IOC Report
https://www.printnode.com/en

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 13:43:12 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 13:43:12 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 13:43:12 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 13:43:12 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 13:43:12 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 100
ASCII text, with very long lines (7907)
downloaded
Chrome Cache Entry: 101
ASCII text
downloaded
Chrome Cache Entry: 102
PNG image data, 50 x 65, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 103
PNG image data, 550 x 350, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 104
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 105
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 106
PNG image data, 188 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 107
PNG image data, 957 x 841, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 108
PNG image data, 12 x 11, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 109
PNG image data, 100 x 22, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 110
assembler source, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 111
PNG image data, 500 x 450, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 112
PNG image data, 500 x 350, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 113
PNG image data, 500 x 350, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 114
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 115
ASCII text
downloaded
Chrome Cache Entry: 116
ASCII text
downloaded
Chrome Cache Entry: 117
PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 118
ASCII text, with very long lines (2343)
downloaded
Chrome Cache Entry: 119
PNG image data, 115 x 33, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 120
PNG image data, 188 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 121
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 122
PNG image data, 500 x 350, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 123
ASCII text, with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 124
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 125
PNG image data, 188 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 126
PNG image data, 957 x 841, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 127
PNG image data, 127 x 20, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 128
PNG image data, 500 x 350, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 129
PNG image data, 500 x 450, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 130
PNG image data, 114 x 25, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 131
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
downloaded
Chrome Cache Entry: 132
PNG image data, 148 x 17, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 133
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 134
ASCII text, with very long lines (16267)
downloaded
Chrome Cache Entry: 73
PNG image data, 550 x 350, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 74
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
downloaded
Chrome Cache Entry: 75
PNG image data, 119 x 24, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 76
PNG image data, 14 x 11, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 77
PNG image data, 188 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 78
PNG image data, 12 x 11, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 79
PNG image data, 114 x 25, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 80
PNG image data, 60 x 70, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 81
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 82
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 83
HTML document, ASCII text, with no line terminators
downloaded
Chrome Cache Entry: 84
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
dropped
Chrome Cache Entry: 85
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 86
ASCII text
downloaded
Chrome Cache Entry: 87
PNG image data, 60 x 70, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 88
PNG image data, 115 x 33, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 89
PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 90
ASCII text
downloaded
Chrome Cache Entry: 91
PNG image data, 127 x 20, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 92
PNG image data, 14 x 11, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 93
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 94
PNG image data, 50 x 65, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 95
PNG image data, 100 x 22, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 96
PNG image data, 119 x 24, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 97
PNG image data, 148 x 17, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 98
ASCII text, with very long lines (5955)
downloaded
Chrome Cache Entry: 99
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
There are 59 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.printnode.com/en
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1964,i,2268664850992804560,17146460320001415882,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

