All 4 WP sites hosted in A2 Hosting were hacked

The hack redirects all my sites to

All are running WP 5.4.1 (latest) and I even have a site that barely runs any plugins, just a simple open source theme with 3 common plugins – Contact Form 7, etc.

Thus, can i assume the attacker might be coming from A2 Hosting?