Spam hacked website flagged?

[polonus]

Re: https://urlscan.io/result/f6546648-5ba8-4538-abd1-6b021572472e#summary
Re: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=clinsur.com%2F&ref_sel=GSP2&ua_sel=ff&fs=1
Re: http://urlquery.net/report/d167d9f7-9809-4769-8769-fe7432e5adfd
Re: on IP: https://www.hybrid-analysis.com/sample/29e58b8cd7bedc0afcffbe63197df145870edfac46ab45fb10716f9a84fcbf0a?environmentId=100
Fail and warnings: https://asafaweb.com/Scan?Url=clinsur.com

Found a protected folder on this domain User Name Password
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-AspNet-Version: 4.0.30319 -> insecure -https://clinsur.com:8443/

link info proliferation: -https://plus.google.com/communities/109881979300958500728

polonus (volunteer website security analyst and website eror-hunter)

[polonus]

Google Tag Manager abuse -> Checking http://idtdownloader.96.lt/config-data/worldnewsexpress253712
Status codes
These should normally all be the same.

Google Chrome returned code 301 to -https://dbapress.org
GoogleBot returned code 301 to -https://dbapress.org
-> https://aw-snap.info/file-viewer/?protocol=secure&tgt=dbapress.org&ref_sel=GSP2&ua_sel=ff&fs=1

See CMS config issue: Warning User Enumeration is possible

The first two user ID's were tested to determine if user enumeration is possible.

ID   User   Login
1   nomore   nomore
2   sougat dey   bacchaa
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

All flagged as malcode: https://www.virustotal.com/#/domain/idtdownloader.96.lt

polonus (volunteer website security analyst and website error-hunter)