Seems that many a server is still vulnerable to the so-called DROWn attack and this one also has insecure security header configuration!
Checked this and it fits the Hall of Shame: https://securityheaders.io/?q=https%3A%2F%2Fbing.com
Results for bing.com
Sites that use the certificates below are vulnerable to eavesdropping. Attackers may be able to decrypt recorded traffic and steal data.
Update server software at all IP addresses shown, and ensure SSLv2 is disabled.
Would you believe these results? https://test.drownattack.com/?site=bing.com :o supports SSLv2 export ciphers
CMS Outdated WordPress Version
4.7
Version does not appear to be latest 4.8.3 - update now.
These settings are wrong, admin Tim: Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.
ID User Login
1 admin admin
2 Tim tim
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.