JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 79.124.58.138

79.124.58.138 was found in our database!

This IP was reported 1,147 times. Confidence of Abuse is 82%: ?

82%

ISP	Tamatiya EOOD
Usage Type	Fixed Line ISP
ASN	AS50360
Hostname(s)	ip-58-138.4vendeta.com
Domain Name	4vendeta.com
Country	🇧🇬 Bulgaria
City	Sofia, Sofia-Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 79.124.58.138

Whois 79.124.58.138

IP Abuse Reports for 79.124.58.138:

This IP address has been reported a total of 1,147 times from 286 distinct sources. 79.124.58.138 was first reported on February 2nd 2023, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-18 00:27:04 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 20:26:56.616863 2026] [security2:error] [pid 19587:tid 19604] [client 79.124.58.138:52181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "royalbusinesssociety.com"] [uri "/.git/config"] [unique_id "ajM7UBDDBylL1_n3QymQDwAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 23:00:35 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 19:00:28.493662 2026] [security2:error] [pid 19979:tid 19979] [client 79.124.58.138:39686] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ieas.org"] [uri "/.git/config"] [unique_id "ajMnDFcc2CpaQXXEsOTRYgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-17 21:07:01 (8 hours ago)	Automated web scanner. Requested suspicious paths: /.git/config. UTC: 2026-06-17 20:32:33.	Web App Attack
🇩🇪 FeG Deutschland	2026-06-17 21:06:55 (8 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 20:19:49 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 2002:4f7c:3a8a::4f7c:3a8a (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:4f7c:3a8a::4f7c:3a8a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 16:19:46.665862 2026] [security2:error] [pid 4833:tid 4833] [client 2002:4f7c:3a8a::4f7c:3a8a:9416] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.axiomcommercial.com"] [uri "/.git/config"] [unique_id "ajMBYs0GJFK0aIl3CIOCtAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 19:58:14 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 2002:4f7c:3a8a::4f7c:3a8a (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:4f7c:3a8a::4f7c:3a8a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 15:58:08.515915 2026] [security2:error] [pid 22259:tid 22259] [client 2002:4f7c:3a8a::4f7c:3a8a:31708] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.holgerfeld.com"] [uri "/.git/config"] [unique_id "ajL8UDZTYbSfqxdepTnZJgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-17 19:53:17 (9 hours ago)	[WedJun1721:53:08.8324892026][security2:error][pid2548663:tid2548975][client79.124.58.138:0]ModSecur ... show more [WedJun1721:53:08.8324892026][security2:error][pid2548663:tid2548975][client79.124.58.138:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"gamotors.ch.81-17-25-250.cpanel.site\"][uri\"/.git/config\"][unique_id\"ajL7JK4ci8BfXzTKuWorWAAAANU\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 00:51:28 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:51:22.486594 2026] [security2:error] [pid 28359:tid 28359] [client 79.124.58.138:49479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.albrittonmcclain.com"] [uri "/.git/config"] [unique_id "ajHvilNyAAQL4O7UuBYFVwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 maxpower	2026-06-17 00:35:26 (1 day ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 79.124.58.138 (BG/Bulgaria/ip-58-138.4ve ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 79.124.58.138 (BG/Bulgaria/ip-58-138.4vendeta.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 79.124.58.138 - - [17/Jun/2026:02:35:22 +0200] "GET /.git/config HTTP/1.1" 403 146 "-" "python-requests/2.31.0" "-" host=mail.mediaqualitylab.com 79.124.58.138 - - [17/Jun/2026:02:35:22 +0200] "GET /.git/config HTTP/1.1" 403 146 "-" "python-requests/2.31.0" "-" host=mail.mediaqualitylab.com show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-16 23:08:39 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:08:31.699993 2026] [security2:error] [pid 23043:tid 23043] [client 79.124.58.138:55710] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.healingtrek.com"] [uri "/.git/config"] [unique_id "ajHXb4U-SdRPSjSqEJph0AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 21:32:01 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 17:31:56.083986 2026] [security2:error] [pid 12413:tid 12413] [client 79.124.58.138:53846] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.seebeexee.com"] [uri "/.git/config"] [unique_id "ajHAzL-MkS9jKh-wOPYKAwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 20:12:48 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 79.124.58.138 (ip-58-138.4vendeta.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 16:12:42.653262 2026] [security2:error] [pid 8960:tid 8960] [client 79.124.58.138:11534] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.techskill.net"] [uri "/.git/config"] [unique_id "ajGuOi5x6EwK1Sl173h5tAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 19:53:56 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2002:4f7c:3a8a::4f7c:3a8a (Unknown): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 2002:4f7c:3a8a::4f7c:3a8a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 15:53:46.926777 2026] [security2:error] [pid 6998:tid 6998] [client 2002:4f7c:3a8a::4f7c:3a8a:15451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.aykuatelier.com"] [uri "/.git/config"] [unique_id "ajGpymqf-7lj85WSpkEW-QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇴 INTEQ	2026-06-16 19:25:47 (1 day ago)	Web attack from 79.124.58.138	Web App Attack
🇩🇪 4server	2026-06-16 01:14:23 (2 days ago)	[TueJun1603:14:16.5571842026][security2:error][pid954737:tid954742][client79.124.58.138:0]ModSecurit ... show more [TueJun1603:14:16.5571842026][security2:error][pid954737:tid954742][client79.124.58.138:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"mail.ilmiotrentino.it\"][uri\"/.git/config\"][unique_id\"ajCjaCOiDE_pnMAWflaBvAAAAII\"] show less	Port Scan Brute-Force Web App Attack

Showing 1 to 15 of 1147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 191.241.142.170

🇮🇩 157.10.222.194

🇮🇳 152.58.162.171

🇺🇸 146.19.49.111

🇬🇧 91.206.59.83

🇺🇸 54.241.145.251

🇳🇱 45.148.10.152

🇬🇧 35.203.210.223

🇮🇪 2a05:d018:1231:b002:e61d:b2b5:c4ff:a209

🇺🇸 205.210.31.68

🇨🇳 203.83.238.175

🇧🇷 177.126.132.44

🇦🇪 92.97.23.41

🇳🇱 91.92.42.182

🇧🇬 78.83.249.54

🇺🇸 66.132.172.112

🇷🇴 2.57.121.25

🇺🇸 2620:171:f3:f0:9999::233

🇹🇷 212.64.216.142

🇩🇪 164.92.192.204