Allowlist Cloud Engine IPs

Some firewalls may block attack traffic and prevent InsightAppSec from testing your application for vulnerabilities. In such cases, you must allowlist the IP addresses of the InsightAppSec cloud engines to scan your web applications. The following table provides the IP addresses of the InsightAppSec engines based on the region where your platform account is hosted. When you log in to InsightAppSec, the region is the first sub-domain in the URL. For example, if the url is https://us2.appsec.insight.rapid7.com then your region is US-East-2.

Is your Rapid7 product subscription provisioned for the United States? Check your region code first!

As of April 12th, 2021, all new customers subscribing to Rapid7 Insight products that elect to store their data in the United States will be provisioned for one of three data centers. Since these data centers have unique endpoints, any firewall rules you configure must correspond to the data center your organization is assigned to. Follow these steps to determine which United States data center your organization is part of:

  1. Go to insight.rapid7.com and sign in with your Insight account email address and password.
  2. Navigate to the Platform Home page.
    • If you are not taken to this page by default, expand the product dropdown in the upper left and click My Account.
  3. Look for the Data Storage Region tag in the upper right corner of the page below your account name. Your United States region tag will show one of the following data centers:
    • United States - 1
    • United States - 2
    • United States - 3

Consult the following table to determine which IPs must be allowlisted according to your region.

RegionIPs to allowlist
United States-1
United States-2
United States-3
34.205.208.125
34.192.183.106
34.224.19.93
34.227.121.223
EU35.158.144.37
35.156.166.245
172.104.153.232
CA52.60.149.201
52.60.191.46
172.104.11.18
AU52.63.190.180
52.62.83.29
139.162.25.220
AP/Tokyo172.104.83.134
52.68.0.155
54.64.21.140