IOC Report
https://www.printnode.com/en

loading gif

Files

File Path
Type
Category
Malicious
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 13:56:33 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 13:56:33 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:54:41 2023, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 13:56:33 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 13:56:33 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Apr 23 13:56:33 2024, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
dropped
Chrome Cache Entry: 100
ASCII text
downloaded
Chrome Cache Entry: 101
PNG image data, 50 x 65, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 102
PNG image data, 550 x 350, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 103
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 104
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 105
PNG image data, 188 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 106
PNG image data, 957 x 841, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 107
PNG image data, 12 x 11, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 108
PNG image data, 100 x 22, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 109
assembler source, ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 110
PNG image data, 500 x 450, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 111
PNG image data, 500 x 350, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 112
PNG image data, 500 x 350, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 113
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 114
ASCII text
downloaded
Chrome Cache Entry: 115
ASCII text
downloaded
Chrome Cache Entry: 116
PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 117
ASCII text, with very long lines (2343)
downloaded
Chrome Cache Entry: 118
PNG image data, 115 x 33, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 119
PNG image data, 188 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 120
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 121
PNG image data, 500 x 350, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 122
ASCII text, with CRLF, LF line terminators
downloaded
Chrome Cache Entry: 123
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 124
PNG image data, 188 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 125
PNG image data, 957 x 841, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 126
PNG image data, 127 x 20, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 127
PNG image data, 500 x 350, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 128
PNG image data, 500 x 450, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 129
PNG image data, 114 x 25, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 130
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
downloaded
Chrome Cache Entry: 131
PNG image data, 148 x 17, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 132
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 133
ASCII text, with very long lines (16267)
downloaded
Chrome Cache Entry: 73
PNG image data, 550 x 350, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 74
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
downloaded
Chrome Cache Entry: 75
PNG image data, 119 x 24, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 76
PNG image data, 14 x 11, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 77
PNG image data, 188 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 78
PNG image data, 12 x 11, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 79
PNG image data, 114 x 25, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 80
PNG image data, 60 x 70, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 81
ASCII text, with CRLF line terminators
downloaded
Chrome Cache Entry: 82
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 83
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
dropped
Chrome Cache Entry: 84
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 85
ASCII text
downloaded
Chrome Cache Entry: 86
PNG image data, 60 x 70, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 87
PNG image data, 115 x 33, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 88
PNG image data, 70 x 70, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 89
ASCII text
downloaded
Chrome Cache Entry: 90
PNG image data, 127 x 20, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 91
PNG image data, 14 x 11, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 92
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 93
PNG image data, 50 x 65, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 94
PNG image data, 100 x 22, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 95
PNG image data, 119 x 24, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 96
PNG image data, 148 x 17, 8-bit/color RGBA, non-interlaced
downloaded
Chrome Cache Entry: 97
ASCII text, with very long lines (5955)
downloaded
Chrome Cache Entry: 98
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
dropped
Chrome Cache Entry: 99
ASCII text, with very long lines (7907)
downloaded
There are 58 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://www.printnode.com/en
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1996,i,9015493403267053076,7154305239476220641,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8

