No files loaded — upload captures to begin
Upload & Analyse
Drop PCAP, PCAPNG, HTML exports, SBC text dumps, or log files — multiple files are cross-correlated automatically
📡 Drop another file to add it
📡
Drop capture files here
Click to browse · Multiple files supported · Cross-file correlation automatic
.PCAP .PCAPNG .HTML .TXT .LOG
MAX 100 MB PER FILE
Overview
Call Inventory
All reconstructed call legs · Click a call to inspect in SIP Traces
SIP Trace Analysis
Select a call to inspect
CALL
Select a call
All Requests Responses Errors Media
Redact
Ladder Diagram
SDP Diff
Media Flow
Timer State
🔓 TLS Keys (SSLKEYLOGFILE)
Provide your SSLKEYLOGFILE to decrypt TLS-wrapped SIP signalling. The keylog is kept in this browser only — nothing is uploaded. Supports TLS 1.3 with AES-128-GCM (most modern deployments). TLS 1.2 and other ciphers are not yet supported.
How to capture an SSLKEYLOGFILE:
  • Firefox / Chrome: set environment variable SSLKEYLOGFILE=/tmp/keys.log before launching the browser.
  • curl: same env var — works for command-line testing.
  • OpenSSL / softphones with debug builds: some support a key-log file via config.
Then load both the pcap and the keylog into SIPScope. The keylog is saved to localStorage for convenience but never uploaded.
📚 Capture History
Cross-capture search across captures you've previously analysed in this browser. All data is local — nothing is uploaded.
Loading…
Registration Analysis
Endpoint registration health · Auth flows · Binding lifecycle · NAT detection · SIP extensions
RTP Player
Decode · playback · waveform · WAV export
RTP Forensics
Packet-level investigation · Directional flow · Gap events · Silence inference · Stream integrity · RTCP reconciliation
Voice Quality
MOS score per stream · Start here to see if quality is acceptable · Drill into RTP Forensics for packet-level evidence
Codec & SDP Negotiation
SDP offer/answer comparison · Codec selection per leg · Transport and encryption negotiation
Diagnosis
Findings · Per-call summary · Ask Claude
RFC Compliance
RFC 3261 · RFC 4566 · RFC 3550 · RFC 3264 · RFC 4733 · RFC 3262 · RFC 3515
Call Timeline
Chronological event log · SIP · RTP · Registration · Anomalies · Click any event to jump to SIP Traces
Call Comparison
Side-by-side analysis of failed vs successful call legs
Call Flow Correlation
Multi-leg B2BUA · ACD · carrier reconstruction · cross-leg fault localisation
Endpoints
Every unique IP in the capture, classified by role. Surfaces IPs hidden inside SDP bodies and SIP routing headers — the ones a plain header filter misses.
Export & Reports
Evidence packs · Escalation summaries · Customer-friendly output