See: https://urlquery.net/report/ea6060e8-e397-4aa7-8f50-3c12d6d3fdfd
Detection: https://www.virustotal.com/#/url/a4d0c89049c03ecbf25b6a8c06982fbdbf6384c00133edc58f42f56c3b4b53c1/detection
Quite some history: https://www.virustotal.com/#/domain/kunden-websicherheit1-aanmelden.com
Currently flagged by Google: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=a3VuI3tuLXd7YnNbXmh7fWh7W3QxLXx8bm17bCN7bi5eXW0%3D~enc
Note: A s​cript redirect in this line seems a bit suspicious! line 1

polonus

4 to detect a real PHISH from a parked domain

Hi Pondus,

You are our webforum VT wizzard. Yes, I also see 6 flag it now, but here there are only 5:
https://www.virustotal.com/#/url/5e2e13af17f5e63e22937577506f7425a8ed6fe37b4aa199363f5bc6f9be3217/detection

As with sniffer.js injecting scripts now - first they detected only 18 families, now recently they counted up to 38 of this Unfug,
mainly infecting Magenta websites. Where would we be without researchers and VT?
Read for this: https://www.group-ib.com/resources/threat-research/js-sniffers.html

Damian