The server is and has been clean the whole time. I don't even run WordPress or anything similar on that server that would be a common hacking target. If it was hacked, I'm pretty sure Google Safe Browsing would be the first to flag the site, not some random PiHole list.