High Risk
IP address 172.110.223.33, registered in Hong Kong and operated through RELIABLESITE (ASN AS23470), presents a high-risk threat profile with a threat level of 8 out of 10 and a confidence score of 91 percent. This address has generated 6265 total abuse reports from 20 automated honeypot sensors, with sustained malicious activity recorded between February 2026 and June 2026. The dominant threat category driving these reports is VoIP fraud, accounting for the majority of recent detections and reflecting a persistent, focused attack pattern rather than opportunistic scanning.
The volume and consistency of reports for 172.110.223.33 indicate deliberate, repeated targeting of voice-over-internet-protocol infrastructure. With an activity frequency rated 8 out of 10, this IP demonstrates continuous engagement with vulnerable phone systems over a four-month window. The network operator RELIABLESITE, routing through ASN AS23470, places this address within a commercial hosting environment in Hong Kong, a jurisdiction frequently associated with telephony fraud due to its telecommunications infrastructure. Community and honeypot sensors have consistently flagged this address for fraudulent VoIP activity, with the report count representing one of the higher volumes seen for this specific threat category.
VoIP fraud exploits internet-connected phone systems to place unauthorized calls, typically to premium-rate or international numbers, generating illicit revenue for threat actors while inflating costs for targeted organizations. For organizations running exposed SIP (Session Initiation Protocol) endpoints, this IP poses a direct financial risk through toll fraud and unauthorized trunk usage. The concrete danger lies in compromised voicemail systems, misconfigured PBX servers, or open SIP proxies being leveraged as relay points for expensive calls. Without proper controls, a single successful exploitation event can result in thousands of dollars in fraudulent charges within hours.
Site operators should immediately block 172.110.223.33 at the firewall level and implement geographic or prefix-based restrictions if VoIP services are not required from Hong Kong. Harden SIP endpoints by enforcing strong authentication, disabling unused extensions, and applying call-duration limits with real-time alerting. Monitor call detail records for anomalous patterns such as short-duration calls to high-cost destinations or unexpected international routing. Tools such as fail2ban can automate the blocking of repeated malicious probes against authentication interfaces, reducing the attack surface available to this and similar high-risk addresses.
PH 
UA