home

cdn.reimage.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain cdn.reimage.com is registered by proxy through GODADDY.COM, LLC and was originally registered in August of 1997. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in San Jose, California within the United States which resides on the CDNetworks Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Monday, August 11, 1997

Expires date:
Thursday, August 10, 2017

Updated date:
Sunday, August 9, 2015

ASN:
AS36408 CDNETWORKSUS-02 CDNetworks Inc.

Root domain:
reimage.com

Whois:
3 reimage.com records

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer, PUP.Reimage (L), Win32.Generic.Reimage.Installer.Meta, PUP.Optional.Reimage.Installer.Meta (L), PUP.Reimage.Optional.Installer.Meta (L), (M), PUP.Reimage.Optional.Meta (L), PUP.Reimage.Installer.Meta (L)
81.40%

Dr.Web
Trojan.Crossrider1.1621, riskware program Program.Unwanted.493, riskware program Program.Unwanted.497, Program.Unwanted.1496
18.60%

ESET NOD32
Detection.Undefined, Win32/ReImageRepair.I potentially unwanted application, Win32/ReImageRepair.G potentially unwanted application
18.60%

ESET NOD32
Win32/ReImageRepair.F potentially unwanted, Win32/ReImageRepair.I potentially unwanted
11.63%

McAfee
Artemis!FA6F08800028, Artemis!72CB31555DA5, Artemis!BC5712F509C1
9.30%

Fortinet FortiGate
Riskware/ReImageRepair
9.30%

Baidu Antivirus
PUA.Win32.ReImageRepair
6.98%

Zillya! Antivirus
Adware.AdLoad.Win32.6767
6.98%

Agnitum Outpost
Riskware.Agent
4.65%

Bkav FE
W32.HfsAdware
4.65%

Malwarebytes
PUP.Optional.ReImageRepair.A
4.65%

Trend Micro House Call
Suspicious_GEN.F47V0520
4.65%

Microsoft Security Essentials
Worm:Win32/NeksMiner.A
2.33%

F-Secure
Application:W32/Generic.70053c248f!Online
2.33%

Kaspersky
not-a-virus:AdWare.Win32.Pibee
2.33%

The domain cdn.reimage.com has been seen to resolve to the following 53 IP addresses.

174.35.73.138
August 4, 2016

174.35.73.107
July 22, 2016

174.35.73.105
June 28, 2016

174.35.73.140
June 28, 2016

174.35.76.28
June 4, 2016

174.35.73.98
May 26, 2016

174.35.73.202
May 26, 2016

174.35.73.70
May 21, 2016

174.35.76.19
May 20, 2016

174.35.73.108
May 17, 2016

174.35.73.168
May 17, 2016

66.114.52.13
May 17, 2016

174.35.73.164
April 21, 2016

174.35.73.96
April 21, 2016

174.35.73.134
April 20, 2016

174.35.73.161
April 20, 2016

174.35.27.72
April 7, 2016

66.114.52.16
March 3, 2016

174.35.27.77
February 27, 2016

66.114.52.20
February 20, 2016

66.114.52.6
February 7, 2016

174.35.27.73
February 7, 2016

174.35.27.74
February 2, 2016

174.35.27.75
February 2, 2016

66.114.52.19
February 1, 2016

174.35.73.106
February 1, 2016

174.35.72.82
February 1, 2016

66.114.52.18
February 1, 2016

66.114.52.21
February 1, 2016

66.114.52.14
February 1, 2016

 
Showing 30 of 53 IP Addresses

File downloads found at URLs served by cdn.reimage.com.

0 / 68
http://cdn.reimage.com/install/.../eFixPro.exe  (6e19ac5110a685a6aa400f4e3b41439e)

2 / 68      (PUP)
http://cdn.reimage.com/in/.../ReimageRepair.exe  (055cf647fc2b95de2a5b428682831330)

1 / 68      (PUP)
http://cdn.reimage.com/in/.../ReimageRepair.exe  (bf35b64caae191e4274f1628094b9b08)

3 / 68      (PUP)
http://cdn.reimage.com/rpl/.../eFixPro.exe  (58a45004ea94f1c2e61ce890ef573767)

8 / 68      (PUP)
http://cdn.reimage.com/.../eFixPro.exe  (bc5712f509c1ca8901b4245e4c23ffba)

3 / 68      (PUP)
http://cdn.reimage.com/.../eFixPro.exe  (efixprotemp.exe)

1 / 68      (inconclusive)
http://cdn.reimage.com/inst/.../eFixPro.exe  (f5979119932304694d294b3026e4bff5)

2 / 68      (false positives)
http://cdn.reimage.com/in/.../ReimageRepair.exe  (wrar420.exe)

0 / 68
http://cdn.reimage.com/rpj/.../eFixPro.exe  (796d188ddad29bd8aa1490e6e0187fd4)

2 / 68      (Malware)
http://cdn.reimage.com/in/.../ReimageRepair.exe  (363489b94b29722c33aaf8c877c26e11)

1 / 68      (PUP)
http://cdn.reimage.com/in/.../ReimageRepair.exe  (8a699290c81f7917f9f123bc99c94a06)

10 / 68    (PUP)
http://cdn.reimage.com/in/.../ReimageRepair.exe  (cedd8609aa10b477e0cbbc024d540f96)

1 / 68      (Malware)
http://cdn.reimage.com/.../ReimageExpress.exe  (8f1f2b8c37c744c975b3b965ac741bbe)

The following 92 files have been seen to comunicate with cdn.reimage.com in live environments.

TCP » 66.114.52.19:80
1468567241.exe

TCP » 174.35.76.28:80
1468567241.exe

TCP » 66.114.52.14:80
1468567241.exe

TCP » 174.35.27.72:80
1468567241.exe

TCP » 174.35.73.98:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 174.35.73.202:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 66.114.52.5:80
tools_update.exe

TCP » 66.114.52.21:80
1468567241.exe

TCP » 174.35.73.106:80
1468567241.exe

TCP » 174.35.73.107:80
1468567241.exe

TCP » 174.35.73.138:80
1468567241.exe

TCP » 66.114.52.9:80
1468567241.exe

TCP » 174.35.73.202:80
1468567241.exe

TCP » 66.114.52.15:80
1468567241.exe

TCP » 66.114.52.5:80
1468567241.exe

TCP » 174.35.27.73:80
1468567241.exe

TCP » 66.114.52.16:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

TCP » 174.35.27.76:80
1468567241.exe

TCP » 66.114.52.11:80
1468567241.exe

TCP » 66.114.52.8:80
1stbrowser.exe (1stBrowser by The 1stBrowser Authors)

 
Latest 20 of 782 files

URL:
http://cdn.reimage.com/

Web server:
PWS/8.1.36

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.