Reference · VisualSentinelBot

Whitelist us
in 30 seconds.

Monitoring crawler reference for WAF, firewall, and bot-management rules. UA string, behavior, source IPs, and ready-to-paste rules for Cloudflare, AWS WAF, and Nginx.

Status: stable · Identified by User-Agent + reverse-DNS

1. User-Agent string

Our HTTP checks and uptime probes identify themselves with:

VisualSentinelBot/2.0 (+https://visualsentinel.com/bot)

Visual and performance checks use a headless Chrome User-Agent so the rendered page matches what real visitors see. If you need to whitelist headless rendering separately, contact us and we will publish a dedicated UA marker for those checks.

2. Behavior and rate

Respects a per-customer configurable interval (1, 5, 10, 30 minutes).
Never runs more than one in-flight check per (monitor, region) tuple.
Honors robots.txt only for visual and content checks, not for customer-initiated uptime checks (an uptime monitor must probe blocked paths to detect outages).
Does not follow off-origin links. Each check visits exactly the configured URL.
Does not execute form submissions or transactional actions.

3. Source IP addresses

All check traffic egresses from the following dedicated IPs. Adding these to your firewall or WAF allowlist is the most reliable way to let visual (screenshot) checks through bot protection, because visual checks run a real Chrome User-Agent and cannot be identified by UA string alone.

EU region (Helsinki): 157.180.59.176
US region: 5.78.139.24

The User-Agent string and reverse-DNS hostname remain reliable identification signals for HTTP uptime checks.

4. Whitelisting examples

Cloudflare WAF custom rule

(http.user_agent contains "VisualSentinelBot")
  → Skip: All remaining custom rules

AWS WAF byte-match statement

{
  "FieldToMatch": { "SingleHeader": { "Name": "user-agent" } },
  "PositionalConstraint": "CONTAINS",
  "SearchString": "VisualSentinelBot",
  "TextTransformations": [{ "Priority": 0, "Type": "NONE" }]
}

Nginx conditional bypass

if ($http_user_agent ~* "VisualSentinelBot") {
    set $skip_rate_limit 1;
}

5. Report abuse

If you believe VisualSentinelBot is hitting your infrastructure without a customer having asked us to, email abuse@visualsentinel.com with the domain name, sample requests, and the approximate rate. We will investigate within one business day.

want full coverage?

Monitor your site
from the source.

If you are reading this because a Visual Sentinel customer is checking your site, you can monitor yours too. Free 7 days, no card.

Start free trial See pricing

1. User-Agent string

Our HTTP checks and uptime probes identify themselves with:

VisualSentinelBot/2.0 (+https://visualsentinel.com/bot)

2. Behavior and rate

Respects a per-customer configurable interval (1, 5, 10, 30 minutes).

Never runs more than one in-flight check per (monitor, region) tuple.

Honors robots.txt only for visual and content checks, not for customer-initiated uptime checks (an uptime monitor must probe blocked paths to detect outages).

Does not follow off-origin links. Each check visits exactly the configured URL.

Does not execute form submissions or transactional actions.

3. Source IP addresses

EU region (Helsinki): 157.180.59.176

US region: 5.78.139.24

The User-Agent string and reverse-DNS hostname remain reliable identification signals for HTTP uptime checks.

4. Whitelisting examples

Cloudflare WAF custom rule

(http.user_agent contains "VisualSentinelBot") → Skip: All remaining custom rules

AWS WAF byte-match statement

{ "FieldToMatch": { "SingleHeader": { "Name": "user-agent" } }, "PositionalConstraint": "CONTAINS", "SearchString": "VisualSentinelBot", "TextTransformations": [{ "Priority": 0, "Type": "NONE" }] }

Nginx conditional bypass

if ($http_user_agent ~* "VisualSentinelBot") { set $skip_rate_limit 1; }

Whitelist usin 30 seconds.

1. User-Agent string

2. Behavior and rate

3. Source IP addresses

4. Whitelisting examples

Cloudflare WAF custom rule

AWS WAF byte-match statement

Nginx conditional bypass

5. Report abuse

Monitor your sitefrom the source.

Whitelist usin 30 seconds.

1. User-Agent string

2. Behavior and rate

3. Source IP addresses

4. Whitelisting examples

Cloudflare WAF custom rule

AWS WAF byte-match statement

Nginx conditional bypass

5. Report abuse

Monitor your sitefrom the source.

Whitelist us
in 30 seconds.

Monitor your site
from the source.

Whitelist us
in 30 seconds.

Monitor your site
from the source.