Voidek records action, score, bot type, tags, and route context while your app continues serving the request.
Use this before rollout, especially on docs, pricing, login, feeds, and API routes.Public proof
Replay evidence for Voidek crawler decisions.
This page shows controlled sample requests for AI crawlers, script scrapers, browser automation, and Googlebot. The goal is transparent rollout evidence, not a claim that every bot is blocked in every environment.
Rollout modes
Monitor first, then enforce only where the logs support it.
Your middleware or backend uses the decision to allow, challenge, or block before protected content is returned.
Turn this on per route after the sample rows and live rows look clean.Test matrix
Controlled replay results for common crawler and scraper clients.
Scores and decisions below come from Voidek sample requests run through the shared scorer. In production, route policy decides whether a logged high-confidence class becomes challenge or block.
| Client | Replay input | Replay action | Monitor mode | Enforce mode | Why it matters |
|---|---|---|---|---|---|
| GPTBotAI crawler | GPTBot/1.2 on GET /pricing | Blockedscore 100 · high | Log row with AI crawler tag | Block on protected route | Known AI crawler user-agent plus static HTML fetch context. |
| ClaudeBotAI crawler | ClaudeBot/1.0 on GET /docs | Blockedscore 100 · high | Log row with AI crawler tag | Block on protected route | Classified separately from search-engine crawlers. |
| PerplexityBotAI crawler | PerplexityBot/1.0 on GET /docs | Blockedscore 100 · high | Log row with AI crawler tag | Block on protected route | Known AI crawler user-agent in the replay rules. |
| python-requestsScraper library | python-requests/2.32 burst on GET /api/search | Blockedscore 100 · high | Log row with scraper and rate tags | Block when route policy is strict | Script client, non-browser headers, and short-window burst pressure. |
| Playwright / SeleniumHeadless framework | Playwright/Selenium request on GET /login | Blockedscore 100 · high | Log row with headless tags | Block failed browser challenge | Automation header, webdriver, and missing challenge proof. |
| GooglebotSearch crawler | Googlebot/2.1 on GET /docs | Allowedscore 0 · none | Log or allow as search crawler | Allow by default unless policy says otherwise | Known search crawler is tagged separately from AI crawlers. |
Replay detail
Decision reasons exposed as demo assets.
The same sample set is reused in the docs and dashboard demo so visitors can inspect client type, route, action, score, and reason copy before installing.
| Client | Request | Decision | Why |
|---|---|---|---|
| GPTBotAI crawler | GET /pricingai-crawler · high confidence | Blockedscore 100 | Blocked because the user-agent matches a known AI crawler and arrives without normal browser navigation proof. ai-crawler · static-html-client · header-anomaly |
| ClaudeBotAI crawler | GET /docsai-crawler · high confidence | Blockedscore 100 | Blocked because ClaudeBot is classified as model-training crawler traffic before protected content is served. ai-crawler · static-html-client · header-anomaly |
| PerplexityBotAI crawler | GET /docsai-crawler · high confidence | Blockedscore 100 | Blocked because PerplexityBot is classified as AI crawler traffic before protected docs content is served. ai-crawler · static-html-client · header-anomaly |
| python-requestsScraper library | GET /api/searchscraper · high confidence | Blockedscore 100 | Blocked because a script client is making a high short-window request burst with no browser navigation headers. scraper-tooling · header-anomaly · rate-spike |
| Playwright / SeleniumHeadless framework | GET /loginscraper · high confidence | Blockedscore 100 | Blocked because the request exposes automation tooling, webdriver, and a missing required browser challenge. scraper-tooling · static-html-client · header-anomaly |
| Masked Chromium runnerHeadless challenge | GET /accountbrowser-impersonation · medium confidence | Challengescore 75 | Challenged because the client looks browser-like but lacks the headers a real navigation normally sends. browser-impersonation |
| GooglebotSearch crawler | GET /docssearch-engine · none confidence | Allowedscore 0 | Allowed because known search-engine traffic is tagged separately from AI crawlers and scraper tooling. search-engine |
Dashboard log example
What a setup owner should expect to see.
These rows are illustrative dashboard examples based on the replay cases. They are not customer traffic totals and should be treated as a safe demo asset.
| Time | Route | Client | Action | Score | Tags |
|---|---|---|---|---|---|
| 2026-06-24 09:42 UTC | GET /pricing | GPTBot | Blocked | 91 | ai-crawler, static-html-client |
| 2026-06-24 09:43 UTC | GET /docs | ClaudeBot | Blocked | 90 | ai-crawler |
| 2026-06-24 09:44 UTC | GET /api/search | python-requests | Blocked | 100 | scraper-tooling, rate-spike |
| 2026-06-24 09:45 UTC | GET /login | Playwright | Blocked | 100 | headless-signal, challenge-missing |
| 2026-06-24 09:46 UTC | GET /docs | Googlebot | Allowed | 0 | search-engine |
Limits
Claims we will not overstate.
- These are controlled replay cases generated from sample requests, not live customer traffic totals.
- Voidek does not claim 100% bot blocking. Sophisticated clients can spoof headers and may need additional IP, ASN, TLS, behavioral, or WAF controls.
- Googlebot and normal browsers should not be blocked broadly. Search-engine traffic is tagged separately so site owners can keep SEO routes open by default.
- Robots.txt remains useful as public policy, but runtime blocking requires installing the decision call on protected routes.
Verify on your route
Run one test decision, then review the first log row.
Start with a personal account, add one protected site, keep Googlebot and browsers safe by default, and only enforce crawler classes after monitor rows are clear.