High Risk
IP 172.110.223.64 is a moderate-to-high-risk address operating from Hong Kong via the AS23470 network (ReliableSite.Net LLC), with 195 total abuse reports and a dominant threat classification of VoIP fraud detected by automated honeypot sensors during March–April 2026.
The IP has accumulated substantial negative reputation across the security community, with 20 distinct automated honeypot sensors flagging the address and contributing to the aggregate report volume. The dominant activity category—Fraud VoIP—comprises the most significant portion of recent reports, and the 85% confidence score reflects strong consensus among detection sources. Despite the high report count, the activity frequency metric of zero suggests that this address may currently be dormant or intermittently active rather than sustaining continuous malicious traffic. The network operator, ReliableSite.Net LLC, hosts diverse infrastructure, and this particular address has been associated with attempts to exploit Voice over IP systems for financial gain during the identified reporting window.
Fraud VoIP activity involves the compromise or abuse of phone systems to route or originate unauthorized calls—often to premium-rate or international numbers—generating illicit revenue for the attacker while inflating costs for the victim organization. For any entity operating SIP endpoints, session border controllers, or public-facing telephony infrastructure, an IP with this abuse history represents a concrete financial risk if permitted to reach exposed services. The attack pattern typically involves scanning for open VoIP ports, credential stuffing against default or weak SIP passwords, and subsequently establishing fraudulent call routes.
Site operators should block or heavily restrict access from this address at the network perimeter firewall, particularly for UDP ports commonly used by SIP (5060, 5061). Implementing fail2ban or similar log-analysis tools to auto-ban repeated authentication failures against VoIP services provides an additional layer of defence. Strong, unique credentials for all SIP accounts, combined with call pattern monitoring to flag unusual destination numbers or call volumes, will further reduce exposure. Regular review of IP blocklists and integration of reputation feeds into edge filtering policies ensures that addresses with established fraud histories cannot reacquire access to production systems.
PH 
GB 
RO