Main menu at http://www.safari-badminton appears fine, but mobile version (in chrome at least) has an extra, seemingly malicious link, http://m.safari-badminton.com.
There's no evidence of anything else being changed, the link points to http://www.andrezakatsani.com/online-cash-advance-ok/ which isn't a valid page, although the parent URL is an artist's website and looks legit.
Jetpack menus look ok, mobile theme has never been activated, code appears to be ok other than the link.
*There was another admin account created in the CPanel/dashboard/Jetpack with the name "d-192" or "support d-192", I don't know when this was created and I've deleted and all associated content, if any.
*Could this be a hack of a higher function of the site? i.e. has a plugin or wordpress theme been hacked and I essentially can't/don't need to do anything.
Should I be looking at a deep clean of the entire site and back end, using cleaning plugins etc, will I need to generate new secure keys and secure links to my external Google API backups, and should I be concerned about blacklisting etc?
Thank you for your help and time.