honeyprompt
Ranked breakdowns. Who's probing, what they ask for, how they try to break in.
events per min last
loading…
Total events
Unique sources
Networks (ASNs)
SSRF attempts
MCP exfil tries
MCP RCE tries
Dev-surface RCE
Compute-theft

Ranked breakdowns. Source IPs are withheld by design — origins are shown by network and country.

How far they got

events by tier — most traffic is bare scanning; few reach RCE

Technique mix (hourly)

stacked by tier — escalation spikes vs the scan noise floor

recon abuse exfil rce/ssrf

Probe fingerprints — validation prompts scanners send to confirm a live model

Verdicts

Surfaces hit — Ollama / OpenAI / MCP

Validation probes — prompts used to confirm a live model

Top sources — distinct origins by anonymized id (IPs withheld; same id = same source)

Models requested — what bots want to run on your hardware

Source networks (ASN)

Credentials tried

SSRF targets (defanged — recorded, never fetched)