/uploads/ HTTP/1.1", host: "dtalens.com" 2026/06/12 17:31:23 [error] 647749#647749: *38091 directory index of "/var/www/html/wordpress_main/wp-admin/js/" is forbidden, client: 139.180.196.28, server: dtalens.com, request: "GET /wp-admin/js/ HTTP/1.1", show less	Hacking Web App Attack
🇸🇬 fazar	2026-06-12 15:04:23 (1 week ago)	wp-login-scan: 3 attempts from 139.180.196.28 on node: sgp01	Exploited Host Web App Attack
🇳🇱 wlt-blocker	2026-06-12 14:52:32 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
🇫🇮 NoaQT	2026-06-12 13:25:58 (1 week ago)	2026-06-12T13:25:56.737910+00:00 ingress-1 haproxy[290]: 139.180.196.28:61206 [12/Jun/2026:13:25:56. ... show more 2026-06-12T13:25:56.737910+00:00 ingress-1 haproxy[290]: 139.180.196.28:61206 [12/Jun/2026:13:25:56.737] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 399/362/0/0/0 0/0 "GET /nw.php HTTP/1.1" 2026-06-12T13:25:57.012323+00:00 ingress-1 haproxy[290]: 139.180.196.28:61206 [12/Jun/2026:13:25:57.011] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 399/362/0/0/0 0/0 "GET /xleet.php HTTP/1.1" 2026-06-12T13:25:57.286947+00:00 ingress-1 haproxy[290]: 139.180.196.28:61206 [12/Jun/2026:13:25:57.286] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 399/362/0/0/0 0/0 "GET /wp.php HTTP/1.1" 2026-06-12T13:25:57.561432+00:00 ingress-1 haproxy[290]: 139.180.196.28:61206 [12/Jun/2026:13:25:57.560] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 399/362/0/0/0 0/0 "GET /155.php HTTP/1.1" 2026-06-12T13:25:57.835869+00:00 ingress-1 haproxy[290]: 139.180.196.28:61206 [12/Jun/2026:13:25:57.835] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 400/363/0/0/0 0/0 "GET ... show less	DDoS Attack

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 64.62.197.94

🇮🇹 2.57.170.242

🇺🇸 2604:a940:302:118:0:2b::

🇨🇳 219.147.85.159

🇩🇪 185.242.3.195

🇬🇧 185.157.232.100

🇨🇩 102.216.240.61

🇺🇸 100.29.192.121

🇳🇱 94.249.225.251

🇷🇴 80.94.92.171

🇺🇸 34.21.31.9

🇨🇳 222.86.168.224

🇮🇳 202.164.149.37

🇻🇳 103.98.152.181

🇳🇬 102.140.97.134

🇵🇭 61.245.11.162

🇩🇪 213.209.159.56

🇱🇹 191.101.2.253

🇩🇪 185.249.74.198

🇬🇧 185.216.145.174