Whitelisting requirements for Acunetix 360 On-Demand
To ensure the proper functioning of cloud agents and integrations, configure inbound and outbound traffic rules to allow access to the URLs in this document. Correctly configuring network access is a prerequisite for successful and accurate scans of your targets.
These are the whitelisting configuration steps to consider:
- Outbound connections
- Your browser outbound connections
- Acunetix 360 On-Demand Scanning Agent outbound connections
- Acunetix 360 On-Demand Auth Verifier Agent outbound connections
- AcuSensor outbound connections
- Inbound connections
Outbound connections
Your browser outbound connections
Your browser may be behind an outbound firewall or web proxy, particularly when inside a corporate LAN or behind a corporate VPN. You must ensure that your firewall/proxy/vpn allow outbound connections to:
Scope | Destination |
Browser access to Acunetix 360 On-Demand |
Acunetix 360 Online Scanning Agent outbound connections
If you have deployed a Scanning Agent, you must ensure that your network infrastructure allows it to make outbound connections to:
Scope | Destination |
API Calls to Acunetix 360 On-Demand | https://online.acunetix360.com |
API Calls to the AcuMonitor service for out-of-band vulnerability checking | https://r87.me |
VDB Database Download | https://www.invicti.com |
API Calls to the IAST Bridge | https://iast.invicti.com |
Scanning requests to your Target | IP Address / URL for your Target, including destination port |
Acunetix 360 On-Demand Auth Verifier Agent outbound connections
For any deployed Auth Verifier agent, you must ensure that your network infrastructure allows it to make outbound connections to:
Scope | Destination |
Auth Verifier Registration | https://us-avservice.netsparkercloud.com |
Scanning requests to your Target | IP Address / URL for your Target, including destination port |
ZeroDiscovery requests to your Targets | IP Address / URL for your Targets (default port list is 80, 81, 443, 3000, 5000, 7000, 8000, 8008, 8080, 8081, 8083, 8088, 8090, 8181, 8443, 8888) |
AcuSensor outbound connections
If you have deployed an AcuSensor agent into your target web application, you must ensure that your network infrastructure allows it to make outbound connections to:
Scope | Destination |
API Calls to the IAST Bridge | https://iast.invicti.com |
Inbound connections
Your target accepting inbound connections
You must ensure that your target's network infrastructure whitelists incoming connections from:
Scope | Source |
Incoming scanning and verification requests | 54.88.149.100 |
Incoming scanning requests | IP Address / URL of your Internal Scanning Agent(s) |
Incoming verification requests; Incoming API Discovery requests | IP Address / URL of your Internal Auth Verifier Agent(s) |
Your integration server accepting inbound connections
You must ensure that your integrations server's network infrastructure whitelists incoming connections from:
Scope | Source |
Integrating API calls | 54.85.169.114 |