URLhaus Database
Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).
Database Entry
| Host: | download.haozip.com |
|---|---|
| Spamhaus DBL : | Abused domain (malware) |
| SURBL : | Blocked |
| Quad9 : | Blocked |
| AdGuard : | Blocked |
| Cloudflare : | Blocked |
| ProtonDNS : | Blocked |
| OpenBLD : | Blocked |
| DNS4EU : | Not blocked |
| Control D HaGeZi : | Not blocked |
| Firstseen: | 2024-11-11 14:25:07 UTC |
| Total malware sites : | 3 |
| Online malware sites : | 3 (100%) |
| Offline Malware sites : | 0 (0%) |
| Newest active malware site : | 2025-10-01 21:37:19 UTC |
| Oldest active malware site : | 2024-11-11 14:25:28 UTC (Age: 1 year, 6 month, 22 days, 23 hours, 4 minutes) |
| A record(s) observed : | 363 |
IP addresses
The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.
| Firstseen (UTC) | IP address | Hostname | SBL | ASN | Country | Active? |
|---|---|---|---|---|---|---|
| 2025-01-14 01:29:00 | 61.170.79.71 | Not listed | AS4812 CHINANET-SH-AP |  CN | yes | |
| 2025-01-14 10:19:33 | 61.170.79.72 | Not listed | AS4812 CHINANET-SH-AP | CN | yes | |
| 2025-01-16 16:35:37 | 61.170.79.73 | Not listed | AS4812 CHINANET-SH-AP | CN | yes | |
| 2025-01-14 16:26:02 | 61.170.79.74 | Not listed | AS4812 CHINANET-SH-AP | CN | yes | |
| 2025-01-16 21:19:46 | 61.170.79.75 | Not listed | AS4812 CHINANET-SH-AP | CN | yes | |
| 2025-01-16 21:19:46 | 61.170.79.76 | Not listed | AS4812 CHINANET-SH-AP | CN | yes | |
| 2026-04-07 04:26:54 | 61.170.79.77 | Not listed | AS4812 CHINANET-SH-AP | CN | yes | |
| 2026-04-08 11:07:07 | 61.170.79.78 | Not listed | AS4812 CHINANET-SH-AP | CN | yes | |
| 2025-05-08 00:21:12 | 101.226.27.76 | Not listed | AS4811 CHINANET-SHANGHAI-MAN | CN | no | |
| 2025-06-30 10:11:23 | 114.80.179.167 | Not listed | AS4811 CHINANET-SHANGHAI-MAN | CN | no |
Malware URLs
The table below shows all malware URLs that are associated with this particular host.
| Dateadded (UTC) | URL | Status | Tags | Reporter |
|---|---|---|---|---|
| 2025-10-01 21:37:19 | http://download.haozip.com/haozip.100021.exe | Online | opendir |  Riordz |
| 2025-04-20 07:58:21 | http://download.haozip.com/uniondown/haozip_tin... | Online |  abus3reports | |
| 2024-11-11 14:25:28 | http://download.haozip.com/haozip.convertimg.exe | Online | Adware.Generic exe |  NDA0E |
The table below shows recent payloads delivery by this host.
| Firstseen (UTC) | SHA256 hash | File type | Bazaar | Signature |
|---|---|---|---|---|
| 2025-10-01 21:57:22 | 3abc01d335aa802e4e575234865d6ac27ff54821b7ce624e49689982e1107235 | exe | ||
| 2025-05-16 11:27:38 | 8ba93e8ae900ccc1217c01c5ed4c969a6c5080007a5ee4b4b7889ce1da9d859a | exe | ||
| 2025-05-11 12:26:14 | db99c6b95099bc9238a9dee2c0b1d112fe782fa7edb165f83dbcb8f904dee355 | exe | ||
| 2025-04-26 20:01:10 | bf24912bbd28c8b953ad1c82126a5c9c035338746586cf4d332a6100d5b04d0b | exe | ||
| 2025-04-20 07:58:19 | a046a4b7aa97f84454a2c904c50444890156c2ad3340059aae5405d4f738bb9f | exe | ||
| 2024-11-11 14:25:26 | 978412350c2703de4e1d84790e380569dabb6192ecb35888ba04a4c8f95a689d | exe | Adware.Generic |