{"report_id":"25bb96cf-6b52-4139-9b64-e906828e3229","version":0,"status":"done","tags":[],"date":"2026-06-07T09:28:47Z","url":{"schema":"https","addr":"tandeminternational.live","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"tandeminternational.live/","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"title":"Home | Mobile Banking, Credit Cards, Mortgages, Auto Loan","dom":{"size":144046,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (20061)","md5":"c9d06121d924796260fb81dfb8931db0","sha1":"83b7674ae19069f86193b8330e0ca55ee7607f7f","sha256":"968e5968cd2e6385ad83cca230bdb26f88bb78429f86543c7c5e70014c0b2bd3","sha512":"82200c865b2116098ec2c82e11d43cfcc604c2e2b402b5eef38c1621f98dde7b85f94d39bc2fa69f5000b486baf183323c7a6a6f70f529464707dd44944f7ecf","ssdeep":"768:OJ12gSnqeHrPARc8bIEBGUgvijFJAMzVy9o+ZrKVJhTze6h6wI7UN2WzlZm8yKnR:Xg9W8gIoXk6whPme2Bdb/cPl","tlshash":"b3e3683254e5166b4693c1c6f769ab0aedc9d30bca564902f7ec4b960fd7c01ec2f928","dom_hash":"domhasha8c027773908ff1b5d4db7c234b40e0c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"tandeminternational.live","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-12T09:28:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.gtranslate.net","ip":{"addr":"104.26.13.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2011-05-26","domain_rank":101861,"first_seen":"2022-11-07T21:49:20Z","last_seen":"2026-06-04T14:31:44.440283Z","alert_count":0,"request_count":2,"received_data":21064,"sent_data":1038,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tandeminternational.live","ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":142,"request_count":71,"received_data":3161318,"sent_data":45938,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.4.11","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"Adobe Fonts","description":"Adobe Fonts is a web-based service providing access to a vast library of high-quality fonts for web and print design.","website":"https://fonts.adobe.com","common_platform_enumeration":"","icon":"Adobe Fonts.svg","categories":["Font scripts"]},{"name":"CodeIgniter","description":"","website":"https://codeigniter.com","common_platform_enumeration":"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*","icon":"CodeIgniter.png","categories":["Web frameworks"]},{"name":"Typekit","description":"Typekit is an online service which offers a subscription library of fonts.","website":"https://typekit.com","common_platform_enumeration":"","icon":"Typekit.png","categories":["Font scripts"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"assets.chaport.com","ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-07-07","domain_rank":504466,"first_seen":"2024-01-31T17:02:32Z","last_seen":"2026-06-05T06:58:43.927744Z","alert_count":0,"request_count":7,"received_data":643883,"sent_data":3876,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"app.chaport.com","ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-07-07","domain_rank":87646,"first_seen":"2015-08-24T06:07:03Z","last_seen":"2026-06-02T15:34:32.5177Z","alert_count":0,"request_count":6,"received_data":7945,"sent_data":3485,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/rlforms.referlive.com/scripts/ReferLive_share_v2.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3a784cdbdfd84355fe39fe2e1875c1d3","sha1":"eb995155dcfdafe931bcdd2c1bbfcdfbf5274239","sha256":"83b4c656567b8e282db78add7952b005db64e582f1609a9ce21df09bc6438e04","sha512":"b9a44e763195c73bdc3dd3f324cb026e51d7ec249a0a0a30b8544e5e37cfcacc27e72b405e6c3b84261d732c6d2b663f5ff8359aba5949123b909e5b348c1c98","ssdeep":"1536:oA9ez/6gx60OWZbQt1Az6Udgy+kJvx9ez/6JoUiBp/LFRFy9dFQeKIatzNeZjNOy:t9ez/6gx60OWZbQt1Az6Udgy+kJZ9ezA","tlshash":"fa63622c296112f3dfb6e176366b1508f6f93123a614d704b84ee4ca5f78c701c6af6a","size":68871,"data":"","first_seen":"2023-11-12T03:48:53Z","last_seen":"2026-06-07T09:29:16.639692Z","times_seen":1191,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/js/vendor/modernizr-custom.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"549054819a309723ae5961819ad15862","sha1":"45bfde91dd95baa8b45a1bdcc6be7bfc0c81e0cc","sha256":"084042d304a81e83677baf018c3b8c0c7e7c41076dae645436d867f8b5a31a5b","sha512":"1c53548427e89f37dcae91506b83f056f87ec7d37664d2c6601350006eeaad75a0c939e8190f2c4f70d143a511106c35bfa25e5789d71bb67074d58936d0f777","ssdeep":"96:GxE6y2mSg67LzZVReNNBj769EWPgtP051oFE4jG57DAYbsnCy:GxED2kqHgpSLgP0L4jG5fBoCy","tlshash":"1891d7e676e37555d31614bab17f400ab538885572448818d050f4b93e34978437ff3c","size":4510,"data":"","first_seen":"2023-03-14T05:50:51Z","last_seen":"2026-06-07T09:29:16.656809Z","times_seen":1213,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/js/main.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8752611a187f5ae16099ad3d5a6402e7","sha1":"1b3127454f2621c7c1ddacd0460b093c911fc56b","sha256":"192f961340625ea28eb48091687e7d6038a89df0ab0aeaa3d81f387628e910b9","sha512":"6b82e72d5c1ef45fcdeccfcf7843461694f20cbc1d81bf93fc5a67bea11db7b8e8089fbf444ec1f24795cb4412ffa979d68c5fd40a8964f378a7a66f61a83823","ssdeep":"12288:14jnnJc1bribezvuYh6TxnR6v+TIVOV76AujD0:wnnJcdribezvuYhmnR6v+TIVOV763jD0","tlshash":"76f408897291713282a731f5502f010bb136a9b9f4498868b07dc8e53fb8d9d61bbf7d","size":769739,"data":"","first_seen":"2023-11-12T03:48:52Z","last_seen":"2026-06-07T09:29:16.643921Z","times_seen":1184,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/jquery.validate.unobtrusive.min.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"887fa31edd0b7b835b9dce2658a83321","sha1":"0203bdc3035f3c3dd2bfedf94a7ad1845d160497","sha256":"13243171b1f5976e74f79647f612a1d879bfa606816a204f72a833c0e89f269a","sha512":"ef080211f637c8efa0a4b31b73757f33e5069fb614a7a8e27d0f4b1798c19e44c0ee4b98df9a05493fe1b6286da2414a96f5a34e3ca5bf728969b96a8e397714","ssdeep":"96:m+ijDOVLHtxQTsgtB2vTM7gXRiwSQSoSFGDb408oXno6e2Qvm8KT2XZHfVHE8bpt:m+ikfQTsgtUvTM7gXRiwStAb408oXo64","tlshash":"f5b197883545a2a37df731fa20df800fb07656a4b0994401f14a96f19efded6a213b5f","size":5407,"data":"","first_seen":"2023-03-07T14:05:53Z","last_seen":"2026-06-09T17:23:58.394143Z","times_seen":1787,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/jquery.unobtrusive-ajax.min.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"58bd7efd249f034ae23dc47595fe1e52","sha1":"2db52797c81436bd57a7912249f1a1244b798829","sha256":"3c00b4d34cae1edefc9eccc9d913b43a20ccbbfb8bccf2d19584e4f09dc03b5d","sha512":"0de74d0563c5d212c650f35b0987e3f2a8e5127344f7616a9fbc5ddd2b1c7eeee2a72ed9bb7dee9c776e82a443ddce158fbff22effac96a661325b3fe0e73b66","ssdeep":"","tlshash":"6b8195a87501b5f7bf6326f9841f8403911a727866170d906c8fd0a86c3db5e69f3b62","size":4061,"data":"","first_seen":"2023-03-07T12:10:18Z","last_seen":"2026-06-09T21:12:05.994804Z","times_seen":1947,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/form.validate.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea6368293ad2b97838dd6b2b43eecc57","sha1":"fe853904a2b24b67b35018a365de51e4d0f641b5","sha256":"d0b4d1887223496af46fb06a75d56c2c7b386632af7ca3dc874c3d4076c0fd59","sha512":"ab088c9543e071a9c7435c3a24ae9ed0e445feaf9cf44f4ff94cb0a5e8c06f0c268eeec511672723e19416e14b722b8586251dc41242c91efa724c5540d3d28f","ssdeep":"","tlshash":"4e51465d4416572ac8b333e9eeb6500df9b29237b00641a67acc42c65fbf464e1f2e1d","size":2475,"data":"","first_seen":"2023-03-11T15:15:32Z","last_seen":"2026-06-07T09:29:16.652535Z","times_seen":1212,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"024ffe2b9d10d0063f93400983a9bf57","sha1":"67eb6df9398c3fa25fe9a3b702b5711703e6b6a9","sha256":"90fbc885a4db7cdc6f8106fd331c88c4b7f3403af2f21f4bc12a4c6de21a2701","sha512":"f823d4e04acc09f9540d78b1b1ab6c27c6cbbc3632fedb5dbdd42598892134fc9e1f979468b03d46763fa4c0be7b10d2c2a3921665f206464d19994c2d871c82","ssdeep":"","tlshash":"86c08c0b8031a0b4328d11199ace6bc1642840a802213e38eb55100a4b82a03030f042","size":159,"data":"","first_seen":"2023-11-12T03:48:53Z","last_seen":"2026-06-07T09:28:56.594307Z","times_seen":1122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1aa16e7825927949d55e5130114d93c1","sha1":"3564539efd20297ae914660254991de463e9e29a","sha256":"42280b9f4aed6aba3bd918cfc0fdb448cfb9a5d186248f04cd8e9d9247d14715","sha512":"279ab7683ec2e3508477aed46c8c003f1b59db3c185e06e91526a808811fcec16a03af5f1c640de988f8c00b670e1c9c452f294bb06ee280c9f00a83b856774e","ssdeep":"","tlshash":"27f0dc5e3c011036254a3038b37bca08b16fa2a81245c208889dec083d369fa8c1591c","size":457,"data":"","first_seen":"2026-06-07T09:28:56.594896Z","last_seen":"2026-06-07T09:28:56.594896Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/js/vendor/smartbanner.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d43b65e00b7946bb0017c8235f8ffe4","sha1":"4c46db8d895f7301bc38c9bac5f4a9396c70f2a5","sha256":"25c22667a74743f46f77924f05d484606c7dc20383254a5a58103b5fc301ad11","sha512":"4c48f86ab850a7a1a595335d55765760f4e7cb3123f565cf793c1d3fb4760b6c9e976fb74acc61788b3a6155ceb9fd91c136bb05808d8bc4cc93a450a2436c56","ssdeep":"192:65tI/5+RO2W9Go5KHhjTLDI0BpMNrt6SB8LmaJtOwLJ8jS:65C/5+RON9Go5KB/2Bamax9","tlshash":"3922a20c72e1b172911362e9902f450fb0f5ecb9e848d8a9a27dc9c0afb185d41e7f6d","size":10700,"data":"","first_seen":"2023-11-12T03:48:52Z","last_seen":"2026-06-07T09:29:16.59244Z","times_seen":1198,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/assets/common.