What is suspicious about this address?

[polonus]

Alert for: ET INFO Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)
Forcepoint Threat Seaker alerts site as suspicious:
https://www.virustotal.com/gui/url/e438fc583cae3aa5388793c935ef14e540fd99d464bea407ac5899cd2c479d18/detection
No content being returned: https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=fXtmcHx7eHwueHl6~enc
History of abuse alerts: https://www.abuseipdb.com/check/83.147.204.4
Info: https://amp.ipaddress.com/websites/refpaexa.xyz
I get

Uncaught TypeError: Illegal invocation: Function must be called on an object of type StorageArea
    at content.js:21
content.js:1 Feedback rendered
antiphishing.js:1 Sending APH request...
/favicon.ico:1 Failed to load resource: the server responded with a status

Code = React on Nginx.
Consider: https://toolbar.netcraft.com/site_report?url=https://refpaexa.xyz
Site is being blocked by uBlock Origin for me.
-> https://www.virustotal.com/gui/ip-address/83.147.204.4/relations
links to live betting at -https://crypto1xbit.com

Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.

-1bcsXXXXXXXXqcf2bp9nag== -crypto1xbit.com auid
 -www.google.com nid

Tracking IDs could be sent safely if this site was secure. Bad cookie security options.

polonus

[Pondus]

If you in VT click on details, you will see that it redirect

Final URL: -https://crypto1xbit.com/en/?tag=b_64501m_4303c_1xbitpopdesk

Seems to be a betting/bokmaker website

[polonus]

Thank you, Pondus, for drawing my and our attention to that fact.

Also what is flagged for instance through IDS alerts at urlquery dot net is *xyz domains,
which are considered suspicious by their nature, just like the *ga and *su domains are considered such suspicious domains.

I do not see such targeting general IDS rules appear inside other listings on VT or elsewhere, just at Forcepoint Theatseeker.

polonus