Website wrongly blacklisted

The website of one of my clients is on the Avast blacklist: bluemoosebooks.com.

I understand why the domain was added to the blacklist. Up until late 2014 the server hosted malware. When I took over the website I completely rebuilt the site and switched the hosting. At the time I reported this to Avast but never got a response and when I phoned the support team (0203 608 7941) I was told that they can’t speak to web developers (even though that’s what my client is paying me to do). When my client phones the support team himself he’s told that he users of Avast will need to contact Avast and that he’d need to pay £79.99 for someone at Avast to look at the website.

So my question is… please, could someone have a look at the website and confirm whether or not it should still be on the blacklist? If the domain is free from malware, is there anyway to get the domain removed from the blacklist without paying a penalty?

To add to the above, I have checked reports by other services:

http://www.urlvoid.com/scan/bluemoosebooks.com/
https://safeweb.norton.com/report/show?url=bluemoosebooks.com
https://www.virustotal.com/en/url/0c63f14409b7b92fde1d4fa9df2741c44e9cd4c409e837484065600977a6e61d/analysis/

avast is not charging anything at all if your website is blocked/flagged by avast and you ask them to have a look.

Free phone support is very limited.
https://www.avast.com/total-support

Blacklisted :
http://zulu.zscaler.com/submission/show/dd2002f2ab1efbb1ca682846510fd01f-1460725998

Blacklisted (phising) on that ASN :
http://urlquery.net/report.php?id=1460725054575
http://urlquery.net/report.php?id=1460725097086
http://multirbl.valli.org/lookup/87.76.29.54.html

Thins to work on :
Insecure headers :
https://securityheaders.io/?q=www.bluemoosebooks.com

SSL/TLS issues :
https://www.ssllabs.com/ssltest/analyze.html?d=www.bluemoosebooks.com

Vulnerable libraries :
http://retire.insecurity.today/#!/scan/aa3c750d11218070e72b0a1b5bda2e8cacca99e5f9dbcb10583c68e1ad812393

Thanks for your response Eddy.

Perhaps I’m missing something but I don’t see anything in the links I should be particularly worried about. Yes, the site is a good candidate for an SSL certificate and it should use a more recent version of jQuery, and I’ll work on that. But I don’t see any phising or blacklisting going on?

The server IP seems completely clean, at least according to http://whatismyipaddress.com/blacklist-check. I’m not sure where Zscaler gets its IP Reputation from. But even then, the Zscaler rating doesn’t seem to be a reason for Avast to blacklist the website?

I suspect it is a old detection why avast is blocking the site, but only someone from avast can tell.
I will ask someone from avast to have a look at it.

Yes, please work on the JQuery vulnerability.
It will help to prevent problems.

Indeed, it was an old block. I removed it from our blacklist now :wink:
Everything we do, we do for free. If you ever paid anything, including for the phone call, you have been scammed!