URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	universalmovies.top
Domain registrar:	NameSilo
Domain registration date:	2023-10-20 01:06:26 UTC
Abuse complaint sent to registrar:	Yes (2024-03-02 14:38:31 UTC to abuse{at}namesilo[dot]com)
Domain registry:	TOP registry
Abuse complaint sent to registry:	Yes (2024-03-02 14:38:31 UTC to abuse{at}nic[dot]top)
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Blocked
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2024-02-14 11:31:17 UTC
Total malware sites :	30
Online malware sites :	0 (0%)
Offline Malware sites :	30 (100%)
A record(s) observed :	11

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2024-03-08 10:12:34	104.21.74.191		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-03-08 10:12:29	172.67.162.95		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-03-08 09:24:36	91.195.240.123		Not listed	AS47846 SEDO-AS	DE	no
2024-02-14 11:31:23	188.114.96.3		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-02-14 11:31:23	188.114.97.3		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-02-22 20:11:50	188.114.96.9		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-02-22 20:11:50	188.114.97.9		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-02-19 09:34:57	188.114.96.7		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-02-19 09:34:57	188.114.97.7		Not listed	AS13335 CLOUDFLARENET	n/a	no
2024-02-14 17:21:28	188.114.96.0		SBL686925	AS13335 CLOUDFLARENET	n/a	no

Malware URLs

• URLs
• Payloads

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2024-06-25 12:19:08	https://universalmovies.top/nelb.doc	Offline	doc Formbook	NDA0E
2024-06-25 12:19:08	https://universalmovies.top/nelb.scr	Offline	Formbook scr	NDA0E
2024-06-25 05:14:05	https://universalmovies.top/sammy.doc	Offline	RTF	zbetcheckin
2024-06-25 05:13:05	https://universalmovies.top/DOC.exe	Offline	64 exe Formbook	zbetcheckin
2024-06-24 16:00:13	https://universalmovies.top/ExtExport2.exe	Offline	exe RedLineStealer	abuse_ch
2024-06-24 16:00:12	https://universalmovies.top/notorious.doc	Offline	doc RedLineStealer	abuse_ch
2024-06-06 06:23:06	https://universalmovies.top/obiz.scr	Offline	32 AgentTesla exe	zbetcheckin
2024-06-06 00:57:06	https://universalmovies.top/obizx.doc	Offline	AgentTesla RTF	zbetcheckin
2024-06-06 00:53:07	https://universalmovies.top/john.doc	Offline	Formbook RTF	zbetcheckin
2024-06-05 12:25:07	https://universalmovies.top/john.scr	Offline	exe Formbook	vxvault
2024-05-30 11:59:05	https://universalmovies.top/nelbin.scr	Offline	exe Formbook	abuse_ch
2024-05-23 18:24:09	https://universalmovies.top/sharonzx.exe	Offline	exe Loki	abuse_ch
2024-05-22 19:06:06	https://universalmovies.top/pbin.scr	Offline	exe	abuse_ch
2024-05-20 07:08:08	https://universalmovies.top/loudzx.scr	Offline	exe Formbook	abuse_ch
2024-05-18 17:47:04	https://universalmovies.top/shengzx.scr	Offline	exe	abuse_ch
2024-05-13 13:27:10	https://universalmovies.top/micromzx.scr	Offline	AgentTesla OriginLogger	James_inthe_box
2024-05-11 05:25:11	https://universalmovies.top/anon.exe	Offline	32 AgentTesla exe	zbetcheckin
2024-05-10 07:51:08	https://universalmovies.top/sharozx.scr	Offline	exe Loki	abuse_ch
2024-05-09 06:27:07	https://universalmovies.top/scree.scr	Offline	exe Loki	abuse_ch
2024-05-02 13:51:07	https://universalmovies.top/opp.scr	Offline	Formbook	James_inthe_box
2024-04-30 06:41:15	https://universalmovies.top/findpeacebin.scr	Offline	exe Formbook	abuse_ch
2024-04-30 06:22:09	https://universalmovies.top/teebin.scr	Offline	exe Formbook	abuse_ch
2024-04-19 05:31:09	https://universalmovies.top/TransactionSummary_...	Offline	32 AgentTesla exe	zbetcheckin
2024-04-18 08:51:07	https://universalmovies.top/o9RbXKF6ZJDK949.scr	Offline	exe Formbook	abuse_ch
2024-04-15 05:33:06	https://universalmovies.top/Tinamous.vbs	Offline	AgentTesla GuLoader vbs	abuse_ch
2024-04-09 09:51:06	https://universalmovies.top/tdpzx.scr	Offline	RemcosRAT	Cryptolaemus1
2024-03-01 14:39:08	https://universalmovies.top/errorpage/catzx.scr	Offline	exe NanoCore rat	Cryptolaemus1
2024-02-19 10:14:07	https://universalmovies.top/pages/morezx.exe	Offline	exe PureLogStealer RedLineStealer	abuse_ch
2024-02-14 13:11:17	https://universalmovies.top/pages/parkazx.exe	Offline	AgentTesla exe	abuse_ch
2024-02-14 11:31:23	https://universalmovies.top/pages/binzx.exe	Offline	exe Formbook	abuse_ch

