Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
185.243.5.22 has a very high threat confidence level of 85%, originating from Hong Kong, on the ReliableSite.Net LLC network (23470). It has been observed across 213 sessions targeting SIP, First observed on January 26, 2026, most recently active March 4, 2026.
Represents an unsolicited SIP INVITE request targeting a long numeric destination, with the request accepted for processing by the SIP server (100 Trying). While the Call-ID format appears consistent with legitimate SIP implementations, the absence of prior registration and the use of a PSTN-style numeric target indicate probing of call routing or gateway behavior rather than normal call setup. This behavior is commonly observed during early-stage toll-fraud reconnaissance or PBX routing validation.
Automated SIP OPTIONS requests used to validate reachable VoIP endpoints and enumerate service capabilities without initiating a call session. The client sends standalone OPTIONS probes with high-entropy or unusually long Call-ID values, a pattern commonly associated with scripted scanning frameworks or VoIP reconnaissance tooling. Such activity is typically observed during infrastructure discovery phases where attackers identify responsive SIP servers, supported methods, and potential targets for toll fraud, brute-force registration attempts, or later exploitation campaigns.