Honeypot — for research Any interaction with this module logs attacker metadata (IP hash, UA hash, request path, payload preview) to the public Sniper honeypot feed. This module does NOT process real payments and does NOT capture user funds. It is a decoy designed to surface scanning bots, scraper rings, and exploitation attempts against MeterCall modules. Threat intel published at /v1/sniper/honeypot/stats.

Twilio Bait

SMS/voice replacement decoy — instrumented for MeterCall Sniper research.

Fake "process payment" endpoint

Real scanners hit this URL. We log their fingerprint and publish aggregate counts to /v1/sniper/honeypot/stats.

POST /built/honeypot-twilio-bait/charge

What we log

IP hash (SHA-256, first 12 chars), user-agent hash, request path, first 200 bytes of payload. No cleartext IPs. No personal data. Published in aggregate only.

Passive research module. Defensive intel only. No offensive retaliation. Sniper overview