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"45022a63e20efb86b7856aac1f5550b1","sha1":"4d5c25ea0ad1536f3a1d8e7ae31dfd506a2c5bda","sha256":"dd6f512056a23a9cdb1791fd439ae19a2d55e64ae624b73d98706f25a6a0bad5","sha512":"a2bb2a7abe6835a090f438ecdecfe34ac74c2b2d01e92a9da5c624aaf50953660464161bc65894e647ff890d827107dd51191653c8d546d1657b45985afab93f","ssdeep":"3072:XrIYU/nfQmSPAp0s5yQkLE4bnh22gxBi8oaAqnbZyI5AqzNKaBch0iMj0/U1xYDb:bNcnNwzsTko4QnY8yeEVK0ayhFG0s1xq","tlshash":"f1146b96cfd455b8c5912fe4c9ee1206a0a9983b6894e1084ab3e0e71f3cf7d71adc1d","size":205980,"data":"","first_seen":"2023-11-12T03:48:52Z","last_seen":"2026-06-07T09:29:16.585315Z","times_seen":1203,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/jquery.validate.min.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3a742a0ad4fc607bbb3528006ae2176e","sha1":"fd4d9a87653d1e083f1aa3b6c5613560a79a2a5d","sha256":"80623d052ff8dc73dd703a58a77e62d2615a491f966e2fb395ddc74ca89fb840","sha512":"f42f9521db1aeae9c783b4c5554e3646add7db20aaa4eb3f7843fc3da3f15f2bf5235ae8760d17e490c0d765dc05e4b0dd0e4ec257ded36a74c27846ee772ec4","ssdeep":"384:QhrHpnky+JB6/tX2lHldkMiYnFpY54LjfTANAc0Eny+RWuW7NeoMwV/vtrx+OLDE:M+JB6/8lHldkMioFpY54PgQEny+kLxVc","tlshash":"cba2978d76d670465e9720f4909b660b61b66da0a008e83cb5f8e4d1baf4ecc50f7f78","size":23078,"data":"","first_seen":"2023-08-13T06:11:07Z","last_seen":"2026-06-07T09:29:16.648914Z","times_seen":1224,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/form.conditions.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"520678c08e3cd8d8b41a9df2a9e81ff4","sha1":"7e99a42b452ef905d5482fab983eee6bed5d3a38","sha256":"4d73d17438e5c0c81001a74f4629e3be6da325e90d7b3cba907702cda5d915e3","sha512":"cca6816eeb392e54064fa0b38ec767c9b9a6b39c5399f0acd9cfadfc2ebd32154139c7f5490f27d7fe97e4439d35c3f4abeecfb93b8849467a07317bffe58766","ssdeep":"192:yCL9e8TdmoJEtmbf+EvzvdAg9b/F99eosObqT9i9vcHji8z5yCNwK8ZKX8EqfgE1:UIdbEt/EJAg9b/FreH9i9oBu1brU2gvO","tlshash":"78b24cbeb6d521428a3bb3359de75148e77685638e050904fe5e40b23f7382076abf98","size":23937,"data":"","first_seen":"2023-03-14T05:50:51Z","last_seen":"2026-06-07T09:29:16.594976Z","times_seen":1206,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.chaport.com/assets/insert-main-2c12d9cc3ded20e8cf09a901b86f5c68.js","fqdn":"assets.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b47be60a9205427afaa3db67511ed3a","sha1":"13aba22e343283634526ffa15ffb2ec1e770502b","sha256":"4b15578d1c420a58c1c41c4a88728a887af2540cedcd064f058f92b64299d677","sha512":"7493fe9f50f66a520da4224a3514ee9f8030fae1d79708d17be392c168604c530cf7551f4d8d56659e6d3d59844f053e5b48bfc788962e2f1babc627a54a9d77","ssdeep":"1536:a6VmkhM1hDaYGcvezlk5c6w8N6Od9T2KBjtrEjv4SpkHBKlqWfw2:ZQc4yk5HKp5ffL","tlshash":"898329897040343b0aeb21b6357f310a213fe2696e495460b53ad7d07e7ae5b621bf7c","size":83491,"data":"","first_seen":"2026-01-15T11:14:47.62677Z","last_seen":"2026-06-10T11:03:36.097586Z","times_seen":546,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.chaport.com/javascripts/audio-player.js","fqdn":"assets.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"65cbf911501a0de13afb9d1cb71933cb","sha1":"e9236ab09f15becfa6d86aeb5995fc896f1aab1b","sha256":"e92027b36a47b6e3c2e1c084ac31e8e7e6a4b904bbaa42d241ccf7f4e48d7a62","sha512":"a619c7409dd01aa33de6a1eb397188a42da076126f727c119ed69455158ccff9421daec4d8135dfee4e719b1d62aa70bc767f4430238da97714805c43655cc35","ssdeep":"384:Brt6nqLIf40nECIgPG8OrYleIoARnq0KaHvWvqTGDBnLbcfSLcg:MwXkPGdg7HnqhSTGlnLbcqwg","tlshash":"70c22c48b7e17d54435a34b3223f4a063bb51652545a3240f016c2e9bf78e8b91beeed","size":27399,"data":"","first_seen":"2025-09-01T08:05:49.861005Z","last_seen":"2026-06-10T11:03:36.086592Z","times_seen":1187,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"024ffe2b9d10d0063f93400983a9bf57","sha1":"67eb6df9398c3fa25fe9a3b702b5711703e6b6a9","sha256":"90fbc885a4db7cdc6f8106fd331c88c4b7f3403af2f21f4bc12a4c6de21a2701","sha512":"f823d4e04acc09f9540d78b1b1ab6c27c6cbbc3632fedb5dbdd42598892134fc9e1f979468b03d46763fa4c0be7b10d2c2a3921665f206464d19994c2d871c82","ssdeep":"","tlshash":"86c08c0b8031a0b4328d11199ace6bc1642840a802213e38eb55100a4b82a03030f042","size":159,"data":"","first_seen":"2023-11-12T03:48:53Z","last_seen":"2026-06-07T09:28:56.594307Z","times_seen":1122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1aa16e7825927949d55e5130114d93c1","sha1":"3564539efd20297ae914660254991de463e9e29a","sha256":"42280b9f4aed6aba3bd918cfc0fdb448cfb9a5d186248f04cd8e9d9247d14715","sha512":"279ab7683ec2e3508477aed46c8c003f1b59db3c185e06e91526a808811fcec16a03af5f1c640de988f8c00b670e1c9c452f294bb06ee280c9f00a83b856774e","ssdeep":"","tlshash":"27f0dc5e3c011036254a3038b37bca08b16fa2a81245c208889dec083d369fa8c1591c","size":457,"data":"","first_seen":"2026-06-07T09:28:56.594896Z","last_seen":"2026-06-07T09:28:56.594896Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.chaport.com/javascripts/insert.js","fqdn":"app.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"29d2e99d5fcb02404184a538c82b6254","sha1":"ef4318b50add95249beac94e8433544a180f3960","sha256":"27b579092e300cf8d2457274b442dc87db8a173d97c72e19b41ba1d90c613c31","sha512":"76aa1c05f8bd676ec62cdd147fddd7c472b5e8241806ce2a4b0e6d72590237969e3652c442ec06fa7fd84be60c1a0f41d7167f37a1bf8cefaecbf23f89feadb6","ssdeep":"","tlshash":"5211be11a565905b0db92176bb2b730eb4bff7168a4c9a44291df6003b038d3a826cf9","size":998,"data":"","first_seen":"2025-03-16T17:07:37.611527Z","last_seen":"2026-06-10T11:03:36.105332Z","times_seen":1474,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.chaport.com/info/widget-assets?jsonpCallback=true\u0026id=69da8a81ef88820152c67dc1","fqdn":"app.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd04f8ac86081c6767968f5b31b8d5e5","sha1":"cc2248c1afe0c737819738556e009162f4ae8785","sha256":"1f1907777240b41cb07846636d5bed9551c1f94650d407b2df1d9f9caec19d79","sha512":"b6a1dbe8e16f2c4f63b4e09c4788d480b9e078be7d57180e26e7fde0ed6b37b91162f364189c71fb26933df8fece72d44c5f76acd564fcabbde0b10437475a0f","ssdeep":"","tlshash":"25e06142eb170f155b217b657b0e1fc3b0bf87560700d6a59834de102015cd25074c7e","size":383,"data":"","first_seen":"2026-06-07T09:28:56.597035Z","last_seen":"2026-06-07T09:29:16.655224Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gtranslate.net/widgets/latest/popup.js","fqdn":"cdn.gtranslate.net","domain":"gtranslate.net","tld":"net"},"ip":{"addr":"104.26.13.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4294a7d9bda3e024319d5261d4b3d72","sha1":"3a82b3ec81907f46cba6ade7fd22ca9a4092e209","sha256":"c8f801083cbbed71a7e2c6c1dcae6dc486ead801a900cfbcc09fb82113fabc47","sha512":"e2c3abb2ae2e276be8b5d3baa1445877ce29136b7b7bdccd52e50c12d4443a324c3e45b5c3734d5cf659ce7ca991528face2f911bd18f16706679a87f026974c","ssdeep":"384:UzCKMPZATN09o0mtEMDXYddj517IHVxBCZlXbt/dDsBc:UVMhAh060sEMDXYbZvdd","tlshash":"7c82f95a11b3103e5a171129efff2b0c60ba42978101fc21bf9ddd825fc1a9d96a7bd8","size":18782,"data":"","first_seen":"2026-05-06T21:09:43.111959Z","last_seen":"2026-06-10T03:12:36.154548Z","times_seen":102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"log","text":"","filename":"https://tandeminternational.live/templates/bank-pro/assets/common.js","line_number":0,"column_number":0},{"level":"log","text":"localStorage: true","filename":"https://tandeminternational.live/templates/bank-pro/js/main.js","line_number":0,"column_number":0}]},"http":[{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/business-navigation-mobile-icons/ico-invest.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.987Z","timestamp":1780824498987,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/business-navigation-mobile-icons/ico-invest.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:36:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1392\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3003,"size_decoded":1706,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (3025), with no line terminators","md5":"a146a570f5443248204a1ab3a830c7ed","sha1":"55d575f8531843f9642c6e37c6ac06bd66a430d4","sha256":"094beddb1b8092ec1bf31d8f1fab298ca8a08c0f897e394c532518ec31d991e2","sha512":"c05c6d8aaf601237c6db8d3ff5d40a22f533b7a69cd3cd0fe457f5fc8689b2dca3a3a7c98678fcf31be22b216ed749c52bc4a83baa3eb358a5d63d5dd19bcf04","ssdeep":"","tlshash":"94513f7b43809bba61d18348d175559e17eb648af0fb91cc8bf3f991ac069f79078830","first_seen":"2026-06-07T09:28:56.513243Z","last_seen":"2026-06-07T09:29:16.568021Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/section-links/ico-invest.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.052Z","timestamp":1780824499052,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/section-links/ico-invest.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1392\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3003,"size_decoded":1706,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (3025), with no line terminators","md5":"a146a570f5443248204a1ab3a830c7ed","sha1":"55d575f8531843f9642c6e37c6ac06bd66a430d4","sha256":"094beddb1b8092ec1bf31d8f1fab298ca8a08c0f897e394c532518ec31d991e2","sha512":"c05c6d8aaf601237c6db8d3ff5d40a22f533b7a69cd3cd0fe457f5fc8689b2dca3a3a7c98678fcf31be22b216ed749c52bc4a83baa3eb358a5d63d5dd19bcf04","ssdeep":"","tlshash":"94513f7b43809bba61d18348d175559e17eb648af0fb91cc8bf3f991ac069f79078830","first_seen":"2026-06-07T09:28:56.513243Z","last_seen":"2026-06-07T09:29:16.568021Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/css/images/assets/ico-lock.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.423Z","timestamp":1780824499423,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/css/images/assets/ico-lock.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/css/main0338.