IP not being flagged elsewhere - spreading Mozi.m

See: https://urlhaus.abuse.ch/url/281269/
We are being protected by avast av and avast-mobile against this ELF:Gafgyt-AN [Cryp]
https://www.virustotal.com/gui/file/e15e93db3ce3a8a22adb4b18e0e37b93f39c495e4a97008f9b1a9a42e1fac2b0/detection
No info here: https://www.shodan.io/host/49.119.215.36
Neither here: https://db-ip.com/49.119.215.36
Netcraft risk grade 9 red out of 10: https://toolbar.netcraft.com/site_report?url=49.119.215.36
On Mozi.m read: https://www.hybrid-analysis.com/sample/c6f6ca23761292552e6ea5f12496dc9c73374be0c5f9d0b2142ca3ae0bb8fe14?environmentId=300

polonus

Similar abuse operating from an insecure network: https://urlhaus.abuse.ch/host/103.102.59.206/
Main domain: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=bnx2a3x9bnt0Lm57dA%3D%3D~enc
Netcraft Risk grade 10 red out of 10: https://toolbar.netcraft.com/site_report?url=node-ns1.navkarnet.net
Retirable jQuery library:

Retire.js
jquery 1.12.3 Found in -http://navkarnet.net/js/jquery.js
Vulnerability info:
Medium 3rd party CORS request may execute CVE-2015-9251
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Low CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, …) because of Object.prototype pollution

Insecure Tracking:

This website is insecure. 75% of the trackers on this site could be protecting you from NSA snooping. Tell -navkarnet.net to fix it.

All trackers
At least 4 third parties know you are on this webpage.

-Google
-Google

F-grade scan results here: https://observatory.mozilla.org/analyze/navkarnet.net
Only security header properly set = access-control-allow-origin

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

P.S. With Mozi.m malware av engines have a 53% detection rate. Pattern match “-http://upx.sf.net”;
ELF 32-bit LSB executable, ARM, version 1, statically linked, stripped
$Id: UPX 3.91 Copyright (C) 1996-2013 the UPX Team. All Rights Reserved. $
$Info: This file is packed with the UPX executable packer http://upx.sf.net $