home

coolalyssbarnnet.were.me

rav nos

Domain Information

The domain coolalyssbarnnet.were.me registered by rav nos was initially registered in January of 2011 through GoDaddy.com, LLC R41-ME. The hosted servers are located in Chicago, Illinois within the United States which resides on the GigeNET network.
Registrar:
GoDaddy.com, LLC R41-ME (146)

Server location:
Illinois, United States (US)

Create date:
Friday, January 14, 2011

Expires date:
Thursday, January 14, 2016

Updated date:
Wednesday, February 25, 2015

Root domain:
were.me

Whois:
2 were.me records

The domain coolalyssbarnnet.were.me has been seen to resolve to the following 2 IP addresses.

69.39.236.56
ip-69.39.236.56.hosted.by.gigenet.com
August 3, 2016

127.0.0.2
April 6, 2014

File downloads found at URLs served by coolalyssbarnnet.were.me.

2 / 68      (inconclusive)
http://coolalyssbarnnet.were.me/.../?p=eyJzaWQiOiI0NTM2IiwidXJsIjoiaHR0cDpcL1wvZ3RhNS1sb2FkLnJ1XC9sb2FkXC8wLTAtMS02LTIwIiwibmFtZSI6ImdyYW5kX3RoZWZ0X2F1dG8iLCJ0eXBlIjoiYXJjaGl2ZSIsInNpemUiOjB9  (grand_theft_auto.exe)

25 / 68    (PUP)
http://coolalyssbarnnet.were.me/.../?j=c2lkPTQ2OTcmdXJsPWh0dHAlM0ElMkYlMkZ0ZWRsYS5ydSUyRmVuZ2luZSUyRmRvd25sb2FkLnBocCUzRmlkJTNENTImbmFtZT1wcmlzb24tY29sZWN0LXYyLnJhciZ0eXBlPWFyY2hpdmUmc2l6ZT03OTY3NQ  (prison-colect-v2.exe)

24 / 68    (PUP)
http://coolalyssbarnnet.were.me/.../?j=c2lkPTQ2OTcmdXJsPWh0dHAlM0ElMkYlMkZ0ZWRsYS5ydSUyRmVuZ2luZSUyRmRvd25sb2FkLnBocCUzRmlkJTNENTImbmFtZT1wcmlzb24tY29sZWN0LXYyLnJhciZ0eXBlPWFyY2hpdmUmc2l6ZT03OTY3NQ  (prison-colect-v2.exe)

0 / 68
http://coolalyssbarnnet.were.me/.../?j=c2lkPTI2ODUmdXJsPWh0dHAlM0ElMkYlMkZ0b3JyZW50LXN0cmVhbS5vcmclMkZvdGhlciUyRjExNzY1LXZ2ZWRpdGUtaW15YS1mYXlsYS1wcm9ncmFtbXktaWxpLWZpbG1hLmh0bWwmbmFtZT10b3JyZW50LXN0cmVhbS50b3JyZW50JnR5cGU9dG9ycmVudCZzaXplPTE2Mzg0  (torrent-stream.exe)

The following 313 files have been seen to comunicate with coolalyssbarnnet.were.me in live environments.

TCP » 69.39.236.56:80
globalupdate.exe (globalUpdate Update by globalUpdate)

TCP » 69.39.236.56:8888
popdeals.exe (Today)

TCP » 69.39.236.56:80
9fe7cfbf-5cc9-4391-a512-8a764fd807c3-1-7.exe (CinemaPlus-3.2cV20.05 by Cinema PlusV20.05)

TCP » 69.39.236.56:80
9fe7cfbf-5cc9-4391-a512-8a764fd807c3-5.exe (CinemaPlus-3.2cV20.05 by Cinema PlusV20.05)

TCP » 69.39.236.56:80
1573.exe (SavePass 1.1 by OB)

TCP » 69.39.236.56:80
9fe7cfbf-5cc9-4391-a512-8a764fd807c3-3.exe (CinemaPlus-3.2cV20.05 by Cinema PlusV20.05)

TCP » 69.39.236.56:80
6054.exe (SavePass 1.1 by OB)

TCP » 69.39.236.56:80
5dfde4f5-80af-4a98-8da4-e95b948f183d-10.exe (Ge-Force by Webar)

TCP » 69.39.236.56:80
a4bc936c-5e01-43ed-9315-bef9a4ae2675-10.exe (SavePass 1.1 by OB)

TCP » 69.39.236.56:80
pricehorse.exe (by Pay By Ads)

TCP » 69.39.236.56:80
tbhcn.exe (tcbhn by Blabbers Communications)

TCP » 69.39.236.56:80
d488e0ef-38ce-4f88-bb4a-7a53ee6d0463-1-7.exe (CinemaPlus-4.5vV22.05 by Cinema PlusV22.05)

TCP » 69.39.236.56:80
dailybee.exe

TCP » 69.39.236.56:80
024a6571-2a4e-4467-b299-604f4b85d0bf-7.exe (CinemaPlus-4.5vV23.05 by Cinema PlusV23.05)

TCP » 69.39.236.56:80
avast.exe

TCP » 69.39.236.56:80
shopwit.exe (by Pay By Ads)

TCP » 69.39.236.56:80
72adc4fb-6293-4a4b-a6cc-4fa0a475afe3-1-7.exe (CinemaPlus-3.2cV21.05 by Cinema PlusV21.05)

TCP » 69.39.236.56:80
f77056a6-54df-48d7-b91d-842cbb1c6277-1-7.exe (Cinem Plus 2.4cV25.05 by Cinema Plus ProV25.05)

TCP » 69.39.236.56:80
avast.exe

TCP » 69.39.236.56:80
aab72157-141a-4b3a-9bef-b0a5112fd240-1-7.exe (CinemaPlus-3.2cV21.05 by Cinema PlusV21.05)

 
Latest 20 of 322 files

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.