LoFP LoFP / T1566.003

T1566.003

TitleTags
if a known good domain is not listed in the legit_domains.csv file, then the search could give you false postives. please update that lookup file to filter out dns requests to legitimate domains.