Agents
Shadops uses scanning agents deployed in multiple geographic regions to execute discovery and assessment tasks.
How it works
- Agents run in isolated environments managed by us.
- When you launch a scan, you select the origin region simulating attacker perspectives from North America, Europe, Asia, etc.
- This ensures realistic exposure mapping based on geolocation, routing, and firewall rules.
Agent activities
During scans, agents may perform the following activities:
- Service version detection - Identify and test service versions
- Vulnerability discovery - Detect known security flaws
- Certificate inspection - Analyze SSL/TLS certificates and expiration dates
- Web crawling - Navigate and index web pages
- Page downloading - Retrieve web content for analysis
- Secret scanning - Search for exposed secrets, API keys, and credentials
Egress IP reference
Use these IPs to identify our agent. Filter your logs or allow our agent in your firewalls:
| Region | IPv4 Egress | IPv6 Egress |
|---|---|---|
| Beauharnois (BHS) - Canada | 51.222.29.231 | 2607:5300:205:200::510b |
| Frankfurt (DE) - Germany | 141.95.1.234 | 2001:41d0:701:1100::c8e6 |
User-Agent identification
When possible our scanning agents include a unique User-Agent header in all HTTP/HTTPS requests:
User-Agent: X-Scan/1.0 (+https://shadops.com)
This allows you to:
- Identify our scans in your web server logs
- Filter or whitelist our traffic in your WAF/security tools
- Distinguish legitimate security testing from malicious activity