Malware here detected?

Has
Suspicious URLs found in: -http://www.officialcowboyslockerroom.com/elite-jourdan-lewis-jersey been flagged?

1: hxxp://js·users·51·la/19261876·js

Confirmed: https://sitecheck.sucuri.net/results/www.officialcowboyslockerroom.com/elite-jourdan-lewis-jersey
found connected to -ziplancer dot io → http://www.avgthreatlabs.com/ww-en/website-safety-reports/domain/ziplancer.io
consider: https://crt.sh/?q=ziplancer.io
and https://urlscan.io/result/0f6c7794-c440-456a-9b37-4d2965fe0b9c

polonus

Another one reported here: https://urlhaus.abuse.ch/url/194283/
Normal scans do not detect: https://sitecheck.sucuri.net/results/beansmedia.com
Vulnerabilities on Dutch hoster: https://www.shodan.io/host/149.210.131.83
Not flagged, but found suspicious: https://www.virustotal.com/en/url/a2c3460235978adeed8642e234285755fef6c6ebdec19661856f18bb1fa8cb43/analysis/
File detection by 8 parties: https://www.virustotal.com/en/file/1aa1035bf14484bc23b3a416785c947328c711113dacde652132be74fad8a8cf/analysis/1557510790/
HEUR:Trojan-Downloader.Script.Generic at a compromised website, connected to script at -https://worldclassvip.com/wp-content/themes/

…"FILE_733953041149US_May_10_2019.jsPKP

Also consider: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=Ynt8bnNteyNbfC5eXW1gent1czE2YHdwLVtuXmx1I3tzYCNdXnVte250YHpucV5bQllbd2ZmR255TmxueVduXWA%3D~enc
Else one gets:
There was an error executing your search, please adjust your search-term and try again. Message:

[query_shard_exception] Failed to parse query [htxp://beansmedia.com/zeus16/wp-includes/Document/znqCiBYIwffGnyNlnyWnO/], with { index_uuid=“aYBbgOk3R4e_lF-b2ss6XQ” & index=“results-green” }

& for the main domain
'[token_mgr_error] token_mgr_error: Lexical error at line 1, column 23. Encountered: after : “”

On the hosting page: https://urlscan.io/result/43863e69-50ac-4dd3-ae1f-b41d70f15367

polonus

According to the resources here the webite is offline: https://urlhaus.abuse.ch/url/194285/
But I get the following data here:

Reputation Check PASSED Google Safe Browse: OK Spamhaus Check: OK Abuse CC: OK Dshield Blocklist: OK Cisco Talos Blacklist: OK Web Server: LiteSpeed X-Powered-By: PHP/5.6.40 IP Address: -112.213.89.117 Hosting Provider: SUPERDATA Shared Hosting: 1112 sites found on -112.213.89.117

Outdated CMS: WordPress Version
4.2.23 Version does not appear to be latest

Issue: User Enumeration
The first two user ID’s were tested to determine if user enumeration is possible.

ID User Login
1 admin admin
2 Vu Nguyen maypro
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Blacklisted website: https://sitecheck.sucuri.net/results/mayproduction.vn

Open to various threats (14): https://webscan.upguard.com/#/http://mayproduction.vn/
Re: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=bXx5cH1dI3VedFtdbi52bmA%3D~enc

polonus