Sip Options Capability Probe Structured

Automated SIP OPTIONS requests used to validate reachable VoIP endpoints and enumerate service capabilities without initiating a call session. The client sends standalone OPTIONS probes with high-entropy or unusually long Call-ID values, a pattern commonly associated with scripted scanning frameworks or VoIP reconnaissance tooling. Such activity is typically observed during infrastructure discovery phases where attackers identify responsive SIP servers, supported methods, and potential targets for toll fraud, brute-force registration attempts, or later exploitation campaigns.

Observed IPs

210

Avg Confidence

74%

Severity

low

Top IPs by event countSIP

IP Address	Risk	Events	Sessions	Country	ASN	Last Seen
103.195.101.98	100%	301,679	125,461	🇺🇸 US	AS23470	2026-02-20
5.196.184.10	96%	132,075	29,508	🇫🇷 FR	AS16276	2026-02-17
37.59.148.111	96%	86,321	18,768	🇫🇷 FR	AS16276	2026-02-14
45.95.147.229	98%	83,771	27,797	🇳🇱 NL	AS49870	2026-02-13
5.39.12.56	98%	60,347	17,299	🇫🇷 FR	AS16276	2026-02-16
5.39.11.101	95%	42,586	12,163	🇫🇷 FR	AS16276	2026-02-19
64.95.96.70	98%	40,652	36,401	🇳🇱 NL	AS32475	2026-03-03
104.243.45.175	100%	33,143	17,359	🇺🇸 US	AS23470	2026-02-19
77.83.240.70	100%	30,021	13,580	🇺🇸 US	AS49870	2026-02-26
144.172.105.11	95%	26,612	26,602	🇺🇸 US	AS14956	2026-03-02
162.217.98.180	100%	25,843	25,706	🇺🇸 US	AS32475	2026-03-02
51.91.177.11	100%	21,050	4,531	🇫🇷 FR	AS16276	2026-03-02
185.243.5.46	100%	19,914	12,157	🇭🇰 HK	AS23470	2026-03-02
54.38.60.112	100%	12,264	9,307	🇫🇷 FR	AS16276	2026-02-26
80.94.93.5	98%	11,256	11,232	🇷🇴 RO	AS47890	2026-03-01
64.95.96.69	100%	10,048	3,967	🇳🇱 NL	AS32475	2026-03-03
216.126.225.118	94%	8,172	2,316	🇺🇸 US	AS14956	2026-02-10
96.127.153.174	100%	7,014	3,087	🇺🇸 US	AS32475	2026-03-02
101.0.104.38	99%	5,708	3,042	🇦🇺 AU	AS55803	2026-03-03
45.166.100.18	99%	4,882	2,758	🇲🇽 MX	AS28546	2026-03-03

Loading threats

Sip Options Capability Probe Structured

Observed IPs

210

Avg Confidence

74%

Severity

low

Top IPs by event countSIP

IP Address	Risk	Events	Sessions	Country	ASN	Last Seen
103.195.101.98	100%	301,679	125,461	🇺🇸 US	AS23470	2026-02-20
5.196.184.10	96%	132,075	29,508	🇫🇷 FR	AS16276	2026-02-17
37.59.148.111	96%	86,321	18,768	🇫🇷 FR	AS16276	2026-02-14
45.95.147.229	98%	83,771	27,797	🇳🇱 NL	AS49870	2026-02-13
5.39.12.56	98%	60,347	17,299	🇫🇷 FR	AS16276	2026-02-16
5.39.11.101	95%	42,586	12,163	🇫🇷 FR	AS16276	2026-02-19
64.95.96.70	98%	40,652	36,401	🇳🇱 NL	AS32475	2026-03-03
104.243.45.175	100%	33,143	17,359	🇺🇸 US	AS23470	2026-02-19
77.83.240.70	100%	30,021	13,580	🇺🇸 US	AS49870	2026-02-26
144.172.105.11	95%	26,612	26,602	🇺🇸 US	AS14956	2026-03-02
162.217.98.180	100%	25,843	25,706	🇺🇸 US	AS32475	2026-03-02
51.91.177.11	100%	21,050	4,531	🇫🇷 FR	AS16276	2026-03-02
185.243.5.46	100%	19,914	12,157	🇭🇰 HK	AS23470	2026-03-02
54.38.60.112	100%	12,264	9,307	🇫🇷 FR	AS16276	2026-02-26
80.94.93.5	98%	11,256	11,232	🇷🇴 RO	AS47890	2026-03-01
64.95.96.69	100%	10,048	3,967	🇳🇱 NL	AS32475	2026-03-03
216.126.225.118	94%	8,172	2,316	🇺🇸 US	AS14956	2026-02-10
96.127.153.174	100%	7,014	3,087	🇺🇸 US	AS32475	2026-03-02
101.0.104.38	99%	5,708	3,042	🇦🇺 AU	AS55803	2026-03-03
45.166.100.18	99%	4,882	2,758	🇲🇽 MX	AS28546	2026-03-03