URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: safetygear.pk
Abuse complaint sent?: Yes (2022-08-10 09:40:02 UTC to staff{at}pknic[dot]net[dot]pk)
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Control D HaGeZi :Not blocked
Firstseen:2022-08-10 09:37:03 UTC
Total malware sites :4
Online malware sites :0 (0%)
Offline Malware sites :4 (100%)
A record(s) observed :10

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2025-04-27 16:59:50 199.188.201.179business58-2.web-hosting.comNot listedAS22612 NAMECHEAP-NET- USyes
2023-11-11 01:23:57 91.215.85.223SBL615768AS200593 PROSPERO-AS- RUno
2023-05-27 16:12:52 94.142.138.213SBL655622AS211522 HYPERCORELTD- FIno
2023-05-03 13:21:55 91.215.85.135SBL615768AS200593 PROSPERO-AS- RUno
2023-04-14 19:01:14 94.142.138.104SBL655622AS211522 HYPERCORELTD- FIno
2023-03-16 16:49:48 91.215.85.173SBL615768AS200593 PROSPERO-AS- RUno
2022-12-19 04:36:02 91.215.85.158SBL615768AS200593 PROSPERO-AS- RUno
2022-08-10 09:37:05 45.143.201.4free.ntup.netSBL625748AS200195 VERASEL- RUno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2024-02-08 05:06:08http://safetygear.pk/native.exeOffline32 CoinMiner exe Rhadamanthys zbetcheckin
2024-02-08 05:01:12http://safetygear.pk/asdf.EXEOffline32 CoinMiner exe Rhadamanthys zbetcheckin
2024-02-08 05:01:10http://safetygear.pk/net.exeOffline32 CoinMiner exe Rhadamanthys zbetcheckin
2022-08-10 09:37:05http://safetygear.pk/ghjk.exeOfflineAZORult ext CoinMiner ModiLoader ext RecordBreaker ext RemcosRAT ext Rhadamanthys zgRAT JAMESWT_MHT

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2024-03-27 14:27:02432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67exeCoinMiner
2024-03-27 14:12:21432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67exeCoinMiner
2024-03-27 14:02:48432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67exeCoinMiner
2024-03-27 13:58:47432747c04ab478a654328867d7ca806b52fedf1572c74712fa8b7c0edb71df67exeCoinMiner
2024-03-20 02:17:166242c0e0621b3652c27c4390d8170a62745dde164dea2e4bd065fb396423689dexe  
2024-03-19 14:07:18d409685aab01d55c6183363391639e723969ffad23d0da8b0ab08dcfe1e7c0dbexe  
2024-03-18 18:15:224dc4a5731364b47800189b82f0fe51fa1bda5ea828af59b57f22c88b7b13894eexe  
2024-03-18 00:19:40be73738191878fdc49c8994b60069df39e835b6bae6a4a8ded041c87b8514e1dexe  
2024-03-17 23:22:566e9bcc0913a29fe2608c028184592f1580d282547d37993cc467706000f73017exe  
2024-03-17 20:04:054dc4a5731364b47800189b82f0fe51fa1bda5ea828af59b57f22c88b7b13894eexe  
2024-03-17 16:22:564dc4a5731364b47800189b82f0fe51fa1bda5ea828af59b57f22c88b7b13894eexe  
2024-03-17 05:16:21e98551d84f6a4f849b93654026b4c1a69778ded802897d36e345faefe4d3b4a1exe  
2024-03-17 05:14:172fd160c9bdfaefdf9662672f87f8e741117297e92d803e3e2cec6abca3b77c92exe  
2024-03-17 00:10:35be493f62b6da42d19baa88bf6e478be6daf1c02d7953c9f32868fa1ee09aa455exe  
2024-03-16 17:15:3252bceda6ff07125e2899b042f7715dd754b4e8a560892483be99b696a51680a6exe  
