Website was allowed by default

Closing Ticket


Customer Support Line

(888) 662-0874

https://parchmentsupport.force.com/admin/s/contactsupport



Parchment IP Address Ranges and Domains


If you're using restrictive firewall or proxy server settings, you or your network admin will need to allow certain domains and IP address ranges to ensure Parchment products and other services work as expected. As a general rule, Parchment recommends a DNS-based allow listing approach. Much of our infrastructure is hosted with Amazon Web Services (AWS) where we take advantage of the highly dynamic capabilities that the platform provides and has a set of IP addresses that span a large range.


Domain Names

Web Applications (ports 80 and 443)

*.parchment.com

*.escrip-safe.com

*.credentials-inc.com

*.credentialssolutions.com

*.iwantmytranscript.com

*.firstdata.com

cdnjs.cloudflare.com

fonts.googleapis.com

fonts.gstatic.com

connect.facebook.net


SFTP (port 22)

*.parchment.com

*.credentials-inc.com

*.escrip-safe.com




IP Address Ranges


We currently use a combination of IPs provided by AWS and our other colocation providers. You should allow the following ranges in order to ensure Parchment’s products operate as intended.


Outbound Connections from Parchment

The following IPs are those that Parchment may use for outbound (egress) connections from our platform to yours. Examples of these include SFTP connections and web services calls.


Instead of regularly manually checking for updates to this list, we recommend programmatically updating your rules with a low TTL based on the DNS record we publish with our egress IPs: 


egress.parchment.com

52.42.28.88

74.115.52.188

96.46.148.250

96.46.148.254


Inbound Connections to Parchment

The following IP ranges contain IPs that Parchment uses to host our platform and applications.


   3.90.181.203/32

   54.157.36.86/32

   74.115.52.176/28

   96.46.148.248/30

   96.46.148.252/30

   96.46.150.232/29

   96.46.155.232/29

   96.46.159.128/27


In AWS we utilize a combination of AWS Elastic IPs, AWS ELB and Cloudfront. As such, we do not maintain or guarantee that our products will be served consistently from the same IP addresses. If your use case requires you to specify a range of allowed IPs, we suggest that in addition to the ranges above, you allow everything labeled “AMAZON” or “CLOUDFRONT” from this list.


SFTP

Parchment prefers the use of key based authentication and host validation of our sftp servers. Our sftp host key fingerprints can be found below. If there is a firewall policy requirement, we recommend that you use the DNS entry of the sftp server with a low TTL to minimize any potential connection issues. 


sftp.parchment.com

SHA256:3x0MXgDef+Yw9H9C6UHfLlSF2lorW7621Sy66bMXNdY


asftp.parchment.com

SHA256:uAr5OzUPAa4peyOwaLz/5rc4RbMxgDrvn3WpQwC5NcM


in.escrip-safe.com

SHA256:9+VJ9mRGyfiE5WfZuk0/qHMGnhiHriajdXoLcVM5O+0


sftp.aws.parchment.com

SHA256:YONScO3fpYAeAOoqTPALNk5BHsgHEmsnBd52y0wnYjs


ftp.credentials-inc.com

SHA256:ZZ+cIiI8Ef+M/TRb1P8G01gHuUE/884MsywmmcIhcvon.