Allowing ThreatLocker through your Firewall

3 min. readlast update: 11.26.2024

View in browser

Overview

If you utilize any form of internet filtering or proxy, you may need to allow the ThreatLocker Agent access to the ThreatLocker Datacenters.

Ports

We require port 443 for all traffic to ThreatLocker and basic api communication. 

We require port 443 for ThreatLocker Testing Environment/VDI outbound traffic.

Network Control requires port 8810 for Keywords and port 8811 for local objects.

By Hostname

You will need to allow access to:

  • api.threatlocker.com 
  • api.b.threatlocker.com
  • api.c.threatlocker.com
  • api.d.threatlocker.com
  • api.e.threatlocker.com
  • api.f.threatlocker.com
  • api.g.threatlocker.com
  • api.h.threatlocker.com
  • api.ae1.threatlocker.com
  • api.au1.threatlocker.com
  • api.ca1.threatlocker.com
  • api.eu1.threatlocker.com
  • apps.threatlocker.com
  • betaportalapi.ae1.threatlocker.com
  • betaportalapi.ca1.threatlocker.com
  • cdn.threatlocker.com (Our cdn is hosted via AWS and utilizes various IP addresses around the world.)
  • core.threatlocker.com
  • corecdn.threatlocker.com
  • legacyportal.ae1.threatlocker.com
  • legacyportal.ca1.threatlocker.com
  • macapps.threatlocker.com
  • portal.threatlocker.com
  • portal.b.threatlocker.com
  • portal.c.threatlocker.com
  • portal.d.threatlocker.com
  • portal.e.threatlocker.com
  • portal.f.threatlocker.com
  • portal.g.threatlocker.com
  • portal.h.threatlocker.com
  • portal.ae1.threatlocker.com
  • portal.au1.threatlocker.com
  • portalapi.ae1.threatlocker.com
  • portalapi.ca1.threatlocker.com
  • portal.ca1.threatlocker.com
  • portal.eu1.threatlocker.com 
  • webapi.threatlocker.com
  • webapi.b.threatlocker.com
  • webapi.c.threatlocker.com
  • webapi.d.threatlocker.com
  • webapi.e.threatlocker.com
  • webapi.f.threatlocker.com
  • webapi.g.threatlocker.com
  • webapi.h.threatlocker.com
  • webapi.ae1.threatlocker.com
  • webapi.au1.threatlocker.com
  • webapi.ca1.threatlocker.com
  • webapi.eu1.threatlocker.com 
  • updates.threatlocker.com
  • upload.threatlocker.com

By IP Addresses

If you are unable to allow by hostname or if adding by hostname results in no positive changes, you will need to allow the following IP ranges: 

  • 3.29.84.145
  • 3.29.116.80
  • 13.236.74.132
  • 13.237.45.182
  • 34.1.50.186
  • 34.23.91.229 
  • 34.74.42.184
  • 34.74.220.44
  • 34.138.26.207 
  • 34.138.119.231 
  • 34.139.193.237
  • 34.148.46.9
  • 34.148.190.241         
  • 35.196.188.218
  • 38.22.73.98
  • 38.22.73.99
  • 155.204.122.109
  • 155.204.122.110
  • 38.77.137.0/24     
  • 38.32.184.224/29
  • 38.68.197.27     
  • 38.77.143.0/24
  • 38.142.102.88/30
  • 60.242.12.32/28     
  • 66.35.69.80/29     
  • 66.35.75.32/27     
  • 66.35.91.32/27     
  • 71.74.161.192/26      
  • 71.74.165.192/26     
  • 71.74.166.64/26 
  • 71.74.166.192/26         
  • 84.207.211.144/28     
  • 148.51.137.104/29     
  • 148.51.137.160/27      
  • 149.5.35.0/24 
  • 175.45.118.80/28

Additional Hostnames relating to our Cyber Hero LiveChat

Please also add our third-party chat resource to your list of exclusions to prevent any potential issues related to using our Cyber Hero chat system. They are as follows:

  • *.cdn.livechatinc.com
  • *.livechat.com
  • *.livechatinc.com
  • *.livechat-static.com
  • *.recurly.com 

Accessing the ThreatLocker Portal

To access only ThreatLocker’s Portal or Beta Portal, you will need to allow access to the following Hostnames on Port 443:

  • api.ae1.threatlocker.com
  • api.ca1.threatlocker.com
  • betaportalapi.ae1.threatlocker.com
  • betaportalapi.ca1.threatlocker.com
  • portal.threatlocker.com
  • portal.b.threatlocker.com
  • portal.c.threatlocker.com
  • portal.d.threatlocker.com
  • portal.e.threatlocker.com
  • portal.f.threatlocker.com
  • portal.g.threatlocker.com
  • portal.h.threatlocker.com
  • portal.ae1.threatlocker.com
  • portal.au1.threatlocker.com
  • portal.ca1.threatlocker.com
  • portalapi.ae1.threatlocker.com
  • portalapi.ca1.threatlocker.com
  • portal.eu1.threatlocker.com
  • legacyportal.ae1.threatlocker.com
  • legacyportal.ca1.threatlocker.com 
  • webapi.threatlocker.com
  • webapi.b.threatlocker.com
  • webapi.c.threatlocker.com
  • webapi.d.threatlocker.com
  • webapi.e.threatlocker.com
  • webapi.f.threatlocker.com
  • webapi.g.threatlocker.com
  • webapi.h.threatlocker.com
  • webapi.ae1.threatlocker.com
  • webapi.ca1.threatlocker.com
  • webapi.eu1.threatlocker.com
Note: You only need the hostname for the instance you are running.

 

Accessing the ThreatLocker Testing Environment

To use ThreatLocker’s Testing Environment, you will also need to allow access to the hostname test.env.threatlocker.com on Port 443.

  

Was this article helpful?