VisualSentinelBot

Our HTTP checks and uptime probes identify themselves with:

VisualSentinelBot/2.0 (+https://visualsentinel.com/bot)

Visual and performance checks use a headless Chrome User-Agent so the rendered page matches what real visitors see. If you need to whitelist headless rendering separately, contact us and we will publish a dedicated UA marker for those checks.

• Respects a per-customer configurable interval (1, 5, 10, 30 minutes).
• Never runs more than one in-flight check per (monitor, region) tuple.
• Honors robots.txt only for visual and content checks, not for customer-initiated uptime checks (an uptime monitor must probe blocked paths to detect outages).
• Does not follow off-origin links. Each check visits exactly the configured URL.
• Does not execute form submissions or transactional actions.

We are in the process of stabilizing a public IP allowlist. In the meantime, egress originates from the following ranges:

• EU region (Helsinki): see the dedicated allowlist at /bot/ips (coming soon).
• US region: via shared infrastructure. Stable IPs will be listed at /bot/ips once the egress proxy is finalized.

In all cases, the User-Agent string and reverse-DNS hostname are the most reliable identification signals.

Cloudflare WAF custom rule

(http.user_agent contains "VisualSentinelBot")
  → Skip: All remaining custom rules

AWS WAF byte match statement

{
  "FieldToMatch": { "SingleHeader": { "Name": "user-agent" } },
  "PositionalConstraint": "CONTAINS",
  "SearchString": "VisualSentinelBot",
  "TextTransformations": [{ "Priority": 0, "Type": "NONE" }]
}

Nginx conditional bypass

if ($http_user_agent ~* "VisualSentinelBot") {
    set $skip_rate_limit 1;
}

If you believe VisualSentinelBot is hitting your infrastructure without a customer having asked us to, email abuse@visualsentinel.com with the domain name, sample requests, and the approximate rate. We will investigate within one business day.