Scenario
In this exercise, you have been given a domain from your firewall logs to investigate. You are tasked with investigating the domain to determine if it is malicious or associated with malicious domains. You will then create a ticket to block any identified malicious domains.
Objectives
Objective 1: Is the domain malicious?
Objective 2: Any other domains also malicious?
Objective 3: Can you determine how the websites interacted with each other?
Searches
First search: Perform a search for the domain antivirus.safetynote.xyz.
https://community.riskiq.com/search/antivirus.safetynote.xyz