Windows Analysis Report
https://portal.taxguardian.com/oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw

Overview

General Information

Sample URL:	https://portal.taxguardian.com/oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw
Analysis ID:	1428808
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

No high impact signatures.

Classification

Signatures

There are no high impact signatures.

Source: https://tgir.app.tax/?req=y6_Ocxb12wg	HTTP Parser: No favicon
Source: https://tgir.app.tax/?req=y6_Ocxb12wg	HTTP Parser: No favicon
Source: https://tgir.app.tax/?req=y6_Ocxb12wg	HTTP Parser: No favicon
Source: https://tgir.app.tax/?req=y6_Ocxb12wg	HTTP Parser: No favicon

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.40.205.26
Source: unknown	TCP traffic detected without corresponding DNS query: 23.47.204.49
Source: unknown	TCP traffic detected without corresponding DNS query: 23.40.205.26
Source: unknown	TCP traffic detected without corresponding DNS query: 23.47.204.49
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw HTTP/1.1Host: portal.taxguardian.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?req=y6_Ocxb12wg HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/site.css HTTP/1.1Host: tgir.app.taxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=; AWSALBTGCORS=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=
Source: global traffic	HTTP traffic detected: GET /js/loader.js HTTP/1.1Host: tgir.app.taxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=; AWSALBTGCORS=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=
Source: global traffic	HTTP traffic detected: GET /js/tailwind.js HTTP/1.1Host: tgir.app.taxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=; AWSALBTGCORS=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=
Source: global traffic	HTTP traffic detected: GET /_framework/blazor.server.js HTTP/1.1Host: tgir.app.taxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=; AWSALBTGCORS=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=
Source: global traffic	HTTP traffic detected: GET /dist/persona-v4.7.1.js HTTP/1.1Host: cdn.withpersona.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://tgir.app.tax/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_blazor/initializers HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=iZTUpebNvkG0GYB5d2WOAJMlfqw8gCnDkfN75q3bUacrkUQYqcIRDHertYhyoJuclHkbLK4cZmPU+xgJVDWQH7gBklwOoZPZWmQ6+dbyNDTGtcECttOogHHUJo76GJwoH4s15uuGNZRi/Shi2xqGKQRsUu7fu6tXhJwuTh5kOFihCCWK4wU=; AWSALBTGCORS=iZTUpebNvkG0GYB5d2WOAJMlfqw8gCnDkfN75q3bUacrkUQYqcIRDHertYhyoJuclHkbLK4cZmPU+xgJVDWQH7gBklwOoZPZWmQ6+dbyNDTGtcECttOogHHUJo76GJwoH4s15uuGNZRi/Shi2xqGKQRsUu7fu6tXhJwuTh5kOFihCCWK4wU=
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: tgir.app.taxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=iZTUpebNvkG0GYB5d2WOAJMlfqw8gCnDkfN75q3bUacrkUQYqcIRDHertYhyoJuclHkbLK4cZmPU+xgJVDWQH7gBklwOoZPZWmQ6+dbyNDTGtcECttOogHHUJo76GJwoH4s15uuGNZRi/Shi2xqGKQRsUu7fu6tXhJwuTh5kOFihCCWK4wU=; AWSALBTGCORS=iZTUpebNvkG0GYB5d2WOAJMlfqw8gCnDkfN75q3bUacrkUQYqcIRDHertYhyoJuclHkbLK4cZmPU+xgJVDWQH7gBklwOoZPZWmQ6+dbyNDTGtcECttOogHHUJo76GJwoH4s15uuGNZRi/Shi2xqGKQRsUu7fu6tXhJwuTh5kOFihCCWK4wU=
Source: global traffic	HTTP traffic detected: GET /_blazor/initializers HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=2CyDB8SE0vKplsFIbuIwvdHx3g6kwri9PSQDjUlGJVDte5cNRoKdgBvUAvaIDhX4fBKCFe681iPZcFt7+d8Uca3enahCXYVaNqC1024PyYWV3wC/QROWq5h7TKJ3DeMllP7dzwhPtvPzFTJyMkbFzNOyrYizhALH9Ltylo8fNp4nVEuTnzc=; AWSALBTGCORS=2CyDB8SE0vKplsFIbuIwvdHx3g6kwri9PSQDjUlGJVDte5cNRoKdgBvUAvaIDhX4fBKCFe681iPZcFt7+d8Uca3enahCXYVaNqC1024PyYWV3wC/QROWq5h7TKJ3DeMllP7dzwhPtvPzFTJyMkbFzNOyrYizhALH9Ltylo8fNp4nVEuTnzc=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=6OAgKwC_bmuNoRJbzX-Ihg HTTP/1.1Host: tgir.app.taxConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://tgir.app.taxSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=; AWSALBTGCORS=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=Sec-WebSocket-Key: Et8d6CjYPxSkEvGWfTAkAA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=; AWSALBTGCORS=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=; AWSALBTGCORS=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537610707 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=/1uRAYwn6d5TR9K7NOVzb6Ju5OTYZGSISU4HJzTXGpy8cYWwaI8X2FAWVCib4d2ZeZ42ONCxx/chkqxf5OEdQqrkgxxPnFcbjLf+1e+mTs+pWOctaU41/fjWNXjExWziNEGFd+QUm/ROOu2sZQzKVjPdwo5qApp6u7XhRpFzFekSYr8CBsU=; AWSALBTGCORS=/1uRAYwn6d5TR9K7NOVzb6Ju5OTYZGSISU4HJzTXGpy8cYWwaI8X2FAWVCib4d2ZeZ42ONCxx/chkqxf5OEdQqrkgxxPnFcbjLf+1e+mTs+pWOctaU41/fjWNXjExWziNEGFd+QUm/ROOu2sZQzKVjPdwo5qApp6u7XhRpFzFekSYr8CBsU=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=/1uRAYwn6d5TR9K7NOVzb6Ju5OTYZGSISU4HJzTXGpy8cYWwaI8X2FAWVCib4d2ZeZ42ONCxx/chkqxf5OEdQqrkgxxPnFcbjLf+1e+mTs+pWOctaU41/fjWNXjExWziNEGFd+QUm/ROOu2sZQzKVjPdwo5qApp6u7XhRpFzFekSYr8CBsU=; AWSALBTGCORS=/1uRAYwn6d5TR9K7NOVzb6Ju5OTYZGSISU4HJzTXGpy8cYWwaI8X2FAWVCib4d2ZeZ42ONCxx/chkqxf5OEdQqrkgxxPnFcbjLf+1e+mTs+pWOctaU41/fjWNXjExWziNEGFd+QUm/ROOu2sZQzKVjPdwo5qApp6u7XhRpFzFekSYr8CBsU=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537611187 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=1ijxfOgHJQS0HAKueQiqhE9RP6NJ8ajlPMbIC1vMyIYdlSEAjJ6uNMU3r9Pz+97Tqg0gjOL0qCTfXRIcMEYWUm7IfQLY5WA2BjtlO6tnqAaCxKLZeUPA9guj6vxjRf9kCr/RtMgF0Ds1T1E5MP6N8BtSg3Jn7+SkS1xmZeHmMKFw1PqHEBI=; AWSALBTGCORS=1ijxfOgHJQS0HAKueQiqhE9RP6NJ8ajlPMbIC1vMyIYdlSEAjJ6uNMU3r9Pz+97Tqg0gjOL0qCTfXRIcMEYWUm7IfQLY5WA2BjtlO6tnqAaCxKLZeUPA9guj6vxjRf9kCr/RtMgF0Ds1T1E5MP6N8BtSg3Jn7+SkS1xmZeHmMKFw1PqHEBI=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537610707 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=qLHfXNBtWGQzc3NxQACtNZvPxlS7WllWX6qGUefQbp2ENa1vF/1lnocX5Xsxgu21r31KUCf8wx/ISfodVbpu/jYAxpmMtP3rTn9qfPx+X+mV8+sDIO83XFqYa5q9QC2cLuPYia2e9BnBNET0oomx50Bmz0gSP6CP7lX5VWgm18EgW2OfHug=; AWSALBTGCORS=qLHfXNBtWGQzc3NxQACtNZvPxlS7WllWX6qGUefQbp2ENa1vF/1lnocX5Xsxgu21r31KUCf8wx/ISfodVbpu/jYAxpmMtP3rTn9qfPx+X+mV8+sDIO83XFqYa5q9QC2cLuPYia2e9BnBNET0oomx50Bmz0gSP6CP7lX5VWgm18EgW2OfHug=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=lSf9JDIPz8UY1UzyvuOCvqOrmjCRlSHniK10iz188QBWmRzQgLIpxrGpWNjBC637QYyOqT9SoFgFlARoIIhwGZjed6t+1QFv02unBL0EIdj1Zdy+bUDp0y09pB3/JfBouDndaY939VuDPooUEee7RJ54XLXLJNp3FXV6nW41jprdreEVGFw=; AWSALBTGCORS=lSf9JDIPz8UY1UzyvuOCvqOrmjCRlSHniK10iz188QBWmRzQgLIpxrGpWNjBC637QYyOqT9SoFgFlARoIIhwGZjed6t+1QFv02unBL0EIdj1Zdy+bUDp0y09pB3/JfBouDndaY939VuDPooUEee7RJ54XLXLJNp3FXV6nW41jprdreEVGFw=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537611187 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=PbUtaWKU3+brwJVoyqiAcb3Yqi2rZfHSd1PGe1mOqU+GzndAr1yi8BtAB2wcJVC7c65CeMXEKwXsYMd8z1b+wjIGCXHafExHaWqvjGQjncejZH/mqTk0rzqCStnkVYD/242cY/sTAsWwUaPPEnlB6wTlZZO4aHIFyl8jT1tqZ7VoE/JRww0=; AWSALBTGCORS=PbUtaWKU3+brwJVoyqiAcb3Yqi2rZfHSd1PGe1mOqU+GzndAr1yi8BtAB2wcJVC7c65CeMXEKwXsYMd8z1b+wjIGCXHafExHaWqvjGQjncejZH/mqTk0rzqCStnkVYD/242cY/sTAsWwUaPPEnlB6wTlZZO4aHIFyl8jT1tqZ7VoE/JRww0=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537611682 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=PbUtaWKU3+brwJVoyqiAcb3Yqi2rZfHSd1PGe1mOqU+GzndAr1yi8BtAB2wcJVC7c65CeMXEKwXsYMd8z1b+wjIGCXHafExHaWqvjGQjncejZH/mqTk0rzqCStnkVYD/242cY/sTAsWwUaPPEnlB6wTlZZO4aHIFyl8jT1tqZ7VoE/JRww0=; AWSALBTGCORS=PbUtaWKU3+brwJVoyqiAcb3Yqi2rZfHSd1PGe1mOqU+GzndAr1yi8BtAB2wcJVC7c65CeMXEKwXsYMd8z1b+wjIGCXHafExHaWqvjGQjncejZH/mqTk0rzqCStnkVYD/242cY/sTAsWwUaPPEnlB6wTlZZO4aHIFyl8jT1tqZ7VoE/JRww0=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=c78sUB16VRIyR7ajTl3dRs6uaX+bq7U6cds6RHyv9jJhLZWqbViknpA2tF5Y2WYYOA2UfqJ8/nXuWenfWXFxi39XEq6tezBpxyGG53HPSY06sAoPwmD638HgHITz2ZkH1972QFLI+l0Vy9Qy2ekBRhEWpiUICAvjFRJM7YZw5vK2CRuVE6Y=; AWSALBTGCORS=c78sUB16VRIyR7ajTl3dRs6uaX+bq7U6cds6RHyv9jJhLZWqbViknpA2tF5Y2WYYOA2UfqJ8/nXuWenfWXFxi39XEq6tezBpxyGG53HPSY06sAoPwmD638HgHITz2ZkH1972QFLI+l0Vy9Qy2ekBRhEWpiUICAvjFRJM7YZw5vK2CRuVE6Y=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=cY7_Pj15Xd7BT0f9yCaRNA