Could this code have been abused for phishing?

Where detected: Scanning -http://vendee-television.fr
Script loaded: -http://www.vendee-television.fr/__ovh/fr/res/punycode.min.js *
Script loaded: -http://www.vendee-television.fr/__ovh/fr/res/jquery-1.11.3.min.js
Status: success
Detected library: jquery - 1.11.3

See where it lands here: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.vendee-television.fr%2F__ovh%2Ffr%2Fres%2Fpunycode.min.js → -htxp://shampooforitchyscalp.ablewebsites.com
Safe code? → https://www.reasoncoresecurity.com/punycode.min.js-48df108612ef95c5b3bef98554597bb584d51aaa.aspx

punycode has an übersecretly hidden error page! where they launch this to ridicule those that land there:

console.log(+(!+[]+!+[]+!+[]+!+[]+[+[]+[!+[]+!+[]+!+[]+!+[]]]));

the domxssscanner code could kick up “var container” issues in Joomla → re: https://www.codacy.com/app/opensource/joomla-cms/issues?&filters=W3siaWQiOiJDYXRlZ29yeSIsInZhbHVlcyI6WyJVbnVzZWQgQ29kZSJdfV0=

polonus