Hi ernesto27,
You should wait for a final verdict from an Avast Team Member, as we are volunteers with relevant knowledge.
So in the mean time consider the results of my third party cold reconnaissance scanning of your website.
Towards cloaking site looks fine, GoogleBot and Google Chrome return similar status code, there are no spammy looking links,
No iFrames and no blacklinks to worry about.
BitDefender Traffic Light flags your website as malware site.
Your site is being hosted with 41 other websites on that same IP address, so whenever you have bad neighbors you could suffer the consequences. In that case ask your hoster to move you out to a more secure IP. There are current events going on there and there is spam activity from 16 blacklisted URLs:
http://sitevet.com/db/asn/AS54641Looking at your CMS: Web application version:
Joomla Version 2.5.28 found at: -http://damasdeblanco.org/administrator/manifests/files/joomla.xml
Joomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 3.4.5
Joomla Modules, Components and Plugins
The following modules were detected from the HTML source of the Joomla front page.
No modules were found passively in HTML source
The following components were detected from the HTML source of the Joomla front page.
mailto
The following plugins were detected from the HTML source of the Joomla front page.
jatypo
jckeditor
Adding Modules, Components and Plugins to a Joomla site expands your attack surface. These addons are a source of many security vulnerabilities, it is important to always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes. Using the Joomscan scanner you are able to test more aggressively for plugins and modules installed within a Joomla installation.
I see no vulnerable jQuery libraries. Some script links may come blocked by adblocker or scriptblocker tools,
but you should check there are no problems created while
var $j = jQuery.noConflict(); $j(document).ready(function($) {
is implemented.....Read:
https://github.com/mattboldt/typed.js/issues/56like for instance: -https://static.doubleclick.net/instream/ad_status.js comes blocked by uMatrix.
Inspecting the DNS: Issue with Name Servers Versions
WARNING: Name servers software versions are exposed:
70.39.150.2: "9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.6"
74.124.210.242: "9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.6"
Exposing name server's versions may be risky, when a new vulnerability is found your name servers may be automatically exploited by script kiddies until you patch the system. Learn how to hide version.
SRI test results: Scripts
Found 1 unsafe scripts out of 7 script tags
Stylesheets
Found 2 unsafe stylesheets out of 5 stylesheet tags
Re:
https://sritest.io/#report/2c7683fb-a2b3-40dd-99e3-01107477b2baYou should mitigate the issues I reported for your site. Where Avast flags I think you have to take that up with your hoster,
as from exposing the name server versions I fear that this is not particularly a proactive hoster with security as a first priority.
Better consider to move to dedicated hosting, because there you would
not have such bulk-hosting problems.
Nothing alerted here:
https://urlquery.net/report.php?id=1455452242191and see here:
http://fetch.scritch.org/%2Bfetch/?url=damasdeblanco.org&useragent=Fetch+useragent&accept_encoding=polonus (volunteer website security analyst and website error-hunter)