URLhaus Database

Every malware URL on URLhaus is associated with a host. A host can be either an domain name or an IP address (in case the malware URL is hosted on an IP address and doesn't use a domain name).

Database Entry

Host:	jg.studio
Domain registrar:	GoDaddy
Domain registration date:	2020-01-31 06:42:20 UTC
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Control D HaGeZi :	Not blocked
Firstseen:	2022-08-03 12:04:04 UTC
Total malware sites :	11
Online malware sites :	0 (0%)
Offline Malware sites :	11 (100%)
A record(s) observed :	8

IP addresses

The table below shows all IP address observed for this particular host (in case the host is a domain name, all A records will be listed - including all historical ones). Please note that the output is limited to 10 entires.

Firstseen (UTC)	IP address	Hostname	SBL	ASN	Country	Active?
2025-08-27 13:45:58	31.43.160.6	sites.framer.app	Not listed	AS16509 AMAZON-02	NL	yes
2025-08-27 13:45:58	31.43.161.6	sites.framer.app	Not listed	AS16509 AMAZON-02	NL	yes
2025-04-27 17:26:47	15.197.225.128	aec037177372cc6cd.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2025-04-27 17:26:47	3.33.251.168	aec037177372cc6cd.awsglobalaccelerator.com	Not listed	AS16509 AMAZON-02	US	no
2022-12-14 23:13:23	34.98.99.30	30.99.98.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	no
2022-08-17 02:11:57	34.102.136.180	180.136.102.34.bc.googleusercontent.com	Not listed	AS396982 GOOGLE-CLOUD-PLATFORM	US	no
2022-08-13 10:54:20	162.241.127.62	162-241-127-62.webhostbox.net	Not listed	AS19871 NETWORK-SOLUTIONS-HOSTING	US	no
2022-08-03 12:04:05	87.236.167.227	finoki.justforyouto.info	Not listed	AS40676 AS40676	GB	no

The table below shows all malware URLs that are associated with this particular host.

Dateadded (UTC)	URL	Status	Tags	Reporter
2022-08-03 17:46:05	http://jg.studio/77.exe	Offline	32 exe RemcosRAT	zbetcheckin
2022-08-03 17:46:05	https://jg.studio/504.exe	Offline	32 exe RemcosRAT	zbetcheckin
2022-08-03 17:45:04	https://jg.studio/gggggg.exe	Offline	32 exe RemcosRAT	zbetcheckin
2022-08-03 17:30:06	https://jg.studio/ledd.exe	Offline	32 exe RemcosRAT	zbetcheckin
2022-08-03 13:04:04	https://jg.studio/b.exe	Offline	32 exe RemcosRAT	zbetcheckin
2022-08-03 12:40:05	https://jg.studio/vast.exe	Offline	exe RemcosRAT	vxvault
2022-08-03 12:36:07	https://jg.studio/client-build.exe	Offline	arrowrat exe	vxvault
2022-08-03 12:25:04	https://jg.studio/c.exe	Offline	exe RemcosRAT	vxvault
2022-08-03 12:11:04	https://jg.studio/8.exe	Offline	exe RemcosRAT	vxvault
2022-08-03 12:07:04	https://jg.studio/1.exe	Offline	AveMariaRAT exe	vxvault
2022-08-03 12:04:05	https://jg.studio/00000003.exe	Offline	exe RemcosRAT	vxvault

The table below shows recent payloads delivery by this host.

Firstseen (UTC)	SHA256 hash	File type	Signature
2022-08-03 17:46:05	1951a59d71b0b4ff98fc0499efc2d30c51f02f169580c04b25f702e9d2d46e45	exe	RemcosRAT
2022-08-03 17:46:04	4dbc705f8b2459cd330ba96aac1462ffef090bbb55c6305e49397db8caafeff7	exe	RemcosRAT
2022-08-03 17:45:04	bc6f494da47a6a0d914d0accb1e3297610a32feae6927160a0997434f75d637c	exe	RemcosRAT
2022-08-03 17:30:06	b835148de603d2b447a2dbe2212a2457e59146e7fc059e27f2a802c8fcb4f7a8	exe	RemcosRAT
2022-08-03 13:04:04	fcfa146252a5d7373b4d0c722541bcbef056e9aee2e07f5ba4d09939c3b660c1	exe	RemcosRAT
2022-08-03 12:40:05	af8e775954721201799acaacb6d06d474beff1eec3b8dfd2d1d6c20ddbc30bc9	exe	RemcosRAT
2022-08-03 12:36:07	5d573461fbe87a4441a12b5b61a3b74019aa21a784f9cf4410e1da100a55c792	exe	ArrowRAT
2022-08-03 12:25:04	f87d3d53935db06707f2303dee46335a41419ca6cb6e599cf03eed703a85f194	exe	RemcosRAT
2022-08-03 12:11:04	d91768ff7d65e4ded655af475f1a27f3fa91f857c9241bc3c332c435135cdaf5	exe	RemcosRAT
2022-08-03 12:07:04	5c42e1fd2ed113fb92328e888276f41c3fe43042486714d04fb8b440f5a43014	exe	AveMariaRAT
2022-08-03 12:04:05	548a6de77d41a75d8463e4aa3d596caf294b6d5bfbc486dfaccd95b1819a1016	exe	RemcosRAT