Cookiebot is listed in the Botcrawl directory as a security scanner from Cybot A/S. The primary identifier for log review is Cookiebot.

Identification

  • User-agent pattern: Cookiebot
  • Family: Cybot A/S
  • Type: Security
  • Kind: Monitor

Common use

Security scanning, malware checks, abuse prevention, compliance review, or vulnerability monitoring.

Verification and handling

Confirm the user-agent against server logs and use published operator documentation, IP ranges, reverse DNS, or other trust signals when available.

Directory guidance marks the risk level as Safe and the blocking decision as No. Do not rely on the user-agent string alone because user-agent strings can be copied or spoofed.

Robots.txt handling: No.

Identification

Company
Cybot A/S
Purpose
security
Identity Type
verified-bot
Source Type
verified-directory
HTTP Agent
Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko; compatible; Cookiebot/1.0; +http://cookiebot.com/) Chrome/101.0.4951.54 Safari/537.36

Verification And Behavior

Verification Method
Validate the identifying user-agent or signature against the operator documentation before creating hard allow rules.
Last Verified
2026-04-01
Last Checked
2026-05-20
Robots Token
Cookiebot
Respects Robots
no
Spoofing Risk
User-agent strings can be spoofed. For allow-listing or low-friction rules, pair the published identifier with operator documentation or cryptographic verification when available.

Common Use

Security scanning, malware checks, abuse prevention, compliance review, or vulnerability monitoring.

Detection Notes

Match `Cookiebot` as a case-insensitive substring in HTTP user-agent logs. Use bot_http_agent for full user-agent examples when the client sends a longer browser-like string. Do not treat a user-agent match alone as proof of identity for allow-listing.

Rules And Blocking Notes

User-agent: Cookiebot Disallow: /

Identification Note

User-agent strings can be spoofed. Use this record as an identification signal and confirm sensitive allow or block decisions with logs, DNS, IP ranges, request behavior, or operator documentation when available.

Source Operator Use API