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:39:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 181\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":278,"size_decoded":494,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (310), with no line terminators","md5":"0888d0ddfc4e0587be26afa66597cd4b","sha1":"e835211faee5d094f085845d9f52fa3c8336ca8e","sha256":"222ce44fd71ba6e79dc9e1f007fd41a8e60efd28ae077ef042c2d8e43ed7f2cf","sha512":"77f040c05d8f15abe0efddc3034b03c90727e8d41ba5008e12d51ab25ec39b4d127d7e9e6e3720f999928d02d35ca503a996ce673f0a892b8b118fa16c1be78d","ssdeep":"","tlshash":"a4e0cd35b318e52d7436d6245f342d75201530463ad52154a8ea0034232697e66b7ea4","first_seen":"2026-06-07T09:28:56.514453Z","last_seen":"2026-06-07T09:29:16.582627Z","times_seen":2,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/use.typekit.net/af/1709eb/000000000000000000010b60/27/l652f?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n7\u0026amp;v=3","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.474Z","timestamp":1780824499474,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/use.typekit.net/af/1709eb/000000000000000000010b60/27/l652f?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n7\u0026amp;v=3 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/use.typekit.net/ehc6rvq.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Wed, 26 Apr 2023 02:40:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 24740\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":24740,"size_decoded":24902,"mime_type":"application/octet-stream","magic":"ASCII text, with very long lines (32988), with no line terminators","md5":"3583182ac6f6f9f6a2a4ea36bdfc2b9a","sha1":"4b5237e9ff8457b7babb42783981244ad8c934ce","sha256":"f064fd51c407fff543403a6e48190ce959ff648690105271563a8eb45b24134a","sha512":"ba3e86731bae5b42ebe5794d9f8dd20dc6a77f86eb88198aab50ca1f29e100d4f71cb86f830e2a752a6fb423cf15eab08fa3c84ccb8bb91ebea06ca7bdd8d1ad","ssdeep":"768:2i4iIqBcEDeN5fIPMTfsEdj6zvC/okUpwpiwypMGCGEDN:2iVBqtIwPSC/ok7pvbxGEJ","tlshash":"5fe2e1360bcdcae4f589798e95facc1a44570f8ae92a720ff5cf544e5315f920437a82","first_seen":"2026-05-26T00:00:55.10292Z","last_seen":"2026-06-07T09:29:16.591659Z","times_seen":4,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.chaport.com/assets/widget-feab807cfdea6b377d896e38e88479b9.css","fqdn":"assets.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:25.232Z","timestamp":1780824505232,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"GET /assets/widget-feab807cfdea6b377d896e38e88479b9.css HTTP/1.1\r\nHost: assets.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 40134\r\nserver: cloudflare\r\nlast-modified: Fri, 17 Apr 2026 09:01:34 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"69e1f6ee-9cc6\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubdomains;\r\naccess-control-allow-origin: *\r\nage: 2032924\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gcEJI1EB1cQji2aEDHa2jlokZ7zx3tWVwToL09AlJt3qhbH72lVaumtdA4YIfYfYEiv5TwM%2FoCIZEz8%2F0Y5wqLKdVJeyl2on%2FG10OTSiKAXg7uH5LV4QVamQLWetpJpvCM%2BF1Q%3D%3D\"}]}\r\ncf-ray: a07ea065bdad56af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":519496,"size_decoded":41082,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"b348d4388313ca5800560db32345ce65","sha1":"26fc93d45066e2e3b9274eec77b6b3d1a163d560","sha256":"d3c22bea97daea8d07297aa969707b47feaac360ec6c7b12e1b58b87baff2467","sha512":"fc80fbea0139949203fcc8bfb0e20d7dc874f1a90d1ceb6bfb7b7b0da64f376f96d8019db9c448ffe958c1b1fdf26d2c267d33d4f29bbabf73731fb20d7f07b5","ssdeep":"1536:rSnHvoOjr4YP+CQ/mOwT4FjFTa+02FJAMYncA7aN67+qrqUixyii/SYJM1aGV6o7:FOxOwef","tlshash":"03b4c9409495291b6cb3293f348772591d3fe022c79329ee7569e3ecc38bd635262f89","first_seen":"2026-04-18T09:23:12.468079Z","last_seen":"2026-06-10T11:03:36.093567Z","times_seen":247,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/assets/common.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.629Z","timestamp":1780824498629,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/assets/common.js HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Wed, 26 Apr 2023 02:36:42 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 105840\r\ndate: Sun, 07 Jun 2026 09:28:18 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":205980,"size_decoded":106257,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"45022a63e20efb86b7856aac1f5550b1","sha1":"4d5c25ea0ad1536f3a1d8e7ae31dfd506a2c5bda","sha256":"dd6f512056a23a9cdb1791fd439ae19a2d55e64ae624b73d98706f25a6a0bad5","sha512":"a2bb2a7abe6835a090f438ecdecfe34ac74c2b2d01e92a9da5c624aaf50953660464161bc65894e647ff890d827107dd51191653c8d546d1657b45985afab93f","ssdeep":"3072:XrIYU/nfQmSPAp0s5yQkLE4bnh22gxBi8oaAqnbZyI5AqzNKaBch0iMj0/U1xYDb:bNcnNwzsTko4QnY8yeEVK0ayhFG0s1xq","tlshash":"f1146b96cfd455b8c5912fe4c9ee1206a0a9983b6894e1084ab3e0e71f3cf7d71adc1d","first_seen":"2023-11-12T03:48:52Z","last_seen":"2026-06-07T09:29:16.585315Z","times_seen":1203,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":128,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/icons/rate-icons/new/ico-credit-cardse892.svg?la=en\u0026hash=322BE42CDBB783680C29587753C3817A","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.029Z","timestamp":1780824499029,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/icons/rate-icons/new/ico-credit-cardse892.svg?la=en\u0026hash=322BE42CDBB783680C29587753C3817A HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:39:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 954\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2379,"size_decoded":1267,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (2421), with no line terminators","md5":"ac97ee3eabc8391473b70ad1488d12b5","sha1":"139ac1b0e86ba9eed14752057af040fb3d066499","sha256":"9d46b9118cd648ab6005ebd58d4929863036c6850dc87e3485b2f48751f6074f","sha512":"d09ca4d0294497a418ab6c137366ef353749dd86954ae73d2e5e09b9b85c80cbe9d33794a5795acf40ae444dc572e3d30a97c1dab1161e61664be62cc186c5e0","ssdeep":"","tlshash":"0541467b534853bb519287cc850cd5593236bc5ab0b9a0889ffba51b2d08ef780f8d72","first_seen":"2026-06-07T09:28:56.519683Z","last_seen":"2026-06-07T09:29:16.629563Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/tabbed-icons/icon-call.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.037Z","timestamp":1780824499037,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/tabbed-icons/icon-call.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 4575\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":9897,"size_decoded":4889,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (9933), with no line terminators","md5":"1dccb8e8e6cfe21e8219e2ce117b9464","sha1":"75fea07871ef8aeb6f7e3368d1c65f45c12cc2e8","sha256":"8236f242e87d4525ab9d907bc6f48803a48d315bd4ce9fe2c450d1fcca0d0ef6","sha512":"e6e906e0328cd1aad9f747073bf2819e1e10f51e115cf2180e51b70ad0d632eb7b106165904da8889aa72eeacc0539272d133d86088a093d219f9ace4425265a","ssdeep":"192:ePOIiCC9a0bOJjn/5qPJVuq9ThTs7kecy/vKGY0:ePOvc0bIn/5qbTThTs7kjyG0","tlshash":"cf2209c01326daf9a4041aff4d131492343b2cfbbfa092ad949fa875f8022d94d6d8d7","first_seen":"2026-06-07T09:28:56.520708Z","last_seen":"2026-06-07T09:29:16.63093Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.chaport.com/api/public/v1/operators","fqdn":"app.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:31.174Z","timestamp":1780824511174,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"OPTIONS /api/public/v1/operators HTTP/1.1\r\nHost: app.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: cp-app-id\r\nReferer: https://tandeminternational.live/\r\nOrigin: https://tandeminternational.live\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 \r\ndate: Sun, 07 Jun 2026 09:28:31 GMT\r\ncontent-type: text/plain\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: https://tandeminternational.live\r\naccess-control-allow-headers: Content-Type, cp-app-id\r\naccess-control-allow-credentials: true\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VxLVvNlUmWhxvteSZCfbXgztXZ%2Fomr2kZIQsQ5oLN%2FstHJtYNxXijz8YDw0GQhlAVqj%2BZKcl%2BexuYbLvJQlcK43RKnECjmNx6jHsGezb4Jc9eyoiBA5mTEay8SKYNNYaQw%3D%3D\"}]}\r\ncf-ray: a07ea08adb1556af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":659,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"9d4568c009d203ab10e33ea9953a0264","sha1":"dd29ecf524b030a65261e3059c48ab9e1ecb2585","sha256":"12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126","sha512":"64d24560970ca14d349bea0e7d2526d4754bf3283568ab4dd602bd79eb454dc3657d5bb6f9a30c90ea98d9600ebd0fb45d582f4cae3f8e3c50b0e8fb18059892","ssdeep":"","tlshash":"c710000000000000000000000000000030000000000000000000000000000000000000","first_seen":"2023-03-09T21:44:55Z","last_seen":"2026-06-10T08:15:44.241926Z","times_seen":23722,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/js/vendor/modernizr-custom.