Brandprotect

Bot User-Agent: brandprotect

🤖 Overview

Brandprotect is a web crawler operated by Brandprotect Inc., a cybersecurity firm acquired by Proofpoint in 2017. The bot is used to scan the internet for brand impersonation, phishing sites, trademark violations, and unauthorized use of corporate logos and intellectual property. It feeds data into the Brandprotect Digital Risk Protection platform, which alerts organizations to external threats targeting their brand identity.

🌐 Technical Behavior

The crawler performs broad reconnaissance across public websites, social media platforms, and domain registries. It uses HTTP GET requests with a default crawl rate of approximately 10 requests per second, adjusting the frequency based on server responsiveness. The bot originates from IP ranges owned by Brandprotect and Proofpoint, including 207.138.0.0/16 and 216.163.0.0/20 as documented in public WHOIS records. It supports both HTTP/1.1 and HTTPS, and does not execute JavaScript, focusing only on static HTML content and metadata. The crawler may revisit pages daily or weekly depending on the client contract, and it respects standard robots.txt guidelines unless explicitly configured otherwise.

📋 robots.txt Compliance

Based on official Brandprotect documentation and support articles, the bot fully honors the robots.txt file's Disallow directives. If a website blocks the User-Agent 'Brandprotect' in its robots.txt, the bot will cease crawling that path. However, it does not respect Crawl-Delay directives as standard; instead, it uses its own adaptive rate-limiting algorithm.

🔍 Detection Indicators

The primary User-Agent string is Mozilla/5.0 (compatible; Brandprotect/1.0; +https://www.brandprotect.com/bot). Additionally, the bot may append a customer-specific identifier: Brandprotect-ThreatIntel/1.0. It sets a custom header X-Brandprotect-Scan: 1 in some requests. The bot's requests originate from ASNs AS25648 (Brandprotect) and AS32424 (Proofpoint).

📊 Data Usage

Collected data — including domain registration information, website content, and metadata — is used to generate brand infringement reports, phishing takedown recommendations, and risk scoring for corporate clients. No data is used for AI model training; it is solely for cybersecurity intelligence and compliance monitoring.

⚙️ Rate Limiting Policy

The brandprotect bot is rate-limited because it performs continuous, broad-scope crawling that can impact server performance for unprotected endpoints. Organizations typically set threshold-based blocking (e.g., limit 10 req/10s per IP) to prevent resource exhaustion while allowing legitimate security scanning.

53% of Web Traffic Is Bots in 2026

— Imperva Bad Bot Report 2026

How much of your traffic is automated? Get your personal bot traffic report and see exactly what's hitting your server — completely free.

📊 Get My Bot Report

Sign up in seconds  ·  No card required

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the bots listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.