To ensure CyberLearn (training, phishing simulations, and any browser plugin) runs reliably, your VPN/proxy, firewalls, DNS/URL filtering, and email security must allow traffic to CyberLearn services and must not rewrite/block links.
What should be on the allow list?
Allow (preferably as wildcards where possible)—use FQDN, not IPs (IPs can change):
CyberLearn service domains (portal, API, CDN)
*.cyber-detector.com*.app-cyberlearn.comapp-cyberlearn.comapi.app-cyberlearn.com- *.veriffy-center.com
- *.user-messagee.com
- *.access-portall.com
- *.delivery-statuss.com
- *.document-serviice.com
CyberLearn tracking/analytics (clicks/opens)
go.cyber-detector.com(click/open tracking for campaign analytics)
Note (CNAME/tracking): Some email systems will also see traffic to the provider’s tracking domain. If required, also allow:t.mailjet.com(behind our CNAMEgo.cyber-detector.com)
Email security
- Exempt our links from “link rewrite”/SafeLinks so URLs are not altered.
- Allow image fetching (open-tracking pixel) so open tracking works.
If wildcards aren’t supported, add the specific hosts you use (as above).
Why?
- Simulations: Links must not be rewritten/blocked—otherwise clicks are miscounted and the flow breaks.
- Content: Images/videos/scripts must be retrievable; blocking causes empty views/errors.
- Reporting: Clicks/opens are measured via tracking domains; blocking distorts KPIs.
Quick check
- DNS/URL filtering: Allow the CyberLearn domains above.
- Proxy/VPN: No SSL inspection blocking/certificate errors on these domains.
- Firewall (outbound): HTTPS (TCP/443) to the allowed domains.
- Email security: Exempt our links from link-rewrite and allow images.
- Link scanners: Exclude our links so the “first click” isn’t consumed by the scanner.
