Scanner Infrastructure

Scanner IP Addresses

Whitelist these IPs on your firewall/WAF to allow DevSecOps Platform scans against your protected targets.

Active Scanner IPs

142.44.246.217Active
EU-West (Primary) Web + Network Scanner

OWASP ZAP, Nmap, Nikto, testssl.sh, Nuclei

How to Whitelist

To scan targets protected by a firewall, WAF, or cloud security group, you need to allow inbound traffic from our scanner IP. Here are instructions for common setups.

AWS Security Group

AWS CLI
aws ec2 authorize-security-group-ingress \
  --group-id sg-xxxxxxxx \
  --protocol tcp \
  --port 443 \
  --cidr 142.44.246.217/32

Replace sg-xxxxxxxx with your security group ID.

Cloudflare WAF

  1. Go to Security → WAF → Tools
  2. Under IP Access Rules, create a new rule
  3. Value: 142.44.246.217
  4. Action: Allow
  5. Zone: Select your domain or All Zones

Nginx

/etc/nginx/conf.d/scanner-allow.conf
# Allow DevSecOps Platform scanner
location / {
    allow 142.44.246.217;
    # ... your existing deny rules
}

Linux Firewall (UFW/iptables)

UFW
sudo ufw allow from 142.44.246.217 to any port 443
sudo ufw allow from 142.44.246.217 to any port 80
iptables
sudo iptables -A INPUT -s 142.44.246.217 -j ACCEPT

Important Notes

  • IPs are static and rarely change. We provide at least 30 days advance notice via email before any IP changes.
  • Only whitelist the scanner IP for targets you own. Never whitelist it for third-party systems.
  • Verify the IP by running dig scanner.harshal.cloud before whitelisting.
  • Your account's scanner IP is also visible on the VAPT page for easy copy-paste.
  • By whitelisting our IP, you confirm that you own or are authorized to scan the target system. See our Acceptable Use Policy.

Need Help?

If you're having trouble whitelisting or your scans are still failing, email support@harshal.cloud with your target URL and firewall details.