HTTP/1.1Host: tgir.app.taxConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://tgir.app.taxSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=QZEPJwQQrScGh/IDHpLBlNOXhthdVNz1++f0+kIcwqk86YaQ6dBo2BE0mKmtyX2DRiuDrUN2oQJBdh1iEUc2GRoWRE9/LsbdYxUVrEeRo0cYZpdOudOOnNazYJ9mSDXVEYs/11e5FAQXy+JsZNlN8RTujb/i8txfW0HzlAm3prs8Ti6CkNw=; AWSALBTGCORS=QZEPJwQQrScGh/IDHpLBlNOXhthdVNz1++f0+kIcwqk86YaQ6dBo2BE0mKmtyX2DRiuDrUN2oQJBdh1iEUc2GRoWRE9/LsbdYxUVrEeRo0cYZpdOudOOnNazYJ9mSDXVEYs/11e5FAQXy+JsZNlN8RTujb/i8txfW0HzlAm3prs8Ti6CkNw=Sec-WebSocket-Key: TiP1TOZ6QQNdCoSqpiPQBA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=QZEPJwQQrScGh/IDHpLBlNOXhthdVNz1++f0+kIcwqk86YaQ6dBo2BE0mKmtyX2DRiuDrUN2oQJBdh1iEUc2GRoWRE9/LsbdYxUVrEeRo0cYZpdOudOOnNazYJ9mSDXVEYs/11e5FAQXy+JsZNlN8RTujb/i8txfW0HzlAm3prs8Ti6CkNw=; AWSALBTGCORS=QZEPJwQQrScGh/IDHpLBlNOXhthdVNz1++f0+kIcwqk86YaQ6dBo2BE0mKmtyX2DRiuDrUN2oQJBdh1iEUc2GRoWRE9/LsbdYxUVrEeRo0cYZpdOudOOnNazYJ9mSDXVEYs/11e5FAQXy+JsZNlN8RTujb/i8txfW0HzlAm3prs8Ti6CkNw=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617378 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=iEcJ7f3VJ/nkX3Ah/snxO7+SUyzvKCIrt5syZuZnE1NJPK4l1d0WtcxmJHE+bgNQnS0yCD0oMoECVs4uwuuHVB64T6KsVe6yQh/pyaM54f8f8Lb5yaPp95h9sMojMl60db9lNoGtsCzWd1paf4QTKWqKu19SHSVi6BiWJ8IcSVyqXhsqSgM=; AWSALBTGCORS=iEcJ7f3VJ/nkX3Ah/snxO7+SUyzvKCIrt5syZuZnE1NJPK4l1d0WtcxmJHE+bgNQnS0yCD0oMoECVs4uwuuHVB64T6KsVe6yQh/pyaM54f8f8Lb5yaPp95h9sMojMl60db9lNoGtsCzWd1paf4QTKWqKu19SHSVi6BiWJ8IcSVyqXhsqSgM=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=iEcJ7f3VJ/nkX3Ah/snxO7+SUyzvKCIrt5syZuZnE1NJPK4l1d0WtcxmJHE+bgNQnS0yCD0oMoECVs4uwuuHVB64T6KsVe6yQh/pyaM54f8f8Lb5yaPp95h9sMojMl60db9lNoGtsCzWd1paf4QTKWqKu19SHSVi6BiWJ8IcSVyqXhsqSgM=; AWSALBTGCORS=iEcJ7f3VJ/nkX3Ah/snxO7+SUyzvKCIrt5syZuZnE1NJPK4l1d0WtcxmJHE+bgNQnS0yCD0oMoECVs4uwuuHVB64T6KsVe6yQh/pyaM54f8f8Lb5yaPp95h9sMojMl60db9lNoGtsCzWd1paf4QTKWqKu19SHSVi6BiWJ8IcSVyqXhsqSgM=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617885 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=bkFtfuWkDYMzur8YnCUGlJxG1ZmYKIeH7ureAtrUgchuScPCfrMwLMPsL4l4jRPEvGiBp2xOdRmo1A6Bw/mGoBBzsuL6fYnhfhVN7v88iqGk9KCVHdzQDubBtE/3klmnQS5gkyBw5w13XHjhSvlUJ0llIynhKAiLTsPZhBrqPQ3lKefUMos=; AWSALBTGCORS=bkFtfuWkDYMzur8YnCUGlJxG1ZmYKIeH7ureAtrUgchuScPCfrMwLMPsL4l4jRPEvGiBp2xOdRmo1A6Bw/mGoBBzsuL6fYnhfhVN7v88iqGk9KCVHdzQDubBtE/3klmnQS5gkyBw5w13XHjhSvlUJ0llIynhKAiLTsPZhBrqPQ3lKefUMos=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617378 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=eEOPLXNbLrX1VYluJ90GQ2AxQPd3YinZ3hKXaS227oX9wQXCDRr2iIJYJ6FrD81m9V/CM7gLZQWXtMtm9Ru/ZgQZpUd1W3Ylt4JJs8Dm6JEn2AtusCHE5Rc7H+zK9TZTxrhbr5gP7i0X7U9u44heCKvNZVVny5i13ejOjLDR7HPGISczSK0=; AWSALBTGCORS=eEOPLXNbLrX1VYluJ90GQ2AxQPd3YinZ3hKXaS227oX9wQXCDRr2iIJYJ6FrD81m9V/CM7gLZQWXtMtm9Ru/ZgQZpUd1W3Ylt4JJs8Dm6JEn2AtusCHE5Rc7H+zK9TZTxrhbr5gP7i0X7U9u44heCKvNZVVny5i13ejOjLDR7HPGISczSK0=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537618383 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=Qa7T0AtoM8oM0qMMWMK8BhQsfptyfcjubhv3XMJ61ZcalMv+3+lL6FR+wE5OurInt9XMYpdga4aGS7SL9xOQeTJKfscmaJId3/o97r+OLs/2X3hELLmOLDTR5P3hZq7PJYK1rj9YvRwNa5/Y6XgTrKsxU+xHC35nYshe/j3IpxqUweIHT4g=; AWSALBTGCORS=Qa7T0AtoM8oM0qMMWMK8BhQsfptyfcjubhv3XMJ61ZcalMv+3+lL6FR+wE5OurInt9XMYpdga4aGS7SL9xOQeTJKfscmaJId3/o97r+OLs/2X3hELLmOLDTR5P3hZq7PJYK1rj9YvRwNa5/Y6XgTrKsxU+xHC35nYshe/j3IpxqUweIHT4g=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=aBKjtDg2fhmKAlz8NUpla+SIaE58y207h2yGeqztWGMpIsmqpWr18/g3cIID0C6BTjwgpiLhgONuM97eaknUf5qFrJJojj2K9kB/92fNPNdfp5UGgcVF0FBMd85zkVFd16cmLKeiCtqm2MT6XjGAi7yLu/A5anCZOYpL+jT89c5QnJGCUS4=; AWSALBTGCORS=aBKjtDg2fhmKAlz8NUpla+SIaE58y207h2yGeqztWGMpIsmqpWr18/g3cIID0C6BTjwgpiLhgONuM97eaknUf5qFrJJojj2K9kB/92fNPNdfp5UGgcVF0FBMd85zkVFd16cmLKeiCtqm2MT6XjGAi7yLu/A5anCZOYpL+jT89c5QnJGCUS4=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617885 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=aBKjtDg2fhmKAlz8NUpla+SIaE58y207h2yGeqztWGMpIsmqpWr18/g3cIID0C6BTjwgpiLhgONuM97eaknUf5qFrJJojj2K9kB/92fNPNdfp5UGgcVF0FBMd85zkVFd16cmLKeiCtqm2MT6XjGAi7yLu/A5anCZOYpL+jT89c5QnJGCUS4=; AWSALBTGCORS=aBKjtDg2fhmKAlz8NUpla+SIaE58y207h2yGeqztWGMpIsmqpWr18/g3cIID0C6BTjwgpiLhgONuM97eaknUf5qFrJJojj2K9kB/92fNPNdfp5UGgcVF0FBMd85zkVFd16cmLKeiCtqm2MT6XjGAi7yLu/A5anCZOYpL+jT89c5QnJGCUS4=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=jueQUhcSINnHdTiDdWj8ZA HTTP/1.1Host: tgir.app.taxConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://tgir.app.taxSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=bpxkKBGxj7NDBqkcji8SsgXJiD52EexXqajQWBOs9zu+IdGah/nvWM56Kyow0g/nmmgSvyJSWjSSQYjYP/dDOGz22rwSwnPpF3SIpUz37iKwRjXd1XVmUX47bqoyAJ67oRca6VRlagZderfLTRps71CrWfQBSQKIAUR+pYbFmLOUJ8w5RsU=; AWSALBTGCORS=bpxkKBGxj7NDBqkcji8SsgXJiD52EexXqajQWBOs9zu+IdGah/nvWM56Kyow0g/nmmgSvyJSWjSSQYjYP/dDOGz22rwSwnPpF3SIpUz37iKwRjXd1XVmUX47bqoyAJ67oRca6VRlagZderfLTRps71CrWfQBSQKIAUR+pYbFmLOUJ8w5RsU=Sec-WebSocket-Key: hsSfuDLz8maBOi2RYe5Xow==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=bpxkKBGxj7NDBqkcji8SsgXJiD52EexXqajQWBOs9zu+IdGah/nvWM56Kyow0g/nmmgSvyJSWjSSQYjYP/dDOGz22rwSwnPpF3SIpUz37iKwRjXd1XVmUX47bqoyAJ67oRca6VRlagZderfLTRps71CrWfQBSQKIAUR+pYbFmLOUJ8w5RsU=; AWSALBTGCORS=bpxkKBGxj7NDBqkcji8SsgXJiD52EexXqajQWBOs9zu+IdGah/nvWM56Kyow0g/nmmgSvyJSWjSSQYjYP/dDOGz22rwSwnPpF3SIpUz37iKwRjXd1XVmUX47bqoyAJ67oRca6VRlagZderfLTRps71CrWfQBSQKIAUR+pYbFmLOUJ8w5RsU=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537639825 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=1UkP6thnBkWNJ7O/yBtLtvON4KdjWJBbtA+KBnEs53FbWIV3YRmR5nhWqKhtyugdGdGl+ro+umuJ0Z2zupyxdonYebUcHWaY+xGFnOqK2OEjX/PwOYsI/MnWXCU/5g7IfkcZPTxYnkem81fYXdMTwOr3q4fCUCzp/pKp5c4+CSBa7vc8kjQ=; AWSALBTGCORS=1UkP6thnBkWNJ7O/yBtLtvON4KdjWJBbtA+KBnEs53FbWIV3YRmR5nhWqKhtyugdGdGl+ro+umuJ0Z2zupyxdonYebUcHWaY+xGFnOqK2OEjX/PwOYsI/MnWXCU/5g7IfkcZPTxYnkem81fYXdMTwOr3q4fCUCzp/pKp5c4+CSBa7vc8kjQ=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=1UkP6thnBkWNJ7O/yBtLtvON4KdjWJBbtA+KBnEs53FbWIV3YRmR5nhWqKhtyugdGdGl+ro+umuJ0Z2zupyxdonYebUcHWaY+xGFnOqK2OEjX/PwOYsI/MnWXCU/5g7IfkcZPTxYnkem81fYXdMTwOr3q4fCUCzp/pKp5c4+CSBa7vc8kjQ=; AWSALBTGCORS=1UkP6thnBkWNJ7O/yBtLtvON4KdjWJBbtA+KBnEs53FbWIV3YRmR5nhWqKhtyugdGdGl+ro+umuJ0Z2zupyxdonYebUcHWaY+xGFnOqK2OEjX/PwOYsI/MnWXCU/5g7IfkcZPTxYnkem81fYXdMTwOr3q4fCUCzp/pKp5c4+CSBa7vc8kjQ=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537640315 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=uBiCalhUyU7YJpGO2gCU8ogBnw0MCJPvzOh9AZMbAZLvxZE7ATI9QySu1SC0JOMrqq/YmPywpglHYDOQwIkM282qb+foiwMvG9CR7jsd5W4bQqoXfKg+m+OdVgDUL+XQKQY5Nofh9ZUPwkbZXJJP4dbaS1EeSdhfF5DKMuaRLznSL08HiFo=; AWSALBTGCORS=uBiCalhUyU7YJpGO2gCU8ogBnw0MCJPvzOh9AZMbAZLvxZE7ATI9QySu1SC0JOMrqq/YmPywpglHYDOQwIkM282qb+foiwMvG9CR7jsd5W4bQqoXfKg+m+OdVgDUL+XQKQY5Nofh9ZUPwkbZXJJP4dbaS1EeSdhfF5DKMuaRLznSL08HiFo=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537639825 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=Lr6PepVymv3QGkFdKdKp4B4h+sGsym1ODW3QjzPNfLC9sY2+p1Xi4whORXZsdaVOUYvyZ8tA2OCjIc7AsCpt+xL+/yXyL5kaWJ9yUqnvW1vsqqo2gCLB0GNi/o5jOdnU+h/0GOIHtG5Ha+Enhf6CGXKj8Wwowslz5TYqTX8725dqH7mvOwI=; AWSALBTGCORS=Lr6PepVymv3QGkFdKdKp4B4h+sGsym1ODW3QjzPNfLC9sY2+p1Xi4whORXZsdaVOUYvyZ8tA2OCjIc7AsCpt+xL+/yXyL5kaWJ9yUqnvW1vsqqo2gCLB0GNi/o5jOdnU+h/0GOIHtG5Ha+Enhf6CGXKj8Wwowslz5TYqTX8725dqH7mvOwI=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=ayYZzW1gF4z1oM/9Ah8rKj8eZtcp8DCq+Qc7BTk6xOrV59OB3itQ9x4kdIEXV5iHbzuTh4mfGZdv2I3Ur9g72WgaEF1QSeWhp1Ox6XE5hOgJy5VEljrjat8OWSQy/suiP7hcQFcyk/H05f+Ld6FJGeXDgXW2boa1zvSMXddFaqONzQYUJ7M=; AWSALBTGCORS=ayYZzW1gF4z1oM/9Ah8rKj8eZtcp8DCq+Qc7BTk6xOrV59OB3itQ9x4kdIEXV5iHbzuTh4mfGZdv2I3Ur9g72WgaEF1QSeWhp1Ox6XE5hOgJy5VEljrjat8OWSQy/suiP7hcQFcyk/H05f+Ld6FJGeXDgXW2boa1zvSMXddFaqONzQYUJ7M=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537640826 