The
Top
Callback Hosts from Virtual Analyzer widget shows the most common callback hosts
contained in suspicious and high-risk email messages. A callback host is the IP address
or host
name of a C&C server.
When Virtual Analyzer receives an object (file or URL) from the TippingPoint Advanced Threat Protection for Email email scanners, Virtual Analyzer observes
whether the object connects to an external network address. A high-risk object attempts
to
perform a callback to a known C&C server host. Virtual Analyzer reports all connections
(URLs, IP addresses, and host names) made by submitted samples, including possible
malware
callback and other suspicious connections.
The table shows detections based on the selected time period. Click a number
under Detections or High Risk Messages to learn more
about the detections. Detections includes all detected email messages,
including high-risk messages.
Click View all callback hosts to see all suspicious host objects found
during analysis.
