See: https://urlhaus.abuse.ch/url/207054/
and https://www.virustotal.com/gui/file/cf99692d9c296f810695976fcd1ab1a679943b716a88f037ff1fdc3f122c27d7/detection
and https://www.virustotal.com/gui/url/ca36a6974c305874e653eebf3c9eb15b19d35a0b20e49d1c733770ac71e946d5/detection
Re: -https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=MTkyLjIzNi4xNzguNDBgbl1we2AjfCMjeXNedW0ucHBe~enc
Confirmed: https://zulu.zscaler.com/submission/67cfe15b-b401-4a94-91dd-6db7efa48017
new: https://urlscan.io/result/8e05a34d-491f-45a6-8fe4-ede83ab5bb66SHA256: cf99692d9c296f810695976fcd1ab1a679943b716a88f037ff1fdc3f122c27d7 corresponds with that on VT.
Hostwinds’ abuse: https://toolbar.netcraft.com/site_report?url=http%3A%2F%2F192.236.178.40%2Fnope%2Fdaddyscum.ppc
also see relation and detections here: https://www.virustotal.com/gui/ip-address/192.236.178.40/relations
pol