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=SNcA/VF/QdfERXKrS9+sTnjJjNDu94X47J4gznSAjlFPRV+7vdU7XU+mWrHKTzaKnxQqi5mSXuDvhp2KshioQEiGNmG5DErc8tVYglbuxNWeDkUlngBPczFcRELpUHrLY8j3h0/JxHihLKuvqR7bHqCrFqMIYawk9ZjMcBNw7lMOb+flOwU=; AWSALBTGCORS=SNcA/VF/QdfERXKrS9+sTnjJjNDu94X47J4gznSAjlFPRV+7vdU7XU+mWrHKTzaKnxQqi5mSXuDvhp2KshioQEiGNmG5DErc8tVYglbuxNWeDkUlngBPczFcRELpUHrLY8j3h0/JxHihLKuvqR7bHqCrFqMIYawk9ZjMcBNw7lMOb+flOwU=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537640315 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=SNcA/VF/QdfERXKrS9+sTnjJjNDu94X47J4gznSAjlFPRV+7vdU7XU+mWrHKTzaKnxQqi5mSXuDvhp2KshioQEiGNmG5DErc8tVYglbuxNWeDkUlngBPczFcRELpUHrLY8j3h0/JxHihLKuvqR7bHqCrFqMIYawk9ZjMcBNw7lMOb+flOwU=; AWSALBTGCORS=SNcA/VF/QdfERXKrS9+sTnjJjNDu94X47J4gznSAjlFPRV+7vdU7XU+mWrHKTzaKnxQqi5mSXuDvhp2KshioQEiGNmG5DErc8tVYglbuxNWeDkUlngBPczFcRELpUHrLY8j3h0/JxHihLKuvqR7bHqCrFqMIYawk9ZjMcBNw7lMOb+flOwU=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=OrH3pvOKh_4ehpOqWt66rQ HTTP/1.1Host: tgir.app.taxConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://tgir.app.taxSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=512A2jVXHP3uOGjQTEIWRl9sxJNRMtPdGmjWFknrjXKuBK8mCyNoeM5pWq7JN+U0Jk+WcEif72SY3tefnc5nL2z+ww0e1mK7ILC/S25xVHJP3GqEfRaH9d3vWuY20tPS2A1iLt+PZGsExvW9C8OEGi2iFS9vtPwdHL7BcUH/LE68TagulE0=; AWSALBTGCORS=512A2jVXHP3uOGjQTEIWRl9sxJNRMtPdGmjWFknrjXKuBK8mCyNoeM5pWq7JN+U0Jk+WcEif72SY3tefnc5nL2z+ww0e1mK7ILC/S25xVHJP3GqEfRaH9d3vWuY20tPS2A1iLt+PZGsExvW9C8OEGi2iFS9vtPwdHL7BcUH/LE68TagulE0=Sec-WebSocket-Key: 8/4dZW6dKWvuyYjHsUEFGA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=512A2jVXHP3uOGjQTEIWRl9sxJNRMtPdGmjWFknrjXKuBK8mCyNoeM5pWq7JN+U0Jk+WcEif72SY3tefnc5nL2z+ww0e1mK7ILC/S25xVHJP3GqEfRaH9d3vWuY20tPS2A1iLt+PZGsExvW9C8OEGi2iFS9vtPwdHL7BcUH/LE68TagulE0=; AWSALBTGCORS=512A2jVXHP3uOGjQTEIWRl9sxJNRMtPdGmjWFknrjXKuBK8mCyNoeM5pWq7JN+U0Jk+WcEif72SY3tefnc5nL2z+ww0e1mK7ILC/S25xVHJP3GqEfRaH9d3vWuY20tPS2A1iLt+PZGsExvW9C8OEGi2iFS9vtPwdHL7BcUH/LE68TagulE0=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537662447 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=0+VptsYau7MRiUl3E+RqLpt1zvhzhoCySqkBGuARJPhagXR7vAg3ab75gUogsWY3fZ6oSFrq5HV0pFerxW0fDxt+zr/EEPngQtosb7SC9R4GWJKREFsJEM4b67sEinlrFlbzvwM4ujL0c5M3kp54kPXLCr6sL1m0bGbhh4Oc+yah/4pdByk=; AWSALBTGCORS=0+VptsYau7MRiUl3E+RqLpt1zvhzhoCySqkBGuARJPhagXR7vAg3ab75gUogsWY3fZ6oSFrq5HV0pFerxW0fDxt+zr/EEPngQtosb7SC9R4GWJKREFsJEM4b67sEinlrFlbzvwM4ujL0c5M3kp54kPXLCr6sL1m0bGbhh4Oc+yah/4pdByk=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=0+VptsYau7MRiUl3E+RqLpt1zvhzhoCySqkBGuARJPhagXR7vAg3ab75gUogsWY3fZ6oSFrq5HV0pFerxW0fDxt+zr/EEPngQtosb7SC9R4GWJKREFsJEM4b67sEinlrFlbzvwM4ujL0c5M3kp54kPXLCr6sL1m0bGbhh4Oc+yah/4pdByk=; AWSALBTGCORS=0+VptsYau7MRiUl3E+RqLpt1zvhzhoCySqkBGuARJPhagXR7vAg3ab75gUogsWY3fZ6oSFrq5HV0pFerxW0fDxt+zr/EEPngQtosb7SC9R4GWJKREFsJEM4b67sEinlrFlbzvwM4ujL0c5M3kp54kPXLCr6sL1m0bGbhh4Oc+yah/4pdByk=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537662447 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=KvoRuEuc6lmnIajO4dwMepaY6w5zyo0TlXozadkJcOOwFA1PCwyzbq2s+NaOMkVs5xpvUDStJT4qGx7MvVpvpWCO6fuhyNMY3F/vMSa+ViArLQuD5tC9QhoyhUJBC9jvCvDiVaYUwaY6iDGOfcN0sUdwmI8Vu53zSiB9WWG8XTOxIOjg9CY=; AWSALBTGCORS=KvoRuEuc6lmnIajO4dwMepaY6w5zyo0TlXozadkJcOOwFA1PCwyzbq2s+NaOMkVs5xpvUDStJT4qGx7MvVpvpWCO6fuhyNMY3F/vMSa+ViArLQuD5tC9QhoyhUJBC9jvCvDiVaYUwaY6iDGOfcN0sUdwmI8Vu53zSiB9WWG8XTOxIOjg9CY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537663054 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=KvoRuEuc6lmnIajO4dwMepaY6w5zyo0TlXozadkJcOOwFA1PCwyzbq2s+NaOMkVs5xpvUDStJT4qGx7MvVpvpWCO6fuhyNMY3F/vMSa+ViArLQuD5tC9QhoyhUJBC9jvCvDiVaYUwaY6iDGOfcN0sUdwmI8Vu53zSiB9WWG8XTOxIOjg9CY=; AWSALBTGCORS=KvoRuEuc6lmnIajO4dwMepaY6w5zyo0TlXozadkJcOOwFA1PCwyzbq2s+NaOMkVs5xpvUDStJT4qGx7MvVpvpWCO6fuhyNMY3F/vMSa+ViArLQuD5tC9QhoyhUJBC9jvCvDiVaYUwaY6iDGOfcN0sUdwmI8Vu53zSiB9WWG8XTOxIOjg9CY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537663872 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=; AWSALBTGCORS=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=; AWSALBTGCORS=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537663054 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=; AWSALBTGCORS=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=dlfhFiAw5G00Fj9QX1nC5w HTTP/1.1Host: tgir.app.taxConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://tgir.app.taxSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=JOIIy7VhWi7vRVsoODNGhPqoQfmgVooIyeZPiCzNMIbRLUtDI+Ed8FkD3ANLw8zCSAjbeOoTd5AWhIkh2XGvCuCt5+cnfSPeXhxTFDhNjFUA5Gw3otVSkK6pID4jWwIz67G8WFhIBjBGLQgyGP04YDCwpC3c6ktFclgfRIVA/0k+8WbkB6U=; AWSALBTGCORS=JOIIy7VhWi7vRVsoODNGhPqoQfmgVooIyeZPiCzNMIbRLUtDI+Ed8FkD3ANLw8zCSAjbeOoTd5AWhIkh2XGvCuCt5+cnfSPeXhxTFDhNjFUA5Gw3otVSkK6pID4jWwIz67G8WFhIBjBGLQgyGP04YDCwpC3c6ktFclgfRIVA/0k+8WbkB6U=Sec-WebSocket-Key: nlyTTx6Fld/etzrPgpnQVg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=JOIIy7VhWi7vRVsoODNGhPqoQfmgVooIyeZPiCzNMIbRLUtDI+Ed8FkD3ANLw8zCSAjbeOoTd5AWhIkh2XGvCuCt5+cnfSPeXhxTFDhNjFUA5Gw3otVSkK6pID4jWwIz67G8WFhIBjBGLQgyGP04YDCwpC3c6ktFclgfRIVA/0k+8WbkB6U=; AWSALBTGCORS=JOIIy7VhWi7vRVsoODNGhPqoQfmgVooIyeZPiCzNMIbRLUtDI+Ed8FkD3ANLw8zCSAjbeOoTd5AWhIkh2XGvCuCt5+cnfSPeXhxTFDhNjFUA5Gw3otVSkK6pID4jWwIz67G8WFhIBjBGLQgyGP04YDCwpC3c6ktFclgfRIVA/0k+8WbkB6U=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=+wDK1tUuqSffT43FuGW9SotI3MmoOAlhKzMZGbp5y5J55a3oM81K51txmBSe4Pm9wlwFiNKlEfKxmcwuNAAlXeCOKwuvUQ/aD0TEo8Xdu0Cq2mByafs7QYbNxXA91ikPXKNO3OXlfcskqYVA+pVJEk8YbgsEYbSMUgpwIKbrbZYYhAQi63M=; AWSALBTGCORS=+wDK1tUuqSffT43FuGW9SotI3MmoOAlhKzMZGbp5y5J55a3oM81K51txmBSe4Pm9wlwFiNKlEfKxmcwuNAAlXeCOKwuvUQ/aD0TEo8Xdu0Cq2mByafs7QYbNxXA91ikPXKNO3OXlfcskqYVA+pVJEk8YbgsEYbSMUgpwIKbrbZYYhAQi63M=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ&_=1713537685322 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=+wDK1tUuqSffT43FuGW9SotI3MmoOAlhKzMZGbp5y5J55a3oM81K51txmBSe4Pm9wlwFiNKlEfKxmcwuNAAlXeCOKwuvUQ/aD0TEo8Xdu0Cq2mByafs7QYbNxXA91ikPXKNO3OXlfcskqYVA+pVJEk8YbgsEYbSMUgpwIKbrbZYYhAQi63M=; AWSALBTGCORS=+wDK1tUuqSffT43FuGW9SotI3MmoOAlhKzMZGbp5y5J55a3oM81K51txmBSe4Pm9wlwFiNKlEfKxmcwuNAAlXeCOKwuvUQ/aD0TEo8Xdu0Cq2mByafs7QYbNxXA91ikPXKNO3OXlfcskqYVA+pVJEk8YbgsEYbSMUgpwIKbrbZYYhAQi63M=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ&_=1713537685322 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=zvPRpq0lrgdcDC9OYMIku8ln1IZOt1INdgWlTMVNlru4VLjEUyJ1DjLtkjTyS1C/GZ1mwOJWhu08uDPV/E7mIC4F3ykPorHUuEUmnFdPf0Aeih8QwVEMv4gJTMDtxg9KZjrOGclN77/Fu6LtmVckCIMBsoND7ZKWdLJcdBKGHXzjX3QuHcQ=; AWSALBTGCORS=zvPRpq0lrgdcDC9OYMIku8ln1IZOt1INdgWlTMVNlru4VLjEUyJ1DjLtkjTyS1C/GZ1mwOJWhu08uDPV/E7mIC4F3ykPorHUuEUmnFdPf0Aeih8QwVEMv4gJTMDtxg9KZjrOGclN77/Fu6LtmVckCIMBsoND7ZKWdLJcdBKGHXzjX3QuHcQ=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ&_=1713537685807 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=zvPRpq0lrgdcDC9OYMIku8ln1IZOt1INdgWlTMVNlru4VLjEUyJ1DjLtkjTyS1C/GZ1mwOJWhu08uDPV/E7mIC4F3ykPorHUuEUmnFdPf0Aeih8QwVEMv4gJTMDtxg9KZjrOGclN77/Fu6LtmVckCIMBsoND7ZKWdLJcdBKGHXzjX3QuHcQ=; AWSALBTGCORS=zvPRpq0lrgdcDC9OYMIku8ln1IZOt1INdgWlTMVNlru4VLjEUyJ1DjLtkjTyS1C/GZ1mwOJWhu08uDPV/E7mIC4F3ykPorHUuEUmnFdPf0Aeih8QwVEMv4gJTMDtxg9KZjrOGclN77/Fu6LtmVckCIMBsoND7ZKWdLJcdBKGHXzjX3QuHcQ=

