For the IDS alert see: https://urlquery.net/report/f96865f5-7f18-49a9-8fb2-6e83edc8e94f
No flags here at Webroot BrightCloud: Domain Name:

-xn–haarverlngerung-leipzig-27b.com
Created Date:

2015-10-26
Name Servers:

-dns1.nsdns.info, -dns2.nsdns.info, -dns3.nsdns.info

Redirect: https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=eG4tLWh8fH12e31sbmd7fXVuZy1se1tweltnLTI3Yi5eXW1g~enc

Not flagged either here: https://sitecheck.sucuri.net/results/xn--haarverlngerung-leipzig-27b.com/

F-final Grade scan results: https://www.htbridge.com/websec/?id=FpMIm1rD

181 security hints: https://webhint.io/scanner/5d983410-0e77-48a9-bfbe-4e703db8073b

Let’s Encrypt Authority X3 (Intermediate certificate)
Server configuration
Host name:
server.pendesign.de
Server type:
nginx
IP address:
81.169.225.174
Port number:
443
Protocols enabled:
TLS1.2
TLS1.1
TLS1.0
Protocols not enabled:
SSLv3
SSLv2
Secure Renegotiation:
Enabled
Downgrade attack prevention:
Enabled
Next Protocol Negotiation:
Enabled
Session resumption (caching):
Enabled
Session resumption (tickets):
Enabled
Strict Transport Security (HSTS):
Not Enabled
SSL/TLS compression:
Not Enabled
Heartbeat (extension):
Enabled
RC4:
Not Enabled
OCSP stapling:
Not Enabled

Registrar Name:

-key-systems gmbh

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)

A background read on the pn- punycode domain:

https://fraudwatchinternational.com/expert-explanations/punycode-phishing-part-1/

That is why -https://haarverlängerung-leipzig.com/ has now been blacklisted through a 403: Access Forbidden
See: https://toolbar.netcraft.com/site_report?url=https://xn--haarverlngerung-leipzig-27b.com
Not flagged here: https://www.virustotal.com/#/ip-address/81.169.225.174

pol