JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 125.228.72.220

125.228.72.220 was found in our database!

This IP was reported 439 times. Confidence of Abuse is 0%: ?

ISP	Chunghwa Telecom Data Communication Business Group
Usage Type	Fixed Line ISP
ASN	AS3462
Hostname(s)	125-228-72-220.hinet-ip.hinet.net
Domain Name	cht.com.tw
Country	🇹🇼 Taiwan
City	Taoyuan, Taiwan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 125.228.72.220

Whois 125.228.72.220

IP Abuse Reports for 125.228.72.220:

This IP address has been reported a total of 439 times from 192 distinct sources. 125.228.72.220 was first reported on July 28th 2022, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 Philippus	2026-05-10 20:04:00 (1 month ago)	125.228.72.220	Brute-Force Hacking
🇨🇦 bwhitty	2026-02-13 18:02:10 (4 months ago)	Performed brute-force login attempts (>5 in 30s) using dictionary usernames (eg:'admin') on Web Appl ... show more Performed brute-force login attempts (>5 in 30s) using dictionary usernames (eg:'admin') on Web Application Portals of a public-facing Synology NAS (self-hosted domain presence for small business); sufficient to trigger IP auto-block on the host. show less	Brute-Force Web App Attack
🇦🇺 GE	2026-02-13 03:20:33 (4 months ago)	...	Port Scan
🇨🇳 ThreatBook.io	2026-02-12 22:45:06 (4 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/125.228.72.220 20 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/125.228.72.220 2026-02-12 01:58:22 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=1q2w3e4r 2026-02-12 01:02:43 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=Pass@1234 2026-02-12 01:56:39 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=1q2w3e4r 2026-02-12 02:14:06 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=12341234 2026-02-12 00:50:07 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=qwerty123 2026-02-12 00:10:12 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=112233 2026-02-12 00:26:02 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=654321 show less	Web App Attack
🇦🇺 GE	2026-02-12 12:19:48 (4 months ago)	2026-02-12T22:54:10.072547+11:00 smtp.geddy.au exim[44289]: SMTP call from 125-228-72-220.hinet-ip.h ... show more 2026-02-12T22:54:10.072547+11:00 smtp.geddy.au exim[44289]: SMTP call from 125-228-72-220.hinet-ip.hinet.net [125.228.72.220] dropped: too many unrecognized commands (last was "Content-Type: application/x-www-form-urlencoded") 2026-02-12T23:11:13.909134+11:00 smtp.geddy.au exim[44631]: SMTP call from 125-228-72-220.hinet-ip.hinet.net [125.228.72.220] dropped: too many unrecognized commands (last was "Content-Type: application/x-www-form-urlencoded") 2026-02-12T23:19:47.791629+11:00 smtp.geddy.au exim[44691]: SMTP call from 125-228-72-220.hinet-ip.hinet.net [125.228.72.220] dropped: too many unrecognized commands (last was "Content-Type: application/x-www-form-urlencoded") ... show less	Port Scan
🇨🇳 ThreatBook.io	2026-02-11 22:32:27 (4 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/125.228.72.220 20 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/125.228.72.220 2026-02-11 00:08:54 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=froggy 2026-02-11 00:48:57 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=gatito 2026-02-11 00:32:45 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=nenita 2026-02-11 00:39:45 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=ashley1 2026-02-11 00:52:35 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=lokita show less	Web App Attack
🇨🇳 ThreatBook.io	2026-02-10 22:40:08 (4 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/125.228.72.220 20 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/125.228.72.220 2026-02-10 00:36:26 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=nicholas 2026-02-10 00:00:03 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=laura 2026-02-10 00:49:37 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=bianca 2026-02-10 00:24:26 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=rockstar 2026-02-10 00:16:41 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=volleyball show less	Web App Attack
🇺🇸 pixelmemory.us	2026-02-10 17:01:34 (4 months ago)	2026-02-10T03:46:59.870574-08:00 pixelmemory postfix/smtpd[453468]: improper command pipelining afte ... show more 2026-02-10T03:46:59.870574-08:00 pixelmemory postfix/smtpd[453468]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=friendster HTTP/ 2026-02-10T06:35:26.423379-08:00 pixelmemory postfix/smtpd[459583]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=purple1 HTTP/1.1 2026-02-10T08:30:06.678357-08:00 pixelmemory postfix/smtpd[463782]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=raiders HTTP/1.1 2026-02-10T09:01:34.341955-08:00 pixelmemory postfix/smtpd[464898]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.AP ... show less	Email Spam Brute-Force
