Scenario
You work for Flower Explosion as a Security Analyst. You have confirmed that your website www[.] flowerexplosion[.]com was compromised. The compromised script linked to jquery[.]su in the Ukraine. Now you need to further investigate the compromise to see the extent of the attack and try to identify the threat actor’s infrastructure.
Searches
First search:
https://community.riskiq.com/search/www.flowerexplosion.com
Second search:
https://urlscan.io
Goals
Your goal is to determine the extent of the infrastructure used in the attack so you can better protect your organization from future attacks.