If you just go to http://bower.herokuapp.com/packages (without trailing '/') you can see everything in the public index and see for yourself - the most used git service is GitHub , but BitBucket and Gitlab also used . Many of the packages actually point to the git endpoint with http/https , not git:// if you need their whitelists too.
Please note that there are also http/https that don’t point to one of them, but it really depends on whether you really need all this stuff, usually the project will contain only so many packages, so I would not worry about that you may not need.
On a side note, for example, Artifactory and the Bower resolver can save you a lot of trouble, as it sends (and caches) all endpoints and serves everything that the client needs. Thus, you only need to deal with one machine coming out instead of all your customers. Also, I don't think private chat actually downloads packages for you - it looks like it's just a registry.
It can also serve as a private repo and index, so you don’t need to go outside your network at all for your internal things (it can also have an “offline” repo for your approved packages that all clients download, rather than forcing them to go outside for it) .