2024-03-16 15:42:01bdc0d259ce1789a7017e462c0b6b17c817bc3ddb2af3c2d4230be99587acb60fexe  
2024-03-16 14:30:37e6c83e4c2460b36752266499e77bb3731a2d1cc2e42495b7c76e9c64aaf2f2f6exe  
2024-03-16 11:08:539f1272dd88a47fa701feded4e9bd19e2389ecd52c5bf409d043186a7dbead2a8exe  
2024-03-16 03:01:45ed6019e8183a17ffbd5aac89643b9f2b4121e80b23059413c0ece36d8ce3df10exe  
2024-03-16 01:14:169c776f6ccc8cfe47561e571c7fee6590e2c22a624f2fa9302b708ee44c002645exe  
2024-03-16 01:10:429e4ca8c525d8a750fc491f6220e2da4f063d390c9a9ea24f7294a065444251b2exe  
2024-03-15 23:54:53b28249b99560c2dfc6db3542b64485eed51ee14ef325395c9ba262e1ad4547d8exe  
2024-03-15 23:08:37fdc58fabcddfdf209d8d6815145cb4c8e49fd6c6e1c38ef69d83a2f6d2381987exe  
2024-03-15 22:23:45758f13dc4d57134fe1396eac47ceb3c3eff7ff6aac2985b8f282038ac2f11cdaexe  
2024-03-15 19:25:31aa43bd7fe2ebf347b5a82aa8ae4e691b5fb82bc52e58a4e722b795d3dd0d5483exe  
2024-03-15 16:02:59b336bb8825870a904acba5779447941ab82db506e3f8b9ffe6b8a4f230ebf9aeexe  
2024-03-15 14:59:0380efc2e623b75511fc5571db08fc34af2407c925d5670239aaf8cc6329688ec9exe  
2024-03-15 06:29:015f12138480e43df342e3660513b8b77d31ae61916d29b71a94030ad624108b7cexe  
2024-03-15 01:00:2377db327f57198279e8e92a183a8ac25a77945bbf06d68a570e454e0ab406b88dexe  
2024-03-14 23:30:369de3e53261a7c601af7bfe0d164c5cebaff73722e2d86f5a78c855eabbb2efccexe  
2024-03-14 21:40:26d45b8d1967d2059802147e5957e8817bdec5186659e6c943ac57bb1669cc4e18exe  
2024-03-14 17:18:39766bae1d006f61a278ed8565c05ed9b737680f72433f41d2e9cbfe7ba66f2cceexe  
2024-03-14 10:09:38a95a206236c241d091654ed329d727176243c91c9f183f622398124361c5f363exe  
2024-02-08 05:06:08217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92eexe Rhadamanthys
2024-02-08 05:01:12217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92eexe Rhadamanthys
2024-02-08 05:01:10217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92eexe Rhadamanthys
2024-01-30 13:19:32217fbf967c95d1359314fcd53ae8d04489eb3c7bdc1f22110d5a8a476d1fc92eexe Rhadamanthys
2023-12-04 05:53:21189051c29319fac6a96fefc8158f9d27d61a55b668f3c8e3610a48617649518fexezgRAT
2023-11-12 14:05:49ad7af6aca0ba3d2fe9adb3f391800420800c0f6aa00db064fc1292232a6d881eexezgRAT
2023-10-27 05:46:16fc47ccd2521693d309fb453ea2632955ded43a9b0b57c08ef58bc06f111ca41dexe  
2023-10-26 12:33:198868ea6af3214fc758c93c1cb909231a76e22e718a4917aae5f2a60cf12af094exeAZORult
2023-10-15 14:14:1222224f65c07515b2f61e29f7f1a14005d0de54378aa925d9e017bb2ac26b5395exezgRAT
2023-10-04 10:33:1677bfa9410910904d05a73ad3d6c28c1aa02b9d2ec82419f73600615b8b27f9a2exe Rhadamanthys
2023-08-07 14:41:1829f5a8629986da0b4a353e5423fb39c505cba7c06e7aa4b5a4029c5a1669ae95exeRhadamanthys
2023-07-19 12:26:46bcf3266e8996bcdb7acb686034f264b07c228ce37f1212b663b636cc0317ee1aexe AZORult
2023-06-25 03:13:52fc6ddb1f7644597b84d14e3efa4cd1a1d1ad0083141b3fa2a613cd3c092f6505exeRhadamanthys
