This article provides information about the Acquia Web Governance IP addresses used, Data Hosting, and Security policies for Acquia Web Governance.
| Country/Continent | IP addresses |
|---|---|
| United States and Canada | 35.226.117.128 |
| UK and Europe | 130.211.65.55 |
| Australia, New Zealand, and Japan | 35.189.0.46 |
If you use the Heartbeat feature, allow-list the IP addresses listed in the Heartbeat section.
Mozilla/5.0 (compatible; Monsidobot/2.2; +http://monsido.com/bot.html; [email protected])Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36The Heartbeat feature uses different IP addresses. You must allow-list these IP addresses instead of the usual ones mentioned in the preceding section to ensure that the Heartbeat feature functions properly.
| Zone | IP addresses |
|---|---|
| EU1 | 34.78.27.237 |
| EU2 | 34.34.150.42 |
| US2 | 34.69.190.50 |
| US3 | 35.238.182.110 |
| CivicPlus | 35.238.182.110 |
If you do not know which one to use, contact your sales representative or customer success manager.
Some web security measures block the Commonlook PDF crawler that Web Governance uses. If you encounter issues with the PDF scan, allow-list these additional IP addresses and user agents.
20.246.128.115
20.113.18.110
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Web Governance uses the Google Cloud Platform as the hosting environment for our services.
Web Governance scans your public-facing websites and does not access or store any confidential data. The only data that Web Governance stores (that may not be publicly accessible) are the names and email addresses of Web Governance customer's users, which are not made publicly available. All data and backups collected are kept for at least 30 days before being permanently deleted if and when the client exits, with the exception of logs.
Scans of public websites are done by both known and unknown crawlers every day. Google, Bing, and other search engines, as well as completely unknown companies, crawl websites to gather information and monitor performance. What Web Governance does is similar, and has no detectable effect on website performance.
Unless otherwise agreed upon, the location of customer data is based on the Web Governance branch that your contract is with. This means that customer data for the US Web Governance offices and subsidiaries is processed and stored within the USA, customer data for AU Web Governance offices and subsidiaries is processed and stored within AU, and customer data for EU and UK Web Governance offices and subsidiaries is processed and stored within the EU.
Login credentials (name, email, one-way hashed password, and data-location ID) are stored centrally in our login service, which resides in the EU.
Web Governance complies with the controls required for ISO compliance.
Web Governance uses the criteria as defined in the Google Cloud InfoType detector reference to identify potential data privacy security violations.
The Web Governance crawler scans data as it finds it. This is normally breadth-first, for example, the scan starts at level 0 (the front page of the website) and proceeds to level 1 (pages that are accessed through links from the front page), and continues in this way. An XML sitemap is occasionally used if this is explicitly supplied or discovered through robots.txt.
This section provides information about the requirements that must be met before you can do a scan.
Your current infrastructure must be internet-accessible. The statistics and pages are prioritized by the number of views and have a script that can be added to your Google Tag Manager.
For more information, visit Using Google Tag Manager with Web Governance.
If you opt to scan password-protected or otherwise restricted web pages or documents, and if this is permitted by the contract you signed with Web Governance, you must make sure that the information in these web pages and documents is not confidential. Web Governance cannot guarantee the same level of security that you can.
For more information, visit Scan password-protected and internal pages.
For information about Acquia policies, visit:
If this content did not answer your questions, try searching or contacting our support team for further assistance.
Rebranding Notice!
Acquia has rebranded the following products effective October 1, 2025:
Fri Nov 21 2025 09:43:36 GMT+0000 (Coordinated Universal Time)