Report Overview
Visitedpublic
2026-05-23 19:05:53
Tags
Submit Tags
URL
28830816-2348-ex.leudilingium.com/
Finishing URL
duckduckgo.com/
IP / ASN
157.90.33.73
Title
DuckDuckGo - Protection. Privacy. Peace of mind.
Detections
urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
4
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
duckduckgo.com 1 alert(s) on this Host | 522 | 2007-11-11 | 2012-05-24 | 2026-05-22 | 50 kB | 6.6 MB |  40.114.177.156 |   |
improving.duckduckgo.com | 42824 | 2007-11-11 | 2018-08-02 | 2026-05-23 | 4.9 kB | 7.7 kB | 40.114.177.156 | |
iseawave.com | unknown | 2025-10-06 | 2025-10-11 | 2026-05-22 | 1.1 kB | 387 kB |  0.0.0.0 |    |
28830816-2348-ex.leudilingium.com 10 alert(s) on this Host | unknown | 2024-09-25 | 2026-05-23 | 2026-05-23 | 920 B | 1.8 kB | 157.90.33.73 | |
Nginx (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.C3.js (JavaScript libraries)
D3 based reusable chart libraryC (Programming languages)
C is a general-purpose, procedural computer programming language supporting structured programming, lexical variable scope, and recursion, with a static type system.Perl (Programming languages)
Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages.Angie:1.7.0 (Web servers)
Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.Angie (Web servers)
Angie is a drop-in replacement for the Nginx web server aiming to extend the functionality of the original version.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low |  91.218.50.172 | Client IP | ET INFO Observed ZeroSSL SSL/TLS Certificate | |
| low | 157.90.33.73 | Client IP | ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1 | |
| low | 157.90.33.73 | Client IP | ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3 |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | duckduckgo.com/_next/static/chunks/5276-708c6032c277be93.js | malware | Detects SocGholish obfuscated variant first observed in July 2022 |
| Cloudflare DNS | 28830816-2348-ex.leudilingium.com | malicious | Sinkholed |
| Hagezi Threat Feed | 28830816-2348-ex.leudilingium.com | malicious | Sinkholed |
| DNS4EU | 28830816-2348-ex.leudilingium.com | malicious | Sinkholed |
JavaScript (30)
No JavaScripts
HTTP Transactions (121)
| URL | IP | Response | Size |
|---|