What is the problem with this site's security and the once executable????

Viruses and worms
1

See: https://urlquery.net/report/e4605627-13de-4351-a747-95ed9e94dea7
IDS alerts for “ET INFO Packed Executable Download” & “ET TROJAN Single char EXE direct download likely trojan (multiple families)”
on IP -121.29.54.100, a suspicious Hebei China address…on the CHINA169-BACKBONE CNCGROUP China169 Backbone)
Very interesting report here: https://forums.att.com/t5/AT-T-Fiber-Equipment/Suspicious-network-activities/td-p/5210078
contribution credits go to Chowdhury
The various kind of malware distributed from that IP address: https://www.scumware.org/report/121.29.54.100.html

The address you entered is unnecessarily exposing the following response headers which divulge its choice of web platform:

Server: nginx/1.11.5 → http://www.cvedetails.com/cve/CVE-2017-7529/
X-Powered-By: PHP/5.4.45 (consider a.o. https://www.exploit-db.com/exploits/38123/ )
NWSs_SP web server exploit Stack Buffer Overflow exploitable!
Configuring the application to not return unnecessary headers keeps this information silent and makes it significantly more difficult to identify the underlying frameworks.

Only IDS tools to detect: NWS_SP web server exploit
COMODO RSA Domain Validation Secure Server CA consider: https://urlscan.io/api/v1/result/fcbd9bba-e3b1-4252-b0d6-a9141c20b40e/

Three warnings -s95.b9823852351323h.com → http://toolbar.netcraft.com/site_report?url=https://s95.b9823852351323h.com
49% score on modern technology scan: https://en.internet.nl/domain/s95.b9823852351323h.com/92231/
and a 34% score for the domain at hand - website that is: https://en.internet.nl/domain/www.onond.com/92233/

Avast to flag the download as malicious and 2k.exe asinfested with Win32:Malware-gen
https://www.virustotal.com/#/file/8c87202a090303a1a617d562f5432fc3ddb3adfad678f466c403828da1d7e1d6/detection

100/100% malicious: https://zulu.zscaler.com/report/17db99cb-608a-4f34-9267-5c758a5fc0e3

Lame name servers detected: https://threatintelligenceplatform.com/report/onond.com/07A14cpDhJ
and https://urlscan.io/result/fcbd9bba-e3b1-4252-b0d6-a9141c20b40e/#summary

Flagged here: https://ransomwaretracker.abuse.ch/ip/121.29.54.100/
Win32/Ramnit.A virus / Locky

Unsafe site: https://transparencyreport.google.com/safe-browsing/search?url=onond.com

Found to be blacklisted: https://sitecheck.sucuri.net/results/www.onond.com/2.exe#blacklist-status

polonus (volunteer website security analyst and website error-hunter)