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.647Z","timestamp":1780824498647,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/js/vendor/modernizr-custom.js HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Wed, 26 Apr 2023 02:38:16 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1909\r\ndate: Sun, 07 Jun 2026 09:28:18 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4510,"size_decoded":2146,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (4686), with no line terminators","md5":"b233e6ec830f24474aa5f998e345807a","sha1":"38d06cc5ffd8cbb5a2247ff8f3be88006b5643a8","sha256":"3f85c7fc342a057c4002c735fa11155cbd645b5fa869beccb1620dc693ce40e8","sha512":"91a7bd8a5d599fd0cf4b8d7ffaa5f326245108dd79ef074584670d5a0104c76db28dde37eb8e21ebbb440bd15faf94b30393eab4f846bfaf6078fec59d9ae895","ssdeep":"96:mxE6y2msFKT6NzHOUJV0DR1IG7G97y9OAPmtijeHFv6D0tHJdBAQZ5MSTh3bMnnb:mxED2ZKT+deWYlPsiovH1JoQZ5M2aCU","tlshash":"96a1a4eab5e2f551d34224bab2bf081ab57d985226544808d090f5bdbe34db4037ef2d","first_seen":"2026-06-07T09:28:56.522441Z","last_seen":"2026-06-07T09:29:16.6428Z","times_seen":2,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/images/assets/ncua-lender.png","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.077Z","timestamp":1780824499077,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/images/assets/ncua-lender.png HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Apr 2023 02:38:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1730\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1730,"size_decoded":1995,"mime_type":"image/png","magic":"ASCII text, with very long lines (2310), with no line terminators","md5":"c06b97868db3b5b35009f8000ce0eaf4","sha1":"5b0ff861f680d4d05a49e9e6c5780f98a71ddecd","sha256":"5f6633a0e4aeb4647bd2e4297ddb8c1b358eca527dd2d82d26c737a63b4cc087","sha512":"5e8ca7a600cad4f8af49f1dae63c4ef5126d91a6a51de3c5f3201cdd64342ea42fdac69324068bb67eea1673317e713d9efc8b119c2c408703c145019ba67949","ssdeep":"","tlshash":"764119b726603fd493982cb38c15e2fe8fdc8dfd99ad5c782809594ae014500acedd76","first_seen":"2026-06-07T09:28:56.523526Z","last_seen":"2026-06-07T09:29:16.579802Z","times_seen":2,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.chaport.com/api/public/v1/accounts/69da8a81ef88820152c67dc1-498addea47a3cfe1d79020bd7476e24fba9dba416095718255285aacffd2fb43","fqdn":"app.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:24.750Z","timestamp":1780824504750,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"GET /api/public/v1/accounts/69da8a81ef88820152c67dc1-498addea47a3cfe1d79020bd7476e24fba9dba416095718255285aacffd2fb43 HTTP/1.1\r\nHost: app.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://tandeminternational.live\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:24 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: Express\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://tandeminternational.live\r\naccess-control-allow-headers: Content-Type, cp-app-id\r\ncache-control: public, max-age=31536000, immutable, no-store\r\nvary: Origin, accept-encoding\r\netag: W/\"457-pLDVCPr/p3xMbxnXuU+kdYGmGmo\"\r\nx-frame-options: sameorigin\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubdomains;\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zhS%2BHeConqXxWtHoh7InNgRslsViBDAauil%2FulhVsjaEsSwX0JViBpiXNtORUVuvX89Zgz0KNdnmXoAzX9Tr3Yh9uoFGv6IlOZVSPYWiO7mKX3ZiTgxkx6OC8%2B%2FFMwt%2Bbg%3D%3D\"}]}\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\ncf-ray: a07ea062ba8456af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1111,"size_decoded":1520,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with very long lines (1255), with no line terminators","md5":"6a737e63fcdfe92ddf94b8da2625644d","sha1":"64ed116ec39277ac503a546bdffd80feaa780cd2","sha256":"90c43a3ccb049f27222ed2a01433b9114c98c9840d6654c29c529f0ee08287b0","sha512":"5dc74b6346c07dc99882e41c873aa316fd099a22588b6233f9f26d65149c4f95a458f3e02734ec0b65f80d4a06bf17e9d2de52cd5f4cac4cff05929ba3f9fd70","ssdeep":"","tlshash":"9e219a542604c90fd056aa5debbe3e314a4c906bb1c07c18cbdc490c36f31b97b77682","first_seen":"2026-06-07T09:28:56.524496Z","last_seen":"2026-06-07T09:29:16.57322Z","times_seen":2,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/icons/footer-icons/call-citadel-credit-union.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.993Z","timestamp":1780824498993,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/icons/footer-icons/call-citadel-credit-union.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:38:12 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 893\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1787,"size_decoded":1206,"mime_type":"image/svg+xml","magic":"exported SGML document, ASCII text, with very long lines (1918), with no line terminators","md5":"9fa560048bfe8a9fda44f6ac9f58d7e0","sha1":"acbaa32da5b73a6d989323255bcad7bb0ada1634","sha256":"63bcb2d08e5a2d25ed597e793dc4e170e15ce034fb2a36758d08dfa8000a2cb2","sha512":"0c06e5e9208b465983c167fbdf58924a591ea8dcff5c4481ac1c9b07d8cd8f8042efe3a0b679c6bc2aa1944c537a52034c806ba9ae5505b24f5752b1da9584a8","ssdeep":"","tlshash":"7f41b5ea4335b32463414bb60db811c3abb3b8a4347332b4c2a73825f910de55111ea4","first_seen":"2026-06-07T09:28:56.525509Z","last_seen":"2026-06-07T09:29:16.607066Z","times_seen":2,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/static-strip-icons/ico-clock-new.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.020Z","timestamp":1780824499020,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/static-strip-icons/ico-clock-new.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 187\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":341,"size_decoded":500,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (381), with no line terminators","md5":"fbbd183147b28348b37c9a54d765531a","sha1":"5723750c25b965e3f2b92bedc9de8ae3fd3f7d99","sha256":"1212d9dfe60b2ef8117b8f591b404e60e0176430381fa380fb963202604356b9","sha512":"55f58ffcea8b3dc67f21f4b8611a0ba19186c155130a1054793878173f482eaae7f2757f7134171ea31ec6d9c73d3fd9fa34d3f1f733cc1ed6043eb9628cd2b5","ssdeep":"","tlshash":"8ae0df592200fb38362658d6db36b830203730d806ca3318aad24533321ecff28b39e8","first_seen":"2026-06-07T09:28:56.526532Z","last_seen":"2026-06-07T09:29:16.640796Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/learn-and-plan-images/personal-finance-101/1116302.jpg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.065Z","timestamp":1780824499065,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/learn-and-plan-images/personal-finance-101/1116302.jpg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Apr 2023 02:38:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 131889\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":131889,"size_decoded":132157,"mime_type":"image/jpeg","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a982078adb537896aa7b3a85f9bef9a9","sha1":"7666440f856ccad65fcf667fdfd4a769aedb71c2","sha256":"ec7f71028111657bbd4889f7e7b97155e8b56712776e9bf3c693c5d0eea4ab0b","sha512":"74b2825078ea305e3ebf469f7788f6cfbaf879486d0dc9d4e93aeec069a6500c072b55e1f911a38e5a762683e597c8060f3d305efe058da906c49a0a3ea417a9","ssdeep":"3072:cm/yfhgyEHWWRj1VYYmqExa/0czjRCB2yDfvF5bLbkqZJTw5DuiTXUkE5j7:KgyoWWt1GhnxyHNCB2y3bLQWJ+DHXUk8","tlshash":"0b0402730d42fe9c5f28486ad2cedec50d2e5f87944dc6ebd212b1d425ca701eae24b9","first_seen":"2026-06-07T09:28:56.527938Z","last_seen":"2026-06-07T09:29:16.586093Z","times_seen":2,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/prefooter-icons/ico-star-circle.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.991Z","timestamp":1780824498991,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/prefooter-icons/ico-star-circle.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 596\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1254,"size_decoded":909,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (1300), with no line terminators","md5":"ee23a93386068a5fd7bebdb808371880","sha1":"de5a283d0b2211d5724cbcc2b99fd400421a4d54","sha256":"a28ce221ae697fb6e6ae12b58ebfea914f3ba0e071d2c6e714f467448d703059","sha512":"5eba53e03607c70d725d9bedce334db762dd93cf4fdf9e4c9732f5f06be61d4a667fc9576d4a1a5999e7afa16cdff17849d01b3a3775ea8f9f4631cf657bc8b5","ssdeep":"","tlshash":"202153fa435423256c5565efdda324b0717f38f92bc5220ae4ab81f278140ff22a25b0","first_seen":"2026-06-07T09:28:56.528772Z","last_seen":"2026-06-07T09:29:16.636186Z","times_seen":2,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/learn-and-plan-images/running-a-business/13418669.jpg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.067Z","timestamp":1780824499067,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/learn-and-plan-images/running-a-business/13418669.jpg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Apr 2023 02:38:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 82054\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":82054,"size_decoded":82321,"mime_type":"image/jpeg","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"056fcd2cd2f009943abacaf248ae6053","sha1":"ba58770d3f7812b7c0e223abe36c278db387a667","sha256":"5dd3040df24df5c487cad9665de9866082749bfbd5c4c0725038b936808a9597","sha512":"955005e2297237334c3f012d314fc5014ee4ec7e6cc51376db29fd93602c86200e06ed0d174a059f5a998d2a632a1c7a67479df23e10bf9db85bff3b5170861d","ssdeep":"3072:YWOWSaWOWSeIDGAwuj9w+xQQwJJItnSpXd2:oTSTeIqUw/QmuJSFE","tlshash":"b3b3f0738c0b7c165f665a0ae3edf8c12d8c2fc38995ca8eba7532621695a40c3dd53d","first_seen":"2026-06-07T09:28:56.529937Z","last_seen":"2026-06-07T09:29:16.562108Z","times_seen":2,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/homepage-images/metro.jpg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.426Z","timestamp":1780824499426,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/homepage-images/metro.jpg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Apr 2023 02:36:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 110812\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":110812,"size_decoded":111080,"mime_type":"image/jpeg","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d965d26af20e3c7b53c3ab75efc5e294","sha1":"2af76da172ecd1192a1e829bc093480875a04a4f","sha256":"7d8d5234014c7629aeace7717bdec65d040c3b27eadc9677aae2849e14f9c45a","sha512":"0396e5cff1822d6fe2ff757b1f088a0a03c1a61ab87c6d25c9255130f7238f36093d7e42659d4935620d4f1ae13cd7f5a75232458801f4a9ebfb2e13922a2cb4","ssdeep":"3072:ygDfSqQnUIckYkIvS1iMWEuvM53QnYVwhBeeqfoQBhx5bY0wRgj+XnZaxT/+:9D841kIvndtM9QYwBOom5bwRHZaZ+","tlshash":"39e302b34c7ebf2b2bada91422debde91e1c3f83554d94919fea707210d5702c6c1a81","first_seen":"2026-06-07T09:28:56.530828Z","last_seen":"2026-06-07T14:31:49.258739Z","times_seen":6,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":88,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.chaport.com/javascripts/insert.js","fqdn":"app.