URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host: lawfirm.paperbirdtech.com
Domain registrar:GoDaddy -
Domain registration date:2015-05-09 06:52:45 UTC
Spamhaus DBL :Abused domain (malware)
SURBL :Not blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Control D HaGeZi :Not blocked
Firstseen:2021-09-08 15:06:04 UTC
Total malware sites :6
Online malware sites :6 (100%)
Offline Malware sites :0 (0%)
Newest active malware site :2021-11-03 17:08:09 UTC
Oldest active malware site :2021-09-08 15:06:04 UTC (Age: 4 years, 9 months, 12 days, 7 hours, 23 minutes)
A record(s) observed :2

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)IP addressHostnameSBLASNCountryActive?
2026-04-07 19:15:19 184.174.39.217vmi2176345.contaboserver.netNot listedAS21769 AS-COLOAM- FRyes
2021-09-08 15:06:04 173.249.32.80vmi234152.contaboserver.netNot listedAS51167 CONTABO- FRno

Malware URLs

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)URLStatusTagsReporter
2021-11-03 17:08:09http://lawfirm.paperbirdtech.com/chimney.phpOnlinedoc hancitor ext html Cryptolaemus1
2021-11-03 15:56:04http://lawfirm.paperbirdtech.com/toggle.phpOnlinedoc hancitor ext html Cryptolaemus1
2021-09-09 04:19:05http://lawfirm.paperbirdtech.com/promethium.phpOnlinedoc hancitor ext html Cryptolaemus1
2021-09-08 15:18:04http://lawfirm.paperbirdtech.com/photon.phpOnlinedoc hancitor ext html Cryptolaemus1
2021-09-08 15:18:02http://lawfirm.paperbirdtech.com/philanthropic.phpOnlinedoc hancitor ext html Cryptolaemus1
2021-09-08 15:06:04http://lawfirm.paperbirdtech.com/wash.phpOnlinedoc hancitor ext html Cryptolaemus1

The table below shows recent payloads delivery by this host.

