PHISHING website also with malware on a suspended page?

See: https://urlquery.net/report/fa275c43-f681-4526-b13d-a098bbf2b4b8
Also https://www.virustotal.com/gui/url/a4f9d45806fde77f0d83498aef1794d605132e7fd8e3993c79553a5854064fbd/detection
10+ detected domains on IP -relations scan:
https://www.virustotal.com/gui/ip-address/138.201.233.18/relations
Likewise malware search: https://urlquery.net/search?q=+genericlogin.php

Site has been Zen registry expired by Amazon Dublin Ireland - only header detected: access-control-allow-origin

Blacklisted site: https://sitecheck.sucuri.net/results/marcatelnepal.com
This is a known dangerous web page. It is highly recommended that you do NOT visit this page.
The threat categorization is not complete & details will be added soon.
Outdated Software Detected
Nginx under 1.17.3 → https://www.shodan.io/host/138.201.233.18
Netcraft riusk rate 1 red out of 10: https://toolbar.netcraft.com/site_report?url=rs09de.01cloud.com
Vuln. in Client Pull on the browser -

SSL tracker report: Website is insecure by default
100% of the trackers on this site could be protecting you from NSA snooping. Tell -01cloud.com to fix it.

All trackers
At least 1 third parties know you are on this webpage.

-rs09de.01cloud.com -rs09de.01cloud.com
Tracker could be tracking safely if this site was secure.

Malicious history of IP: https://urlquery.net/search?q=52.213.114.86

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

P.S. In these respects also consider this info: https://forum.avast.com/index.php?topic=168002.0
Yep, folks, haven’t we been here before? :o

Damian