See: https://yandex.com/infected?l10n=en&url=euroexp.ru
1 error and 9 warnings: https://mxtoolbox.com/domain/euroexp.ru/
Injection Check: Suspicious Text after HTML
Javascript Check:
Suspicious
External links check: Please check this list for unknown links on your website:
-http://newdomme.changeip.name/rsize.js’
Dr.Web has it as a known infection source and compromised site.
Sucuri finds instances of this: Anomaly behavior detected (possible malware). Details: http://sucuri.net/malware/malware-entry-mwanomalysp8
Minecraft Abuse: https://oscarotero.com/embed/demo/index.php?url=http%3A%2F%2Fnewdomme.changeip.name&options[minImageWidth]=0&options[minImageHeight]=0&options[facebookAccessToken]=&options[embedlyKey]=&options[soundcloudClientId]=YOUR_CLIENT_ID&options[oembedParameters]= Piwik Tracking Code Inclusion for Budget Gaming…
Web application details:
Application: Joomla! 1.5 - Open Source Content Management - http://www.joomla.org
Web application version:
Joomla Version 1.5.8 to 1.5.14 for: -http://euroexp.ru/media/system/js/caption.js
Joomla Version 1.5.8 for: -http://euroexp.ru/language/en-GB/en-GB.ini
Joomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 3.4.5
Outdated Web Server Nginx Found: nginx/1.0.6
Joomla Version
1.5
Found in META Generator Tag
Joomla Modules, Components and Plugins
The following modules were detected from the HTML source of the Joomla front page.
mod_swmenupro
The following components were detected from the HTML source of the Joomla front page.
poll
user
Detected threat from -http://194.85.93.45/ HTTP Server: nginx 1.0.6 (Outdated)
PHP Version: 4.4.9 (Outdated) Welcome to the Frontpage padlock icon
194.85.93.45
Alerts (1)
Insecure login (1)
Password will be transmited in clear to http://194.85.93.45/index.php
Infos (1)
Encryption (HTTPS) (1)
Communication is NOT encrypted
Mootools 1.11 → http://docs111.mootools.net/
polonus (volunteer website security analyst and website error-hunter)