URLs

Name
IP
Malicious
https://www.printnode.com/en
https://www.printnode.com/ui/images/favicon.ico
167.71.133.216
https://stats.g.doubleclick.net/g/collect
unknown
https://www.printnode.com/ui/images/logo-footer.png
167.71.133.216
https://www.printnode.com/ui/images/envelope.png
167.71.133.216
https://www.printnode.com/ui/images/dymo.png
167.71.133.216
https://www.printnode.com/ui/js/carousel.js
167.71.133.216
https://ampcid.google.com/v1/publisher:getClientId
unknown
https://www.printnode.com/ui/images/carousel-right.png
167.71.133.216
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-37168295-1&cid=1017627675.1713884196&jid=1631413122&gjid=1709142961&_gid=2120425179.1713884196&_u=IEBAAEAAAAAAACAAI~&z=1482331065
74.125.136.157
https://www.printnode.com/ui/images/brother.png
167.71.133.216
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-9C6CFXZ7HQ&cid=1017627675.1713884196&gtm=45je44h0v9134478718za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0
74.125.136.157
https://www.google.com
unknown
https://www.printnode.com/ui/css/pure/pure-min.css
167.71.133.216
https://www.printnode.com/ui/css/printnode.css
167.71.133.216
https://www.printnode.com/ui/images/scales.png
167.71.133.216
https://www.printnode.com/ui/css/footer.css
167.71.133.216
https://stats.g.doubleclick.net/j/collect
unknown
https://www.printnode.com/ui/js/system-status.js
167.71.133.216
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-37168295-1&cid=1017627675.1713884196&jid=1631413122&_u=IEBAAEAAAAAAACAAI~&z=1453191638
74.125.136.105
https://www.printnode.com/ui/images/branding.png
167.71.133.216
https://www.printnode.com/ui/css/webhooks.css
167.71.133.216
https://www.w3schools.com/cssref/pr_pos_vertical-align.asp
unknown
https://www.printnode.com/ui/images/twitter.png
167.71.133.216
https://stackoverflow.com/questions/23167637/is-it-possible-to-change-the-color-of-selected-radio-bu
unknown
https://www.printnode.com/ui/js/remove-alert.js
167.71.133.216
https://www.printnode.com/ui/images/epson.png
167.71.133.216
http://colorzilla.com/gradient-editor/#edf6f7
unknown
https://api.printnode.com/ping
94.228.44.133
https://www.printnode.com/ui/images/stamps.png
167.71.133.216
https://www.printnode.com/ui/css/top-menu.css
167.71.133.216
https://www.printnode.com/ui/images/printers.png
167.71.133.216
https://tagassistant.google.com/
unknown
https://www.printnode.com/ui/images/logo.png
167.71.133.216
https://www.printnode.com/ui/js/top-menu.js
167.71.133.216
https://github.com/yahoo/pure/blob/master/LICENSE.md
unknown
https://www.printnode.com/ui/images/secure-and-private.png
167.71.133.216
https://adservice.google.com/pagead/regclk
unknown
https://www.printnode.com/ui/css/pure/grids-responsive-min.css
167.71.133.216
https://www.printnode.com/ui/images/home-page.png
167.71.133.216
https://www.printnode.com/ui/images/carousel-left.png
167.71.133.216
https://cct.google/taggy/agent.js
unknown
https://www.printnode.com/ui/images/mettler-toledo.png
167.71.133.216
https://www.printnode.com/ui/images/testimonial-top.png
167.71.133.216
https://www.printnode.com/ui/images/built-for-enterprise.png
167.71.133.216
https://www.google.com/ads/ga-audiences
unknown
https://www.printnode.com/ui/images/hp.png
167.71.133.216
https://www.google.%/ads/ga-audiences
unknown
https://td.doubleclick.net
unknown
https://www.printnode.com/ui/images/blazingly-fast.png
167.71.133.216
https://www.printnode.com/ui/images/canon.png
167.71.133.216
https://www.printnode.com/ui/images/raw.png
167.71.133.216
https://www.merchant-center-analytics.goog
unknown
https://stats.g.doubleclick.net/g/collect?v=2&
unknown
https://www.printnode.com/en
https://www.printnode.com/ui/css/carousel.css
167.71.133.216
https://www.printnode.com/ui/css/spinner.css
167.71.133.216
https://analytics.google.com/g/collect?v=2&tid=G-9C6CFXZ7HQ&_ng=1&gtm=45je44h0v9134478718za200&_p=1713884196485&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1280x1024&cid=1017627675.1713884196&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.149%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.149&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.printnode.com%2Fen&dt=Remote%20Printing%20for%20Web%20Apps%20%7C%20PrintNode&sid=1713884197&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6719
216.239.38.181
There are 47 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
analytics-alv.google.com
216.239.38.181
www.printnode.com
167.71.133.216
www.google.com
74.125.136.106
api.printnode.com
94.228.44.133
stats.g.doubleclick.net
74.125.136.157
analytics.google.com
unknown

IPs

IP
Domain
Country
Malicious
74.125.136.105
unknown
United States
74.125.136.106
www.google.com
United States
192.168.2.17
unknown
unknown
216.239.38.181
analytics-alv.google.com
United States
192.168.2.6
unknown
unknown
167.71.133.216
www.printnode.com
United States
94.228.44.133
api.printnode.com
United Kingdom
239.255.255.250
unknown
Reserved
64.233.176.154
unknown
United States
74.125.136.157
stats.g.doubleclick.net
United States

DOM / HTML

URL
Malicious
https://www.printnode.com/en