Hi, our domain ebcconsulting.com has been probably blacklisted. All the website is totally clean, as reported by virustotal and urlvoid. Could someone from Avast Team check and remove our domain? Our customers are experiencing a lot of problems. Tnx

All the website is totally clean, as reported by virustotal and urlvoid

Could someone from Avast Team check and remove our domain?

Blacklisted at PhishTank >> (Submitted Feb 18th 2016) http://www.phishtank.com/phish_detail.php?phish_id=3841669

seems there may have been a link to Phish there? >> hxxp://wxw.ebcconsulting.com/cli/files/index.htm

I do not see any malicious activity, so I am unblocking the domain now

Ok, thank you very much. Can you tell me in how much time Avast won’t signal our domain as infected?

It wasn’t already flagged when HonzaZ posted here.

I’ve updated my Avast, but is still locking the website…

try reboot computer … may need to clear cache

Disabling the shields and enabling them again should do it.

Nice the site is not malware flagged or suspicious, but there is some jquery library to be retired (zipfile for later reference)
moreover website is flagged as a verified PHISH:

-http://ebcconsulting.com
Detected libraries:
jquery - 1.10.2 : -http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
jquery-migrate - 1.2.1 : -http://ebcconsulting.com/media/jui/js/jquery-migrate.min.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.11.3 : -http://ebcconsulting.com/media/jui/js/jquery.min.js
1 vulnerable library detected

Also check this code and where it may land: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.ebcconsulting.com%2Fmedia%2Fjui%2Fjs%2Fjquery-noconflict.js

Two SRI issues for third party script and stylesheet code: https://sritest.io/#report/1e927064-db15-4b90-9f45-b0f51310d527
and again here this comes flagged: Missing SRI hash
this because of the all ruling “same origin” rule!

Then there is a hidden iFrame flagged:
Compromised sites will often contain embedded iframes that can also deliver malicious code to visitors of the web site. Check any discovered iframes and ensure they are legitimate. I assume this one is OK, allthough scriptblockers may block it.

What is more of a cocern is that this site is listed as a verified PHISH at PhishTank: https://www.phishtank.com/phish_detail.php?phish_id=3841669
Verified: Is a phish
As verified by buaya knack paulch phxcz Pluto67

Then we check Joomla CMS:
Outdated: Joomla Version
3.4
Version does not appear to be latest 3.4.8 - update now.

Joomla Modules, Components and Plugins
The following modules were detected from the HTML source of the Joomla front page.
mod_social_icons
mod_roknavmenu
The following components were detected from the HTML source of the Joomla front page.
No components were found passively in HTML source
The following plugins were detected from the HTML source of the Joomla front page.
jcemediabox
fmalertcookies
fastsocialshare
Adding Modules, Components and Plugins to a Joomla site expands your attack surface. These addons are a source of many security vulnerabilities, it is important to always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes. Using the JoomlaVS scanner it is possible to dig deeper and determine all installed components, including the version. This allows security vulnerabilities to be identified.

reported by,

polonus (volunteer website security analyst and website error-hunter)