IP addresses for Domain scanning

Aikido uses dedicated IP addresses to perform scanning of your domains (DAST). To prevent connectivity issues, rate limiting, or security blocks, add these IPs to your firewall’s allowlist or other security software. After this, rescan your domains to confirm connectivity.

To use 'Fetch OpenAPI by URL', you must also add the Code & Container scanning IP addresses.

EU-based IP addresses:

3.248.4.169
54.76.211.68
54.228.156.63
54.247.155.164
18.200.152.99
18.202.99.112

US-based IP addresses:

98.85.190.95
52.204.144.1
44.209.56.130
18.210.114.117
35.168.38.209
35.173.56.162

Optional IP addresses (used for troubleshooting with support):

79.127.239.171

The IP address lists are also available as JSON arrays

Third party provider instructions

For instructions on adding IP addresses to allowlists with third-party providers, refer to the following resources:

Cloudflare WAF
Azure WAF
AWS WAF. For applications behind Application Load Balancers or CloudFront, your WAF should check the last IP address in the X-Forwarded-For header.

Last updated 7 days ago

Was this helpful?