Elf Mirai bot detection 4 to detect as 3 hrs ago..

See: https://urlhaus.abuse.ch/url/216854/
4 flag: https://www.virustotal.com/gui/url/e7a3a3df5ec68f2fba2cd057e8de23d03fa1d8d333f73ca11bd492dc2baefbda/detectiSite Site blacklisted and with vulnerabilities in Apache 2.4.6, CentOS

See also abuse on -host172-36-211-80.serverdedicati.aruba.it

To see a file with the malware: -https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=ODAuMjExLjM2LjE3MmBiW25zYHx9bS5i~enc (link made non-clickable for those for which ELF malcode poses a risk, pol).
Also found to be 100% malicious here: https://zulu.zscaler.com/submission/7dd14e02-7150-4906-a36c-bdb232087563

On security of hoster:

Website is insecure by default
100% of the trackers on this site could be protecting you from NSA snooping. Tell aruba.it to fix it.

Identifiers | All Trackers
Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.

-www.aruba.it asp.net_sessionid
-managehosting.aruba.it __cfduid
-v1%3a155187972176405573 Twitter guest_id
Legend

Tracking IDs could be sent safely if this site was secure.

Tracking IDs do not support secure transmission.

Retirable jQuery libraries:

Retire.js

bootstrap 3.4.0 Found in -https://mediacdn.aruba.it/MediaCDNRepository/files/90/905776a3-a892-496d-ad4a-12915ad3159c.js
Vulnerability info:
High 28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331
jquery 1.12.4 Found in -https://mediacdn.aruba.it/MediaCDNRepository/files/51/51233458-3474-4cd1-9a14-98ea4625900f.js
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution

Found by RECX Security Analyser v. 1.3.0.4 issues with ... content-security-policy in frame-ancestors 'self' -http://wa.aruba.it -https://wa.aruba.it (no best policy) No secure atttributes set for __cfduid

-.aruba.it

Insecure
ASP.NET_Session Id

-www.aruba.it

Insecure
CMSPreferredCulture

-www.aruba.it

Insecure
OpenChatControl

-www.aruba.it

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)