I'm calling an upstream API using workers and they require me to whitelist IP addresses. The problem is that they only support IPv4. Is there a way to force workers to only use IPv4 or some way to reliably get one of the IPv4 addresses found in https://www.cloudflare.com/ips/?

Are you having issues? If they only have A records, it should just send the request over IPv4. If they have AAAA records but don't support IPv6 whitelisting that would be really silly on their part, but Cloudflare's normal CDN always prefers IPv4 over IPv6 so it may still work -- would have to test that though

Haven't done long term testing (since we don't rely on it if itll be flaky). We're investigating if we need to deploy code somewhere else or if we can keep it at cloudflare. They do not have AAAA records. It sounds like we shouldn't need to worry about randomly using IPv6 then?

Unless they're using Cloudflare yea, not possible for it to connect over IPv6 without AAAA records

Actually, calling nslookup returns ``api.namecheap.com.cdn.cloudflare.net ``which sounds like namecheap uses cloudflare. So would it always be ``2a06:98c0:3600::103`` in that case?

Yeah since api.namecheap.com resolves to Cloudflare,

2a06:98c0:3600::103

would always be used regardless of who is behind the Worker subrequest. If youre allowlisting that address for your account, just keep in mind that anyone can sign up for Workers and start sending requests from that same IP. If there are also other strong authentication methods in place then it should be fine.