See: http://killmalware.com/reachmail.net/# and http://sitecheck.sucuri.net/scanner/?scan=http%3A%2F%2Freachmail.net%2F
Contradictory results given here at WOT’s: https://www.mywot.com/en/scorecard/reachmail.net
For external link: http://toolbar.netcraft.com/site_report?url=https://seal.verisign.com
The site did not offer the Heartbeat TLS extension prior to the Heartbleed disclosure, and so was not exploitable.
Given on clean mx virus watch: Up(nil): unknown_html ARIN US abuse at 1and1 dot com 74.208.74.37 to 74.208.74.37 reachmail dot com htxp://reachmail.com/
IP’s history of badness: https://www.virustotal.com/nl/ip-address/74.208.74.37/information/
->on AS: http://sitevet.com/db/asn/AS8560
For flagged malcode see: http://webcache.googleusercontent.com/search?q=cache:p5Hv1wnMXd8J:ddecode.com/hexdecoder/%3Fresults%3D1a62b1f745e8c8626acc0ee5f48ff451+&cd=2&hl=nl&ct=clnk&gl=nl

pol

VirusTotal
https://www.virustotal.com/nb/file/8f35088eca09a68466dbcf4e8d4f95368de21f804d95fe242ac549b01e3fcd13/analysis/1398711215/

Hi Pondus,

As always, again thanks for the confirmation, the VT check.

Well the malware comes in the twilight area between malware and adware:
http://www.avira.com/en/support-threats-description/tid/8041/tlang/en

But I am right to assume avast! does not have detection for it yet?

pol

update - confirmed as being a bad site (thanks, Pondus)

D