Ctrlk
Integration DocsContact SupportLog In
For the complete documentation index, see llms.txt. This page is also available as Markdown.

Website Crawling Governance: ImpactCINDAgent Explained

This article explains how to identify, verify, and control ImpactCINDAgent.

ImpactCINDAgent is a web crawler operated by impact.com and used to verify that pages on partner and brand sites correctly use impact.com tracking and comply with brand agreements.

If your site participates in an impact.com partnership program, ImpactCINDAgent periodically fetches pages to:

  • Verify tracking: Ensure tracking links and tags are correctly installed and functioning.

  • Review compliance: Check that page content is consistent with published brand-safety and compliance agreements.

  • Report: Extract non-personal metadata (titles, canonical URLs, product images, SKUs) to power reporting for partners.

  • Discover: Perform broader crawls to discover content promoting impact.com-enrolled brands on domains not yet registered in the platform.

Identify the ImpactCINDAgent

ImpactCINDAgent identifies itself via a specific User-Agent string.

Full User-Agent String: Mozilla/5.0 (compatible; ImpactCINDAgent) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Note: The Chrome version segment is updated as the underlying browser is upgraded. To reliably identify the bot, match the substring ImpactCINDAgent.

Verify a request

If you need to confirm that a request actually came from impact.com (and is not a spoofed User-Agent), use one of the following methods, listed from least to most authoritative:

Method 1: IP range check (high confidence)

Confirm the request's source IP falls within these impact.com-controlled ranges:

CIDR ranges:

  • 163.116.128.0/17

  • 162.10.0.0/17

  • 31.186.239.0/24

  • 8.39.144.0/24

  • 8.36.116.0/24

Individual addresses: 34.145.188.137, 35.245.212.57, 34.21.56.213, 34.48.90.233, 35.245.229.167, 34.150.151.151, 35.245.185.65, 35.188.242.212, 34.86.33.122, 34.145.224.193, 35.245.135.218, 35.221.1.178, 34.150.217.77, 107.175.80.80, 162.212.175.22, 107.172.69.119

Method 2: Signature verification (highest confidence)

Every request from ImpactCINDAgent is cryptographically signed (per RFC 9421). You can verify signatures against our public key directory. This implementation is run on web-bot-auth specification that builds on the RFC 9421 specification.

Expected behavior:

  • Headless Browsing: ImpactCINDAgent uses a real headless browser. It issues a GET request, renders the page, executes JavaScript, and fetches sub-resources (CSS/JS) to see the page exactly as a user would.

  • Screenshots: It may capture a screenshot for internal compliance review. These are never public.

  • Redirects: It follows redirects, including across different origins.

  • No Destructive Actions: It does not submit forms, bypass CAPTCHAs/paywalls, or perform POST/DELETE requests.

Control access

ImpactCINDAgent respects robots.txt directives addressed specifically to ImpactCINDAgent or the wildcard *.

Block entirely

Set a crawl rate

If the crawler is affecting your site performance, use the Crawl-delay directive.

Rate limits and back-off

ImpactCINDAgent automatically reduces its request rate if your server returns:

  • HTTP 429 (Too many requests)

  • HTTP 503 (Service unavailable)

  • It also respects the Retry-After header if provided.

Important: If your site participates in an impact.com program, blocking this crawler may prevent us from verifying your tracking or compliance, which could affect your program's standing. We recommend using Crawl-delay instead of a full block.

PreviousDiscover Your Invoicing MethodNextOther Products

Last updated

Was this helpful?