If your organization has firewall restrictions or requires IP whitelisting for security purposes, you need to authorize specific Wallet IP addresses to enable proper communication between your systems and the platform.

When do you need to whitelist IPs?

You need to whitelist Wallet IPs if your system needs it in the cases described below:

• Receiving webhooks from Captain Wallet (card events, user actions)
• Captain Wallet needs to query your APIs (user data, loyalty points, etc.)
• Captain Wallet needs to connect to your SFTP server to deposit/retrieve files
• Your organization has firewall rules restricting incoming connections

Production IPs to whitelist

Public Gateways (Webhooks and API calls)

Whitelist this IP range for all outgoing traffic from Captain Wallet:

1.179.121.0/24
172.246.241.0/24

Why a /24 range?

• Ensures full coverage of Captain Wallet's dedicated infrastructure
• Provides redundancy and high availability
• All IPs belong to Brevo and are fully controlled

SFTP Server IPs

If you need to connect to Captain Wallet's SFTP, the recommended approach is to whitelist the domain name instead of IPs:

sftp.captainwallet.com

If your firewall requires specific IPs:

5.196.223.43
37.59.218.213

Qualification/Testing Environment (QLF)

Public Gateways

172.246.65.0/24

Legacy IPs (being discontinued)

The following IPs will be discontinued soon:

147.135.218.43
212.47.254.235
163.172.149.90
141.94.164.100

How to verify IPs are working?

For webhooks

• Configure a test webhook endpoint.
• Trigger a test event.
• Check your server logs to confirm the request comes from the whitelisted IP range.

For API calls

• Monitor your API logs after integration.
• Verify incoming requests originate from 1.179.121.0/24 or 172.246.241.0/24.

For SFTP

• Test connection using provided credentials.
• Verify file upload/download works correctly.
• Check connection logs for IP addresses.