Notable Threat
172.110.223.179 is a moderate-to-high-risk address associated with VoIP fraud, with 164 abuse reports submitted through automated honeypot sensors over a concentrated reporting window in May 2026, indicating sustained hostile activity against voice-over-IP infrastructure.
The IP address originates from the Philippines and routes through AS47154, operated by Husam A. H. Hijazi. With a confidence score of 91% and an activity frequency rated 8 out of 10, this address demonstrates consistent malicious behavior. All 20 recent fraud VoIP reports came from automated honeypot detection systems, with the total report volume reaching 164 across the reporting period. The concentration of activity within a single month suggests either a targeted campaign or opportunistic exploitation of vulnerable VoIP endpoints in the region.
Fraud VoIP represents a financial cybercrime vector where attackers exploit phone systems to generate unauthorized calls, typically to premium-rate numbers, with revenue flowing directly to the attacker. For organizations running exposed VoIP services, this translates to direct financial liability through fraudulent call charges, unauthorized toll fraud, and potential compromise of telephony infrastructure that could enable further attacks or data exfiltration. The volume of reports against this address suggests systematic scanning or exploitation attempts rather than isolated probes.
Site operators should implement call authentication protocols such as STIR/SHAKEN to verify caller legitimacy, enforce strict controls on international and premium-rate dialing, and actively monitor call detail records for anomalous patterns. Deploying defensive tools like fail2ban to block repeated abuse sources and applying rate limiting to SIP ports can significantly reduce exposure. Regular audits of VoIP credentials and immediate revocation of unused accounts further harden potential targets against this type of exploitation.
HK 
UA