Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Chrome Cache Entry: 45
|
ASCII text, with very long lines (1687), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 46
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 47
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
Chrome Cache Entry: 48
|
JSON data
|
downloaded
|
||
Chrome Cache Entry: 49
|
Unicode text, UTF-8 (with BOM) text, with very long lines (57978), with CRLF line terminators
|
downloaded
|
||
Chrome Cache Entry: 50
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
downloaded
|
||
Chrome Cache Entry: 51
|
Unicode text, UTF-8 text, with very long lines (65275)
|
downloaded
|
||
Chrome Cache Entry: 52
|
JSON data
|
dropped
|
||
Chrome Cache Entry: 53
|
ASCII text, with very long lines (65536), with no line terminators
|
downloaded
|
||
Chrome Cache Entry: 54
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
Chrome Cache Entry: 55
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
There are 2 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1916,i,8787450946758814842,5685473267961392960,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://portal.taxguardian.com/oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw"
|
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://portal.taxguardian.com/oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw
|
|||
https://tgir.app.tax/_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617885
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537640826
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537611187
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537663872
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537611682
|
34.225.34.17
|
||
https://tgir.app.tax/js/tailwind.js
|
34.225.34.17
|
||
https://tgir.app.tax/?req=y6_Ocxb12wg
|
|||
https://tgir.app.tax/_blazor?id=ZODOASwsuykE2w6jl1FA1g
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=dlfhFiAw5G00Fj9QX1nC5w
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537663054
|
34.225.34.17
|
||
https://tgir.app.tax/css/site.css
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor/negotiate?negotiateVersion=1
|
34.225.34.17
|
||
https://github.com/postcss/autoprefixer#readme
|
unknown
|
||
https://tailwindcss.com/docs/configuration#prefix
|
unknown
|
||
https://tgir.app.tax/_blazor?id=VRoY3yOcuAigPOENiskyZQ
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ&_=1713537685807
|
34.225.34.17
|
||
https://evilmartians.com/chronicles/postcss-8-plugin-migration
|
unknown
|
||
https://www.w3ctech.com/topic/2226
|
unknown
|
||
https://cdn.withpersona.com/dist/persona-v4.7.1.js
|
35.244.189.201
|
||
https://tgir.app.tax/_blazor?id=fMleuASZSmAVKQ4V-jVBwA
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ
|
34.225.34.17
|
||
https://github.com/browserslist/browserslist#readme
|
unknown
|
||
https://tailwindcss.com/docs/using-with-preprocessors#nesting
|
unknown
|
||
https://tgir.app.tax/favicon.ico
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=fMleuASZSmAVKQ4V-jVBwA&_=1713537610707
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=jueQUhcSINnHdTiDdWj8ZA
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537617378
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537639825
|
34.225.34.17
|
||
https://tgir.app.tax/js/loader.js
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=3S_xZjrDs9mprIZ8eCvSrQ&_=1713537685322
|
34.225.34.17
|
||
https://tailwindcss.com/docs/configuration#selector-strategy
|
unknown
|
||
https://tgir.app.tax/_blazor?id=VRoY3yOcuAigPOENiskyZQ&_=1713537618383
|
34.225.34.17
|
||
https://portal.taxguardian.com/oesp/beginWorkflow.jsp?id=ab78ba00-97cb-4670-8904-47e00fd29a84&surveyId=9492&d=DwMFAw
|
104.22.48.87
|
||
https://tgir.app.tax/_blazor?id=y3F7mGkkxxsgmnxt56NaMQ&_=1713537640315
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=OrH3pvOKh_4ehpOqWt66rQ
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=6OAgKwC_bmuNoRJbzX-Ihg
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor?id=cY7_Pj15Xd7BT0f9yCaRNA
|
34.225.34.17
|
||
https://mths.be/cssesc
|
unknown
|
||
https://tgir.app.tax/_blazor?id=y3F7mGkkxxsgmnxt56NaMQ
|
34.225.34.17
|
||
https://tgir.app.tax/_framework/blazor.server.js
|
34.225.34.17
|
||
https://tgir.app.tax/_blazor/initializers
|
34.225.34.17
|
||
https://twitter.com/browserslist
|
unknown
|
||
https://tgir.app.tax/_blazor?id=ZODOASwsuykE2w6jl1FA1g&_=1713537662447
|
34.225.34.17
|
There are 33 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
tgir.app.tax
|
34.225.34.17
|
||
ec1.optimumhst.com
|
104.22.48.87
|
||
www.google.com
|
173.194.219.103
|
||
cdn.withpersona.com
|
35.244.189.201
|
||
fp2e7a.wpc.phicdn.net
|
192.229.211.108
|
||
windowsupdatebg.s.llnwi.net
|
69.164.42.0
|
||
portal.taxguardian.com
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
52.54.160.172
|
unknown
|
United States
|
||
35.244.189.201
|
cdn.withpersona.com
|
United States
|
||
192.168.2.16
|
unknown
|
unknown
|
||
173.194.219.103
|
www.google.com
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
104.22.48.87
|
ec1.optimumhst.com
|
United States
|
||
34.225.34.17
|
tgir.app.tax
|
United States
|
DOM / HTML
URL
|
Malicious
|
|
---|---|---|
https://tgir.app.tax/?req=y6_Ocxb12wg
|
||
https://tgir.app.tax/?req=y6_Ocxb12wg
|
||
https://tgir.app.tax/?req=y6_Ocxb12wg
|
||
https://tgir.app.tax/?req=y6_Ocxb12wg
|