Source: unknown

DNS traffic detected: queries for: portal.taxguardian.com

Source: unknown

HTTP traffic detected: POST /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveContent-Length: 0Cache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: */*Origin: https://tgir.app.taxSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=2CyDB8SE0vKplsFIbuIwvdHx3g6kwri9PSQDjUlGJVDte5cNRoKdgBvUAvaIDhX4fBKCFe681iPZcFt7+d8Uca3enahCXYVaNqC1024PyYWV3wC/QROWq5h7TKJ3DeMllP7dzwhPtvPzFTJyMkbFzNOyrYizhALH9Ltylo8fNp4nVEuTnzc=; AWSALBTGCORS=2CyDB8SE0vKplsFIbuIwvdHx3g6kwri9PSQDjUlGJVDte5cNRoKdgBvUAvaIDhX4fBKCFe681iPZcFt7+d8Uca3enahCXYVaNqC1024PyYWV3wC/QROWq5h7TKJ3DeMllP7dzwhPtvPzFTJyMkbFzNOyrYizhALH9Ltylo8fNp4nVEuTnzc=

Source: chromecache_49.2.dr	String found in binary or memory: https://evilmartians.com/chronicles/postcss-8-plugin-migration
Source: chromecache_49.2.dr	String found in binary or memory: https://github.com/browserslist/browserslist#readme
Source: chromecache_49.2.dr	String found in binary or memory: https://github.com/postcss/autoprefixer#readme
Source: chromecache_49.2.dr	String found in binary or memory: https://mths.be/cssesc
Source: chromecache_49.2.dr	String found in binary or memory: https://tailwindcss.com/docs/configuration#prefix
Source: chromecache_49.2.dr	String found in binary or memory: https://tailwindcss.com/docs/configuration#selector-strategy
Source: chromecache_49.2.dr	String found in binary or memory: https://tailwindcss.com/docs/using-with-preprocessors#nesting
Source: chromecache_49.2.dr	String found in binary or memory: https://twitter.com/browserslist
Source: chromecache_49.2.dr	String found in binary or memory: https://www.w3ctech.com/topic/2226

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: classification engine

Classification label: clean0.win@17/18@14/8

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1916,i,8787450946758814842,5685473267961392960,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://portal.taxguardian.com/oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1916,i,8787450946758814842,5685473267961392960,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
52.54.160.172	unknown	United States	14618	AMAZON-AESUS	false
35.244.189.201	cdn.withpersona.com	United States	15169	GOOGLEUS	false
173.194.219.103	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.22.48.87	ec1.optimumhst.com	United States	13335	CLOUDFLARENETUS	false
34.225.34.17	tgir.app.tax	United States	14618	AMAZON-AESUS	false

Private

IP
192.168.2.16
192.168.2.4

Contacted Domains

Name	IP	Active
tgir.app.tax	34.225.34.17	true
ec1.optimumhst.com	104.22.48.87	true
www.google.com	173.194.219.103	true
cdn.withpersona.com	35.244.189.201	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
windowsupdatebg.s.llnwi.net	69.164.42.0	true
portal.taxguardian.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://tgir.app.tax/_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617885	false	unknown
https://tgir.app.tax/_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537640826	false	unknown
https://tgir.app.tax/_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537611187	false	unknown
https://tgir.app.tax/_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537663872	false	unknown
https://tgir.app.tax/_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537611682	false	unknown
https://tgir.app.tax/js/tailwind.js	false	unknown
https://tgir.app.tax/?req=y6_Ocxb12wg	false	unknown
https://tgir.app.tax/_blazor?id=ZODOASwsuykE2w6jl1FA1g	false	unknown
https://tgir.app.tax/_blazor?id=dlfhFiAw5G00Fj9QX1nC5w	false	unknown
https://tgir.app.tax/_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537663054	false	unknown
https://tgir.app.tax/css/site.css	false	unknown
https://tgir.app.tax/_blazor/negotiate?negotiateVersion=1	false	unknown
https://tgir.app.tax/_blazor?id=VRoY3yOcuAigPOENiskyZQ	false	unknown
https://tgir.app.tax/_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ&_=1713537685807	false	unknown
https://cdn.withpersona.com/dist/persona-v4.7.1.js	false	unknown
https://tgir.app.tax/_blazor?id=fMleuASZSmAVKQ4V-jVBwA	false	unknown
https://tgir.app.tax/_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ	false	unknown
https://tgir.app.tax/favicon.ico	false	unknown
https://tgir.app.tax/_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537610707	false	unknown
https://tgir.app.tax/_blazor?id=jueQUhcSINnHdTiDdWj8ZA	false	unknown
https://tgir.app.tax/_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617378	false	unknown
https://tgir.app.tax/_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537639825	false	unknown
https://tgir.app.tax/js/loader.js	false	unknown
https://tgir.app.tax/_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ&_=1713537685322	false	unknown
https://tgir.app.tax/_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537618383	false	unknown
https://portal.taxguardian.com/oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw	false	unknown
https://tgir.app.tax/_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537640315	false	unknown
https://tgir.app.tax/_blazor?id=OrH3pvOKh_4ehpOqWt66rQ	false	unknown
https://tgir.app.tax/_blazor?id=6OAgKwC_bmuNoRJbzX-Ihg	false	unknown
https://tgir.app.tax/_blazor?id=cY7_Pj15Xd7BT0f9yCaRNA	false	unknown
https://tgir.app.tax/_blazor?id=y3F7mGkkxxsgmnxt56NaMQ	false	unknown
https://tgir.app.tax/_framework/blazor.server.js	false	unknown
https://tgir.app.tax/_blazor/initializers	false	unknown
https://tgir.app.tax/_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537662447	false	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 45	ASCII text, with very long lines (1687), with CRLF line terminators	08871A2D872D8D56692BF14D2F483047	A261D85787E5D8F1BBDD4AEB58B8B603870E96AD	F952F39003284783E92F66712E8CD38E8CCC0433F3F956229306087CB8A32DE8
Chrome Cache Entry: 46	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	7C52C1FAC25336ACE35C5A0527DD8E98	E28ABE1CB320D2F0A6400383D46EDD972B9394C6	77AED114FE8FE3098EE08A085EF5467ECCC09C36B2BE6CF784EEF85FBEDBD056
Chrome Cache Entry: 47	HTML document, ASCII text, with CRLF line terminators	8D1D051E58C7E7FCB6DA50F32355E121	E84DADFEB1F88DBB5E9856BED73CB7D2DAE68697	013D6BB198A9ECD19E2B74F7B8994FE802CB49DE27B46F731D827B344D4B9DB9
Chrome Cache Entry: 48	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
Chrome Cache Entry: 49	Unicode text, UTF-8 (with BOM) text, with very long lines (57978), with CRLF line terminators	A8701A26036B6D2C2184B2C53396396F	7DAFB6FB410D5CCC4FA922EE926C277AB9F39449	5E566C076736A9CC4F7A8132C97480386DFFD187DE7428F804AC90D95E319EA8
Chrome Cache Entry: 50	MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel	969EE44917D5486A449DA32953053078	81FADB932F812893905FBC8342CC1C935BEA2ED7	5FF6A2D7AC3A57CED73B42B13B6273FF75077F6D569FD1189DBD7D2BA797C432
Chrome Cache Entry: 51	Unicode text, UTF-8 text, with very long lines (65275)	9ED233C4CF38FB9B7F2EBC4892234567	E2E9208BBDA6593E8F2A9B2EF30C71B69822D848	0AD80BAD5B3F65CE67DF85A1004B0433E272AA2E04680B2B3BA202B3C6A71BD9
Chrome Cache Entry: 52	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
Chrome Cache Entry: 53	ASCII text, with very long lines (65536), with no line terminators	6E35A48DA6DF62F7E5E98F73F29FE7F8	E41E19201F4F73BC784727471977A5DBF9979BB8	24BC10D0D7489E9B4ED6CCBE3CDFFF068622BFA87F229101D2B0D0F6923C14CF
Chrome Cache Entry: 54	MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel	969EE44917D5486A449DA32953053078	81FADB932F812893905FBC8342CC1C935BEA2ED7	5FF6A2D7AC3A57CED73B42B13B6273FF75077F6D569FD1189DBD7D2BA797C432
Chrome Cache Entry: 55	HTML document, ASCII text, with CRLF line terminators	8D1D051E58C7E7FCB6DA50F32355E121	E84DADFEB1F88DBB5E9856BED73CB7D2DAE68697	013D6BB198A9ECD19E2B74F7B8994FE802CB49DE27B46F731D827B344D4B9DB9

