JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 14.0.19.197

14.0.19.197 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 24%: ?

24%

ISP	HTC International telecommunication joint stock company
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24088
Domain Name	hitc.vn
Country	🇻🇳 Viet Nam
City	Hanoi, Hanoi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 14.0.19.197

Whois 14.0.19.197

IP Abuse Reports for 14.0.19.197:

This IP address has been reported a total of 20 times from 12 distinct sources. 14.0.19.197 was first reported on November 6th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-17 16:30:48 (2 days ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇨🇭 Armando Savanesi	2026-06-16 19:45:10 (2 days ago)	IP reached maximum auth failures	Brute-Force
🇺🇸 bigscoots.com	2026-05-17 12:37:11 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 14.0.19.197 (VN/Vietnam/-): 5 in the last 3600 secs; Ports: 2 ... show more (smtpauth) Failed SMTP AUTH login from 14.0.19.197 (VN/Vietnam/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-05-17 08:28:56 dovecot_plain authenticator failed for H=(WRD-WEB) [14.0.19.197]:61389: 535 Incorrect authentication data ([email protected]) 2026-05-17 08:30:03 dovecot_plain authenticator failed for H=(WRD-WEB) [14.0.19.197]:53603: 535 Incorrect authentication data ([email protected]) 2026-05-17 08:31:18 dovecot_plain authenticator failed for H=(WRD-WEB) [14.0.19.197]:52937: 535 Incorrect authentication data ([email protected]) 2026-05-17 08:31:57 dovecot_plain authenticator failed for H=(WRD-WEB) [14.0.19.197]:62318: 535 Incorrect authentication data ([email protected]) 2026-05-17 08:37:11 dovecot_plain authenticator failed for H=(WRD-WEB) [14.0.19.197]:51386: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-05-17 12:01:15 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 14.0.19.197 (VN/Vietnam/-): 5 in the last 3600 secs; Ports: 2 ... show more (smtpauth) Failed SMTP AUTH login from 14.0.19.197 (VN/Vietnam/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-05-17 08:00:13 dovecot_plain authenticator failed for H=(WIN25-WEBKHOA) [14.0.19.197]:59336: 535 Incorrect authentication data ([email protected]) 2026-05-17 08:00:17 dovecot_plain authenticator failed for H=(WIN25-WEBKHOA) [14.0.19.197]:59526: 535 Incorrect authentication data ([email protected]) 2026-05-17 08:00:35 dovecot_plain authenticator failed for H=(WIN25-WEBKHOA) [14.0.19.197]:61851: 535 Incorrect authentication data ([email protected]) 2026-05-17 08:01:06 dovecot_plain authenticator failed for H=(WIN25-WEBKHOA) [14.0.19.197]:49369: 535 Incorrect authentication data ([email protected]) 2026-05-17 08:01:11 dovecot_plain authenticator failed for H=(WIN25-WEBKHOA) [14.0.19.197]:50349: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇺🇸 bigscoots.com	2026-05-17 09:21:47 (1 month ago)	(smtpauth) Failed SMTP AUTH login from 14.0.19.197 (VN/Vietnam/-): 5 in the last 3600 secs; Ports: 2 ... show more (smtpauth) Failed SMTP AUTH login from 14.0.19.197 (VN/Vietnam/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-05-17 05:17:56 dovecot_plain authenticator failed for H=(WRD-WEB) [14.0.19.197]:56107: 535 Incorrect authentication data ([email protected]) 2026-05-17 05:18:19 dovecot_plain authenticator failed for H=(WRD-WEB) [14.0.19.197]:58420: 535 Incorrect authentication data ([email protected]) 2026-05-17 05:18:38 dovecot_plain authenticator failed for H=(WRD-WEB) [14.0.19.197]:61146: 535 Incorrect authentication data ([email protected]) 2026-05-17 05:20:59 dovecot_plain authenticator failed for H=(WRD-WEB) [14.0.19.197]:60410: 535 Incorrect authentication data ([email protected]) 2026-05-17 05:21:47 dovecot_plain authenticator failed for H=(WRD-WEB) [14.0.19.197]:49315: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇨🇦 DRI	2026-05-06 06:33:04 (1 month ago)	Unsolicited TCP traffic on Honeypot, srcport=51626 dstport=445	Port Scan Hacking
Anonymous	2026-04-28 01:05:12 (1 month ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-04-01 12:00:06 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 14.0.19.197 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 14.0.19.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 07:59:56.045591 2026] [security2:error] [pid 12590:tid 12590] [client 14.0.19.197:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 14.0.19.197 (+1 hits since last alert)\|upskirtcrazy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "upskirtcrazy.com"] [uri "/xmlrpc.php"] [unique_id "ac0IvOZHXymmaRPrvtDcagAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-01 11:30:59 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 14.0.19.197 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 14.0.19.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 07:30:52.253582 2026] [security2:error] [pid 17650:tid 17672] [client 14.0.19.197:58571] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 14.0.19.197 (+1 hits since last alert)\|miraclebrow.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "miraclebrow.com"] [uri "/xmlrpc.php"] [unique_id "ac0B7AomF6vwOh11yDgGpQAAAFE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-01 10:59:28 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 14.0.19.197 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 14.0.19.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 06:59:18.983874 2026] [security2:error] [pid 26191:tid 26191] [client 14.0.19.197:62167] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 14.0.19.197 (+1 hits since last alert)\|copanmaya.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "copanmaya.org"] [uri "/xmlrpc.php"] [unique_id "acz6hkKsJ33XA0PgI7y7aQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 EGP Abuse Dept	2026-04-01 04:38:48 (2 months ago)	Scanning for web/db/file exploits on www.zorg-vuldig.nl	SQL Injection Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-02-12 01:40:32 (4 months ago)	02/12/2026-02:40:32.167181 14.0.19.197 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	Hacking
🇫🇷 Kurom	2026-01-12 02:37:31 (5 months ago)	Port scanning detected on company server. Targeted ports: [445]	Port Scan Hacking
🇱🇻 garmtech.com	2025-12-21 01:01:32 (5 months ago)	Attempted access to sensitive endpoint (/WORDPRESS) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/WORDPRESS) detected. Automated scan or unauthorized probing. show less	Web App Attack
Anonymous	2025-12-19 15:47:51 (6 months ago)	Malicious activity detected	Hacking Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.186

🇺🇸 195.184.76.79

🇳🇱 176.65.139.251

🇺🇸 147.185.132.142

🇺🇸 64.62.156.153

🇺🇸 44.242.180.31

🇪🇬 41.235.31.36

🇺🇸 34.218.119.145

🇳🇱 195.178.110.42

🇩🇪 167.94.146.41

🇮🇩 160.187.174.22

🇺🇸 147.185.132.79

🇺🇸 141.11.88.10

🇧🇬 79.124.56.210

🇺🇸 66.132.172.250

🇸🇪 51.20.126.250

🇮🇱 2.55.88.51

🇳🇱 206.223.236.181

🇸🇬 202.76.168.45

🇲🇽 201.149.53.243