At its homepage, realestate.com.au is protected by Kasada, Rate limiting. Typical approach to reach it reliably: Slow down and rotate IPs (respect Retry-After). Difficulty is per-URL, so deep pages — profiles, listings, search — are usually harder.
Throttled by request volume from this IP — back off and spread requests across more IPs rather than reaching for a browser.
Typical access
Reproduce a closed signed-payload / JS VM
Why it didn’t pass cleanly
Rate limited
Rate limited.
Detected vendors
Evidence
Detection confidence: high
Homepage-level, datacenter-IP snapshot, June 12, 2026.
This is a passive, homepage-level snapshot and can be inaccurate or out of date — anti-bot vendors update their models continuously, deep pages are usually more protected than the homepage, and a datacenter IP sees more challenges than a residential one. Treat it as a directional signal, not a guarantee.
The homepage is the open front door. On a real estate site the valuable pages behave differently — here's the plan to characterise realestate.com.au before you build.
Listing detail
bot-managedCommonly behind PerimeterX/DataDome WAF challenges. This domain signs requests with a closed JS VM, so every page needs a real browser context.
Search / map results
bot-managedWAF + rate-limited — the hardest surface. This domain signs requests with a closed JS VM, so every page needs a real browser context.
Find a real deep URL cheaply from the site’s robots.txt and sitemap.xml, then run each through the anti-bot checker. This is an advisory based on the category and realestate.com.au’s homepage result — detect the wall, never try to pass a login.