Beginning in November we are transitioning to a new set of IP addresses for dashboard and Agent connectivity. The new addresses required for whitelisting network access will be:
These new addresses are already associated with Threat Stack (owned by Cloudflare), so it is safe to whitelist them now.
The previous IP addresses listed in this article will continue to be associated with Threat Stack’s infrastructure after the transition. However, beginning in December they will no longer be publicly accessible. Therefore, customers may choose to whitelist both the new and old IP addresses in their firewalls during this transition period.
After the transition to the new addresses takes place in November, we cannot guarantee that the old addresses will continue to be accessible in all circumstances prior to their December removal from public access. For example, in the event we detect suspicious or malicious traffic to the old addresses we may elect to restrict their traffic.
Configure Network Access
If you choose to limit network egress out of your environments, you may need to whitelist the Threat Stack Platform in your firewall configuration to enable the Agent to register and send data.
At no point does the Threat Stack Platform initiate a connection down to the Agent, therefore inbound flows to your network should continue to block access while allowing outbound flows.
The Agent connects to the following domains:
- app.threatstack.com (443/tcp) - registration only
- cssensors.threatstack.com (443/tcp) - all post registration communication
Previous IP Addresses
The following active IP addresses will be transitioned out of the DNS in November and become inaccessible for users in December:
- 126.96.36.199 (443/tcp)
- 188.8.131.52 (443/tcp)
- 184.108.40.206 (443/tcp)
- 220.127.116.11 (443/tcp)
- 18.104.22.168 (443/tcp)
- 22.214.171.124 (443/tcp)
- 126.96.36.199 (443/tcp)
- 188.8.131.52 (443/tcp)
- 184.108.40.206 (443/tcp)
- 220.127.116.11 (443/tcp)
- 18.104.22.168 (443/tcp)
- 22.214.171.124 (443/tcp)
Threat Stack does not support proxies at this time.
For more information on whitelisting webhooks see the Configure Network Access for Webhooks article.