This page lists all external URLs and endpoints that Cysmiq connects to. Use this to configure firewall rules and network policies.
Core infrastructure
These endpoints are required for Cysmiq to function.
| Host | Port | Protocol | Purpose |
|---|
nexus.cysmiq.com | 443 | HTTPS | Core cloud service |
Version control systems
Required based on which VCS integrations you use.
| Host | Port | Protocol | Purpose |
|---|
github.com | 443 | HTTPS | GitHub web and OAuth |
api.github.com | 443 | HTTPS | GitHub REST API |
gitlab.com | 443 | HTTPS | GitLab web and API |
If using GitHub Enterprise Server or self-hosted GitLab, add those custom URLs as well.
Ticketing integrations
Required based on which ticketing systems you integrate with.
| Host | Port | Protocol | Purpose |
|---|
api.linear.app | 443 | HTTPS | Linear GraphQL API |
*.atlassian.net | 443 | HTTPS | Jira Cloud API |
For Jira, the specific subdomain depends on your Jira instance (e.g., yourcompany.atlassian.net).
Analytics and monitoring
Optional services for analytics and error tracking.
| Host | Port | Protocol | Purpose |
|---|
app.posthog.com | 443 | HTTPS | PostHog analytics |
*.ingest.sentry.io | 443 | HTTPS | Sentry error tracking |
api.newrelic.com | 443 | HTTPS | New Relic monitoring |
These are optional and depend on your configuration.
User avatars
Used for displaying user profile images.
| Host | Port | Protocol | Purpose |
|---|
www.gravatar.com | 443 | HTTPS | Gravatar profile images |
Secret verification providers
These endpoints are contacted only when verifying leaked secrets. They are optional and only used when the corresponding secret type is detected and verification is enabled.
AI and ML services
| Host | Port | Protocol | Purpose |
|---|
api.openai.com | 443 | HTTPS | OpenAI API key verification |
api.anthropic.com | 443 | HTTPS | Anthropic API key verification |
Cloud infrastructure
| Host | Port | Protocol | Purpose |
|---|
sts.amazonaws.com | 443 | HTTPS | AWS credential verification |
api.cloudflare.com | 443 | HTTPS | Cloudflare API/CA/Global key verification |
api.digitalocean.com | 443 | HTTPS | DigitalOcean token verification |
api.heroku.com | 443 | HTTPS | Heroku API key verification |
api.vercel.com | 443 | HTTPS | Vercel token verification |
api.netlify.com | 443 | HTTPS | Netlify token verification |
api.fastly.com | 443 | HTTPS | Fastly API key verification |
*.jfrog.io | 443 | HTTPS | JFrog Artifactory token verification |
*.databricks.com | 443 | HTTPS | Databricks token verification |
storage.googleapis.com | 443 | HTTPS | GCP service account verification |
Payment and billing
| Host | Port | Protocol | Purpose |
|---|
api.stripe.com | 443 | HTTPS | Stripe API key verification |
connect.squareup.com | 443 | HTTPS | Square API key verification |
*.chargebee.com | 443 | HTTPS | Chargebee API key verification |
Email and communication
| Host | Port | Protocol | Purpose |
|---|
api.sendgrid.com | 443 | HTTPS | SendGrid API key verification |
api.mailgun.net | 443 | HTTPS | Mailgun API key verification |
*.api.mailchimp.com | 443 | HTTPS | Mailchimp API key verification |
api.telegram.org | 443 | HTTPS | Telegram Bot token verification |
hooks.slack.com | 443 | HTTPS | Slack Webhook URL verification |
*.webhook.office.com | 443 | HTTPS | Microsoft Teams Webhook verification |
verify.twilio.com | 443 | HTTPS | Twilio API key verification |
CI/CD and DevOps
| Host | Port | Protocol | Purpose |
|---|
circleci.com | 443 | HTTPS | CircleCI token verification |
api.travis-ci.com | 443 | HTTPS | Travis CI token verification |
api.github.com | 443 | HTTPS | GitHub token verification |
sonarcloud.io | 443 | HTTPS | SonarCloud token verification |
api.codeclimate.com | 443 | HTTPS | Code Climate token verification |
api.stackhawk.com | 443 | HTTPS | StackHawk API key verification |
Package registries
| Host | Port | Protocol | Purpose |
|---|
registry.npmjs.org | 443 | HTTPS | NPM token verification |
rubygems.org | 443 | HTTPS | RubyGems API key verification |
www.nuget.org | 443 | HTTPS | NuGet API key verification |
| Host | Port | Protocol | Purpose |
|---|
api.hubapi.com | 443 | HTTPS | HubSpot API key verification |
api.airtable.com | 443 | HTTPS | Airtable API key verification |
api.getpostman.com | 443 | HTTPS | Postman API key verification |
api.getbeamer.com | 443 | HTTPS | Beamer API key verification |
api.linear.app | 443 | HTTPS | Linear API key verification |
Blockchain and crypto
| Host | Port | Protocol | Purpose |
|---|
mainnet.infura.io | 443 | HTTPS | Infura API key verification |
api.bitkub.com | 443 | HTTPS | Bitkub API key verification |
api.polygon.io | 443 | HTTPS | Polygon API key verification |
*.alchemy.com | 443 | HTTPS | Alchemy API key verification |
| Host | Port | Protocol | Purpose |
|---|
api.dropboxapi.com | 443 | HTTPS | Dropbox token verification |
api.cloudinary.com | 443 | HTTPS | Cloudinary credentials verification |
Security and networking
| Host | Port | Protocol | Purpose |
|---|
api.shodan.io | 443 | HTTPS | Shodan API key verification |
api.abuseipdb.com | 443 | HTTPS | AbuseIPDB API key verification |
Miscellaneous services
| Host | Port | Protocol | Purpose |
|---|
www.googleapis.com | 443 | HTTPS | Google API key verification |
api.agora.io | 443 | HTTPS | Agora API key verification |
io.adafruit.com | 443 | HTTPS | Adafruit IO key verification |
api.abyssale.com | 443 | HTTPS | Abyssale API key verification |
app.surgehq.ai | 443 | HTTPS | SurgeAI API key verification |
*.shopify.com | 443 | HTTPS | Shopify token verification |
