What is suspicious about this address?

Alert for: ET INFO Observed Let’s Encrypt Certificate for Suspicious TLD (.xyz)
Forcepoint Threat Seaker alerts site as suspicious:
https://www.virustotal.com/gui/url/e438fc583cae3aa5388793c935ef14e540fd99d464bea407ac5899cd2c479d18/detection
No content being returned: https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=fXtmcHx7eHwueHl6~enc
History of abuse alerts: https://www.abuseipdb.com/check/83.147.204.4
Info: https://amp.ipaddress.com/websites/refpaexa.xyz
I get

Uncaught TypeError: Illegal invocation: Function must be called on an object of type StorageArea
at content.js:21
content.js:1 Feedback rendered
antiphishing.js:1 Sending APH request…
/favicon.ico:1 Failed to load resource: the server responded with a status
Code = React on Nginx.
Consider: https://toolbar.netcraft.com/site_report?url=https://refpaexa.xyz
Site is being blocked by uBlock Origin for me.
https://www.virustotal.com/gui/ip-address/83.147.204.4/relations
links to live betting at -https://crypto1xbit.com

Insecure Identifiers
Unique IDs about your web browsing habits have been insecurely sent to third parties.

-1bcsXXXXXXXXqcf2bp9nag== -crypto1xbit.com auid
-www.google.com nid

Tracking IDs could be sent safely if this site was secure. Bad cookie security options.

polonus

If you in VT click on details, you will see that it redirect

Final URL: -https://crypto1xbit.com/en/?tag=b_64501m_4303c_1xbitpopdesk

Seems to be a betting/bokmaker website

Thank you, Pondus, for drawing my and our attention to that fact.

Also what is flagged for instance through IDS alerts at urlquery dot net is *xyz domains,
which are considered suspicious by their nature, just like the *ga and *su domains are considered such suspicious domains.

I do not see such targeting general IDS rules appear inside other listings on VT or elsewhere, just at Forcepoint Theatseeker.

polonus