Re: https://urlquery.net/report/f61bf948-9d1c-4bba-9ffe-3adfb0d00c6a
Reported: https://urlhaus.abuse.ch/host/medicalfarmitalia.it/
See a 301: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=bXsjW158bGZ8fW1bdHxsW3wuW3Rg~enc

Abuse of services: https://www.shodan.io/host/212.112.92.17

11 to flag: https://www.virustotal.com/en/url/80736e6376aeb273f20e6d48d828b4285a9ad7a054bfaf332c85e6e169cba8cb/analysis/

Avast detects the file as Win32:MalwareX-gen [Trj], so we are being protected:
https://www.virustotal.com/en/file/47510345889fd36b5d2dd97aacf69429bb5a2e47cf3d14db0f6899195a7e1172/analysis/1550979622/

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)