What is New Relic?

The New Relic crawler bot refers to New Relic’s Synthetics/uptime monitoring traffic (e.g., NewRelicPinger/NewRelicSynthetics user agents) that programmatically requests your web pages and APIs from distributed locations to measure availability, latency, content integrity, and transaction success. It uses identifiable user agents and published IP ranges so security teams can allowlist and prevent WAF, bot-management, CAPTCHA, or rate limits from skewing SLOs. Use cases include: external uptime checks, API health and SLA verification, scripted browser journeys (checkout/login), performance baselining across regions, TLS/SSL and DNS change validation, incident triage, and dependency regression detection. For fraud and security operations, classify it as a “known good” bot to avoid false positives, segment analytics, and maintain accurate traffic models while preserving protections for unknown automation.

Why is New Relic crawling my site?

It’s likely hitting your site because someone configured synthetic monitoring that targets your domain (intentionally or by mistake), your assets are embedded on a monitored site/CDN path, or your URLs appear in third‑party links/tests that follow redirects. Potential downsides: inflated traffic skewing analytics, conversion and fraud baselines; noisy logs and WAF/bot tool alerts; contamination of anomaly and risk models (false positives/negatives); unnecessary server load and concurrency spikes; increased bandwidth/CDN and serverless invocation costs; exhaustion of crawl budget or API rate limits; triggering session defenses (CAPTCHA, token churn) and degrading real user experience; accidental traversal of parameterized URLs that amplifies page/API surface; and, if your endpoints aren’t idempotent/read‑only, synthetic requests could cause unintended side effects on stateful flows.

Threat research insights on New Relic

All data in this section are produced by DataDome's Galileo Threat Research team from our proprietary detection network and reviewed by human analysts.

Verified Bot A verified bot has high identification strength
Verified
Robots.txt Compliance Whether this bot respects robots.txt directives
Not respected
Identification Strength How confidently DataDome can identify this bot
High

Traffic origins

Top 15 countries by bot traffic

US US 38.35%
GB GB 17.54%
AU AU 10.68%
FR FR 6.62%
IE IE 6.16%
DE DE 5.69%
CA CA 4.89%
IT IT 2.04%
SE SE 2.04%
SG SG 1.35%
BR BR 1.31%
IN IN 1.05%
JP JP 0.9%
HK HK 0.64%
KR KR 0.41%

Most used autonomous system (AS)

Top 5 by traffic share

Amazon.com, Inc.
100.0%
New Relic
0.0%
0.0%
Videotron Ltee
0.0%
New Relic International Limited
0.0%
Traffic Occupancy
0.48%

On average, occupy 0.48% of the traffic from bots in the directory

Authorization Rate
100%

Businesses decide to authorize this bot 100% of the time

How to block New Relic?

1) User-Agent filtering at the web server
Nginx: if ($http_user_agent ~* "New Relic") { return 403; }
Apache:
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} "(?i)New Relic"
RewriteRule .* - [F]

2) IP/ASN/network blocking
Block known IP ranges or hosting ASNs used by New Relic if identified and unwanted.

3) Rate limiting and dynamic banning
Use Nginx limit_req / similar to throttle high-frequency requests from this bot and auto-ban offenders.

4) JavaScript token + honeypot traps
Require a JS-generated signed cookie/token for normal pages and add hidden honeypot URLs; block IPs that fail the JS check or touch honeypots.

DataDome

See which bots and AI agents bypass your defenses

Create your account to start analyzing and mitigating malicious bots and AI-drive threats in real-time