*.daily.co
if possible. If not, you'll need to be able to reach these domains in addition to your account's subdomain.daily.co
:[b.daily.co](<http://b.daily.co>)
and [c.daily.co](<http://c.daily.co>)
for javascript, images, sounds, and fonts[gs.daily.co](<http://gs.daily.co>)
for room status updates*.wss.daily.co
for SFU media connections. The first hostname will usually resemble an AWS IP, such as ip-172-31-10-133-ec2.wss.daily.co
.prod-ks.pluot.blue
(a Daily-owned server used for ICE negotiation)*.twilio.com
(STUN server/TURN relay for coordinating peer-to-peer calls)*.xirsys.com
(STUN server/TURN relay for coordinating peer-to-peer calls)*.daily.co
on port 443, as it's used for a variety of fallback connection types.