This list is current. Last updated 2 October 2017.
To enhance network performance and data security, New Relic uses a CDN and DDoS prevention service with a large IP range. New Relic agents require your firewall to allow outgoing connections to the following networks and ports:
- TCP 80
- TCP 443
New Relic recommends that you use port 443, a secured channel for encrypted HTTPS traffic. Some agents also offer port 80, an unsecured channel open to all HTTP traffic.
While some agents can be configured to use both port 80 and port 443, New Relic recommends that you choose the default of port 443. An existing configuration which is configured to use port 80 can be updated to use port 443, the default New Relic connection.
download.newrelic.com is provided through Fastly and is subject to change without warning. For the most current list of public IP addresses for New Relic agent downloads, see https://api.fastly.com/public-ip-list.
In order to report data to New Relic, Infrastructure needs outbound access to these domains, networks and ports:
If your system needs a proxy to connect to this domain, use the
In addition to the IP addresses for APM agents, New Relic Browser applications use outgoing connections to the following domains:
For more information about CDN access for the
js-agent.newrelic.com file to the domain
bam.nr-data.net or to one of the New Relic beacons, see Security for New Relic Browser.
In addition to the IP addresses for APM agents, New Relic Mobile applications use outgoing connections to the following domains:
Synthetics public locations
To configure your firewall to allow New Relic Synthetics to access your monitored URL, use Synthetics public minion IPs.
Synthetics private locations
Synthetics private minions report to
https://synthetics-horde.nr-data.net/. You'll need to configure your firewall to allow the minion to access this endpoint. This endpoint is dynamic.
Ticketing integrations and webhook alerts
Availability monitoring IP addresses (deprecated)
Availability monitoring was part of New Relic's legacy alerting system. For enhanced monitoring capabilities, use New Relic Alerts.
- Origin IP addresses for legacy availability monitoring
If you want to configure your firewall to allow New Relic to access your monitoring URL, whitelist the following origin IP addresses for the availability monitoring pingers. The region names also appear in the New Relic user interface. These ranges do not apply to alerts for New Relic Synthetics or "host not reporting" alerts from New Relic Infrastructure.
IP address Region name Location 22.214.171.124 Chicago Illinois 126.96.36.199 US West 2 Oregon 188.8.131.52 EU West 1 Ireland 184.108.40.206 AP Northeast 1 Japan 220.127.116.11 AP Southeast 1 Singapore 18.104.22.168 US East 1 Virginia
- Reserved IP addresses for legacy availability monitoring
The following IP addresses are currently reserved for future availability monitoring use. Whitelist them for forward compatibility.
IP address Region name Location 22.214.171.124 US East 1 Virginia 126.96.36.199 US West 1 California 188.8.131.52 US West 2 Oregon 184.108.40.206 EU West 1 Ireland 220.127.116.11 SA East 1 Brazil 18.104.22.168 US West 1 California 22.214.171.124 AP Northeast 1 Tokyo 126.96.36.199 AP Southeast 1 Singapore 188.8.131.52 AP Southeast 2 Sydney 184.108.40.206 AP Southeast 2 Sydney 220.127.116.11 SA East 1 Brazil