Outdated CMS on PHISHING website...

See fortinet’s alerts for malware: https://urlquery.net/report/eec5c7f0-463a-4f2c-9a25-21a4652cd911
Confirmed: https://www.virustotal.com/#/url/43f0303fa4e16cd29ff7a2d3a0936895362136576aee60d7a52e1632890511ef/detection
6 to flag (flagged also index.php)
Word Press CMS outdated: https://sitecheck.sucuri.net/results/supremeways.com and website blacklisted.
1 detected jQuery library to be retired: https://retire.insecurity.today/#!/scan/48f5adf1152598868bb803b60ffff8bc1c4ddf58c3060cdb1147d96b429f8d11
27 security errors flagged here: https://webhint.io/scanner/0f751d47-e1cc-4885-bb3e-5b391a62e7d4
On CMS: Warning User Enumeration is possible

The first two user ID’s were tested to determine if user enumeration is possible.

ID User Login
1 None adminius24
2 None None
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

Loaded resources found OK → https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=c3VwfXtte3d8eXMuXl1t~enc

errors in code:

(element) -supremeways.com/undefined / suspicious: maxruntime exceeded 10 seconds (incomplete)
& (script) -supremeways.com/wp-content/themes/clean-corporate/third-party/sidr/js/jquery.sidr.min.js?ver=2.2.1
status: (referer=-supremeways.com/)saved 7034 bytes 57c359f422507358cd667f4119bd54086a1e842d
info: [decodingLevel=0] found JavaScript
error: line:6: TypeError: invalid ‘in’ operand b
file: 57c359f422507358cd667f4119bd54086a1e842d: 7034 bytes
&
[script] -supremeways.com/wp-includes/js/wp-embed.min.js?ver=4.7.11
info: [decodingLevel=0] found JavaScript
error: undefined function b.attachEvent
error: undefined variable b
info: [element] URL=-supremeways.com/undefined
info: [1] no JavaScript
file: 3e705584b3d8291eab9261b43e6afdadc561cad7: 27724 bytes
file: 9bbba02326099b6cf3cb93bde03e7055c34e8325: 75 bytes

polonus (volunteer website security analyst and website error-hunter)