Domain Investigation

Scenario

In this exercise, you have been given a domain from your firewall logs to investigate. You are tasked with investigating the domain to determine if it is malicious or associated with malicious domains. You will then create a ticket to block any identified malicious domains.

Objectives

Objective 1: Is the domain malicious?

Objective 2: Any other domains also malicious?

Objective 3: Can you determine how the websites interacted with each other?

Searches

First search: Perform a search for the domain antivirus.safetynote.xyz.
https://community.riskiq.com/search/antivirus.safetynote.xyz

Step by Step Video