This article provides information about the Acquia Web Governance IP addresses used, Data Hosting, and Security policies for Acquia Web Governance.
IP addresses
Country/Continent
IP addresses
United States and Canada
35.226.117.128
UK and Europe
130.211.65.55
Australia, New Zealand, and Japan
35.189.0.46
Important
If you use the Heartbeat feature, allow-list the IP addresses listed in the Heartbeat section.
Ports
443 for https
80 for http
User agents
Primary user agent Mozilla/5.0 (compatible; Monsidobot/2.2; +http://monsido.com/bot.html; [email protected])
Alternative user agent (only used if the primary user agent fails) Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Heartbeat feature IP addresses
The Heartbeat feature uses different IP addresses. You must allow-list these IP addresses instead of the usual ones mentioned in the preceding section to ensure that the Heartbeat feature functions properly.
Zone
IP addresses
EU1
34.78.27.237
EU2
34.34.150.42
US2
34.69.190.50
US3
35.238.182.110
CivicPlus
35.238.182.110
If you do not know which one to use, contact your sales representative or customer success manager.
PDF scan IP addresses and user agents
Some web security measures block the Commonlook PDF crawler that Web Governance uses. If you encounter issues with the PDF scan, allow-list these additional IP addresses and user agents.
PDF scan IP addresses
20.246.128.115
20.113.18.110
PDF scan user agents
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Data hosting and security
Web Governance uses the Google Cloud Platform as the hosting environment for our services.
Web Governance scans your public-facing websites and does not access or store any confidential data. The only data that Web Governance stores (that may not be publicly accessible) are the names and email addresses of Web Governance customer's users, which are not made publicly available. All data and backups collected are kept for at least 30 days before being permanently deleted if and when the client exits, with the exception of logs.
Scans of public websites are done by both known and unknown crawlers every day. Google, Bing, and other search engines, as well as completely unknown companies, crawl websites to gather information and monitor performance. What Web Governance does is similar, and has no detectable effect on website performance.
Unless otherwise agreed upon, the location of customer data is based on the Web Governance branch that your contract is with. This means that customer data for the US Web Governance offices and subsidiaries is processed and stored within the USA, customer data for AU Web Governance offices and subsidiaries is processed and stored within AU, and customer data for EU and UK Web Governance offices and subsidiaries is processed and stored within the EU.
Login credentials (name, email, one-way hashed password, and data-location ID) are stored centrally in our login service, which resides in the EU.
How to identify potential data privacy security issues
Web Governance complies with the controls required for ISO compliance.
The Web Governance crawler scans data as it finds it. This is normally breadth-first, for example, the scan starts at level 0 (the front page of the website) and proceeds to level 1 (pages that are accessed through links from the front page), and continues in this way. An XML sitemap is occasionally used if this is explicitly supplied or discovered through robots.txt.
Scan prerequisites
This section provides information about the requirements that must be met before you can do a scan.
Your current infrastructure must be internet-accessible. The statistics and pages are prioritized by the number of views and have a script that can be added to your Google Tag Manager.
If you opt to scan password-protected or otherwise restricted web pages or documents, and if this is permitted by the contract you signed with Web Governance, you must make sure that the information in these web pages and documents is not confidential. Web Governance cannot guarantee the same level of security that you can.
This article provides information about the Acquia Web Governance IP addresses used, Data Hosting, and Security policies for Acquia Web Governance.
IP addresses
Country/Continent
IP addresses
United States and Canada
35.226.117.128
UK and Europe
130.211.65.55
Australia, New Zealand, and Japan
35.189.0.46
Important
If you use the Heartbeat feature, allow-list the IP addresses listed in the Heartbeat section.
Ports
443 for https
80 for http
User agents
Primary user agent Mozilla/5.0 (compatible; Monsidobot/2.2; +http://monsido.com/bot.html; [email protected])
Alternative user agent (only used if the primary user agent fails) Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Heartbeat feature IP addresses
The Heartbeat feature uses different IP addresses. You must allow-list these IP addresses instead of the usual ones mentioned in the preceding section to ensure that the Heartbeat feature functions properly.
Zone
IP addresses
EU1
34.78.27.237
EU2
34.34.150.42
US2
34.69.190.50
US3
35.238.182.110
CivicPlus
35.238.182.110
If you do not know which one to use, contact your sales representative or customer success manager.
PDF scan IP addresses and user agents
Some web security measures block the Commonlook PDF crawler that Web Governance uses. If you encounter issues with the PDF scan, allow-list these additional IP addresses and user agents.
PDF scan IP addresses
20.246.128.115
20.113.18.110
PDF scan user agents
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Data hosting and security
Web Governance uses the Google Cloud Platform as the hosting environment for our services.
Web Governance scans your public-facing websites and does not access or store any confidential data. The only data that Web Governance stores (that may not be publicly accessible) are the names and email addresses of Web Governance customer's users, which are not made publicly available. All data and backups collected are kept for at least 30 days before being permanently deleted if and when the client exits, with the exception of logs.
Scans of public websites are done by both known and unknown crawlers every day. Google, Bing, and other search engines, as well as completely unknown companies, crawl websites to gather information and monitor performance. What Web Governance does is similar, and has no detectable effect on website performance.
Unless otherwise agreed upon, the location of customer data is based on the Web Governance branch that your contract is with. This means that customer data for the US Web Governance offices and subsidiaries is processed and stored within the USA, customer data for AU Web Governance offices and subsidiaries is processed and stored within AU, and customer data for EU and UK Web Governance offices and subsidiaries is processed and stored within the EU.
Login credentials (name, email, one-way hashed password, and data-location ID) are stored centrally in our login service, which resides in the EU.
How to identify potential data privacy security issues
Web Governance complies with the controls required for ISO compliance.
The Web Governance crawler scans data as it finds it. This is normally breadth-first, for example, the scan starts at level 0 (the front page of the website) and proceeds to level 1 (pages that are accessed through links from the front page), and continues in this way. An XML sitemap is occasionally used if this is explicitly supplied or discovered through robots.txt.
Scan prerequisites
This section provides information about the requirements that must be met before you can do a scan.
Your current infrastructure must be internet-accessible. The statistics and pages are prioritized by the number of views and have a script that can be added to your Google Tag Manager.
If you opt to scan password-protected or otherwise restricted web pages or documents, and if this is permitted by the contract you signed with Web Governance, you must make sure that the information in these web pages and documents is not confidential. Web Governance cannot guarantee the same level of security that you can.
Web Governance