There are no high impact signatures.

Source: https://tgir.app.tax/?req=y6_Ocxb12wg	HTTP Parser: No favicon
Source: https://tgir.app.tax/?req=y6_Ocxb12wg	HTTP Parser: No favicon
Source: https://tgir.app.tax/?req=y6_Ocxb12wg	HTTP Parser: No favicon
Source: https://tgir.app.tax/?req=y6_Ocxb12wg	HTTP Parser: No favicon

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.40.205.26
Source: unknown	TCP traffic detected without corresponding DNS query: 23.47.204.49
Source: unknown	TCP traffic detected without corresponding DNS query: 23.40.205.26
Source: unknown	TCP traffic detected without corresponding DNS query: 23.47.204.49
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw HTTP/1.1Host: portal.taxguardian.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?req=y6_Ocxb12wg HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/site.css HTTP/1.1Host: tgir.app.taxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=; AWSALBTGCORS=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=
Source: global traffic	HTTP traffic detected: GET /js/loader.js HTTP/1.1Host: tgir.app.taxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=; AWSALBTGCORS=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=
Source: global traffic	HTTP traffic detected: GET /js/tailwind.js HTTP/1.1Host: tgir.app.taxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=; AWSALBTGCORS=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=
Source: global traffic	HTTP traffic detected: GET /_framework/blazor.server.js HTTP/1.1Host: tgir.app.taxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=; AWSALBTGCORS=mdtMB8FdlkuLFQD+ECZ7q0cMiMNMAdsCzkQHjuV0WOJ7EPkbSc2Xrer9X1818t2Hz8xVk2j1ZsKuCUtvXhwCOsklao5GtbFgQVqjnRcxk28ZeQjFFnBmDGr33BEf1OE/CUuNtI60VwcNfAcvfeLV46BOoonhIqu/t502KD0VPnivxM7Awd4=
Source: global traffic	HTTP traffic detected: GET /dist/persona-v4.7.1.js HTTP/1.1Host: cdn.withpersona.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://tgir.app.tax/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_blazor/initializers HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=iZTUpebNvkG0GYB5d2WOAJMlfqw8gCnDkfN75q3bUacrkUQYqcIRDHertYhyoJuclHkbLK4cZmPU+xgJVDWQH7gBklwOoZPZWmQ6+dbyNDTGtcECttOogHHUJo76GJwoH4s15uuGNZRi/Shi2xqGKQRsUu7fu6tXhJwuTh5kOFihCCWK4wU=; AWSALBTGCORS=iZTUpebNvkG0GYB5d2WOAJMlfqw8gCnDkfN75q3bUacrkUQYqcIRDHertYhyoJuclHkbLK4cZmPU+xgJVDWQH7gBklwOoZPZWmQ6+dbyNDTGtcECttOogHHUJo76GJwoH4s15uuGNZRi/Shi2xqGKQRsUu7fu6tXhJwuTh5kOFihCCWK4wU=
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: tgir.app.taxConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=iZTUpebNvkG0GYB5d2WOAJMlfqw8gCnDkfN75q3bUacrkUQYqcIRDHertYhyoJuclHkbLK4cZmPU+xgJVDWQH7gBklwOoZPZWmQ6+dbyNDTGtcECttOogHHUJo76GJwoH4s15uuGNZRi/Shi2xqGKQRsUu7fu6tXhJwuTh5kOFihCCWK4wU=; AWSALBTGCORS=iZTUpebNvkG0GYB5d2WOAJMlfqw8gCnDkfN75q3bUacrkUQYqcIRDHertYhyoJuclHkbLK4cZmPU+xgJVDWQH7gBklwOoZPZWmQ6+dbyNDTGtcECttOogHHUJo76GJwoH4s15uuGNZRi/Shi2xqGKQRsUu7fu6tXhJwuTh5kOFihCCWK4wU=
Source: global traffic	HTTP traffic detected: GET /_blazor/initializers HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=2CyDB8SE0vKplsFIbuIwvdHx3g6kwri9PSQDjUlGJVDte5cNRoKdgBvUAvaIDhX4fBKCFe681iPZcFt7+d8Uca3enahCXYVaNqC1024PyYWV3wC/QROWq5h7TKJ3DeMllP7dzwhPtvPzFTJyMkbFzNOyrYizhALH9Ltylo8fNp4nVEuTnzc=; AWSALBTGCORS=2CyDB8SE0vKplsFIbuIwvdHx3g6kwri9PSQDjUlGJVDte5cNRoKdgBvUAvaIDhX4fBKCFe681iPZcFt7+d8Uca3enahCXYVaNqC1024PyYWV3wC/QROWq5h7TKJ3DeMllP7dzwhPtvPzFTJyMkbFzNOyrYizhALH9Ltylo8fNp4nVEuTnzc=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=6OAgKwC_bmuNoRJbzX-Ihg HTTP/1.1Host: tgir.app.taxConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://tgir.app.taxSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=; AWSALBTGCORS=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=Sec-WebSocket-Key: Et8d6CjYPxSkEvGWfTAkAA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=; AWSALBTGCORS=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=; AWSALBTGCORS=jYYp33lhnRcuTT3vHY6MnHMXNEdGj0JqGTuhXLJiZtPRurnyM90unE2xbjG8f1jRX6lmhaed8ffKyOXXwrG2F5dBdPhKWLO0oLUDZiBG/3WwOfziYfd/N5+Bcp2TMXor49jDjU0jGYEjIvqs0X0wJyo0IzH1F0PgUlwD/JxlibslAxpRRbY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537610707 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=/1uRAYwn6d5TR9K7NOVzb6Ju5OTYZGSISU4HJzTXGpy8cYWwaI8X2FAWVCib4d2ZeZ42ONCxx/chkqxf5OEdQqrkgxxPnFcbjLf+1e+mTs+pWOctaU41/fjWNXjExWziNEGFd+QUm/ROOu2sZQzKVjPdwo5qApp6u7XhRpFzFekSYr8CBsU=; AWSALBTGCORS=/1uRAYwn6d5TR9K7NOVzb6Ju5OTYZGSISU4HJzTXGpy8cYWwaI8X2FAWVCib4d2ZeZ42ONCxx/chkqxf5OEdQqrkgxxPnFcbjLf+1e+mTs+pWOctaU41/fjWNXjExWziNEGFd+QUm/ROOu2sZQzKVjPdwo5qApp6u7XhRpFzFekSYr8CBsU=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=/1uRAYwn6d5TR9K7NOVzb6Ju5OTYZGSISU4HJzTXGpy8cYWwaI8X2FAWVCib4d2ZeZ42ONCxx/chkqxf5OEdQqrkgxxPnFcbjLf+1e+mTs+pWOctaU41/fjWNXjExWziNEGFd+QUm/ROOu2sZQzKVjPdwo5qApp6u7XhRpFzFekSYr8CBsU=; AWSALBTGCORS=/1uRAYwn6d5TR9K7NOVzb6Ju5OTYZGSISU4HJzTXGpy8cYWwaI8X2FAWVCib4d2ZeZ42ONCxx/chkqxf5OEdQqrkgxxPnFcbjLf+1e+mTs+pWOctaU41/fjWNXjExWziNEGFd+QUm/ROOu2sZQzKVjPdwo5qApp6u7XhRpFzFekSYr8CBsU=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537611187 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=1ijxfOgHJQS0HAKueQiqhE9RP6NJ8ajlPMbIC1vMyIYdlSEAjJ6uNMU3r9Pz+97Tqg0gjOL0qCTfXRIcMEYWUm7IfQLY5WA2BjtlO6tnqAaCxKLZeUPA9guj6vxjRf9kCr/RtMgF0Ds1T1E5MP6N8BtSg3Jn7+SkS1xmZeHmMKFw1PqHEBI=; AWSALBTGCORS=1ijxfOgHJQS0HAKueQiqhE9RP6NJ8ajlPMbIC1vMyIYdlSEAjJ6uNMU3r9Pz+97Tqg0gjOL0qCTfXRIcMEYWUm7IfQLY5WA2BjtlO6tnqAaCxKLZeUPA9guj6vxjRf9kCr/RtMgF0Ds1T1E5MP6N8BtSg3Jn7+SkS1xmZeHmMKFw1PqHEBI=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537610707 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=qLHfXNBtWGQzc3NxQACtNZvPxlS7WllWX6qGUefQbp2ENa1vF/1lnocX5Xsxgu21r31KUCf8wx/ISfodVbpu/jYAxpmMtP3rTn9qfPx+X+mV8+sDIO83XFqYa5q9QC2cLuPYia2e9BnBNET0oomx50Bmz0gSP6CP7lX5VWgm18EgW2OfHug=; AWSALBTGCORS=qLHfXNBtWGQzc3NxQACtNZvPxlS7WllWX6qGUefQbp2ENa1vF/1lnocX5Xsxgu21r31KUCf8wx/ISfodVbpu/jYAxpmMtP3rTn9qfPx+X+mV8+sDIO83XFqYa5q9QC2cLuPYia2e9BnBNET0oomx50Bmz0gSP6CP7lX5VWgm18EgW2OfHug=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=lSf9JDIPz8UY1UzyvuOCvqOrmjCRlSHniK10iz188QBWmRzQgLIpxrGpWNjBC637QYyOqT9SoFgFlARoIIhwGZjed6t+1QFv02unBL0EIdj1Zdy+bUDp0y09pB3/JfBouDndaY939VuDPooUEee7RJ54XLXLJNp3FXV6nW41jprdreEVGFw=; AWSALBTGCORS=lSf9JDIPz8UY1UzyvuOCvqOrmjCRlSHniK10iz188QBWmRzQgLIpxrGpWNjBC637QYyOqT9SoFgFlARoIIhwGZjed6t+1QFv02unBL0EIdj1Zdy+bUDp0y09pB3/JfBouDndaY939VuDPooUEee7RJ54XLXLJNp3FXV6nW41jprdreEVGFw=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537611187 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=PbUtaWKU3+brwJVoyqiAcb3Yqi2rZfHSd1PGe1mOqU+GzndAr1yi8BtAB2wcJVC7c65CeMXEKwXsYMd8z1b+wjIGCXHafExHaWqvjGQjncejZH/mqTk0rzqCStnkVYD/242cY/sTAsWwUaPPEnlB6wTlZZO4aHIFyl8jT1tqZ7VoE/JRww0=; AWSALBTGCORS=PbUtaWKU3+brwJVoyqiAcb3Yqi2rZfHSd1PGe1mOqU+GzndAr1yi8BtAB2wcJVC7c65CeMXEKwXsYMd8z1b+wjIGCXHafExHaWqvjGQjncejZH/mqTk0rzqCStnkVYD/242cY/sTAsWwUaPPEnlB6wTlZZO4aHIFyl8jT1tqZ7VoE/JRww0=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537611682 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=PbUtaWKU3+brwJVoyqiAcb3Yqi2rZfHSd1PGe1mOqU+GzndAr1yi8BtAB2wcJVC7c65CeMXEKwXsYMd8z1b+wjIGCXHafExHaWqvjGQjncejZH/mqTk0rzqCStnkVYD/242cY/sTAsWwUaPPEnlB6wTlZZO4aHIFyl8jT1tqZ7VoE/JRww0=; AWSALBTGCORS=PbUtaWKU3+brwJVoyqiAcb3Yqi2rZfHSd1PGe1mOqU+GzndAr1yi8BtAB2wcJVC7c65CeMXEKwXsYMd8z1b+wjIGCXHafExHaWqvjGQjncejZH/mqTk0rzqCStnkVYD/242cY/sTAsWwUaPPEnlB6wTlZZO4aHIFyl8jT1tqZ7VoE/JRww0=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=fMleuASZSmAVKQ4V-jVBwA HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=c78sUB16VRIyR7ajTl3dRs6uaX+bq7U6cds6RHyv9jJhLZWqbViknpA2tF5Y2WYYOA2UfqJ8/nXuWenfWXFxi39XEq6tezBpxyGG53HPSY06sAoPwmD638HgHITz2ZkH1972QFLI+l0Vy9Qy2ekBRhEWpiUICAvjFRJM7YZw5vK2CRuVE6Y=; AWSALBTGCORS=c78sUB16VRIyR7ajTl3dRs6uaX+bq7U6cds6RHyv9jJhLZWqbViknpA2tF5Y2WYYOA2UfqJ8/nXuWenfWXFxi39XEq6tezBpxyGG53HPSY06sAoPwmD638HgHITz2ZkH1972QFLI+l0Vy9Qy2ekBRhEWpiUICAvjFRJM7YZw5vK2CRuVE6Y=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=cY7_Pj15Xd7BT0f9yCaRNA