Office of Cybersecurity Scanner IP Addresses

This document provides the IP addresses that the Office of Cybersecurity may launch scans from.

The following scanning machines and their corresponding IP addresses are used by the Office of Cybersecurity when initiating security scans. All scanning traffic should originate from these IP addresses.

Scanner	IP Address(es) (DNS)
Qualys Scanner 1	128.104.53.184
Qualys Scanner 2	128.104.53.185
Qualys Scanner 3	128.104.53.186
Qualys Scanner 4	128.104.53.173
Qualys Scanner 5	128.104.53.174
Qualys Scanner 6	128.104.53.175
Qualys External Scanner (Off-Premise)	64.39.96.0/20
Cybersecurity Security Scanner	128.104.53.170 (misha.doit.wisc.edu)

FAQ

Are there any scanning activity on campus expected not from Cybersecurity?
- Yes. Office of Cybersecurity is aware of scanning conducted by the PowerPing project. Additional information on this project can be found at https://pages.cs.wisc.edu/~pb/powerping.html CloudLab PowerPing scans are conducted by the IP addresses 128.105.144.135 and 128.105.145.139

Please contact the Office of Cybersecurity at cybersecurity@cio.wisc.edu if you have concerns or experience issues with scanning activities from any IP addresses.

Keywords:

scan vulnerability tcd office of cybersecurity ip scanner powerping power ping

Doc ID:

154616

Owned by:

TCD K. in Cybersecurity Vulnerability Management

Created:

2025-09-05

Updated:

2025-09-05

Sites:

Cybersecurity Operations Center, Cybersecurity Vulnerability Management

0 0 Comment Suggest new doc