Every request coming from the RapidAPI Network will come from the following IP addresses. You can whitelist these IPs, as they are the ones used to send requests only from RapidAPI.
A request coming from RapidAPI can be considered already authenticated, so no billing or authentication checks are required on the API side.
Here is the complete list of IPs to whitelist: [Updated February 15th 2019]
Notice that you must accept API requests from ALL IPs bellow, regardless of which region your servers are located in.
US East
107.23.255.128
107.23.255.129
107.23.255.131
107.23.255.132
107.23.255.133
107.23.255.134
107.23.255.135
107.23.255.137
107.23.255.138
107.23.255.139
107.23.255.140
107.23.255.141
107.23.255.142
107.23.255.143
107.23.255.144
107.23.255.145
107.23.255.146
107.23.255.147
107.23.255.148
107.23.255.149
107.23.255.150
107.23.255.151
107.23.255.152
107.23.255.153
107.23.255.154
107.23.255.155
107.23.255.156
107.23.255.157
107.23.255.158
107.23.255.159
US West
35.162.152.183
52.38.28.241
52.35.67.149
54.149.215.237
Mumbai
13.127.146.34
13.127.207.241
13.232.235.243
13.233.81.143
Tokyo
13.112.233.15
54.250.57.56
18.182.156.77
52.194.200.157
Frankfurt
3.120.160.95
18.184.214.33
18.197.117.10
3.121.144.151
Sydney
13.239.156.114
13.238.1.253
13.54.58.4
54.153.234.158
South America
18.228.167.221
18.228.209.157
18.228.209.53
18.228.69.72
Singapore
13.228.169.5
3.0.35.31
3.1.111.112
52.220.50.179
Ireland
34.250.225.89
52.30.208.221
63.34.177.151
63.35.2.11
For security reasons, you should protect your API and block requests coming from outside the RapidAPI infrastructure.
RapidAPI adds the X-RapidAPI-Proxy-Secret header on every request. This header has a unique value for every API, and if the header is missing or has a different value, you can assume the request is not coming from our infrastructure. The header for this API is: X-RapidAPI-Proxy-Secret followed by a unique string.