Applebot is listed in the Botcrawl directory as a search crawler from Apple. The primary identifier for log review is Applebot.

Identification

  • User-agent pattern: Applebot
  • Family: Apple
  • Type: Search
  • Kind: Crawler

Common use

Search indexing, content discovery, rendering, or search-result freshness checks.

Verification and handling

Verify reverse DNS in the applebot.apple.com domain or match IPs against Apple's Applebot CIDR JSON.

Directory guidance marks the risk level as Safe and the blocking decision as Depends. Do not rely on the user-agent string alone because user-agent strings can be copied or spoofed.

Robots.txt handling: Yes.

Identification

Aliases
Apple search crawler
Company
Apple
Purpose
indexing
Identity Type
official-documented
Source Type
official
HTTP Agent
Mozilla/5.0 (Device; OS_version) AppleWebKit/WebKit_version (KHTML, like Gecko) Version/Safari_version [Mobile/Mobile_version] Safari/WebKit_version (Applebot/Applebot_version; +http://www.apple.com/go/applebot)

Verification And Behavior

Verification Method
Verify reverse DNS in the applebot.apple.com domain or match IPs against Apple's Applebot CIDR JSON.
Last Verified
2026-04-01
Last Checked
2026-05-20
Robots Token
Applebot
Respects Robots
yes
Spoofing Risk
User-agent strings can be spoofed. For allow-listing or low-friction rules, pair the published identifier with operator documentation or cryptographic verification when available.

Common Use

Search indexing, content discovery, rendering, or search-result freshness checks.

Detection Notes

Match `Applebot` as a case-insensitive substring in HTTP user-agent logs. Review bot_aliases for alternate names or product labels. Use bot_http_agent for full user-agent examples when the client sends a longer browser-like string. Do not treat a user-agent match alone as proof of identity for allow-listing.

Rules And Blocking Notes

User-agent: Applebot Disallow: /

Identification Note

User-agent strings can be spoofed. Use this record as an identification signal and confirm sensitive allow or block decisions with logs, DNS, IP ranges, request behavior, or operator documentation when available.

Source Operator Use API