> For the complete documentation index, see [llms.txt](https://docs.halosecurity.com/docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.halosecurity.com/docs/platform/targets/scan-configuration.md). # Scan Configuration ## Scan Frequency Scan frequency allows you to configure how often scans will be performed. This setting defaults to a value of once per week. The following options are also available: Day, Month, and Quarter. In addition to configuring the frequency, you may select the time that scans are performed or have them performed at a random time. To change the scan frequency or time, visit the Target Settings or Domain → Network → Settings page. ## Scan Policy You can select the scan policy per target. {% content-ref url="/pages/hZP7QgrsrktJXcVNzRl9" %} [Scan Policies](/docs/platform/targets/scan-policies.md) {% endcontent-ref %} ## AWS Instances For customers using our [AWS integration](/docs/integrations/discovery-integrations/aws.md), it's possible to specify AWS instance IDs for resources that are discovered by the integration. If a target has been assigned an instance ID and the target is an IP address without a hostname, then the target IP will be updated whenever the integration is run. This feature can be useful for AWS assets utilizing dynamic IPs that may change periodically between scans. To specify an AWS Instance ID, visit the "Advanced Settings" page of the target. ## Scan Origins and User Agents Halo Security uses several unique network ranges, user agents, and other identifiers to perform scanning, crawling, and other network-related functions. In some cases, this information may be useful to identify traffic, add us to the allowlist, or filter out traffic from certain services (such as Google Tag Manager). ## Network Ranges The following network ranges specify the IP addresses of scanners in use: ``` 74.82.62.128/26 64.39.96.0/20 139.87.112.0/23 3.18.82.183/32 ``` Additionally, webshots (used to generate previews of the web application) originate from the following IP address: `54.187.125.96` ## User Agents For scans that access web applications, Halo Security appends a custom string to the User-Agent header to allow you to distinguish our traffic. This string is `vuln_scan_by_trustedsite_com_halo_security`. The full User-Agent header will appear like the following: ``` Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_10_3; en-us) AppleWebKit/600.6.3 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/600.6.3 vuln_scan_by_trustedsite_com_halo_security ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.halosecurity.com/docs/platform/targets/scan-configuration.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.