Honeypot
Security Dashboard
Static snapshot
I pointed a web server at the public internet and logged every request. Within hours, automated bots started probing for exploits. Below is what 59 days of unsolicited traffic looks like: 29.7k attack probes from 2.9k unique IPs, scanning 4.0k distinct paths.
29.7kattack probes
2.9kunique IPs
4.0kdistinct paths
504avg/day
Requests per day
2026-01-272026-03-26
HTTP methods
GET (35.6k)POST (1.7k)HEAD (79)OPTIONS (69)PROPFIND (159)
Attack categories
Top probed paths
228 /.env 221 /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh 211 /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh 209 /robots.txt 208 /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input 202 /?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input 200 /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php 199 /vendor/phpunit/phpunit/Util/PHP/eval-stdin.php 196 /vendor/phpunit/src/Util/PHP/eval-stdin.php 194 /vendor/phpunit/Util/PHP/eval-stdin.php 192 /vendor/phpunit/phpunit/LICENSE/eval-stdin.php 192 /vendor/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php 192 /phpunit/phpunit/src/Util/PHP/eval-stdin.php 191 /phpunit/phpunit/Util/PHP/eval-stdin.php 191 /phpunit/src/Util/PHP/eval-stdin.php 190 /phpunit/Util/PHP/eval-stdin.php 189 /lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php 188 /lib/phpunit/phpunit/Util/PHP/eval-stdin.php 187 /lib/phpunit/src/Util/PHP/eval-stdin.php 186 /lib/phpunit/Util/PHP/eval-stdin.php