Firstseen (UTC)SHA256 hashFile typeBazaarSignature
2026-05-27 09:55:53461e26718029aa65fd50fd748da492930e717ac5871586d9041534382b7af94chtml  
2026-05-27 09:35:54461e26718029aa65fd50fd748da492930e717ac5871586d9041534382b7af94chtml  
2026-05-27 08:52:50461e26718029aa65fd50fd748da492930e717ac5871586d9041534382b7af94chtml  
2026-05-27 08:31:17461e26718029aa65fd50fd748da492930e717ac5871586d9041534382b7af94chtml  
2026-05-27 08:06:57461e26718029aa65fd50fd748da492930e717ac5871586d9041534382b7af94chtml  
2026-05-27 07:59:48461e26718029aa65fd50fd748da492930e717ac5871586d9041534382b7af94chtml  
2026-05-22 13:34:009717a8f5c0bcd008e9431e92528c2b56d7c8ab53b6552bb3145a16b2d6b9fb4ahtml  
2026-05-22 13:31:089717a8f5c0bcd008e9431e92528c2b56d7c8ab53b6552bb3145a16b2d6b9fb4ahtml  
2026-05-22 13:29:109717a8f5c0bcd008e9431e92528c2b56d7c8ab53b6552bb3145a16b2d6b9fb4ahtml  
2026-05-22 13:13:359717a8f5c0bcd008e9431e92528c2b56d7c8ab53b6552bb3145a16b2d6b9fb4ahtml  
2026-05-22 13:02:429717a8f5c0bcd008e9431e92528c2b56d7c8ab53b6552bb3145a16b2d6b9fb4ahtml  
2026-05-22 11:31:409717a8f5c0bcd008e9431e92528c2b56d7c8ab53b6552bb3145a16b2d6b9fb4ahtml  
2026-05-18 19:21:2781676931fac9e6b29eb2f74bd4f361459ff31c388937d844e94134274bd8cec3html  
2026-05-18 19:06:5381676931fac9e6b29eb2f74bd4f361459ff31c388937d844e94134274bd8cec3html  
2026-05-18 18:49:3081676931fac9e6b29eb2f74bd4f361459ff31c388937d844e94134274bd8cec3html  
2026-05-18 18:34:2881676931fac9e6b29eb2f74bd4f361459ff31c388937d844e94134274bd8cec3html  
2026-05-18 14:12:2281676931fac9e6b29eb2f74bd4f361459ff31c388937d844e94134274bd8cec3html  
2026-05-18 14:08:4481676931fac9e6b29eb2f74bd4f361459ff31c388937d844e94134274bd8cec3html  
2026-05-15 13:30:298b183c6680735a6f66f81b537df2b11c714dcbc4fb24a579760dbe91fa98ed1ahtml  
2026-05-15 12:42:388b183c6680735a6f66f81b537df2b11c714dcbc4fb24a579760dbe91fa98ed1ahtml  
2026-05-15 12:33:298b183c6680735a6f66f81b537df2b11c714dcbc4fb24a579760dbe91fa98ed1ahtml  
2026-05-15 12:27:208b183c6680735a6f66f81b537df2b11c714dcbc4fb24a579760dbe91fa98ed1ahtml  
2026-05-15 12:18:218b183c6680735a6f66f81b537df2b11c714dcbc4fb24a579760dbe91fa98ed1ahtml  
2026-05-15 12:17:308b183c6680735a6f66f81b537df2b11c714dcbc4fb24a579760dbe91fa98ed1ahtml  
2026-05-12 13:39:00251fd86a516977106cf305e68c8104eeb836c52567d0a5708d21166873b956dchtml  
2026-05-12 13:00:12251fd86a516977106cf305e68c8104eeb836c52567d0a5708d21166873b956dchtml  
2026-05-12 12:52:17251fd86a516977106cf305e68c8104eeb836c52567d0a5708d21166873b956dchtml  
2026-05-12 12:48:20251fd86a516977106cf305e68c8104eeb836c52567d0a5708d21166873b956dchtml  
2026-05-12 12:27:54251fd86a516977106cf305e68c8104eeb836c52567d0a5708d21166873b956dchtml  
2026-05-12 12:06:11251fd86a516977106cf305e68c8104eeb836c52567d0a5708d21166873b956dchtml  
2026-05-11 07:50:4363488d84c7fd3337354c6a42fd21edf7b4263c6fab3d1f92fb8d91a974c1f3fahtml  
2026-05-11 06:50:4963488d84c7fd3337354c6a42fd21edf7b4263c6fab3d1f92fb8d91a974c1f3fahtml  
2026-05-11 06:43:3563488d84c7fd3337354c6a42fd21edf7b4263c6fab3d1f92fb8d91a974c1f3fahtml  
2026-05-11 06:25:2463488d84c7fd3337354c6a42fd21edf7b4263c6fab3d1f92fb8d91a974c1f3fahtml  
2026-05-11 06:19:0363488d84c7fd3337354c6a42fd21edf7b4263c6fab3d1f92fb8d91a974c1f3fahtml  
2026-05-11 06:15:2263488d84c7fd3337354c6a42fd21edf7b4263c6fab3d1f92fb8d91a974c1f3fahtml  
2026-04-09 13:46:4862e1afaa0557c0e9db644b8f5aee18738559785d365a0e091af06bd5705918a8html  
2026-04-08 21:32:5662e1afaa0557c0e9db644b8f5aee18738559785d365a0e091af06bd5705918a8html  
2026-04-08 12:40:4462e1afaa0557c0e9db644b8f5aee18738559785d365a0e091af06bd5705918a8html  
2026-04-08 12:38:3462e1afaa0557c0e9db644b8f5aee18738559785d365a0e091af06bd5705918a8html  
2026-04-08 10:37:45f0a6051bda6a640245aa438ba18a5a3b2058428045166ac343da6ce9cc7693abhtml  
2026-04-08 10:31:1562e1afaa0557c0e9db644b8f5aee18738559785d365a0e091af06bd5705918a8html  
2026-04-08 10:25:5462e1afaa0557c0e9db644b8f5aee18738559785d365a0e091af06bd5705918a8html  
2026-04-08 08:36:30fd9d6b26375489acc066ecb666612b1c9aa070367d64cbfbe5003f3d0e0ea396html  
2026-04-07 19:34:51fd9d6b26375489acc066ecb666612b1c9aa070367d64cbfbe5003f3d0e0ea396html  
2026-04-07 19:15:18fd9d6b26375489acc066ecb666612b1c9aa070367d64cbfbe5003f3d0e0ea396html