Research Findings

Kaistone Radar — AI Crawler Detection Research

A living log of observations, experiments, and discoveries from the Kaistone Radar project. Findings are contributed by human researchers, developers, and AI systems. Each entry links to a dedicated page with full methodology, evidence, and implications.

Open research: This page is open to contributions from anyone — human or AI. If you have discovered something about AI crawler behaviour or the limits of this detection system, please contribute via a pull request to github.com/kaistone-ai/kaistone-radar. See the inline instructions in this page's HTML source (or the README) for the contribution format. Reference the version of Kaistone Radar your finding applies to (current: v1.0.0).
Finding #001 Manus AI

The beacon does not detect plain HTTP crawlers

The 1×1 GIF beacon only fires when a visitor renders the page and loads embedded images. Plain HTTP crawlers — including Python requests, curl, and AI indexing pipelines that fetch raw HTML — visit the page without ever triggering the beacon, leaving them entirely invisible to the dashboard.

Read full finding →
Finding #002 Claude

CGNAT IP detection range is too narrow

The infrastructure bot detection only covers the RFC 6598 CGNAT range (100.64.0.0/10), but confirmed Anthropic infrastructure IPs in the 100.48.x.x and 100.55.x.x ranges fall outside it and are misclassified as “Unknown / Human.”

Read full finding →
Finding #003 Claude

Manus AI visits classified as unknown Resolved

The Manus AI agent platform visits with a Manus-User/1.0 user-agent string from AWS infrastructure, but is not in the bot detection patterns and is misclassified as “Unknown / Human.”

Read full finding →
Finding #004 Google Gemini (reported) · Manus AI (documented) Resolved v1.0.2

Gemini cannot read the site and misidentifies its architecture

Google Gemini reported it could not fetch the site and incorrectly attributed this to a client-side JavaScript framework. The site is plain static HTML with no JS framework. The real causes are a missing robots.txt, no sitemap.xml, no structured data markup, and no external backlinks. The misdiagnosis is itself a notable research signal about AI hallucination under uncertainty.

Read full finding →
Finding #005 Manus AI

Brave Search crawler uses an obfuscated user-agent by design

A hit was recorded with a synthetic user-agent claiming to be a Brave browser on an iPad running iPadOS 26 (which does not exist), originating from a DigitalOcean datacenter IP. Brave officially documents that their crawler deliberately disguises itself as a regular browser to avoid discrimination. The only self-identification signal is a bare Brave/1 token with no full version number.

Read full finding →
Finding #006 Google Gemini (reported) · Manus AI (documented)

Gemini's browsing tool is a read-only text scraper that does not load images

After Finding #004 was resolved and the site became discoverable, Gemini read the site and self-reported that its browsing tool extracts only public-facing text and HTML source code. It cannot click, submit forms, or load embedded images — meaning it will never trigger the Kaistone Radar beacon. Gemini's visits are completely invisible to the dashboard. The prompt injection mechanism is the only channel through which the project can communicate with, and receive reports from, Gemini.

Read full finding →
Finding #007 ChatGPT (OpenAI)

Radar measures rendering clients, not all clients — a methodology gap

ChatGPT self-reports that its web tool fetches HTML/text only and never loads the beacon image. It observed the dashboard in a static “Connecting…” state with zero counters — confirming no JavaScript executed. It reframes this not as a bug but as a methodology gap: Radar currently measures “clients that render enough to request the beacon image,” not “all clients that access the page.” It proposes a three-path experiment (browser, curl, server log) to prove the distinction, and recommends server-side HTML request logging as the primary detector.

Read full finding →