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.498Z","timestamp":1780824499498,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"GET /javascripts/insert.js HTTP/1.1\r\nHost: app.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 27 Mar 2026 07:04:35 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubdomains;\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PMN7jU%2F4HVZa0Mp4asDVIaVuCrh75BEAQYpZpOKJ8RdMT8sZSMKqU2d15Ix50VftxvHKE07sa9I84OvOTOyw1CXdoIqVKfuaW3GnrBf3zBQ3%2BNF4FtEB2af3QXCkcAFy%2BA%3D%3D\"}]}\r\nage: 4596250\r\ncf-cache-status: HIT\r\netag: W/\"69c62c03-3e6\"\r\ncontent-encoding: br\r\ncf-ray: a07ea041fd5b56af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":998,"size_decoded":1310,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (1014), with no line terminators","md5":"323784ba56f2b307f0dfd81e4d579660","sha1":"3ac7632fd8942aca51c590d097514f47e7bf8499","sha256":"7cf9adf43c92ad13638a89e82698a9bbb4efcf48ce172ce2395bbd957006e503","sha512":"da98299fc9a54a195ca3004745de0afc19bee2bd6289c5f3069f143fed763010f1415179fd38f10fb598c72df493f092cf43d779ee3e554fe06f137d080f0323","ssdeep":"","tlshash":"37110001a52450570eb92537bb2b730eb5bff3069a0c9a002a1df6007b13c93a926cf9","first_seen":"2026-06-07T09:28:56.532029Z","last_seen":"2026-06-07T09:34:13.606017Z","times_seen":3,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":2,"connect":1,"send":0,"wait":13,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.chaport.com/info/widget-assets?jsonpCallback=true\u0026id=69da8a81ef88820152c67dc1","fqdn":"app.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.572Z","timestamp":1780824499572,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"GET /info/widget-assets?jsonpCallback=true\u0026id=69da8a81ef88820152c67dc1 HTTP/1.1\r\nHost: app.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: Express\r\netag: W/\"17f-zCJIwa/gxzeBlzhVbgCRYvSuh4U\"\r\nx-frame-options: sameorigin\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubdomains;\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wncW6L9GIElt3pRNRtH4ZfWDQZoPiL3EAXaUllYBm4Cyzg20VWL%2BKN0AgYqTRq9Mg1XLcKMIc7PoSvaP%2BR1n1GC5R%2FneNhKTeTWAboTdk6GH7So1XYwXvmnSyWVI3Zyybg%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: a07ea0425dab56af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":383,"size_decoded":986,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (409), with no line terminators","md5":"84f0b917181b1ba43433b39f89b04420","sha1":"0390800764b1a290e7538d42e5ce5aae57881237","sha256":"bf2bdbee2ddc5bb6f336a15729515c38b0838adb4ea70131d6785f60d0acb928","sha512":"04976ea13966322b5003dca3b11ea90bc7fcc25668cc98b9dfcec14436191ac0b7888dde2c3c8af8bf07b4879cbe700c33c7ae854704227c10e9ec1b421be104","ssdeep":"","tlshash":"f3e02b46da0e8906db213865767d0f9664ef86460350cba95874de046105cf2a875c7a","first_seen":"2026-06-07T09:28:56.532947Z","last_seen":"2026-06-07T09:29:16.609485Z","times_seen":2,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/new-brand/click-current-loan-rates-business-loan-ratesd4a0.svg?la=en\u0026hash=1E16BF0885B28F4394AEF4D91B3D1795","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.031Z","timestamp":1780824499031,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/new-brand/click-current-loan-rates-business-loan-ratesd4a0.svg?la=en\u0026hash=1E16BF0885B28F4394AEF4D91B3D1795 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1259\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2733,"size_decoded":1573,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (2755), with no line terminators","md5":"6ad76dfe87459a50133d9225bbf91689","sha1":"b7c999baf8abe2f85fae6218196f71e3b6514093","sha256":"ebafcd75f0a2aaf0f3b0c2834b672826360d2e09005efceb578b1490cb307ce3","sha512":"54bc5ebbae9e84665fdc96547f19ee0c248c2e928a424efe9c751142f7833a026f34ba95a5c0e73d1ead9479311eb68fb2fa0f26565ddf509c834579cd8f5206","ssdeep":"","tlshash":"13514437430497ba5e91cb44ed65a05825365c2b70f0e0c8aff3b546dc059f38038d30","first_seen":"2026-06-07T09:28:56.533875Z","last_seen":"2026-06-07T09:29:16.569345Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/icons/footer-icons/citadel-credit-union-routing-number.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.069Z","timestamp":1780824499069,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/icons/footer-icons/citadel-credit-union-routing-number.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:38:12 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 558\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1223,"size_decoded":871,"mime_type":"image/svg+xml","magic":"exported SGML document, ASCII text, with very long lines (1355), with no line terminators","md5":"95b78372f5973336b2040d68aa5360e3","sha1":"4bff4eb21ca244777ec6032482698003287e4945","sha256":"1490d160bf0cdc52a20242d0077668702ab60ee39a784d61dd8333a00377c5e2","sha512":"ecbe699f8ea5ffbe17a8b2981fda650818eae06e942108d4b7971ae7f4a9805c0bb4feb9020f115a9f23aa11d01888f101e1126cd40aa89098fd3db0b1c19e21","ssdeep":"","tlshash":"3e21ceb95038b352135f53a10de80287613f7cedf1b225b482ab7166f944c949871d6a","first_seen":"2026-06-07T09:28:56.534786Z","last_seen":"2026-06-07T09:29:16.581486Z","times_seen":2,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/blue-seal-200-42-bbb-80015515.png","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.075Z","timestamp":1780824499075,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/blue-seal-200-42-bbb-80015515.png HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Apr 2023 02:36:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3735\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3735,"size_decoded":4000,"mime_type":"image/png","magic":"ASCII text, with very long lines (4982), with no line terminators","md5":"fc0699c7a8c824081882c3b68b51e45b","sha1":"a4808e127352492f4404b932e77f18c438f9940a","sha256":"38d1b8f838a9c0a703fd8904f7b5d9ef69b2c9ae653790c7d23dfe357269ad48","sha512":"2c17037f63acde4074aa63e72a6b726fb28961e6c2e26b9d383aa1438ebd50031b4095a8078182cdce5f19ce5ff72364635ae533e034eca8793dec7242a728b7","ssdeep":"96:/tYBHiSiKqi3+bsBio/CZ+w6woRvPo4HuDPzVljY7Vlp945NJf/H6:FYJiS/q08sYoKv6FZggurcdKvJX6","tlshash":"bca17db94c0f33744a306193be8ecf995daac8c1d1606916ba4981bfcf6183cd5d0b30","first_seen":"2026-06-07T09:28:56.535588Z","last_seen":"2026-06-07T09:29:16.570719Z","times_seen":2,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/section-links/ico-businessbanking.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.049Z","timestamp":1780824499049,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/section-links/ico-businessbanking.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1429\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3706,"size_decoded":1743,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (3840), with no line terminators","md5":"e49983abc6f772fa3f0fa7c7302878a7","sha1":"eff9454463ee07a7c374a531742b0f88f7ecf42d","sha256":"d6ee69fbc271cab447034b69b339605c1cf4f0d364270fe5ec0e39e04c60dd1f","sha512":"7725368a086285ec26bea0ad93d1c0e64b16bbb53039e76cc41689adb24397a8c1fefab1d60e30bfb98321b6b5a0c1b19e0c4e94ed5dd5b69fcafb1f680f57e0","ssdeep":"","tlshash":"7181eb16271aeb3ae847154ecd4861d361953c83f2b9f1ecdef30a17a12d0f2a8359b4","first_seen":"2026-06-07T09:28:56.536502Z","last_seen":"2026-06-07T09:29:16.578642Z","times_seen":2,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/new-brand/click-credit-union-interest-rates2d24.svg?la=en\u0026hash=F645C6A70380501060089A848126191F","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.022Z","timestamp":1780824499022,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/new-brand/click-credit-union-interest-rates2d24.svg?la=en\u0026hash=F645C6A70380501060089A848126191F HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:36:54 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1344\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3514,"size_decoded":1658,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (3612), with no line terminators","md5":"0ff2521e595e32432a980f75b444b0e7","sha1":"693571f114da3276f379dedf82ae3c3fda54c9a3","sha256":"a514c0d7b3a97f2eaf3d3ea4b699efd690b7b4e41afd99ec33d985ccfdcf32c3","sha512":"ef62bb27734046e23e8eb515fef19a2e090ef918dceed262aa07e950bc0b68f0ba884f0f89c8a9cd33f002f69036925473f0a569f2c286c6b3adc90da6802fda","ssdeep":"","tlshash":"d97153331344bb7850927b00d9d9a1871126f49670b0f2e8ebe2d1576e299fb91bc9b0","first_seen":"2026-06-07T09:28:56.537372Z","last_seen":"2026-06-07T09:29:16.576324Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/uploads/1775869452_8b7bf83ed9499ba5d7c5.png","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:20.933Z","timestamp":1780824500933,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /uploads/1775869452_8b7bf83ed9499ba5d7c5.png HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 11 Apr 2026 01:04:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7007\r\ndate: Sun, 07 Jun 2026 09:28:20 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7007,"size_decoded":7272,"mime_type":"image/png","magic":"ASCII text, with very long lines (9346), with no line terminators","md5":"fb7810200e1c6736fca5b7ae68e3895f","sha1":"074a1616ff2f0cb991f8f6226b884cd3219f598e","sha256":"92bb90c16da15d537de957129e40a4776248ab056d8db0e40a3fece372459615","sha512":"20574aa8c60aa043f6199a8a1d28e8c1ee2c38939ea04b7bcae71f97568749ebd4635334df2750cc93d54d46ab6b3720dc72e750e12a1d63998be136f5505f6c","ssdeep":"192:kogMjh1tFcu88DS6b45zFkOUP3+vTA9CDWcMpu036BJ326AElhNbS+eQG:9gMN1tqucxkQPaO26bnLy","tlshash":"d012bf3534db8e1946a34fdb0530186ebfd48e7f7ef595c1860f0a0a10ca914fd443a0","first_seen":"2026-06-07T09:28:56.538211Z","last_seen":"2026-06-07T09:29:16.575312Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/use.typekit.net/af/73b15e/00000000000000000001777b/27/laf99?