We are using slightly modified Blogengine.Net version 220.127.116.11 (about 100 active blogs). Modification includes using our existing membership db and some admin pages disabled for users. Except this everything is standard.
Recently we are noticed in firewall logs excessive number of requests to ip address 18.104.22.168 resolved as hans-moleman.w3.org. Source of requests has been tracked to blogengine application.
What inside the blogengine can cause excessive requests?