Ports and IP-Addresses

This page lists the ports and IP-addresses iconik uses when communicating.

Ports

HTTPS - Port 443

All communication with iconik itself is performed over HTTPS (or its variants HTTP/2 or QUIC) on port 443. All communication is initiated from the client

Direct ISG-to-ISG transfer - Default port 8443

When two iconik Storage Gateways are configured to allow direct transfers they can communicate over the customer's internal network. The default port for this is 8443 but this can be configured in the Storage Settings. For more information see the Direct ISG-to-ISG transfer page.

IP Addresses

Incoming IP-addresses

The only IP-addresses iconik uses for incoming traffic are the ones resolved from the following hostnames:

  • app.iconik.io - 35.227.253.187
  • eu.iconik.io - 34.120.119.116
  • us.iconik.io - 35.244.244.40

In addition to this, iconik will also reference resources hosted in cloud buckets. The exact addresses for these will depend on the storage service used. If exact addresses are required for your firewall configuration, please reach out to iconik support.

The standard iconik buckets for files, proxies and keyframes use https://storage.googleapis.com/ as the endpoint. This endpoint does not have a static ip address so if you need to limit connectivity you will either have to use the URL if your firewall/proxy supports this, or set up a dedicated cloud bucket for files, proxies and keyframes with a static ip.

Outgoing IP-addresses

Custom actions and webhook callbacks are initiated from iconik. These requests will always originate from one of the following addresses:

  • 35.189.220.183 (EU)
  • 34.78.105.187 (EU)
  • 35.224.65.52 (US)
  • 35.194.10.191 (US)

Please note that the above addresses only are used for webhooks and custom actions. For storage access we are using dynamic addresses assigned by Google. You can find the full list of ip addresses used at https://cloud.google.com/compute/docs/faq#find_ip_range but please note that this list is updated periodically and we have no control over which addresses are assigned to our compute resources. If you use bring-your-own-bucket for storage you will need to make sure you open up ports and ip addresses used by the storage vendor.

Outgoing Email

The iconik service uses Sendgrid for outgoing email. Outgoing email is sent with the envelope from domain em8139.iconik.io and the user-visible email address is always from the iconik.io domain (such as noreply@iconik.io or similar).

Outgoing email from the iconik service is currently sent from the following ip addresses and hostnames, thought this is subject to change at short notice if we have to for operational reasons:

  • 149.72.176.194 - o1.sendgrid-out.iconik.io
  • 159.183.135.8 - o2.sendgrid-out.iconik.io

Email from the iconik.io domain may sometimes also be sent from other sources, such as our support system or our email marketing system. If you wish to obtain a full list of potential ip addresses, please see a list of ip addresses listed in our SPF records using a free SPF lookup service such as https://dmarcian.com/spf-survey/

All iconik email is sent with DKIM signatures and will only be sent from sources listed in our SPF record.