The domain www.reimage.com is registered by proxy through GODADDY.COM, LLC and was originally registered in August of 1997. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Sydney, New South Wales within Australia which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
New South Wales, Australia (AU)
Monday, August 11, 1997
Monday, August 10, 2015
Sunday, August 10, 2014
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US
Detections (95% detected)
PUP.Optional.ReimageLimited.N, PUP.Optional.ReimageLimited.R, PUP.Optional.ReimageLimited.Q
Win32/Toolbar.Babylon, Win32/ReImageRepair (variant)
Artemis!D566201EF927, Artemis!0C70FAEC04E3, Artemis!8DDC6C3D11DC
Trend Micro House Call
TROJ_GEN.F47V0122, TROJ_GEN.F47V0214, Suspicious_GEN.F47V1116
McAfee Web Gateway
suspected of Trojan.Downloader.gen.h
Antiy Labs AVL
Win32:Adware-gen [Adw], Win32:Rootkit-gen [Rtk]
The domain www.reimage.com has been seen to resolve to the following 6 IP addresses.
File downloads found at URLs served by www.reimage.com.
“Online Computer Repair | Reimage PC Repair | Windows Repair | Reimageplus.com”
“Reimage is an online computer repair tool that will automatically fix Windows by replacing corrupt files, leaving your data intact. Scan your PC for free.”
SSL certificate subject:
CN=ssl98675.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated
SSL certificate issuer:
CN=COMODO Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Statistics are for the previous month.