# Scan Configuration ## Scan Frequency Scan frequency allows you to configure how often scans will be performed. This setting defaults to a value of once per week. The following options are also available: Day, Month, and Quarter. In addition to configuring the frequency, you may select the time that scans are performed or have them performed at a random time. To change the scan frequency or time, visit the Target Settings or Domain → Network → Settings page. ## Scan Policy You can select the scan policy per target. {% content-ref url="/pages/hZP7QgrsrktJXcVNzRl9" %} [Scan Policies](/docs/platform/targets/scan-policies.md) {% endcontent-ref %} ## AWS Instances For customers using our [AWS integration](/docs/integrations/discovery-integrations/aws.md), it's possible to specify AWS instance IDs for resources that are discovered by the integration. If a target has been assigned an instance ID and the target is an IP address without a hostname, then the target IP will be updated whenever the integration is run. This feature can be useful for AWS assets utilizing dynamic IPs that may change periodically between scans. To specify an AWS Instance ID, visit the "Advanced Settings" page of the target. ## Scan Origins and User Agents Halo Security uses several unique network ranges, user agents, and other identifiers to perform scanning, crawling, and other network-related functions. In some cases, this information may be useful to identify traffic, add us to the allowlist, or filter out traffic from certain services (such as Google Tag Manager). ## Network Ranges The following network ranges specify the IP addresses of scanners in use: ``` 74.82.62.128/26 64.39.96.0/20 139.87.112.0/23 3.18.82.183/32 ``` Additionally, webshots (used to generate previews of the web application) originate from the following IP address: `54.187.125.96` ## User Agents For scans that access web applications, Halo Security appends a custom string to the User-Agent header to allow you to distinguish our traffic. This string is `vuln_scan_by_trustedsite_com_halo_security`. The full User-Agent header will appear like the following: ``` Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_10_3; en-us) AppleWebKit/600.6.3 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/600.6.3 vuln_scan_by_trustedsite_com_halo_security ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.halosecurity.com/docs/platform/targets/scan-configuration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.