Monitoring probe IP addresses
If your site sits behind a firewall or WAF, allowlist Velprove so our uptime checks are not blocked. The recommended method is forward-confirmed reverse DNS (FCrDNS). The IP list below is the fallback. This page is always live.
Recommended: allowlist by FCrDNS hostname
When a request reaches your firewall, take the source IPv4 address and reverse-resolve it. A genuine Velprove probe resolves to a hostname ending in .probe.velprove.com. Then forward-resolve that hostname and confirm it returns the same IPv4 you started with. Allow the request only when both directions agree. The hostnames are stable, so this rule keeps working even when our IP addresses change.
Fallback: allowlist the IPv4 addresses
If your firewall cannot match on hostnames, allowlist the IPv4 addresses below. Checks are IPv4 only, so you never need IPv6 rules for Velprove. The IPs can rotate as we scale, so re-fetch this list periodically or, better, allowlist by FCrDNS hostname instead.
| Region | FCrDNS hostname | IPv4 |
|---|---|---|
| North America | na1.probe.velprove.com | 51.79.24.28 |
| Europe | eu1.probe.velprove.com | 57.129.124.139 |
| United Kingdom | uk1.probe.velprove.com | 198.244.141.109 |
| Asia | asia1.probe.velprove.com | 51.79.140.29 |
| Oceania | oce1.probe.velprove.com | 139.99.218.106 |
A region showing "rotating" is mid-reprovision. Its FCrDNS hostname is stable and stays valid. Allowlist by hostname to avoid gaps during a rotation.
Machine-readable copies of this list: /ips.json and /ips.txt. The text endpoint puts one bare IPv4 per line for firewall scripts and keeps the region mapping in leading # comment lines.
Frequently asked questions
How do I allowlist Velprove's monitoring checks?
The recommended method is forward-confirmed reverse DNS (FCrDNS). When a request reaches your firewall or WAF, reverse-resolve the source IP, confirm the hostname ends in .probe.velprove.com, then forward-resolve that hostname back and confirm it returns the same IP. Allow the request when all three hold. If your firewall cannot do hostname checks, fall back to allowlisting the IPv4 addresses listed on this page. Prefer FCrDNS, because the IPs can change as we scale while the hostnames stay stable.
Do Velprove's IP addresses change?
Yes. We add and rotate monitoring workers as we scale, so a region's IPv4 address can change. The FCrDNS hostnames such as na1.probe.velprove.com stay stable, so allowlisting by hostname is safer. If you must allowlist by IP, re-fetch this list periodically. The /ips.json and /ips.txt endpoints are always live for that.
Does Velprove support IPv6?
No. Velprove monitoring checks are IPv4 only. Every check, including browser login monitors, connects to your service over IPv4, so your firewall or WAF only ever sees an IPv4 source address. You do not need to add any IPv6 rules for Velprove.
How do I verify a request really came from Velprove?
Take the source IPv4 of the request and do a reverse DNS (PTR) lookup. A genuine Velprove probe resolves to a hostname ending in .probe.velprove.com. Then forward-resolve that hostname and confirm it returns the exact same IPv4 you started with. Both directions must agree. This forward-confirmed reverse DNS round-trip cannot be spoofed by an attacker who does not control our DNS, so it is the reliable way to confirm the request is ours.
Which regions do checks run from?
Velprove operates 5 global monitoring regions: North America, Europe, United Kingdom, Asia, and Oceania, each with its own stable FCrDNS hostname listed above. You choose which region each monitor runs from, and all 5 regions are available on every plan, including the free plan. If a region has an outage, the other regions automatically take over its checks so monitoring continues without a gap. Because of that automatic failover a check can briefly originate from a different region's hostname, so for firewall allowlisting you should allow all 5 regions or use FCrDNS.