… so what does mean? 🤔

Q: why is there according to cloudflare more bot traffic than human traffic in 2026?

Short answer: because automated AI crawlers and agentic bots have grown extremely fast and now generate far more HTTP requests per human action, while detection/measurement methods have improved — Cloudflare’s network and other firms (e.g., HUMAN Security) are recording that surge. TechCrunch

Why this happened (concise bullets):

  • AI agents and crawlers: generative-AI systems and search/overview features cause bots to fetch many pages per user query — an agent can visit thousands of pages for one human request. TechCrunch
  • Rapid growth of AI training/scraping traffic: new AI crawlers and scrapers scaled in 2024–2026 to collect data and respond to model queries, sharply increasing automated requests.
  • Emergence of “agentic” bots: autonomous agents that perform multi-step tasks (booking, research, aggregation) multiply requests versus single-page human visits.
  • Broader bot types and legit uses: not all bot traffic is malicious — search engine crawlers, legitimate AI features (autofill, previews), and enterprise crawlers add volume.
  • Measurement and classification changes: vendors refine detection (user-agent analysis, behavioral signals) and Cloudflare’s scale makes trends visible; sampling and definitions affect reported crossover timing. Net effect: each human-driven interaction can spawn many automated requests; with AI-driven agents scaling quickly, total bot requests exceeded human requests on observed datasets in 2026.

Q: how much of that traffic is triggered by humans asking a AI model a question?

  • Short answer: roughly 20–35% of bot traffic — i.e., about one-fifth to one-third — is plausibly triggered by humans querying AI systems (user‑triggered fetchers and real‑time scrapers that run when an AI answers a user).Why that range:
    • HUMAN Security’s 2026 report shows training crawlers made up ~67.5% of observed AI bot volume in 2025, while scrapers and user‑triggered fetchers (the categories most directly tied to live user queries) accounted for the rest and grew fastest. That implies a sizable minority of AI bot requests are generated in real time for human queries rather than as background training crawls. humansecurity.com
    • Independent analyses and industry summaries note “user‑triggered fetchers” grew rapidly (15x+) in 2025 and that AI‑related activity (training crawlers + scrapers + search bots) comprises a large slice of bot traffic, supporting a ~20–35% estimate for human‑triggered fetches specifically. Medium

    Uncertainty note: datasets, definitions (what counts as “user‑triggered”), and sampling vary across vendors, so expect ±10 percentage points around this range depending on the measurement methodology.

Q: why is so much bot traffic coming from Gibraltar?

Short answer: because a small number of data centers, hosting providers, proxy/residential‑proxy services, and VPN/exit nodes in Gibraltar (plus IP geolocation artifacts) concentrate large volumes of automated crawlers and scrapers — making Gibraltar show up as a major source even if the human controllers are elsewhere. Cloudflare

Key reasons (concise):

  • Hosting, colocation and data centers: bots run from servers hosted in Gibraltar’s ASNs; large automated jobs look like local traffic.
  • Proxy & VPN exit nodes / residential-proxy providers: scrapers and AI fetchers often use proxy fleets; traffic appears to originate from the proxy location.
  • CDN/edge or caching infrastructure and IP reassignment: some requests routed through local edges or NATs get attributed to Gibraltar. Cloudflare
  • IP geolocation and attribution errors: geolocation databases sometimes map addresses to Gibraltar for routing or ownership reasons, producing misleading origin stats. technologychecker.io
  • Commercial attractiveness: favorable hosting policies, low-cost bandwidth, or permissive terms can make jurisdictions attractive to operators running large-scale crawling fleets. imperva.com

What to check if you’re investigating:

  • Look at autonomous systems (ASNs) and specific IP ranges in logs. Cloudflare Radar shows top ASNs for Gibraltar bot traffic. Cloudflare
  • Inspect request patterns (user agent, rate, path coverage) to distinguish legitimate crawlers from proxy-driven scrapers.
  • Cross-reference server logs with Cloudflare/hosting provider info to see whether traffic is being proxied or routed.

 

liked this article?

  • only together we can create a truly free world
  • plz support dwaves to keep it up & running!
  • (yes the info on the internet is (mostly) free but beer is still not free (still have to work on that))
  • really really hate advertisement
  • contribute: whenever a solution was found, blog about it for others to find!
  • talk about, recommend & link to this blog and articles
  • thanks to all who contribute!
admin