Network Observables - Guided Exercise

2. Based on your research, which domain do you believe is most likely to be associated with malicious activity, and may be worth flagging as an IoC?

A. oa[.]88tech[.]com
B. raw[.]githubusercontent[.]com
C. sharepoint[.]com
D. None of the above.

in this question correct answer is a. oa[.]88tech[.]com
but i don’t get it how. report on virustotal shows it all clean

i thought the answer should be none of the above, D.

am i missing something here?

Screenshot 2025-05-18 at 11.51.24 AM2166×1468 229 KB

Screenshot 2025-05-18 at 11.51.34 AM2166×1468 232 KB

@JosephWhite could you please check this.

I will reach out to the the lab developer and ask. I agree that oa[.]88tech[.]com looks harmless. Maybe at one point it was not.

We have fixed this so the answer matches the findings.