Clean install redirect hack within minutes three times

I have a small hobby website (WordPress) that has been online for 15 years, never had a problem, until now. I rebuilt it from scratch, but within a few hours I had a redirect hack, that randomly happened, redirect to unwanted site. I even deleted everything (and I mean everything), database, users, files, everything in the public folder, then created the database by hand, created the user, made sure database and user names could never be guessed, downloaded latest WordPress 6.1.1 from wordpress.org, manually changed the database prefix in the config file from wp_ to something else, manually added salt keys, manually uploaded the files then ran the install online adding 30 random character password, everything. Then installed the WPS Hide Login plugin from WPServeur (last updated 7 months ago but over 1 million installs but I have used for years), then within two minutes, bang, website redirect again. I did this whole thing three times and got the same thing. I even scanned my entire PC for viruses, malware, everything. I am baffled? Ay help would be really appreciated. I downloaded wordpress-6.1.1.zip directly from https://wordpress.org/download/, unzipped the files locally, then after changing the database prefix and adding my database username and password to the wp-config.php file I used FileZilla FTP client to upload all the files manually. I used the latest WordPress Twenty Twenty-Three theme that comes as standard then installed the plugin to hide the wp-login URL, called “WPS Hide Login” by WPServeur. Not sure if I am allowed to post the link to that plugin on here. Thank you for your kind help.