In-the-wild AI-injection surfaces observed on public web pages. Sourced from CommonCrawl passive crawls.Last updated: 6/25/2026, 07:04:27 UTC
All counts are first-seen surfaces from real CommonCrawl passive scans. No projected, modeled, or seeded values are shown on this page.
Surfaces Per Day
last 30 daysCount of first-seen surfaces per UTC day. Re-observations of the same URL+signature do not increment this series.
Top Surface Types
Where injections are being planted on the page
- #1hidden_text175
- #2script_literal153
- #3html_comment97
- #4alt_aria40
- #5meta_tag9
- #6data_attr6
Top Attack Classes
AIIS taxonomy class for matched payloads
- #1SOUL-INJECT268
- #2UNICODE-STEGO212
Top AIIS Signatures
aiis-signatures on GitHub →Signature IDs link to the public AIIS repository. Counts are total hits observed on active surfaces.
| Signature | Hits | Distribution |
|---|---|---|
| #1AIIS-UNICODE-TAG-BLOCK-01 | 212 | |
| #2AIIS-HIDDEN-JAILBREAK-DAN-01 | 189 | |
| #3AIIS-HIDDEN-ROLE-INJECT-01 | 71 | |
| #4AIIS-ATTR-IGNORE-INST-01 | 8 |
How This Data Is Collected
HoneyMap is a passive scanner that reads WARC archives from CommonCrawl and extracts AI-injection surfaces (hidden text, HTML comments, meta tags, JSON-LD, and other vectors). Each extracted surface is matched against the public AIIS signature set.
Privacy: HoneyMap stores no user data. Matched payload text is base64-encoded at extraction time and replaced with a sanitized preview before any storage. Raw payloads are not retained on the public API path.
Counts on this page: reflect active surfaces only. Surfaces marked as mitigated, removed, or false-positive are excluded.