HTTP/1.1Host: tgir.app.taxConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://tgir.app.taxSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=QZEPJwQQrScGh/IDHpLBlNOXhthdVNz1++f0+kIcwqk86YaQ6dBo2BE0mKmtyX2DRiuDrUN2oQJBdh1iEUc2GRoWRE9/LsbdYxUVrEeRo0cYZpdOudOOnNazYJ9mSDXVEYs/11e5FAQXy+JsZNlN8RTujb/i8txfW0HzlAm3prs8Ti6CkNw=; AWSALBTGCORS=QZEPJwQQrScGh/IDHpLBlNOXhthdVNz1++f0+kIcwqk86YaQ6dBo2BE0mKmtyX2DRiuDrUN2oQJBdh1iEUc2GRoWRE9/LsbdYxUVrEeRo0cYZpdOudOOnNazYJ9mSDXVEYs/11e5FAQXy+JsZNlN8RTujb/i8txfW0HzlAm3prs8Ti6CkNw=Sec-WebSocket-Key: TiP1TOZ6QQNdCoSqpiPQBA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=QZEPJwQQrScGh/IDHpLBlNOXhthdVNz1++f0+kIcwqk86YaQ6dBo2BE0mKmtyX2DRiuDrUN2oQJBdh1iEUc2GRoWRE9/LsbdYxUVrEeRo0cYZpdOudOOnNazYJ9mSDXVEYs/11e5FAQXy+JsZNlN8RTujb/i8txfW0HzlAm3prs8Ti6CkNw=; AWSALBTGCORS=QZEPJwQQrScGh/IDHpLBlNOXhthdVNz1++f0+kIcwqk86YaQ6dBo2BE0mKmtyX2DRiuDrUN2oQJBdh1iEUc2GRoWRE9/LsbdYxUVrEeRo0cYZpdOudOOnNazYJ9mSDXVEYs/11e5FAQXy+JsZNlN8RTujb/i8txfW0HzlAm3prs8Ti6CkNw=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617378 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=iEcJ7f3VJ/nkX3Ah/snxO7+SUyzvKCIrt5syZuZnE1NJPK4l1d0WtcxmJHE+bgNQnS0yCD0oMoECVs4uwuuHVB64T6KsVe6yQh/pyaM54f8f8Lb5yaPp95h9sMojMl60db9lNoGtsCzWd1paf4QTKWqKu19SHSVi6BiWJ8IcSVyqXhsqSgM=; AWSALBTGCORS=iEcJ7f3VJ/nkX3Ah/snxO7+SUyzvKCIrt5syZuZnE1NJPK4l1d0WtcxmJHE+bgNQnS0yCD0oMoECVs4uwuuHVB64T6KsVe6yQh/pyaM54f8f8Lb5yaPp95h9sMojMl60db9lNoGtsCzWd1paf4QTKWqKu19SHSVi6BiWJ8IcSVyqXhsqSgM=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=iEcJ7f3VJ/nkX3Ah/snxO7+SUyzvKCIrt5syZuZnE1NJPK4l1d0WtcxmJHE+bgNQnS0yCD0oMoECVs4uwuuHVB64T6KsVe6yQh/pyaM54f8f8Lb5yaPp95h9sMojMl60db9lNoGtsCzWd1paf4QTKWqKu19SHSVi6BiWJ8IcSVyqXhsqSgM=; AWSALBTGCORS=iEcJ7f3VJ/nkX3Ah/snxO7+SUyzvKCIrt5syZuZnE1NJPK4l1d0WtcxmJHE+bgNQnS0yCD0oMoECVs4uwuuHVB64T6KsVe6yQh/pyaM54f8f8Lb5yaPp95h9sMojMl60db9lNoGtsCzWd1paf4QTKWqKu19SHSVi6BiWJ8IcSVyqXhsqSgM=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617885 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=bkFtfuWkDYMzur8YnCUGlJxG1ZmYKIeH7ureAtrUgchuScPCfrMwLMPsL4l4jRPEvGiBp2xOdRmo1A6Bw/mGoBBzsuL6fYnhfhVN7v88iqGk9KCVHdzQDubBtE/3klmnQS5gkyBw5w13XHjhSvlUJ0llIynhKAiLTsPZhBrqPQ3lKefUMos=; AWSALBTGCORS=bkFtfuWkDYMzur8YnCUGlJxG1ZmYKIeH7ureAtrUgchuScPCfrMwLMPsL4l4jRPEvGiBp2xOdRmo1A6Bw/mGoBBzsuL6fYnhfhVN7v88iqGk9KCVHdzQDubBtE/3klmnQS5gkyBw5w13XHjhSvlUJ0llIynhKAiLTsPZhBrqPQ3lKefUMos=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617378 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=eEOPLXNbLrX1VYluJ90GQ2AxQPd3YinZ3hKXaS227oX9wQXCDRr2iIJYJ6FrD81m9V/CM7gLZQWXtMtm9Ru/ZgQZpUd1W3Ylt4JJs8Dm6JEn2AtusCHE5Rc7H+zK9TZTxrhbr5gP7i0X7U9u44heCKvNZVVny5i13ejOjLDR7HPGISczSK0=; AWSALBTGCORS=eEOPLXNbLrX1VYluJ90GQ2AxQPd3YinZ3hKXaS227oX9wQXCDRr2iIJYJ6FrD81m9V/CM7gLZQWXtMtm9Ru/ZgQZpUd1W3Ylt4JJs8Dm6JEn2AtusCHE5Rc7H+zK9TZTxrhbr5gP7i0X7U9u44heCKvNZVVny5i13ejOjLDR7HPGISczSK0=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537618383 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=Qa7T0AtoM8oM0qMMWMK8BhQsfptyfcjubhv3XMJ61ZcalMv+3+lL6FR+wE5OurInt9XMYpdga4aGS7SL9xOQeTJKfscmaJId3/o97r+OLs/2X3hELLmOLDTR5P3hZq7PJYK1rj9YvRwNa5/Y6XgTrKsxU+xHC35nYshe/j3IpxqUweIHT4g=; AWSALBTGCORS=Qa7T0AtoM8oM0qMMWMK8BhQsfptyfcjubhv3XMJ61ZcalMv+3+lL6FR+wE5OurInt9XMYpdga4aGS7SL9xOQeTJKfscmaJId3/o97r+OLs/2X3hELLmOLDTR5P3hZq7PJYK1rj9YvRwNa5/Y6XgTrKsxU+xHC35nYshe/j3IpxqUweIHT4g=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=aBKjtDg2fhmKAlz8NUpla+SIaE58y207h2yGeqztWGMpIsmqpWr18/g3cIID0C6BTjwgpiLhgONuM97eaknUf5qFrJJojj2K9kB/92fNPNdfp5UGgcVF0FBMd85zkVFd16cmLKeiCtqm2MT6XjGAi7yLu/A5anCZOYpL+jT89c5QnJGCUS4=; AWSALBTGCORS=aBKjtDg2fhmKAlz8NUpla+SIaE58y207h2yGeqztWGMpIsmqpWr18/g3cIID0C6BTjwgpiLhgONuM97eaknUf5qFrJJojj2K9kB/92fNPNdfp5UGgcVF0FBMd85zkVFd16cmLKeiCtqm2MT6XjGAi7yLu/A5anCZOYpL+jT89c5QnJGCUS4=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617885 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=aBKjtDg2fhmKAlz8NUpla+SIaE58y207h2yGeqztWGMpIsmqpWr18/g3cIID0C6BTjwgpiLhgONuM97eaknUf5qFrJJojj2K9kB/92fNPNdfp5UGgcVF0FBMd85zkVFd16cmLKeiCtqm2MT6XjGAi7yLu/A5anCZOYpL+jT89c5QnJGCUS4=; AWSALBTGCORS=aBKjtDg2fhmKAlz8NUpla+SIaE58y207h2yGeqztWGMpIsmqpWr18/g3cIID0C6BTjwgpiLhgONuM97eaknUf5qFrJJojj2K9kB/92fNPNdfp5UGgcVF0FBMd85zkVFd16cmLKeiCtqm2MT6XjGAi7yLu/A5anCZOYpL+jT89c5QnJGCUS4=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=jueQUhcSINnHdTiDdWj8ZA HTTP/1.1Host: tgir.app.taxConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://tgir.app.taxSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=bpxkKBGxj7NDBqkcji8SsgXJiD52EexXqajQWBOs9zu+IdGah/nvWM56Kyow0g/nmmgSvyJSWjSSQYjYP/dDOGz22rwSwnPpF3SIpUz37iKwRjXd1XVmUX47bqoyAJ67oRca6VRlagZderfLTRps71CrWfQBSQKIAUR+pYbFmLOUJ8w5RsU=; AWSALBTGCORS=bpxkKBGxj7NDBqkcji8SsgXJiD52EexXqajQWBOs9zu+IdGah/nvWM56Kyow0g/nmmgSvyJSWjSSQYjYP/dDOGz22rwSwnPpF3SIpUz37iKwRjXd1XVmUX47bqoyAJ67oRca6VRlagZderfLTRps71CrWfQBSQKIAUR+pYbFmLOUJ8w5RsU=Sec-WebSocket-Key: hsSfuDLz8maBOi2RYe5Xow==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=bpxkKBGxj7NDBqkcji8SsgXJiD52EexXqajQWBOs9zu+IdGah/nvWM56Kyow0g/nmmgSvyJSWjSSQYjYP/dDOGz22rwSwnPpF3SIpUz37iKwRjXd1XVmUX47bqoyAJ67oRca6VRlagZderfLTRps71CrWfQBSQKIAUR+pYbFmLOUJ8w5RsU=; AWSALBTGCORS=bpxkKBGxj7NDBqkcji8SsgXJiD52EexXqajQWBOs9zu+IdGah/nvWM56Kyow0g/nmmgSvyJSWjSSQYjYP/dDOGz22rwSwnPpF3SIpUz37iKwRjXd1XVmUX47bqoyAJ67oRca6VRlagZderfLTRps71CrWfQBSQKIAUR+pYbFmLOUJ8w5RsU=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537639825 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=1UkP6thnBkWNJ7O/yBtLtvON4KdjWJBbtA+KBnEs53FbWIV3YRmR5nhWqKhtyugdGdGl+ro+umuJ0Z2zupyxdonYebUcHWaY+xGFnOqK2OEjX/PwOYsI/MnWXCU/5g7IfkcZPTxYnkem81fYXdMTwOr3q4fCUCzp/pKp5c4+CSBa7vc8kjQ=; AWSALBTGCORS=1UkP6thnBkWNJ7O/yBtLtvON4KdjWJBbtA+KBnEs53FbWIV3YRmR5nhWqKhtyugdGdGl+ro+umuJ0Z2zupyxdonYebUcHWaY+xGFnOqK2OEjX/PwOYsI/MnWXCU/5g7IfkcZPTxYnkem81fYXdMTwOr3q4fCUCzp/pKp5c4+CSBa7vc8kjQ=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=1UkP6thnBkWNJ7O/yBtLtvON4KdjWJBbtA+KBnEs53FbWIV3YRmR5nhWqKhtyugdGdGl+ro+umuJ0Z2zupyxdonYebUcHWaY+xGFnOqK2OEjX/PwOYsI/MnWXCU/5g7IfkcZPTxYnkem81fYXdMTwOr3q4fCUCzp/pKp5c4+CSBa7vc8kjQ=; AWSALBTGCORS=1UkP6thnBkWNJ7O/yBtLtvON4KdjWJBbtA+KBnEs53FbWIV3YRmR5nhWqKhtyugdGdGl+ro+umuJ0Z2zupyxdonYebUcHWaY+xGFnOqK2OEjX/PwOYsI/MnWXCU/5g7IfkcZPTxYnkem81fYXdMTwOr3q4fCUCzp/pKp5c4+CSBa7vc8kjQ=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537640315 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=uBiCalhUyU7YJpGO2gCU8ogBnw0MCJPvzOh9AZMbAZLvxZE7ATI9QySu1SC0JOMrqq/YmPywpglHYDOQwIkM282qb+foiwMvG9CR7jsd5W4bQqoXfKg+m+OdVgDUL+XQKQY5Nofh9ZUPwkbZXJJP4dbaS1EeSdhfF5DKMuaRLznSL08HiFo=; AWSALBTGCORS=uBiCalhUyU7YJpGO2gCU8ogBnw0MCJPvzOh9AZMbAZLvxZE7ATI9QySu1SC0JOMrqq/YmPywpglHYDOQwIkM282qb+foiwMvG9CR7jsd5W4bQqoXfKg+m+OdVgDUL+XQKQY5Nofh9ZUPwkbZXJJP4dbaS1EeSdhfF5DKMuaRLznSL08HiFo=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537639825 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=Lr6PepVymv3QGkFdKdKp4B4h+sGsym1ODW3QjzPNfLC9sY2+p1Xi4whORXZsdaVOUYvyZ8tA2OCjIc7AsCpt+xL+/yXyL5kaWJ9yUqnvW1vsqqo2gCLB0GNi/o5jOdnU+h/0GOIHtG5Ha+Enhf6CGXKj8Wwowslz5TYqTX8725dqH7mvOwI=; AWSALBTGCORS=Lr6PepVymv3QGkFdKdKp4B4h+sGsym1ODW3QjzPNfLC9sY2+p1Xi4whORXZsdaVOUYvyZ8tA2OCjIc7AsCpt+xL+/yXyL5kaWJ9yUqnvW1vsqqo2gCLB0GNi/o5jOdnU+h/0GOIHtG5Ha+Enhf6CGXKj8Wwowslz5TYqTX8725dqH7mvOwI=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=ayYZzW1gF4z1oM/9Ah8rKj8eZtcp8DCq+Qc7BTk6xOrV59OB3itQ9x4kdIEXV5iHbzuTh4mfGZdv2I3Ur9g72WgaEF1QSeWhp1Ox6XE5hOgJy5VEljrjat8OWSQy/suiP7hcQFcyk/H05f+Ld6FJGeXDgXW2boa1zvSMXddFaqONzQYUJ7M=; AWSALBTGCORS=ayYZzW1gF4z1oM/9Ah8rKj8eZtcp8DCq+Qc7BTk6xOrV59OB3itQ9x4kdIEXV5iHbzuTh4mfGZdv2I3Ur9g72WgaEF1QSeWhp1Ox6XE5hOgJy5VEljrjat8OWSQy/suiP7hcQFcyk/H05f+Ld6FJGeXDgXW2boa1zvSMXddFaqONzQYUJ7M=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537640826 