Notice of New Scanner IPs for Qualys Web Application Scanning

John Delaroderie

Last updated on: August 4, 2023

This notice is to inform Qualys Web Application Scanning (WAS) customers that there are new IPs from which WAS scans can originate when scanning external facing applications and APIs.

What Steps Do Customers Need To Take?

Customers are required to add the following external IP addresses to their network devices (firewalls, WAFs, etc) allowlists. Customers only need to add both the Primary IP and Secondary IP addresses based on their Qualys platform. Customers with multiple subscriptions across multiple platforms will need to add all applicable IPs.

PlatformPrimary IPSecondary IP (Backup)
AE Platform 1139.185.38.235193.123.77.71
AU Platform 1
CA Platform129.153.61.18129.153.63.29
EU Platform 1144.24.249.196132.226.222.205
EU Platform 2141.144.196.156158.101.209.126
IN Platform 1168.138.113.116150.230.234.34
KSA Platform 1193.122.80.20193.122.80.229
UK Platform 1151.104.32.104151.104.34.175
US Platform 1139.87.116.247139.87.107.37
US Platform 2139.87.117.141139.87.105.179
US Platform 3139.87.104.123139.87.117.66
US Platform 4139.87.117.45139.87.105.233

Additionally, when reviewing scan results, scans will have an origination IP of

Will There Be Any Impact To Customers That Do Not Add The New IPs To Allowlists?

Customers that do not add the new IPs to their Allowlists may have their WAS scans blocked by firewalls, WAFs, and other network devices. A blocked scan may result in false negative results or end in scanning errors. To prevent false negatives or scan errors, it is important for all customers to include the new IPs in their allowlists.

Do Customers Need To Remove Current IP Ranges When Updating To The New IPs?

At this time, it is recommended for customers to keep their prior IP allowlists in place in addition to the platform based IPs in the table above.

If you have any questions or concerns, kindly contact your TAM or Qualys Support.

Show Comments (8)


Your email address will not be published. Required fields are marked *