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=i5\u0026amp;v=3","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:25.478Z","timestamp":1780824505478,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/use.typekit.net/af/73b15e/00000000000000000001777b/27/laf99?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=i5\u0026amp;v=3 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/use.typekit.net/ehc6rvq.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635; chaport-69da8a81ef88820152c67dc1=29c738bb-c475-4f83-813a-2faf14f58084%2FTgvALYcW9ELqy3JDo5PbOARjJEdwE2tGeXSVjRNg\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Wed, 26 Apr 2023 02:40:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 32816\r\ndate: Sun, 07 Jun 2026 09:28:25 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":32816,"size_decoded":32978,"mime_type":"application/octet-stream","magic":"ASCII text, with very long lines (43756), with no line terminators","md5":"ce830bb125888a84ae17b3798789293b","sha1":"278b07b8b0452052d641bf39b4bf291f7a939bf3","sha256":"eeb690ac9e1da9ce9a708e58a05460edb8d1e4df465fbf19e5b082436205cc3b","sha512":"dc79b6b845201c7343bd3157146d919514dc2cb927dcf118c7262ec84a00c33d8ad4554a36d9d92dca053effbd30d2a1d28a9df7420d34a8d9805072deb6b881","ssdeep":"768:WcCN39VcN/yyqa4t2GRoh8aXyB/y89ddNl9HtBXMRN7LKRr51KVd8TBHGT04sQR4:WcCjVcxyyq1RGfy/T7PrwN3KRtmd8UTm","tlshash":"6c1302a11ef2267fcaec02af65a935b470c134e6f21c6dd4d2a1fd550c9677887049c6","first_seen":"2026-06-07T09:28:56.539159Z","last_seen":"2026-06-07T09:29:16.57196Z","times_seen":2,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":90,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/section-links/ico-check-account.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.044Z","timestamp":1780824499044,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/section-links/ico-check-account.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1974\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4366,"size_decoded":2288,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (4406), with no line terminators","md5":"d55169fec9137b8f9f138e452db17dad","sha1":"2aae7adaa2aa8e8ef2a020710a160ae4b0eaf2ea","sha256":"3f61e6c5d8ea9f0b1fe8e926efbfdc7ccd2745c055612d94893c86cb71e11684","sha512":"33144470144bee991338b00aa88c47ced8746cdbbd5129c861d4da4fbf7634fffc4a7665d8cd088052558a44b59b0de430a172c0371cf79883247b897a781b61","ssdeep":"96:e9Rvgt5d72RdiGtDgqINHpiY43VdHVrGiXyW8RoFq0QDkn+vKhL7:engJqPiGtDgFNHp+3VFJGqyfPjCh3","tlshash":"d091c7c1a7a5d3f5f406d7baa96380523e7338ae38ab521cc2e45825602b4d90529cef","first_seen":"2026-06-07T09:28:56.540039Z","last_seen":"2026-06-07T09:29:16.589286Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/images/assets/ncua-cert.png","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.079Z","timestamp":1780824499079,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/images/assets/ncua-cert.png HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Apr 2023 02:38:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3067\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3067,"size_decoded":3332,"mime_type":"image/png","magic":"ASCII text, with very long lines (4094), with no line terminators","md5":"98dadf182d2a590fe731a2b3f10dae1e","sha1":"6ff6bad8cddf9ee445376309173c3610166fad24","sha256":"8fb8f330426e1cb45e5d28e66c88b9ad7b506215eb9ddbce6ced104bee6b5d5b","sha512":"17a848adac8c7eb069ca01884a61dd55797c207d9f9827f203ef156771de8dd6a0ff104ee77a0e4a55fbc6966803271d167f699fe66f74469458d57ee85ec965","ssdeep":"","tlshash":"5f816c7638506ac8955390b060e26f305efbd8c16607c459e1d78a34eed1580af8deef","first_seen":"2026-06-07T09:28:56.540907Z","last_seen":"2026-06-07T09:29:16.558352Z","times_seen":2,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/form.validate.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.971Z","timestamp":1780824498971,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/form.validate.js HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Wed, 26 Apr 2023 02:40:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 601\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2478,"size_decoded":837,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2649), with no line terminators","md5":"182d97107f86df726dad668e9b6e8baf","sha1":"2c04ce6f977555ba5647a0996e857b5907fecf2a","sha256":"7809949d892453f3b753e09b57d5467e790fb1ce855998c98f2ed708ac532c1d","sha512":"b7b56443a877b75af415a57940fbbb3c24c1bf6886248a99e7e468c1b2402f8fd66e1a55b4107bdf5a462643862d3d7b5887323243a9532f0cb19b9f8a10c97d","ssdeep":"","tlshash":"2f513b0c09197b3acda332dda9eb905d54eab237700500633acc4acad7db968d1f271d","first_seen":"2026-06-07T09:28:56.541834Z","last_seen":"2026-06-07T09:29:16.644661Z","times_seen":2,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/form.conditions.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.973Z","timestamp":1780824498973,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/form.conditions.js HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Wed, 26 Apr 2023 02:40:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2972\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":23940,"size_decoded":3209,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"520678c08e3cd8d8b41a9df2a9e81ff4","sha1":"7e99a42b452ef905d5482fab983eee6bed5d3a38","sha256":"4d73d17438e5c0c81001a74f4629e3be6da325e90d7b3cba907702cda5d915e3","sha512":"cca6816eeb392e54064fa0b38ec767c9b9a6b39c5399f0acd9cfadfc2ebd32154139c7f5490f27d7fe97e4439d35c3f4abeecfb93b8849467a07317bffe58766","ssdeep":"192:yCL9e8TdmoJEtmbf+EvzvdAg9b/F99eosObqT9i9vcHji8z5yCNwK8ZKX8EqfgE1:UIdbEt/EJAg9b/FreH9i9oBu1brU2gvO","tlshash":"78b24cbeb6d521428a3bb3359de75148e77685638e050904fe5e40b23f7382076abf98","first_seen":"2023-03-14T05:50:51Z","last_seen":"2026-06-07T09:29:16.594976Z","times_seen":1206,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/section-links/ico-about.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.054Z","timestamp":1780824499054,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/section-links/ico-about.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2255\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5934,"size_decoded":2569,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (6022), with no line terminators","md5":"8ae2bbeae8874d27cf041ea2dc91b6c8","sha1":"b6022e70b6433295349707f625c49307cc85b2b1","sha256":"d4afdf30ab52a5091138cbd9f1d415a5baa92242e824e2004de8e922228238b0","sha512":"56c48a20beb4925d99899af577eebdf0199c05af6400fa7b4ac352fe8a2320fed82ee4235804218c0b2286d4c063dfed944fef51df7fe6e711212585a2266d71","ssdeep":"96:plPmjZidPrViCUOyNUQ8lJQqqXr/ZJawzt9rS30LkcREWy1:7eWiCUvNH80r/nawmkjREWC","tlshash":"45c1cd074309e77c9845655ced3a21d2b2993483e4fcf2ddebd32512a53e0f1a1bad64","first_seen":"2026-06-07T09:28:56.543763Z","last_seen":"2026-06-07T09:29:16.556158Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/css/images/assets/ico-caret--black.png","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.420Z","timestamp":1780824499420,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/css/images/assets/ico-caret--black.png HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/css/main0338.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 \r\nx-powered-by: PHP/8.4.11\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 0\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"","fingerprints":[{"name":"PHP:8.4.11","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":277,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"9d4568c009d203ab10e33ea9953a0264","sha1":"dd29ecf524b030a65261e3059c48ab9e1ecb2585","sha256":"12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126","sha512":"64d24560970ca14d349bea0e7d2526d4754bf3283568ab4dd602bd79eb454dc3657d5bb6f9a30c90ea98d9600ebd0fb45d582f4cae3f8e3c50b0e8fb18059892","ssdeep":"","tlshash":"c710000000000000000000000000000030000000000000000000000000000000000000","first_seen":"2023-03-09T21:44:55Z","last_seen":"2026-06-10T08:15:44.241926Z","times_seen":23722,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/use.typekit.net/af/1526e5/00000000000000000001777c/27/l5bba?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n6\u0026amp;v=3","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.486Z","timestamp":1780824499486,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/use.typekit.net/af/1526e5/00000000000000000001777c/27/l5bba?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n6\u0026amp;v=3 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/use.typekit.net/ehc6rvq.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Wed, 26 Apr 2023 02:40:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 31688\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":31688,"size_decoded":31850,"mime_type":"application/octet-stream","magic":"ASCII text, with very long lines (42252), with no line terminators","md5":"1b407b36e9b48c52977144da46a6c804","sha1":"5c8a1156395bc56038dc8bfbd2d7dc521c4a7a2f","sha256":"ae3217524a14c00564fd852f6957a047a2e74dad1bfff0220ae3b0694d6fa167","sha512":"68dffeab86499dca73bc2e231099406bdb2d96cb0dd106b6e5dad37f7a2720482304a3d55ca2819029d3def7656df2167f08e669388678943f2c4ff7c6db3cfa","ssdeep":"768:NMVUALD6/gbtbn/2vIj0paOFSfJ7/xnozC0poSlyFlmLgNMi:Np7/gpbev9aXJ7/BoX3lyXei","tlshash":"2b13f2b0d5e77b776110a705042898386033f9db6edd19fee5381af190522882b325ba","first_seen":"2026-06-07T09:28:56.544692Z","last_seen":"2026-06-07T09:29:16.565448Z","times_seen":2,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/jquery.unobtrusive-ajax.min.