home

download1.drp.su

Private Person  (Proxy Registrant)

Domain Information

The domain download1.drp.su is registered by proxy through R01-REG-FID and was originally registered in June of 2009. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Roubaix, Nord-Pas-De-Calais within France which resides on the RIPE Network Coordination Centre network.
Registrar:
R01-REG-FID

Server location:
Nord-Pas-De-Calais, France (FR)

Create date:
Wednesday, June 17, 2009

Expires date:
Friday, June 17, 2016

ASN:
AS16276 OVH OVH SAS,FR

Root domain:
drp.su

Whois:
2 drp.su records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Optional.Installer.N, Win32.Generic.KuzyakovArturVyacheslavovichIP.Meta, PUP.DriverPack (L)
100.00%

Dr.Web
Adware.OpenCandy.3
33.33%

ESET NOD32
Win32/OpenCandy
33.33%

The domain download1.drp.su has been seen to resolve to the following 2 IP addresses.

37.187.169.2
ns3539141.ip-37-187-169.eu
July 1, 2015

46.165.199.9
May 1, 2014

File downloads found at URLs served by download1.drp.su.

1 / 68      (PUP)
http://download1.drp.su/DRPSu12.3-Lite.exe  (62219a6af7b1ebbf3d1942d69b287ff2)

1 / 68      (PUP)
http://download1.drp.su/DriverPack-Online.exe  (driverpack-online_1788851912.1433606158.exe)

3 / 68      (PUP)
http://download1.drp.su/DRPSu12.3-Lite.exe  (8fb78037e224abd72fd56f1bdbbc5f93)

URL:
http://download1.drp.su/

Title:
“Index of /”

Web server:
nginx

drpsu.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.