URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | thedebagroup.com |
|---|---|
| Spamhaus DBL : | Not blocked |
| SURBL : | Not blocked |
| Quad9 : | Not blocked |
| AdGuard : | Not blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Not blocked |
| OpenBLD : | Not blocked |
| DNS4EU : | Blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2020-05-26 07:22:16 UTC |
| Total malware sites : | 4 |
| Online malware sites : | 0 (0%) |
| Offline Malware sites : | 4 (100%) |
| A record(s) observed : | 28 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-04-29 22:44:40 | 3.33.130.190 | a2aa9ff50de748dbe.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 |  US | yes |
| 2025-04-29 22:44:40 | 15.197.148.33 | a2aa9ff50de748dbe.awsglobalaccelerator.com | Not listed | AS16509 AMAZON-02 | US | yes |
| 2022-08-17 08:52:40 | 34.102.136.180 | 180.136.102.34.bc.googleusercontent.com | Not listed | AS396982 GOOGLE-CLOUD-PLATFORM | US | no |
| 2022-08-14 05:55:29 | 162.241.127.62 | 162-241-127-62.webhostbox.net | Not listed | AS19871 NETWORK-SOLUTIONS-HOSTING | US | no |
| 2022-07-30 02:30:51 | 87.236.167.227 | finoki.justforyouto.info | Not listed | AS40676 AS40676 |  GB | no |
| 2022-07-19 12:37:41 | 45.8.126.8 | free.gbnhost.com | Not listed | AS214719 GBN |  EE | no |
| 2022-05-29 14:47:28 | 69.49.246.112 | 69-49-246-112.webhostbox.net | Not listed | AS19871 NETWORK-SOLUTIONS-HOSTING | US | no |
| 2022-05-24 11:20:18 | 92.205.106.229 | 229.106.205.92.host.secureserver.net | Not listed | AS21499 GODADDY-SXB |  FR | no |
| 2022-05-22 04:47:34 | 103.219.154.253 | Not listed | AS207083 HostSlim-Global-Network |  NL | no | |
| 2022-05-14 07:36:27 | 27.100.36.188 | hsci.takenbilling.online | Not listed | AS7489 HOSTUS-GLOBAL-AS |  AU | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2021-06-28 05:45:34 | https://thedebagroup.com/binU.bin | Offline | encrypted GuLoader  |  abuse_ch |
| 2020-05-29 05:22:34 | https://thedebagroup.com/mana.bin | Offline | encrypted GuLoader | abuse_ch |
| 2020-05-27 08:22:04 | https://thedebagroup.com/binUG.bin | Offline | encrypted GuLoader | abuse_ch |
| 2020-05-26 07:22:18 | https://thedebagroup.com/man.bin | Offline | encrypted GuLoader | abuse_ch |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2020-05-29 05:22:34 | 285fbde672f61dbfefa7a7164efe00524de016d40a53e101138e1d6d438688ca | unknown | ||
| 2020-05-27 08:22:04 | 34844b0482e2e89870112a78127e9d9c8ceb163e8977ff91d16c1db551b57e9a | unknown | ||
| 2020-05-26 07:22:18 | fc29af1eb1d21b94a7ba74b3d9165fbe34ea11b965e625697d34ba04d0047113 | unknown |