URLs

Name
IP
Malicious
https://www.printnode.com/en
https://www.printnode.com/ui/images/favicon.ico
167.71.133.216
https://stats.g.doubleclick.net/g/collect
unknown
https://www.printnode.com/ui/images/logo-footer.png
167.71.133.216
https://www.printnode.com/ui/images/envelope.png
167.71.133.216
https://analytics.google.com/g/collect?v=2&tid=G-9C6CFXZ7HQ&_ng=1&gtm=45je44h0v9134478718za200&_p=1713883395164&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1280x1024&cid=208242298.1713883395&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.printnode.com%2Fen&dt=Remote%20Printing%20for%20Web%20Apps%20%7C%20PrintNode&sid=1713883396&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6491
216.239.32.181
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-37168295-1&cid=208242298.1713883395&jid=1748607573&_u=IEBAAEAAAAAAACAAI~&z=775251324
172.253.124.147
https://www.printnode.com/ui/images/dymo.png
167.71.133.216
https://www.printnode.com/ui/js/carousel.js
167.71.133.216
https://ampcid.google.com/v1/publisher:getClientId
unknown
https://www.printnode.com/ui/images/carousel-right.png
167.71.133.216
https://www.printnode.com/ui/images/brother.png
167.71.133.216
https://www.google.com
unknown
https://www.printnode.com/ui/css/pure/pure-min.css
167.71.133.216
https://www.printnode.com/ui/css/printnode.css
167.71.133.216
https://www.printnode.com/ui/images/scales.png
167.71.133.216
https://www.printnode.com/ui/css/footer.css
167.71.133.216
https://stats.g.doubleclick.net/j/collect
unknown
https://www.printnode.com/ui/js/system-status.js
167.71.133.216
https://www.printnode.com/ui/images/branding.png
167.71.133.216
https://www.printnode.com/ui/css/webhooks.css
167.71.133.216
https://www.w3schools.com/cssref/pr_pos_vertical-align.asp
unknown
https://www.printnode.com/ui/images/twitter.png
167.71.133.216
https://td.doubleclick.net/td/ga/rul?tid=G-9C6CFXZ7HQ&gacid=208242298.1713883395&gtm=45je44h0v9134478718za200&dma=0&gcd=13l3l3l3l2&npa=0&pscdl=noapi&aip=1&fledge=1&z=812569747
https://stackoverflow.com/questions/23167637/is-it-possible-to-change-the-color-of-selected-radio-bu
unknown
https://www.printnode.com/ui/js/remove-alert.js
167.71.133.216
https://www.printnode.com/ui/images/epson.png
167.71.133.216
http://colorzilla.com/gradient-editor/#edf6f7
unknown
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-9C6CFXZ7HQ&cid=208242298.1713883395&gtm=45je44h0v9134478718za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0
74.125.136.156
https://api.printnode.com/ping
94.228.44.133
https://www.printnode.com/ui/images/stamps.png
167.71.133.216
https://www.printnode.com/ui/css/top-menu.css
167.71.133.216
https://www.printnode.com/ui/images/printers.png
167.71.133.216
https://tagassistant.google.com/
unknown
https://www.printnode.com/ui/images/logo.png
167.71.133.216
https://www.printnode.com/ui/js/top-menu.js
167.71.133.216
https://github.com/yahoo/pure/blob/master/LICENSE.md
unknown
https://www.printnode.com/ui/images/secure-and-private.png
167.71.133.216
https://adservice.google.com/pagead/regclk
unknown
https://www.printnode.com/ui/css/pure/grids-responsive-min.css
167.71.133.216
https://www.printnode.com/ui/images/home-page.png
167.71.133.216
https://www.printnode.com/ui/images/carousel-left.png
167.71.133.216
https://cct.google/taggy/agent.js
unknown
https://www.printnode.com/ui/images/mettler-toledo.png
167.71.133.216
https://www.printnode.com/ui/images/testimonial-top.png
167.71.133.216
https://www.printnode.com/ui/images/built-for-enterprise.png
167.71.133.216
https://www.google.com/ads/ga-audiences
unknown
https://www.printnode.com/ui/images/hp.png
167.71.133.216
https://www.google.%/ads/ga-audiences
unknown
https://td.doubleclick.net
unknown
https://www.printnode.com/ui/images/blazingly-fast.png
167.71.133.216
https://www.printnode.com/ui/images/canon.png
167.71.133.216
https://www.printnode.com/ui/images/raw.png
167.71.133.216
https://www.merchant-center-analytics.goog
unknown
https://stats.g.doubleclick.net/g/collect?v=2&
unknown
https://www.printnode.com/en
https://www.printnode.com/ui/css/carousel.css
167.71.133.216
https://www.printnode.com/ui/css/spinner.css
167.71.133.216
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-37168295-1&cid=208242298.1713883395&jid=1748607573&gjid=196514237&_gid=2090849093.1713883395&_u=IEBAAEAAAAAAACAAI~&z=410011896
74.125.136.156
There are 48 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
analytics-alv.google.com
216.239.32.181
www.printnode.com
167.71.133.216
www.google.com
142.250.9.103
td.doubleclick.net
142.250.9.156
api.printnode.com
94.228.44.133
stats.g.doubleclick.net
74.125.136.156
analytics.google.com
unknown

IPs

IP
Domain
Country
Malicious
216.239.32.181
analytics-alv.google.com
United States
192.168.2.17
unknown
unknown
192.168.2.4
unknown
unknown
167.71.133.216
www.printnode.com
United States
172.253.124.147
unknown
United States
94.228.44.133
api.printnode.com
United Kingdom
239.255.255.250
unknown
Reserved
74.125.136.156
stats.g.doubleclick.net
United States
142.250.9.156
td.doubleclick.net
United States
142.250.9.103
www.google.com
United States
74.125.136.103
unknown
United States
74.125.136.157
unknown
United States
There are 2 hidden IPs, click here to show them.

DOM / HTML

URL
Malicious
https://www.printnode.com/en
https://www.printnode.com/en
https://td.doubleclick.net/td/ga/rul?tid=G-9C6CFXZ7HQ&gacid=208242298.1713883395&gtm=45je44h0v9134478718za200&dma=0&gcd=13l3l3l3l2&npa=0&pscdl=noapi&aip=1&fledge=1&z=812569747