Bot intelligence record

HSTS preload bot

Review first

Use the hstspreload-bot identifier to separate Chromium security scanning or verification traffic from normal visitor requests in server logs.

Security Verified Bot Confidence: Medium Verified: Yes robots.txt: No
Operator
Chromium
Family
Chromium
Type
Security
Source type
Verified Directory
Last checked
2026-05-20

User-Agent Pattern

Chromium
hstspreload-bot
Verification note

User-agent strings are identification signals, not proof of identity. Confirm important allow, block, or rate-limit decisions with logs, DNS or IP evidence, request behavior, or operator documentation when available.

Robots.txt Snippet

Click snippet to copy 
User-agent: hstspreload-bot Disallow: /

Click the snippet to copy it, or highlight the text manually.

Handling Guidance

Depends

Use this record as bot intelligence, then verify the request source and behavior before allowing, blocking, or rate limiting.

Security scanning, malware checks, abuse prevention, compliance review, or vulnerability monitoring.

Record Details

Structured data
Operator
Chromium
Family
Chromium
Type
Security
Purpose
Security
Identity type
Verified Bot
Confidence
Medium
Last verified
2026-04-01
Last checked
2026-05-20
Source type
Verified Directory
Verification
Validate the identifying user-agent or signature against the operator documentation before creating hard allow rules.
Spoofing risk
User-agent strings can be spoofed. For allow-listing or low-friction rules, pair the published identifier with operator documentation or cryptographic verification when available.

Notes

HSTS preload bot is listed in the Botcrawl directory as a security scanner from Chromium. The primary identifier for log review is hstspreload-bot.

Identification

  • User-agent pattern: hstspreload-bot
  • Family: Chromium
  • Type: Security
  • Kind: Scanner

Common use

Security scanning, malware checks, abuse prevention, compliance review, or vulnerability monitoring.

Verification and handling

Confirm the user-agent against server logs and use published operator documentation, IP ranges, reverse DNS, or other trust signals when available.

Directory guidance marks the risk level as Neutral and the blocking decision as Depends. Do not rely on the user-agent string alone because user-agent strings can be copied or spoofed.

Robots.txt handling: No.

Evidence and Source

  • Validate the identifying user-agent or signature against the operator documentation before creating hard allow rules.
  • Match `hstspreload-bot` as a case-insensitive substring in HTTP user-agent logs. Do not treat a user-agent match alone as proof of identity for allow-listing.
  • Security scanning, malware checks, abuse prevention, compliance review, or vulnerability monitoring.
  • User-agent strings can be spoofed. For allow-listing or low-friction rules, pair the published identifier with operator documentation or cryptographic verification when available.

https://hstspreload.org/

Similar purpose: Security

YahooMailProxy Neutral

YahooMailProxy

Yahoo Mail Proxy is a content fetch proxy that retrieves the page content of URLs that are embedded within emails sent to Yahoo Mail users. Having the content displayed through the proxy.

Operator and family: Yahoo Type: Security
Verified robots.txt: No Block: Depends Verified Bot
XY-Archive-Compliance Neutral

XY Archive Compliance Bot

XY Archive Compliance Bot is a security scanner from XY Archive Compliance used for security checks, malware review, or abuse prevention.

Operator and family: XY Archive Compliance Type: Security
Verified robots.txt: No Block: Depends Verified Bot
VaultPress Safe

VaultPress

VaultPress is a subscription service developed by Automattic, the company behind WordPress, that offers automated daily and real-time backups of WordPress websites onto WordPress.com's.

Operator and family: Automattic Type: Security
Verified robots.txt: No Block: No Verified Bot
TermlyBot Neutral

Termly

Termly is a security bot associated with Termly, used for security, verification, or anti-abuse checks.

Operator and family: Termly Type: Security
Verified robots.txt: No Block: Depends Verified Bot

Monitor This Bot In Edge

Botcrawl Edge

Use Botcrawl Edge to see matching traffic, create allow or block rules, and control this bot across connected sites.

Get Edge Now Open BotDB