Overview
Akamai operates multiple ASNs — AS20940 is the most-seen, but the company holds dozens of ASNs reflecting decades of acquisitions and regional segmentation. Akamai does not publish a single authoritative range JSON; customers receive an allowlist tailored to their contracted services. Public BGP tables make ranges discoverable but ownership attribution requires multiple data sources.
Services on these IPs
Akamai serves: large enterprise CDN (Apple, BBC, banks), Edge DNS, Bot Manager (anti-bot WAF), Image Manager, Kona Site Defender (WAF/DDoS), Prolexic (DDoS scrubbing), Enterprise Application Access. Acquired Linode in 2022 — Linode VMs now share some infrastructure.
How to detect Akamai IPs
Reverse DNS often returns *.akamaitechnologies.com, *.deploy.akamaitechnologies.com, or *.akamaiedge.net. HTTP responses may carry headers like X-Cache or x-akamai-* for diagnostics. ASN lookups returning AS20940 or other Akamai ASNs confirm ownership.
When this matters
Customers add Akamai’s assigned IP allowlist to their origin firewalls. Security analysts decode which Akamai service handled a request (CDN vs WAF vs Linode VM) by IP block. Threat intel separates legitimate Akamai-fronted customer traffic from Linode-hosted attacker infrastructure.
Caveats
These sample ranges are well-known Akamai prefixes verified via BGP and Akamai documentation. The complete fleet is much larger — Akamai’s authoritative range list is delivered to enterprise customers, not published publicly.