- DataDome analysis claims agent traffic up 45% in Q2 2026
- Meta AI bots have grown over 163% over the previous quarter
- The analysis was performed by bot management and agent control platform DataDome
If you run a website, each crawl costs bandwidth, resources, logging and creates CDN transactions, and while search engine crawlers offered the promise of sending visitors, AI bots do not.
Analysis in a report by cybersecurity firm DataDome has shown that while bots from Meta AI have increased activity, they are not delivering any significant returns to websites.
Conversely, ChatGPT crawlers have reduced traffic, but they send more referrals.
AI agent traffic is growing
While Meta AI is usually thought of as “the chatbot within Facebook,” it appears that it’s becoming something more—and the emergence of the Meta-WebIndexer bot (which grew 163% in Q1) suggests that Meta may be indexing a library of websites, much in the same way Google has been doing for the past few decades.
The growth of Meta AI as an active crawler is only part of the story, as is ChatGPT’s comparative effectiveness. The OpenAI tool appears to know enough about websites to provide the answers it already “knows”. Conversely, Meta AI’s activity indexing the web seems to explain its large impact in Q2 2026.
But also emerging is the Model Context Protocol (MCP) signal, which connects AI agents with external tools and differs from standard crawler traffic.
“Q2 showed us that the landscape is shifting faster than most organizations realize. Meta now dominates AI traffic on our network, MCP traffic has emerged as a real signal, and ChatGPT is generating more referral value with fewer crawls,” noted Jérôme Segura, VP of Threat Research at DataDome.
The differences in the way the AI agents interact with websites – some acting like users, others scraping content – means organizations need to act accordingly.
“What the data makes clear is that not all agents are created equal. The organizations that build policies around these distinctions are the ones that get an edge, and that’s precisely why agent trust is in use.”
Unfortunately, the existence and growth of MCP to a significant, measurable amount means that it must also be treated as part of an organization’s attack surface.
Allocation of resources
Given the origins of the report, there is obviously a cybersecurity aspect to this. While ransomware, malware and phishing aren’t going anywhere, autonomous software on the web needs to be addressed differently.
The “organization-building policy” that Segura mentions might, for example, give full crawl access to Google, allow ChatGPT to retrieve results, but rate-limit Meta AI based on its poor returns.
Meanwhile, unknown agents—perhaps cybersecurity threats—would require additional verification or be blocked entirely.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.