🇨🇳 ThreatBook.io	2026-02-09 22:35:30 (4 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/125.228.72.220 20 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/125.228.72.220 2026-02-09 05:29:28 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=abc123 2026-02-09 07:02:06 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=purple 2026-02-09 06:21:53 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=000000 2026-02-09 06:22:37 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=000000 2026-02-09 06:14:47 //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=111111 show less	Web App Attack
🇺🇸 pixelmemory.us	2026-02-09 10:42:15 (4 months ago)	2026-02-08T16:09:20.142826-08:00 pixelmemory postfix/smtpd[337520]: improper command pipelining afte ... show more 2026-02-08T16:09:20.142826-08:00 pixelmemory postfix/smtpd[337520]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=superman HTTP/1. 2026-02-08T20:00:46.869042-08:00 pixelmemory postfix/smtpd[348499]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=william HTTP/1.1 2026-02-09T01:11:49.300499-08:00 pixelmemory postfix/smtpd[362900]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=rebelde HTTP/1.1 2026-02-09T02:42:14.586032-08:00 pixelmemory postfix/smtpd[366398]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.AP ... show less	Email Spam Brute-Force
🇵🇱 wojtek.ww	2026-02-06 09:01:17 (4 months ago)	Failed login attempt on Synology DSM via DSM at 2025-02-19T21:22:15Z (user: admin) from IP 125.228.7 ... show more Failed login attempt on Synology DSM via DSM at 2025-02-19T21:22:15Z (user: admin) from IP 125.228.72.220 show less	Brute-Force
🇩🇰 DutchDK	2026-02-06 04:59:00 (4 months ago)	[125.228.72.220] failed to sign in to [DSM] via [password] due to authorization failure.	Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 sebi	2026-02-06 01:38:29 (4 months ago)	2026-02-06 01:39:08 SMTP call from 125-228-72-220.hinet-ip.hinet.net [125.228.72.220] dropped: too m ... show more 2026-02-06 01:39:08 SMTP call from 125-228-72-220.hinet-ip.hinet.net [125.228.72.220] dropped: too many unrecognized commands (last was "Content-Type: application/x-www-form-urlencoded") 2026-02-06 01:49:48 SMTP call from 125-228-72-220.hinet-ip.hinet.net [125.228.72.220] dropped: too many unrecognized commands (last was "Content-Type: application/x-www-form-urlencoded") 2026-02-06 02:38:29 SMTP call from 125-228-72-220.hinet-ip.hinet.net [125.228.72.220] dropped: too many unrecognized commands (last was "Content-Type: application/x-www-form-urlencoded") show less	Brute-Force
🇺🇸 pixelmemory.us	2026-02-06 00:13:56 (4 months ago)	2026-02-05T12:49:54.050117-08:00 pixelmemory postfix/smtpd[60758]: improper command pipelining after ... show more 2026-02-05T12:49:54.050117-08:00 pixelmemory postfix/smtpd[60758]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=123456789 HTTP/1 2026-02-05T14:05:49.514928-08:00 pixelmemory postfix/smtpd[70720]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=Pass@1234 HTTP/1 2026-02-05T14:20:03.907125-08:00 pixelmemory postfix/smtpd[71678]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.API.Auth&version=3&method=login&account=admin&passwd=987654321 HTTP/1 2026-02-05T16:13:55.997163-08:00 pixelmemory postfix/smtpd[86283]: improper command pipelining after CONNECT from 125-228-72-220.hinet-ip.hinet.net[125.228.72.220]: GET //webapi/auth.cgi?api=SYNO.API.Au ... show less	Email Spam Brute-Force
🇩🇪 sebi	2026-02-05 22:30:40 (4 months ago)	2026-02-05 21:43:10 SMTP call from 125-228-72-220.hinet-ip.hinet.net [125.228.72.220] dropped: too m ... show more 2026-02-05 21:43:10 SMTP call from 125-228-72-220.hinet-ip.hinet.net [125.228.72.220] dropped: too many unrecognized commands (last was "Content-Type: application/x-www-form-urlencoded") 2026-02-05 21:59:27 SMTP call from 125-228-72-220.hinet-ip.hinet.net [125.228.72.220] dropped: too many unrecognized commands (last was "Content-Type: application/x-www-form-urlencoded") 2026-02-05 23:30:40 SMTP call from 125-228-72-220.hinet-ip.hinet.net [125.228.72.220] dropped: too many unrecognized commands (last was "Content-Type: application/x-www-form-urlencoded") show less	Brute-Force

Showing 1 to 15 of 439 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 80.94.92.171

🇨🇱 200.89.69.247

🇬🇧 193.163.125.239

🇺🇸 162.243.138.30

🇮🇹 93.92.78.100

🇺🇸 72.17.34.38

🇫🇷 51.159.149.103

🇳🇿 45.133.7.23

🇺🇸 23.94.182.120

🇺🇸 3.237.196.12

🇨🇿 212.20.115.230

🇺🇸 205.210.31.46

🇨🇳 180.76.57.208

🇷🇺 178.71.9.121

🇫🇷 82.102.18.222

🇺🇸 68.183.141.81

🇰🇷 61.84.211.107

🇸🇬 47.82.201.213

🇮🇹 4.232.80.255

🇩🇪 213.209.159.236