If Corbacount turned up in your server logs, this page explains exactly what it is, why it visited, and how to recognise it. Short version: someone runs Corbacount web analytics on a site, and we made a small, well-behaved automated request on their behalf.
Corbacount is a privacy-friendly analytics tool. When a customer adds a website to their account, we make a couple of automated requests to that domain so their dashboard has a preview image and up-to-date domain-health data. These requests are infrequent, identify themselves honestly, and never crawl or index your pages.
A headless Chromium browser loads the site's homepage once to capture a thumbnail for the customer's dashboard - taken when the site is first added, and refreshed roughly twice a month. It requests a single page, not your whole site.
A lightweight request checks the customer's own domain for its SSL certificate, WHOIS/registration data and basic metadata, powering the domain health panel. It reads public information only, on a weekly cadence.
Every automated request we make carries one of these user-agent strings, each pointing back to this page. If you see a different user-agent claiming to be Corbacount, it is not us.
Mozilla/5.0 (compatible; CorbacountScreenshotBot/1.0; +https://www.corbacount.com/bot)
Corbacount/1.0 (+https://www.corbacount.com/bot)
It does not spider your links, scrape your content or build a search index. The screenshot bot loads a single page; the domain check makes one request for public registration data.
Requests are rare - a screenshot at sign-up plus a refresh about twice a month, and a weekly domain check. There is no burst traffic and no repeated hammering.
These requests are about the site itself, not its visitors. Visitor analytics only ever come from the tracking snippet a customer installs, never from these bot requests.
We never spoof a real browser to hide the request. The user-agent always says Corbacount and links straight back to this page.
Almost always it means someone with access to the site - an agency, a developer, a colleague - added it to a Corbacount account to measure its traffic. If that is unexpected, check with whoever manages the site. If you would like us to stop, or you believe the site was added without authorisation, tell us through the contact page and we will remove it.
Yes. Because both requests send a stable, identifiable user-agent, you can block them at your web server or firewall by matching on Corbacount and returning a 403. Do note that blocking the screenshot bot simply means the customer's dashboard shows a placeholder image instead of a preview of your site - it has no effect on anything else.
Send us the log line - the user-agent, the IP and the timestamp - and a real human will tell you exactly what it was, within one business day.