CMS-website has some problems itself after it recovered from defacement hack!

[polonus]

Re: libraries to be retired: Detected libraries:
jquery-migrate - 1.2.1 : -http://vnuki-deda.ru/media/jui/js/jquery-migrate.min.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.11.3 : (active1) -http://vnuki-deda.ru
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
(active) - the library was also found to be active by running code
2 vulnerable libraries detected

Also see: http://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fvnuki-deda.ru

Insecure Home padlock icon
-vnuki-deda.ru
Alerts (1)
Insecure login (1)
Password will be transmited in clear to htxp://vnuki-deda.ru/
Infos (1)
Encryption (HTTPS) (1)
Communication is NOT encrypted

Insecure IDs tracking detected: 50% of the trackers on this site could be protecting you from NSA snooping.
Tell vnuki-deda.ru to fix it.

 All trackers
At least 2 third parties know you are on this webpage.

 -Google
-vnuki-deda.ru  -vnuki-deda.ru

Meagre F-Status and that for a Joomla CMS instruction website, it is a bit shameful really:
https://observatory.mozilla.org/analyze.html?host=vnuki-deda.ru

No suspicious or malicious source: https://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Fvnuki-deda.ru&ref_sel=GSP2&ua_sel=ff&fs=1
The following components were detected from the HTML source of the Joomla front page.
search
users
tags

Server: nginx
X-Powered-By: PleskLin srv-ps-plesk03.ps.kz OS: Unix
IP Address: -195.210.46.57
Provider: PS Internet Company LLC
Country: KZ  Certified Parallels Panel Virginia US expired Server not secure!

IP reported once for an attack:  Anonymous   05 Jan 2015   
DDoS on WordPress admin login pages
DDoS Attack
Participating in distributed denial-of-service (usually part of botnet).

elf-signed certificate is installed
-vnuki-deda.ru
-
Please contact the Certificate Authority for further verification.
You have 2 errors
Wrong certificate installed.
The domain name does not match the certificate common name or SAN.
The certificate has expired. Parallels Panel
The certificate has expired. This server is not secure.
Warnings
Root installed on the server.
For best practices, remove the self-signed root from the server.

Checked at Snyk: https://snyk.io/test/github/%20http://vnuki-deda.ru/media/system/js/punycode.js
-> http://www.domxssscanner.com/scan?url=http%3A%2F%2Fvnuki-deda.ru%2Fmedia%2Fsystem%2Fjs%2Fpunycode.js
Can be abused to run blackhole spamrun!

polonus (volunteer website security analyst and website error-hunter)

[polonus]

As this website has outdated joomla - Outdated Joomla Found - Security Announcements - Joomla under 3.5.1
Joomla Version 3.4.5 found at: htxp://vnuki-deda.ru/administrator/manifests/files/joomla.xml
I decided to upload this to be scanned: htxp://vnuki-deda.ru/index.php/component/tags/tag/2-joomla
and here are the scan results:
https://www.hybrid-analysis.com/sample/dd1ce94d1a54209977aed53094e0933124d75a315609bbb3397ecb27c47c6bf4?environmentId=100
1 malicious and 4 suspicious indicators.

pol