2023-06-12 12:42:591f38ec6e203364d0ed7fd80e7a396b37c05a347133b0e995cd44e09da2aeddb6exe  
2023-06-08 08:51:30a60221bb7def6e5246d646268ced25ce5f5665e405ec8f7fe021d0b925784a06exe  
2023-06-07 20:46:0192f435b88ce58ff55b226c361d79923c4e5d07ee754bd06db58b2962136f5b08exe  
2023-06-03 23:39:541c9e6a916f84c5557ea21c91e4d06571041bea335ec6eaea0ba1803b780025deexe  
2023-05-28 12:18:015d2e841645576d0eefcc6bcc6c0d480c0c6874f05a56e92441319a5c41b38979exe AZORult
2023-05-12 06:18:35bf1d731a91e424fd67778f176ac652fa5ca39f2ab188ef740184e4b2808c7b3cexeAZORult
2023-05-11 12:59:0479a7c9d15971c14d78baccbf211b3ca1e9adcb0befc6d3d1c5d92902d70678e2exeAZORult
2023-05-08 17:22:1384c18f78f11b9bc3fd3e96925d2a7b76ab5ecfb927c377ad27456e191815b24aexeCoinMiner
2023-05-03 11:23:2383263fa7b8c560ae026a24d6ea9e6eafb16aa207cc5557c65c7f71f703f3a593exe  
2023-05-01 16:28:06e99f79618b991de5d1052096950590a4fe833b885871a96bb1202e3d6dd876a0exe  
2023-04-30 14:01:40ff277e11345c79a60de0ba45011460629487e82e8b0b58a8ddfdfeca2d7623f5exe  
2023-04-22 12:13:310127ebf8628f963a453520b0149fc11fc5d0a56536ce2a41c9dfdd3c597a0746exe zgRAT
2023-04-18 10:42:36b415a5cc8d0c1c960e7bc16bcb9351943b2c998f9430b1a1425b715754cc1e11exe ModiLoader
2023-04-14 16:20:56c90193af8ffe050ad79402dfceb9274be08b300bc02ecb1e6394917ee50934e4exe ModiLoader
2023-04-12 21:38:50c60709251514df53b344b53a47ac500c2d596396620c7c424dbf26c356c2f76cexe  
2023-04-09 11:51:2603d10dfb076a84b862ea59b2c5bed669cd0716896f88d9bd24ceee5f862631beexe  
2023-04-08 07:27:01abd8d5c726a983e812f37c31e108bf41bca26c71374493757a35d2ca4cb0a15aexe 
2023-04-07 15:04:434130ce135fbfab00618f261a0397e88479d2f61e1ed0d09ebcde525439774f3eexe AZORult
2023-03-23 11:01:406ad4c22533cf835aaafd24303e155aa431d3aa38c1746dc8fccf2924e0be4b63exe Rhadamanthys
2023-03-19 05:01:23413cf56bc1d240b039de2a931d4db40f06380c195bc204344f2768751e44119eexe 
2023-03-16 16:49:47a54493e71a7f28fe61e607ba4c089ada71e13ff9e1df6cef5619a4163e2b0a1fexeAZORult
2023-02-05 09:45:264908e51e65bf67fdc3a559be7c47c3df1354a4a864b931cb176d282048f8d9c2exeAZORult
2023-01-13 06:19:128c5df030de0c79f2155a60e0d5f41889ec8d07d441279d406996dca4639f8539exeRecordBreaker
2022-12-19 04:36:01aa4185102f68d05e1dc41d46e7b65cfb4a12e1f8694b7300264a6044a51f6931exeRecordBreaker
2022-11-26 19:11:382fc0f46e2ceded0b284d4f41759de65e73532900202260b98769ebfaf3244951exe RecordBreaker
2022-10-06 00:35:47599fa7fc07b1b8265ea936ce641733fcec03eb0fe8cc4822e5a752b6629e216eexeRecordBreaker
2022-10-01 16:02:288e2d87f5f34b7764e66644f831467e469dcc18a30a17d02252880851f560783dexe  
2022-09-16 10:04:3860e6da1143cb32a41ecc76952d3b4ae8a8910b790973473e61fc2eb147704af7exeRecordBreaker
2022-08-19 06:47:1004fb5a1f6082a09a55bec26e0748918da0d1007e2a43c70723dc79cc7c413079exeAZORult
2022-08-14 05:18:22d81620ec69feb5e745b23dacc25b874cef4db7b0daeaefbdb739300838f4d343exe RecordBreaker
2022-08-10 09:37:0528455b1a0b29240e95877cff96528b3a196f0cf3a63d9980dc70349cdc0e1e74exe RemcosRAT