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.969Z","timestamp":1780824498969,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/jquery.unobtrusive-ajax.min.js HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Wed, 26 Apr 2023 02:40:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1614\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4061,"size_decoded":1851,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (4219), with no line terminators","md5":"c89f69cbc55dcb52b2033a3a627ad0ef","sha1":"c68ce5c100d2215a65cd669f1790ee29835149e7","sha256":"d867b5a6f978f6b6fe0578323a77a2c32ae3df325cd5e3e1f3d6c0e6f7e253df","sha512":"b0d1e06020ecf7251782866f0345657728dcf16ab90984d056721deeb08cf0114565824d10a114b9e7a1283cce94e566576e358fe907d47281e0657ee8c75b1f","ssdeep":"96:zsxGd5Y34MVj1PYRWt6ElxaoQxQ6fhGHuNUqip5Xq9jHR7vJx40KRmlWRh7UeNR6:zsxoWw06AzC269zR7vJx4NznlNbQ","tlshash":"d79193d8f502b8b35f2335fb852f48172119316c251709206d8ad1adec3dfea69f2e52","first_seen":"2026-06-06T11:49:33.683896Z","last_seen":"2026-06-07T09:29:16.605089Z","times_seen":3,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/homepage-images/feature.jpg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.059Z","timestamp":1780824499059,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/homepage-images/feature.jpg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Apr 2023 02:36:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 166256\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":166256,"size_decoded":166524,"mime_type":"image/jpeg","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a15762242ef15576d998cd573203fb36","sha1":"44a43067fb7f0d77dce95be255dcdfb43acbe3ca","sha256":"ab423eb9c522a329d7d2a3d68d5f9ec4e32061a51191ec6f780765d9223668be","sha512":"786da24a0abbaa1ef8c8771716e3730ea899a5f5bfc69f072e9041eb1cbc9a1410e377296529beab80e12e57e8c077f51b1312bb64b5ec5cb62236d9538adc16","ssdeep":"6144:+mjKTGgk2ClDYdwoXjHZWaGZNioQG0hlY5BaY+bSyrjHNl:najEDYeoE+LNhCyYpOjHNl","tlshash":"632423345f1729a41ffd21272526ecb60fe28ec3a00c15511ae02ed780fea64667acb6","first_seen":"2026-06-07T09:28:56.54678Z","last_seen":"2026-06-07T14:31:49.266221Z","times_seen":6,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/use.typekit.net/af/442215/000000000000000000010b5a/27/le196?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n4\u0026amp;v=3","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.343Z","timestamp":1780824499343,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/use.typekit.net/af/442215/000000000000000000010b5a/27/le196?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n4\u0026amp;v=3 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/use.typekit.net/ehc6rvq.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Wed, 26 Apr 2023 02:40:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 23800\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":23800,"size_decoded":23962,"mime_type":"application/octet-stream","magic":"ASCII text, with very long lines (31736), with no line terminators","md5":"5feb2e57d128edd34544e8a8e20066f5","sha1":"d8748d33ace246d556f530d2d522e19d300b035b","sha256":"75826d5786682135c0f310b7a3113e01e2dd91e978c9db5b533aa693b9487ff7","sha512":"abe8b9c9bbbd62b45fea37fb61087c2d87b4e5ee711796f71223d8adf3491f9eea633fe918943ce6005fcaf75e3798d35c8da8d9e7c445085c09398d011a7da8","ssdeep":"768:LEuLcBirJIyO9/hqdrtXdFi8Q/V3F/D+LL8K0DirJ:L7LcBe2qBtQF/DYjJ","tlshash":"0ee2f136f92aca0c3a3cc714a47c7f605f1410b79b7bca662b4132e8947587562bdc8b","first_seen":"2026-05-26T00:00:55.097Z","last_seen":"2026-06-07T09:29:16.621018Z","times_seen":4,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/business-navigation-mobile-icons/ico-loans.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.985Z","timestamp":1780824498985,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/business-navigation-mobile-icons/ico-loans.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:36:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1257\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2732,"size_decoded":1571,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (2754), with no line terminators","md5":"964a01755ca06ec76be26e468b7f5196","sha1":"80148eb72576ab5010994eab381b14ab4095d502","sha256":"1503fabd45cc85917e0ba49a09e90f9e2cb47e3511a339638a9e1bd2dcba618a","sha512":"8e6ca2762714487e14ff40e98e46bec91f8f36e54b084cf114d96f3bac689560688093cf5303a7fb11942cb7f5b4ae25a93d5b57475fface06e0c31a12627f2c","ssdeep":"","tlshash":"59512337830497ba6e92cb59e966a09925365c2b70f5e1c8aff3b586dc059f38038d70","first_seen":"2026-06-07T09:28:56.548292Z","last_seen":"2026-06-07T09:29:16.593154Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.chaport.com/sounds/beep.mp3","fqdn":"assets.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:24.926Z","timestamp":1780824504926,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"GET /sounds/beep.mp3 HTTP/1.1\r\nHost: assets.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://tandeminternational.live\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:25 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 5466\r\nserver: cloudflare\r\nlast-modified: Tue, 26 May 2026 10:49:41 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6a157ac5-155a\"\r\nexpires: Tue, 07 Jul 2026 09:28:25 GMT\r\ncache-control: max-age=2592000, public\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubdomains;\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BPVR1hcm%2F4kqBl1Vj%2B3Xl3BulIiS0IbcKaQ136j9OkEc%2F5uek68YpI6bgRIAkg01ha93cqtpxKInNvdHX4qlVhJtEJuxcdCMWpYfuL8AnaKAZJamas%2FVVuSWjTWU7y6MmXLJbA%3D%3D\"}]}\r\ncf-ray: a07ea063cb8e56af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5466,"size_decoded":6376,"mime_type":"audio/mpeg","magic":"ASCII text, with very long lines (7290), with no line terminators","md5":"25cabc3509fd1625c772408e49679caa","sha1":"7d5849b2e0f76f30666a971fb926530a7e9d59d2","sha256":"9e2d9f8e8e8818d3710c5b6fb40d10e7ebc3cb6005616b87c30c211b018be761","sha512":"a228c9333aedd23339d0a5a0adc1cc4418410579bc1eca7ca703c6b756eda59eedd0a0cba7f98aa2df268ada697c090d5019a303e880e507fc0a0095d4b05555","ssdeep":"96:Q2HHsUkrkUluM7NamxCTg1KegXR47NptwKTICHV6Pkov4LeXyi0A4h:XHtkrd0OpxgB4btVIC1Y4CXyi0A4h","tlshash":"20e17d73b013b7fe6e8c16834c0b4fd19fa26e6beb26a9551067146780f28813b4693c","first_seen":"2026-06-07T09:28:56.549285Z","last_seen":"2026-06-07T09:29:16.603214Z","times_seen":2,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.chaport.com/images/user-icon-shadow-60x60.png","fqdn":"assets.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:31.280Z","timestamp":1780824511280,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"GET /images/user-icon-shadow-60x60.png HTTP/1.1\r\nHost: assets.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://assets.chaport.com/assets/widget-feab807cfdea6b377d896e38e88479b9.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:31 GMT\r\ncontent-type: image/png\r\ncontent-length: 434\r\nserver: cloudflare\r\nlast-modified: Tue, 26 May 2026 10:49:41 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c1Jr6FKIhzo7L0zFRxwpvWXOvJtArBVANV%2FbBrKCk0BcDgOBqw%2Fc%2F2vaJHKKWsxpyzYfP0UeGr1wLXmAZ3gJNo%2FQSznWD%2Ff4eqYZblwk4f%2BlZVXtpwyzxmvpwVWUvRhpgkjUKg%3D%3D\"}]}\r\netag: \"6a157ac5-687\"\r\nexpires: Fri, 03 Jul 2026 12:24:52 GMT\r\ncache-control: max-age=2592000, public\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubdomains;\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ncf-polished: ok, orig_size=1671\r\ncf-bgj: imgq:100,h2pri\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4;i=?0,cf-chb=(45;u=4;i=?0)\r\nage: 335018\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: a07ea08b8be556af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":434,"size_decoded":1455,"mime_type":"image/png","magic":"ASCII text, with very long lines (582), with no line terminators","md5":"cbf634fb9cfea92345070c4ae4003e72","sha1":"433f15600f2548e04ea9a634bf670bb1a0c82084","sha256":"f11286d50c1e71654d4c8237789fc3e8d1218844275b0fbdf5a4b970c7d03e01","sha512":"15490352c7d552ba3681f63c7415dc1ee462be958873bd149902f21c10abddf9d5ecf0a1796339c5c7e88445d70c00788446bd7b016b84629adae5ad5f5a2248","ssdeep":"","tlshash":"ecf04131c4bcd4450abe9cf6e7837e613f89cf9059573482fa870008f4553984baace4","first_seen":"2026-06-07T09:28:56.551166Z","last_seen":"2026-06-07T09:29:16.628245Z","times_seen":2,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/new-brand/click-current-credit-card-ratesd139.svg?la=en\u0026hash=223E4B99FFA90F053726A65798AAA796","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.027Z","timestamp":1780824499027,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/new-brand/click-current-credit-card-ratesd139.svg?la=en\u0026hash=223E4B99FFA90F053726A65798AAA796 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 954\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2379,"size_decoded":1267,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (2421), with no line terminators","md5":"ac97ee3eabc8391473b70ad1488d12b5","sha1":"139ac1b0e86ba9eed14752057af040fb3d066499","sha256":"9d46b9118cd648ab6005ebd58d4929863036c6850dc87e3485b2f48751f6074f","sha512":"d09ca4d0294497a418ab6c137366ef353749dd86954ae73d2e5e09b9b85c80cbe9d33794a5795acf40ae444dc572e3d30a97c1dab1161e61664be62cc186c5e0","ssdeep":"","tlshash":"0541467b534853bb519287cc850cd5593236bc5ab0b9a0889ffba51b2d08ef780f8d72","first_seen":"2026-06-07T09:28:56.519683Z","last_seen":"2026-06-07T09:29:16.629563Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/tabbed-icons/icon-send-message.