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Bazaar	Signature
2024-06-26 00:22:29	0eb63b2464eb65ad5c2dad2881dadeb3c50da801b1b6846c07710dbd4cfb4c9a	exe
2024-06-25 12:19:08	13bc94a2f39a03f509036ff58462b974c401cac0df52cce22223114f909b2f72	rtf		Formbook
2024-06-25 12:19:08	7392b6a710583060d7f5bd8a3a7573fa0f278a543f961057fec04445d017de3b	exe		Formbook
2024-06-25 06:16:34	aac7bf87da369ad526524916a28af4c42f667452178b20b3629d8ad7a227afba	rtf
2024-06-25 06:12:57	f783322d824a009bdcdf0ecfc1065d5039bf39c67321aedb81241eba942e2b78	exe		Formbook
2024-06-24 16:00:13	b5e250a95073b5dfe33f66c13cc89da0fc8d3af226e5efb06bb8fcfd9a4cd6ec	exe		RedLineStealer
2024-06-24 16:00:12	bf89362748b9e66c11aaa49ddf83b1665fe038d04225b36de4f26cffc11a0f3d	rtf		RedLineStealer
2024-06-08 17:36:27	b709ac26b95865d57eea39afb5c214bb8211b393b0abe61fb427fefe2c3d94da	exe		Formbook
2024-06-07 02:08:42	176d8df80b1c7e74ea85fe66542a854686f89fc959e94668970e8027b27d5c7f	exe		Formbook
2024-06-06 17:01:21	40adea3aa67619d4b840d21a1003f9701f773ae1da21f66c116665e73504cc2e	exe		Formbook
2024-06-06 06:23:06	4aa30540e4a15e91219f2531911bcc7cb2f122ab3fa8772140fe93af904f3bab	exe		AgentTesla
2024-06-06 00:57:05	d4a63dcfd079396e2b4aec12444dffb34c86afa42b0a39bc48660d8e0dc917a7	rtf		AgentTesla
2024-06-06 00:53:07	253d732012dd416def18ed352ede88272a0ed42d2e1d3ca27ad9b3c4bcb59af0	rtf		Formbook
2024-05-23 19:11:51	5b1b715cb6affcca630d5ab5e74527b2827aaec4e8c386a229c8960f4ec6b315	exe		Loki
2024-05-23 18:24:09	66e4c065666fc203efec41f2ac9fb171f0ad5da06c1830458ff2642ea64e789f	exe		Loki
2024-05-20 07:08:08	598c9ee3a50b02b46197c90c5b4b01542225dd6a38059b32e326930a2798c496	exe		Formbook
2024-05-13 13:27:10	e89f30e4e2bb0c61f89cb3a321043d10d305413954da2464c28c5606cc12656e	exe		AgentTesla
2024-05-11 05:25:10	cde39fb9a088bc187ed6b7c412d47420114ac9303e0aee4523066f62783a2f46	exe		AgentTesla
2024-05-10 07:51:07	3c3cedc000a25a9478e78e2a90b3310afec83616d36f9353be0721dd2aa052f8	exe		Loki
2024-05-09 09:01:47	dab1d46327d46ccbade543f499379b66a9c71a392e96f3aa29f988301bc8b656	exe		Loki
