hacked site not flagged

See: http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Fgamyx.de
conclusion = a miserable detection fail, Sucuri should do better! (remarks from pol)
IDS also misses here: http://urlquery.net/report.php?id=9532487

Defacedment given by: http://maldb.com/gamyx.de/# while avast! does not alert.

Spam Check comes up with: Suspicion of Spam but this is the Defacement

-type: text/html .:/hacked by sultan brain:. <meta name=“description” content="kest,sultan brain,kur…
vuln. PHP: 5.5.5, 5.4.21, 5.3.28
external link to: http://www.webutations.net/go/review/iplogger.org?req=chrome
https://www.mywot.com/en/scorecard/iplogger.org?utm_source=addon&utm_content=popup-donuts
IP there once was in the bogons list - iplogger.org,5.9.11.105,dns.fastdns24.com,Parked/expired,

and for our original defaced site: gamyx.de,81.169.145.66,docks01.rzone.de,Criminals,
(that term Criminals means only active and up malcode, no more and no less)

So from all the scanners only maldb.com, virustracker and website security alert the abuse and defacement.
A meager result,

polonus

Haha. Way to make it captain obvious they got hacked. Why would a hacker put in a email when you can track someone through an Email?

Well not exactly captain obvious: http://hackread.com/tag/sultan-brain-hacker/
This is a malware site: htxp://www.qi-gong-paris.fr/le-professeur.html?b091bf4fddd6c8b513a90f11fd55522c=72d9f103de9d789324101981d2ef7a74
as flagged by Bitdefender’s TrafficLight. →
https://www.virustotal.com/nl/url/48dbf019811f0471ae73c535c0661466ef629fbe955bde3d842ffc0b3c2a5974/analysis/1392852223/
and attacked because site has outdated CMS: Joomla Version 1.5.0 to 1.5.1 for: htxp://www.qi-gong-paris.fr/media/system/js/caption.js
Joomla version outdated: Upgrade required.
Quttera adds to the misery from there these two suspicious files:
/plugins/system/jceutilities/js/jquery-123.js
Severity: Potentially Suspicious
Reason: Detected potentially suspicious content.
Details: Detected potentially suspicious initialization of function pointer to JavaScript method eval __tmpvar399567804 = eval;
Threat dump: View code → http://jsunpack.jeek.org/?report=e552fdaecc06c0e67aa875ce22c8ffdd405e9577
Threat dump MD5: B3C668B7BC6CE6FD142619538D966506
File size[byte]: 29846
File type: ASCII
MD5: FB49BB7A70D7BE19CC6A145146CA7D44
Scan duration[sec]: 0.606000
&
/Liens/Sites-amis/Yi-Quan-Picardie-Amiens.html
Severity: Potentially Suspicious
Reason: Detected unconditional redirection to external web resource.
Details:
Threat dump: View code
Threat dump MD5: 2B9061580DA5B910D456C3EAE30FAA9E
File size[byte]: 3912
File type: HTML
MD5: 500458FF2BB25DB1B28F544E26AC9174
Scan duration[sec]: 0.006000

polonus

I was more implying towards to GIF file running on the screen saying the goverment website was hacked… If that isn’t obvious then what would considered to be obvious?