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=SNcA/VF/QdfERXKrS9+sTnjJjNDu94X47J4gznSAjlFPRV+7vdU7XU+mWrHKTzaKnxQqi5mSXuDvhp2KshioQEiGNmG5DErc8tVYglbuxNWeDkUlngBPczFcRELpUHrLY8j3h0/JxHihLKuvqR7bHqCrFqMIYawk9ZjMcBNw7lMOb+flOwU=; AWSALBTGCORS=SNcA/VF/QdfERXKrS9+sTnjJjNDu94X47J4gznSAjlFPRV+7vdU7XU+mWrHKTzaKnxQqi5mSXuDvhp2KshioQEiGNmG5DErc8tVYglbuxNWeDkUlngBPczFcRELpUHrLY8j3h0/JxHihLKuvqR7bHqCrFqMIYawk9ZjMcBNw7lMOb+flOwU=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537640315 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=SNcA/VF/QdfERXKrS9+sTnjJjNDu94X47J4gznSAjlFPRV+7vdU7XU+mWrHKTzaKnxQqi5mSXuDvhp2KshioQEiGNmG5DErc8tVYglbuxNWeDkUlngBPczFcRELpUHrLY8j3h0/JxHihLKuvqR7bHqCrFqMIYawk9ZjMcBNw7lMOb+flOwU=; AWSALBTGCORS=SNcA/VF/QdfERXKrS9+sTnjJjNDu94X47J4gznSAjlFPRV+7vdU7XU+mWrHKTzaKnxQqi5mSXuDvhp2KshioQEiGNmG5DErc8tVYglbuxNWeDkUlngBPczFcRELpUHrLY8j3h0/JxHihLKuvqR7bHqCrFqMIYawk9ZjMcBNw7lMOb+flOwU=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=OrH3pvOKh_4ehpOqWt66rQ HTTP/1.1Host: tgir.app.taxConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://tgir.app.taxSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=512A2jVXHP3uOGjQTEIWRl9sxJNRMtPdGmjWFknrjXKuBK8mCyNoeM5pWq7JN+U0Jk+WcEif72SY3tefnc5nL2z+ww0e1mK7ILC/S25xVHJP3GqEfRaH9d3vWuY20tPS2A1iLt+PZGsExvW9C8OEGi2iFS9vtPwdHL7BcUH/LE68TagulE0=; AWSALBTGCORS=512A2jVXHP3uOGjQTEIWRl9sxJNRMtPdGmjWFknrjXKuBK8mCyNoeM5pWq7JN+U0Jk+WcEif72SY3tefnc5nL2z+ww0e1mK7ILC/S25xVHJP3GqEfRaH9d3vWuY20tPS2A1iLt+PZGsExvW9C8OEGi2iFS9vtPwdHL7BcUH/LE68TagulE0=Sec-WebSocket-Key: 8/4dZW6dKWvuyYjHsUEFGA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=512A2jVXHP3uOGjQTEIWRl9sxJNRMtPdGmjWFknrjXKuBK8mCyNoeM5pWq7JN+U0Jk+WcEif72SY3tefnc5nL2z+ww0e1mK7ILC/S25xVHJP3GqEfRaH9d3vWuY20tPS2A1iLt+PZGsExvW9C8OEGi2iFS9vtPwdHL7BcUH/LE68TagulE0=; AWSALBTGCORS=512A2jVXHP3uOGjQTEIWRl9sxJNRMtPdGmjWFknrjXKuBK8mCyNoeM5pWq7JN+U0Jk+WcEif72SY3tefnc5nL2z+ww0e1mK7ILC/S25xVHJP3GqEfRaH9d3vWuY20tPS2A1iLt+PZGsExvW9C8OEGi2iFS9vtPwdHL7BcUH/LE68TagulE0=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537662447 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=0+VptsYau7MRiUl3E+RqLpt1zvhzhoCySqkBGuARJPhagXR7vAg3ab75gUogsWY3fZ6oSFrq5HV0pFerxW0fDxt+zr/EEPngQtosb7SC9R4GWJKREFsJEM4b67sEinlrFlbzvwM4ujL0c5M3kp54kPXLCr6sL1m0bGbhh4Oc+yah/4pdByk=; AWSALBTGCORS=0+VptsYau7MRiUl3E+RqLpt1zvhzhoCySqkBGuARJPhagXR7vAg3ab75gUogsWY3fZ6oSFrq5HV0pFerxW0fDxt+zr/EEPngQtosb7SC9R4GWJKREFsJEM4b67sEinlrFlbzvwM4ujL0c5M3kp54kPXLCr6sL1m0bGbhh4Oc+yah/4pdByk=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=0+VptsYau7MRiUl3E+RqLpt1zvhzhoCySqkBGuARJPhagXR7vAg3ab75gUogsWY3fZ6oSFrq5HV0pFerxW0fDxt+zr/EEPngQtosb7SC9R4GWJKREFsJEM4b67sEinlrFlbzvwM4ujL0c5M3kp54kPXLCr6sL1m0bGbhh4Oc+yah/4pdByk=; AWSALBTGCORS=0+VptsYau7MRiUl3E+RqLpt1zvhzhoCySqkBGuARJPhagXR7vAg3ab75gUogsWY3fZ6oSFrq5HV0pFerxW0fDxt+zr/EEPngQtosb7SC9R4GWJKREFsJEM4b67sEinlrFlbzvwM4ujL0c5M3kp54kPXLCr6sL1m0bGbhh4Oc+yah/4pdByk=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537662447 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=KvoRuEuc6lmnIajO4dwMepaY6w5zyo0TlXozadkJcOOwFA1PCwyzbq2s+NaOMkVs5xpvUDStJT4qGx7MvVpvpWCO6fuhyNMY3F/vMSa+ViArLQuD5tC9QhoyhUJBC9jvCvDiVaYUwaY6iDGOfcN0sUdwmI8Vu53zSiB9WWG8XTOxIOjg9CY=; AWSALBTGCORS=KvoRuEuc6lmnIajO4dwMepaY6w5zyo0TlXozadkJcOOwFA1PCwyzbq2s+NaOMkVs5xpvUDStJT4qGx7MvVpvpWCO6fuhyNMY3F/vMSa+ViArLQuD5tC9QhoyhUJBC9jvCvDiVaYUwaY6iDGOfcN0sUdwmI8Vu53zSiB9WWG8XTOxIOjg9CY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537663054 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=KvoRuEuc6lmnIajO4dwMepaY6w5zyo0TlXozadkJcOOwFA1PCwyzbq2s+NaOMkVs5xpvUDStJT4qGx7MvVpvpWCO6fuhyNMY3F/vMSa+ViArLQuD5tC9QhoyhUJBC9jvCvDiVaYUwaY6iDGOfcN0sUdwmI8Vu53zSiB9WWG8XTOxIOjg9CY=; AWSALBTGCORS=KvoRuEuc6lmnIajO4dwMepaY6w5zyo0TlXozadkJcOOwFA1PCwyzbq2s+NaOMkVs5xpvUDStJT4qGx7MvVpvpWCO6fuhyNMY3F/vMSa+ViArLQuD5tC9QhoyhUJBC9jvCvDiVaYUwaY6iDGOfcN0sUdwmI8Vu53zSiB9WWG8XTOxIOjg9CY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537663872 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=; AWSALBTGCORS=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=; AWSALBTGCORS=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537663054 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=; AWSALBTGCORS=YtxsVzaJ8dF4u17ruEFiZC9Xe3oHF7yZ+7fIkVZBBwDlbBF9r5ex5ZVP6a9qhYmCohHsHvUe/j/TxTSmka2H/13ErAQ6rx7mucWVe18P1posqkZ5ZFbwlPR+pCJhfjpxW+/NYa1o1JxfJOM2zT7wLJGb4JDD0jR+oIlPKf7wF1PdAhpqZhY=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=dlfhFiAw5G00Fj9QX1nC5w HTTP/1.1Host: tgir.app.taxConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://tgir.app.taxSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=JOIIy7VhWi7vRVsoODNGhPqoQfmgVooIyeZPiCzNMIbRLUtDI+Ed8FkD3ANLw8zCSAjbeOoTd5AWhIkh2XGvCuCt5+cnfSPeXhxTFDhNjFUA5Gw3otVSkK6pID4jWwIz67G8WFhIBjBGLQgyGP04YDCwpC3c6ktFclgfRIVA/0k+8WbkB6U=; AWSALBTGCORS=JOIIy7VhWi7vRVsoODNGhPqoQfmgVooIyeZPiCzNMIbRLUtDI+Ed8FkD3ANLw8zCSAjbeOoTd5AWhIkh2XGvCuCt5+cnfSPeXhxTFDhNjFUA5Gw3otVSkK6pID4jWwIz67G8WFhIBjBGLQgyGP04YDCwpC3c6ktFclgfRIVA/0k+8WbkB6U=Sec-WebSocket-Key: nlyTTx6Fld/etzrPgpnQVg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=JOIIy7VhWi7vRVsoODNGhPqoQfmgVooIyeZPiCzNMIbRLUtDI+Ed8FkD3ANLw8zCSAjbeOoTd5AWhIkh2XGvCuCt5+cnfSPeXhxTFDhNjFUA5Gw3otVSkK6pID4jWwIz67G8WFhIBjBGLQgyGP04YDCwpC3c6ktFclgfRIVA/0k+8WbkB6U=; AWSALBTGCORS=JOIIy7VhWi7vRVsoODNGhPqoQfmgVooIyeZPiCzNMIbRLUtDI+Ed8FkD3ANLw8zCSAjbeOoTd5AWhIkh2XGvCuCt5+cnfSPeXhxTFDhNjFUA5Gw3otVSkK6pID4jWwIz67G8WFhIBjBGLQgyGP04YDCwpC3c6ktFclgfRIVA/0k+8WbkB6U=
Source: global traffic	HTTP traffic detected: GET /_blazor/negotiate?negotiateVersion=1 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=+wDK1tUuqSffT43FuGW9SotI3MmoOAlhKzMZGbp5y5J55a3oM81K51txmBSe4Pm9wlwFiNKlEfKxmcwuNAAlXeCOKwuvUQ/aD0TEo8Xdu0Cq2mByafs7QYbNxXA91ikPXKNO3OXlfcskqYVA+pVJEk8YbgsEYbSMUgpwIKbrbZYYhAQi63M=; AWSALBTGCORS=+wDK1tUuqSffT43FuGW9SotI3MmoOAlhKzMZGbp5y5J55a3oM81K51txmBSe4Pm9wlwFiNKlEfKxmcwuNAAlXeCOKwuvUQ/aD0TEo8Xdu0Cq2mByafs7QYbNxXA91ikPXKNO3OXlfcskqYVA+pVJEk8YbgsEYbSMUgpwIKbrbZYYhAQi63M=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ&_=1713537685322 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=+wDK1tUuqSffT43FuGW9SotI3MmoOAlhKzMZGbp5y5J55a3oM81K51txmBSe4Pm9wlwFiNKlEfKxmcwuNAAlXeCOKwuvUQ/aD0TEo8Xdu0Cq2mByafs7QYbNxXA91ikPXKNO3OXlfcskqYVA+pVJEk8YbgsEYbSMUgpwIKbrbZYYhAQi63M=; AWSALBTGCORS=+wDK1tUuqSffT43FuGW9SotI3MmoOAlhKzMZGbp5y5J55a3oM81K51txmBSe4Pm9wlwFiNKlEfKxmcwuNAAlXeCOKwuvUQ/aD0TEo8Xdu0Cq2mByafs7QYbNxXA91ikPXKNO3OXlfcskqYVA+pVJEk8YbgsEYbSMUgpwIKbrbZYYhAQi63M=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ&_=1713537685322 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=zvPRpq0lrgdcDC9OYMIku8ln1IZOt1INdgWlTMVNlru4VLjEUyJ1DjLtkjTyS1C/GZ1mwOJWhu08uDPV/E7mIC4F3ykPorHUuEUmnFdPf0Aeih8QwVEMv4gJTMDtxg9KZjrOGclN77/Fu6LtmVckCIMBsoND7ZKWdLJcdBKGHXzjX3QuHcQ=; AWSALBTGCORS=zvPRpq0lrgdcDC9OYMIku8ln1IZOt1INdgWlTMVNlru4VLjEUyJ1DjLtkjTyS1C/GZ1mwOJWhu08uDPV/E7mIC4F3ykPorHUuEUmnFdPf0Aeih8QwVEMv4gJTMDtxg9KZjrOGclN77/Fu6LtmVckCIMBsoND7ZKWdLJcdBKGHXzjX3QuHcQ=
Source: global traffic	HTTP traffic detected: GET /_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ&_=1713537685807 HTTP/1.1Host: tgir.app.taxConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://tgir.app.tax/?req=y6_Ocxb12wgAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=zvPRpq0lrgdcDC9OYMIku8ln1IZOt1INdgWlTMVNlru4VLjEUyJ1DjLtkjTyS1C/GZ1mwOJWhu08uDPV/E7mIC4F3ykPorHUuEUmnFdPf0Aeih8QwVEMv4gJTMDtxg9KZjrOGclN77/Fu6LtmVckCIMBsoND7ZKWdLJcdBKGHXzjX3QuHcQ=; AWSALBTGCORS=zvPRpq0lrgdcDC9OYMIku8ln1IZOt1INdgWlTMVNlru4VLjEUyJ1DjLtkjTyS1C/GZ1mwOJWhu08uDPV/E7mIC4F3ykPorHUuEUmnFdPf0Aeih8QwVEMv4gJTMDtxg9KZjrOGclN77/Fu6LtmVckCIMBsoND7ZKWdLJcdBKGHXzjX3QuHcQ=

