IP Addresses, URLs, and Ports to Allowlist
Written by Owen Parry
Updated at May 19th, 2026
This article lists the IP addresses, URLs, and ports required for CyberFOX DNS Filtering to operate correctly. The endpoints you need to allowlist depend on your deployment type:
- Static Locations (router/firewall): DNS Anycast IPs and DNS Forwarding Servers on port 53 UDP, plus the Management Portal on 443 TCP.
- Roaming Devices (DoH/DoT): DoH Anycast IPs on ports 80, 443, and 853 TCP, plus the DNS Service and Registration/Update service.
- Roaming Client (Windows agent): All of the above, plus the Roaming Client Loopback Listener on 127.0.0.1:53 UDP.
All endpoints in the table below must be reachable for their respective deployment type. Port usage summary:
- Ports 80 and 443 — HTTP, HTTPS, and DNS over HTTPS (DoH)
- Port 53 — Standard DNS (UDP; also TCP for large responses)
- Port 853 — DNS over TLS (DoT)
| Site or service | IP Addresses | Ports |
| Management Portal | app.cyberfox.com | 443 TCP |
| DNS Service | *.dns.cyberfox.com | 80,443,853 TCP |
| DNS Forwarding Servers |
166.117.83.181 166.117.241.23 |
53 UDP/TCP* |
| DNS Anycast IPs |
166.117.75.142 166.117.157.16 |
53 UDP/TCP* |
| DOH Anycast IPs |
v4 166.117.51.148 166.117.130.22 v6 |
53 UDP 80,443,853 TCP |
| Registration / Update service | msapidns.cyberfox.com | 80,443 TCP |
| Roaming Client Loopback Listener | 127.0.0.1 | 53 UDP |
*DNS uses UDP for most queries but falls back to TCP for responses exceeding 512 bytes, zone transfers, and EDNS0 payloads. Enterprise firewalls with strict rules need TCP 53 open as well.