---
title: Scraping
description: Scraping is automated traffic that extracts data or hammers an endpoint rather than browsing like a person. Rupt scores it from network reputation and request velocity.
---

# Scraping

Scraping is traffic from an automated extractor rather than a human: a bot pulling your catalog, or a crawler hitting an endpoint far faster than anyone could click. It often rides legitimate accounts and valid sessions, so the request itself looks fine. What stands out is where it comes from and how fast it arrives.

Rupt scores this risk on the `access` and `login` [actions](/docs/v3/concepts/actions).

## What Rupt looks for

- **[Anonymizing network](/docs/v3/concepts/anonymizing-network)**: automated traffic tends to run from hosting and datacenter IPs, proxies, or VPNs rather than a home connection. A request from a cloud provider's address range is a classic scraper tell.
- **[Velocity](/docs/v3/concepts/velocity)**: the rate of requests from one IP or user. Humans pause, read, and click; scrapers don't.

## Severity and response

The checks aggregate into a `scraping` [risk](/docs/v3/concepts/risks) severity. Datacenter traffic alone catches a lot of bots, but it also catches corporate VPNs and privacy-conscious users, so velocity is what separates a heavy reader from an extractor. Most teams [challenge](/docs/v3/concepts/challenges) or rate-limit as these signals stack up and `deny` only when both are unmistakable. Your [policies](/docs/v3/concepts/policies) set the threshold.