Source: unknown

DNS traffic detected: queries for: portal.taxguardian.com

Source: unknown

Source: chromecache_49.2.dr	String found in binary or memory: https://evilmartians.com/chronicles/postcss-8-plugin-migration
Source: chromecache_49.2.dr	String found in binary or memory: https://github.com/browserslist/browserslist#readme
Source: chromecache_49.2.dr	String found in binary or memory: https://github.com/postcss/autoprefixer#readme
Source: chromecache_49.2.dr	String found in binary or memory: https://mths.be/cssesc
Source: chromecache_49.2.dr	String found in binary or memory: https://tailwindcss.com/docs/configuration#prefix
Source: chromecache_49.2.dr	String found in binary or memory: https://tailwindcss.com/docs/configuration#selector-strategy
Source: chromecache_49.2.dr	String found in binary or memory: https://tailwindcss.com/docs/using-with-preprocessors#nesting
Source: chromecache_49.2.dr	String found in binary or memory: https://twitter.com/browserslist
Source: chromecache_49.2.dr	String found in binary or memory: https://www.w3ctech.com/topic/2226

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746

Source: classification engine

Classification label: clean0.win@17/18@14/8

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1916,i,8787450946758814842,5685473267961392960,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://portal.taxguardian.com/oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1916,i,8787450946758814842,5685473267961392960,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1428808
Product:	CloudBasic
Start time:	16:39:04
Start date:	19.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://portal.taxguardian.com/oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://portal.taxguardian.com/oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://portal.taxguardian.com/oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw