A suspicious host is an IP address or host name with the potential to expose systems to danger or loss. View suspicious hosts to understand your risk, find related messages, and assess the relative prevalence of the suspicious host.
- Go to Detections > Suspicious Objects > Hosts.
-
Specify the search criteria.
- Host (IP address or host name)
- Period
-
Press ENTER.
All suspicious objects matching the search criteria appear.
-
View the results.
Header
Description
Host
View the IP address or host name used by the suspicious object.
Port
View the port number used by the suspicious object.
Risk Level
View the level of potential danger in a sample after Virtual Analyzer executes the file or opens the URL.
Related Messages
View the messages containing the same suspicious object.
Latest Message Recipients
View the most recent recipients of the email message containing suspicious objects.
Latest Detection
View the date and time Virtual Analyzer last found the suspicious object in a submitted object.