2024-05-09 06:27:07	c3338e8d8bb652e897c624f3380e1432eb1c4c93091b64dd28abc3cfa02fa804	exe		Loki
2024-05-02 13:51:06	8ec69eaf10a3043817f153a9ac99d113884d1fe657709b759512b688c5014b8f	exe		Formbook
2024-04-30 09:02:21	2e55e38d5cae5148edb4f33ce7c9e4f9f972876803bf2ba52ba36addfec6d103	exe		Formbook
2024-04-30 08:53:27	de8d64950f8f7c2814676455289ad297248cd4d788500d578b1a2a06e7f7b60b	exe		Formbook
2024-04-30 06:41:15	8c0807d8c9575f18be8c18aa21f0b47e2b104fe4d0a3f942f215d91ffa1d2140	exe		Formbook
2024-04-30 06:22:09	e32e406cbf689164136fc229bf5a7127fdbb33e5e5eb636f4fca0dcbb9f6f5dc	exe		Formbook
2024-04-19 05:31:09	99677c9af723d0773f67fe035205dbbd9d857022b1619fc33fd83808072d2caa	exe		AgentTesla
2024-04-18 08:51:07	bafe3979cf8761e4f305509427099ef0e6193ce077236e31540aff4c47ddc74c	exe		Formbook
2024-04-09 18:26:39	61d36494c0c51a0c0a1fcad1f36c901a6debcc3c0061f2544a01c65c688e5c03	exe		RemcosRAT
2024-04-09 09:51:06	e9572c9f7e9e395025837bce834ffa5694f39e7c7646b7a309bad4efe31aedaf	exe		RemcosRAT
2024-03-01 14:39:08	3ba9eab166460c7654150897e277fc794361493b3d4e4edd917e0ab22b6dbe6e	exe		NanoCore
2024-02-20 10:57:47	0f211c60b1024b550de24bf2a3a81809c3c5787591bf7d1f0f6b9e22a49d214f	exe		RedLineStealer
2024-02-20 09:30:53	9350159172ef52b17346dc31395e060835ada39ec6f6f4e12cce7f93b9ee9560	exe		AgentTesla
2024-02-20 03:28:12	d8ae08b49836b01761e4f4ffd307ffaccc8bd1c48fe47f55ab923b2765b2b76d	exe		AgentTesla
2024-02-20 02:39:46	7f384f810f0248e6a09b207423115499f43d5343d5fa7cbc3f985900c10109a0	exe		RedLineStealer
2024-02-19 10:14:07	e3047ef72f547d61f94ee9922e77211c01b4cc5be23d3a45a113b04fdeb2bec2	exe		PureLogStealer
2024-02-19 01:43:41	1aa8e7c903ab9354a83253ac608fc80d8269e3f45b910a60cc8a87ab631b14e3	exe		AgentTesla
2024-02-19 00:43:26	fb9422901a6a8d8e2b60eb53159fef0de70b0c6260202c9d3fc8e8f6270b9a74	exe		AgentTesla
2024-02-14 13:11:17	20cf4c65d87c78a7f04664974de125697792c6381d028ae32ec275294edae5cf	exe		AgentTesla
2024-02-14 11:31:23	ce844a8fbd6db8142fff6b159a970d1f6156dda1dd758828e5e8755ab7a922cb	exe		Formbook