Is IP address 172.110.223.161 dangerous?

Yes, 172.110.223.161 is considered dangerous with a threat level of 7/10. It has been reported 371 times for malicious activities including . We recommend blocking this IP address.

Who owns or operates IP address 172.110.223.161?

IP address 172.110.223.161 is operated by Husam A. H. Hijazi (ASN 47154) and is geolocated to PH. This information is derived from public WHOIS and geolocation databases.

Should I block IP address 172.110.223.161?

Yes, blocking 172.110.223.161 is strongly recommended. With a threat level of 7/10 and 371 security reports, this IP poses significant risk. Implement firewall rules to block incoming and outgoing traffic.

How accurate is this threat assessment for 172.110.223.161?

Our threat assessment for 172.110.223.161 has a confidence score of 91%, based on 371 independent reports from multiple independent sources. Higher confidence scores indicate more reliable assessments.

IP Address

172.110.223.161

IPv4 Public

AS47154

Husam A. H. Hijazi

371 Reports

Philippines Location

Husam A. H. Hijazi ASN 47154

371 Reports

Honeypot Data Source

Significant Threat

IP 172.110.223.161 is a moderate-to-high risk address originating from the Philippines that has generated 371 abuse reports, with the dominant threat category being VoIP fraud. This IP presents a 7/10 threat level with a 91% confidence score and an activity frequency rated 8/10, indicating sustained malicious behavior rather than an isolated incident.

The IP was first reported in May 2026 and most recently reported in May 2026, suggesting concentrated malicious activity within a narrow timeframe. All 20 report sources were attributed to automated honeypot sensors, confirming systematic probing activity. The address is allocated to ASN AS47154 under the network operator Husam A. H. Hijazi, which provides the geographic and organizational context for this threat actor.

VoIP fraud exploits voice over IP infrastructure to route unauthorized calls, typically to premium-rate numbers for financial gain. An IP engaged in this activity may be scanning for vulnerable SIP proxies, testing stolen credentials against VoIP platforms, or directly routing fraudulent calls through compromised telephony systems. The 371 total reports with Fraud VoIP as the leading category indicate persistent exploitation attempts that could translate to significant financial losses if successful.

Site operators should implement call authentication protocols such as STIR/SHAKEN to verify caller identity, monitor call records for unusual premium-rate or international dialing patterns, and restrict or flag high-cost destination numbers. Blocking or rate-limiting traffic from this IP, combined with proactive monitoring of authentication logs for credential-stuffing patterns, provides layered defense against ongoing exploitation attempts.

More threatening than 74% of monitored IPs

Threat Categories

Fraud VoIP 30

Technical Details

VoIP fraud exploits phone systems to make unauthorized calls, often to premium rate numbers for financial gain.

Recommended Mitigations

Implement call authentication, monitor call patterns, and restrict international/premium rate dialing.

Behavioral Analysis

Activity Pattern: Sporadic

Irregular burst activity pattern indicates intermittent use of a compromised system.

First Observed 23. May 2026

Last Activity 28. May 2026

Recent (7 days) 0 incidents

Reputable Network

This IP is hosted on a network (ASN 47154) with generally good reputation. The ISP Husam A. H. Hijazi maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Implement adaptive blocking rules.

Reputation Summary

Threat Level 7/10 High

High

Activity Frequency 8/10 High

Confidence Score 91% Verified

Confidence History

28. May 2026

91% Current

Stable Trend

Date	Categories	Source	Confidence
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%
28. May 2026	Fraud VoIP	Honeypot	75%

Basic Information

IP Address: 172.110.223.161
IP Version: IPv4
Network Type: Public
Tor Network: No
Network Class: Class B

Geolocation

Country: PH
ASN: AS47154
ISP: Husam A. H. Hijazi

DNS Information

Reverse DNS: None
PTR Record: No
Connection Type: Static

Statistics

Total Reports: 371
First Reported: 4 May 2026
Last Reported: 28 May 2026, 18:23

Comparative Analysis

How this IP compares to others in our threat intelligence database

74 %

Global Threat Ranking

This IP is more threatening than 74% of all IPs in our database.

Above Average Threat

Global Comparison

Compared against 199,215 reported IPs worldwide

Threat Level 7/10 avg: 5.3 +

Total Reports 371 avg: 23 ++

Network Comparison

Compared against 24 IPs in ASN 47154

Threat Level 7/10 network avg: 7.0 =

Total Reports 371 network avg: 54 ++

Geographic Comparison

Compared against 2,105 IPs in PH

Threat Level 7/10 country avg: 5.6 +

Total Reports 371 country avg: 18 ++

Daily report activity over the last 30 days showing patterns and peaks.

Peak Day 25 May 2026 96 reports

Daily Average 12.3 reports/day

Most Active Monday 96 reports

Evolution of threat level over time based on reported categories and frequency.

Initial Threat 5/10

Current Threat 5/10

Distribution of threat categories reported over time.

Top Threat Categories

Fraud VoIP 371

Activity patterns showing when this IP is most active during the day and week.

Hourly Activity

Peak activity at 16:00 with 25 reports

Weekly Activity

Geographic Threat Distribution

186,914 threat incidents tracked globally • Last 24h: 18,893 Logs

FEED

Top Threat Sources

01

United States US

38,421 20.6%
02

India IN

28,931 15.5%
03

China CN

26,004 13.9%
04

Brazil BR

10,236 5.5%
05

Germany DE

7,138 3.8%
06

Singapore SG

6,475 3.5%
07

Indonesia ID

5,522 3%
08

Russia RU

4,700 2.5%
09

Pakistan PK

4,646 2.5%
10

Netherlands NL

4,354 2.3%

+40 more countries

THREAT LEVEL

LOW MED HIGH

IPs from the same Autonomous System (AS) network provider.

20 Related IPs

7.5/10 Avg Threat

74% Avg Confidence

17 High Threat

High-risk network: Majority of related IPs are flagged

Significant Threat

Threat Categories

Technical Details

Recommended Mitigations

Behavioral Analysis

Reputable Network

Security Recommendations

Basic Information

Geolocation

DNS Information

Statistics

Global Threat Ranking

Top Threat Categories

Hourly Activity

Weekly Activity

FEED

Top Threat Sources

JSON Report

Firewall Rules

iptables / netfilter

UFW (Ubuntu)

Windows Firewall

Cloudflare

nginx

Apache .htaccess

PDF Report

Analyzed high-risk IP addresses

reportedIP

Parkstraße 19, 80339 München

Consultation

+49-89-215505888

Report a IP

[email protected]