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.036Z","timestamp":1780824499036,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/tabbed-icons/icon-send-message.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3363\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7988,"size_decoded":3677,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (8024), with no line terminators","md5":"ba1fe9e94ee24876b0dd58d73b3fb791","sha1":"94b42b352c730b02d0329e3e399d425dced9ee89","sha256":"da762cbfdd4af64807639be7767aa2916001dcf0a2b23b10bacfac3acb9b19f3","sha512":"8fece53ab2b22f1fe4e0251e4c3cfc2c98f79350356b6212374f05c97a5dc4208eddabc922d4ee58b40e7ee511d2747559bbfc024a75aa3b4d3b04ec555101a7","ssdeep":"192:VW8vqIPFowubPUaknOPumVsH/PHRnwLP6kNsA:VrZWTbPUdnOWdH386y","tlshash":"92f129946621cbf299497ace8c231d4a395a38bb3a50a08ccecf563978331e5435c8c7","first_seen":"2026-06-07T09:28:56.553691Z","last_seen":"2026-06-07T09:29:16.622438Z","times_seen":2,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.chaport.com/api/public/v1/stats/trigger-views","fqdn":"app.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:31.266Z","timestamp":1780824511266,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"OPTIONS /api/public/v1/stats/trigger-views HTTP/1.1\r\nHost: app.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,cp-app-id\r\nReferer: https://tandeminternational.live/\r\nOrigin: https://tandeminternational.live\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 \r\ndate: Sun, 07 Jun 2026 09:28:31 GMT\r\ncontent-type: text/plain\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: https://tandeminternational.live\r\naccess-control-allow-headers: Content-Type, cp-app-id\r\naccess-control-allow-credentials: true\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yPxQThUfjMmttQqr6De3LI%2FrnB3CZrTh7yEpnFwdZ%2F97atLbu2cSL%2FGTTzSjNhQQBQPWGmxJfnVsQVA80bNBsNdAlkv4Om8zSfnVaSMZRSIPVDWx91EUqt5A1L15%2BrfQ7Q%3D%3D\"}]}\r\ncf-ray: a07ea08b6bc656af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":659,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"9d4568c009d203ab10e33ea9953a0264","sha1":"dd29ecf524b030a65261e3059c48ab9e1ecb2585","sha256":"12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126","sha512":"64d24560970ca14d349bea0e7d2526d4754bf3283568ab4dd602bd79eb454dc3657d5bb6f9a30c90ea98d9600ebd0fb45d582f4cae3f8e3c50b0e8fb18059892","ssdeep":"","tlshash":"c710000000000000000000000000000030000000000000000000000000000000000000","first_seen":"2023-03-09T21:44:55Z","last_seen":"2026-06-10T08:15:44.241926Z","times_seen":23722,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/uploads/1775869436_123e5000a6485b51dae9.png","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.982Z","timestamp":1780824498982,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /uploads/1775869436_123e5000a6485b51dae9.png HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 11 Apr 2026 01:03:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7007\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7007,"size_decoded":7272,"mime_type":"image/png","magic":"ASCII text, with very long lines (9346), with no line terminators","md5":"fb7810200e1c6736fca5b7ae68e3895f","sha1":"074a1616ff2f0cb991f8f6226b884cd3219f598e","sha256":"92bb90c16da15d537de957129e40a4776248ab056d8db0e40a3fece372459615","sha512":"20574aa8c60aa043f6199a8a1d28e8c1ee2c38939ea04b7bcae71f97568749ebd4635334df2750cc93d54d46ab6b3720dc72e750e12a1d63998be136f5505f6c","ssdeep":"192:kogMjh1tFcu88DS6b45zFkOUP3+vTA9CDWcMpu036BJ326AElhNbS+eQG:9gMN1tqucxkQPaO26bnLy","tlshash":"d012bf3534db8e1946a34fdb0530186ebfd48e7f7ef595c1860f0a0a10ca914fd443a0","first_seen":"2026-06-07T09:28:56.538211Z","last_seen":"2026-06-07T09:29:16.575312Z","times_seen":2,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.chaport.com/javascripts/audio-player.js","fqdn":"assets.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:24.890Z","timestamp":1780824504890,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"GET /javascripts/audio-player.js HTTP/1.1\r\nHost: assets.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:24 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 26 May 2026 10:54:36 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubdomains;\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iMbyBBomCUnS6UtO6maoa8Rxud89Jfrywxm0D5ap2AB6PdvItbtJb%2B36I6ntYeUY2laAYY1Gb1JQR2DzdTGSjtIcsTTgho9loDH%2BjHjXr0ISjX2UMNzS%2BIF6PjLn5jd3bTyFmQ%3D%3D\"}]}\r\nage: 709459\r\ncf-cache-status: HIT\r\netag: W/\"6a157bec-6b07\"\r\ncontent-encoding: br\r\ncf-ray: a07ea0639b5556af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27399,"size_decoded":9420,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (27399), with no line terminators","md5":"65cbf911501a0de13afb9d1cb71933cb","sha1":"e9236ab09f15becfa6d86aeb5995fc896f1aab1b","sha256":"e92027b36a47b6e3c2e1c084ac31e8e7e6a4b904bbaa42d241ccf7f4e48d7a62","sha512":"a619c7409dd01aa33de6a1eb397188a42da076126f727c119ed69455158ccff9421daec4d8135dfee4e719b1d62aa70bc767f4430238da97714805c43655cc35","ssdeep":"384:Brt6nqLIf40nECIgPG8OrYleIoARnq0KaHvWvqTGDBnLbcfSLcg:MwXkPGdg7HnqhSTGlnLbcqwg","tlshash":"70c22c48b7e17d54435a34b3223f4a063bb51652545a3240f016c2e9bf78e8b91beeed","first_seen":"2025-09-01T08:05:49.861005Z","last_seen":"2026-06-10T11:03:36.086592Z","times_seen":1187,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/rlforms.referlive.com/css/ReferLive_banking.css","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.641Z","timestamp":1780824498641,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/rlforms.referlive.com/css/ReferLive_banking.css HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Apr 2023 02:38:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1364\r\ndate: Sun, 07 Jun 2026 09:28:18 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7667,"size_decoded":1673,"mime_type":"text/css","magic":"ASCII text, with very long lines (8493), with no line terminators","md5":"bee430000d32451fa92348e5e8895546","sha1":"9739a881b7ce603aafb7e5953d5d07e837e6462e","sha256":"f70c14f0fb39dcf1c0924c757501cd2cc7062eca9bcde7cc515af647d7990000","sha512":"853b4309cd3c94cca96edfd6bdbceb6ef3d9512af56549e99349dbd8630faa5d6d6cde335a4f0fbe15e3d89ab69220e407f4f6c9bfc5c9c1e2c858a7489a8938","ssdeep":"192:GjN42YKs/e27zvW6IehaX92rjsZxS0F0K0v0a0x0Io0IF0yH0NJE:GjGBKs/eaW6IehaX92CZE","tlshash":"01027a29ae0737be2e06843c28f31685221fb81f10018a5ebe95f6b1d3d72e69471f59","first_seen":"2026-06-07T09:28:56.556026Z","last_seen":"2026-06-07T09:29:16.560249Z","times_seen":2,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/images/assets/ico-lock.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.019Z","timestamp":1780824499019,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/images/assets/ico-lock.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:38:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 181\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":278,"size_decoded":494,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (310), with no line terminators","md5":"0888d0ddfc4e0587be26afa66597cd4b","sha1":"e835211faee5d094f085845d9f52fa3c8336ca8e","sha256":"222ce44fd71ba6e79dc9e1f007fd41a8e60efd28ae077ef042c2d8e43ed7f2cf","sha512":"77f040c05d8f15abe0efddc3034b03c90727e8d41ba5008e12d51ab25ec39b4d127d7e9e6e3720f999928d02d35ca503a996ce673f0a892b8b118fa16c1be78d","ssdeep":"","tlshash":"a4e0cd35b318e52d7436d6245f342d75201530463ad52154a8ea0034232697e66b7ea4","first_seen":"2026-06-07T09:28:56.514453Z","last_seen":"2026-06-07T09:29:16.582627Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/js/vendor/smartbanner.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.632Z","timestamp":1780824498632,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/js/vendor/smartbanner.js HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Wed, 26 Apr 2023 02:38:16 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2980\r\ndate: Sun, 07 Jun 2026 09:28:18 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10700,"size_decoded":3217,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (10700), with no line terminators","md5":"3d43b65e00b7946bb0017c8235f8ffe4","sha1":"4c46db8d895f7301bc38c9bac5f4a9396c70f2a5","sha256":"25c22667a74743f46f77924f05d484606c7dc20383254a5a58103b5fc301ad11","sha512":"4c48f86ab850a7a1a595335d55765760f4e7cb3123f565cf793c1d3fb4760b6c9e976fb74acc61788b3a6155ceb9fd91c136bb05808d8bc4cc93a450a2436c56","ssdeep":"192:65tI/5+RO2W9Go5KHhjTLDI0BpMNrt6SB8LmaJtOwLJ8jS:65C/5+RON9Go5KB/2Bamax9","tlshash":"3922a20c72e1b172911362e9902f450fb0f5ecb9e848d8a9a27dc9c0afb185d41e7f6d","first_seen":"2023-11-12T03:48:52Z","last_seen":"2026-06-07T09:29:16.59244Z","times_seen":1198,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/jquery.validate.unobtrusive.min.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.967Z","timestamp":1780824498967,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/jquery.validate.unobtrusive.min.js HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Wed, 26 Apr 2023 02:40:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1884\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5407,"size_decoded":2121,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5655), with no line terminators","md5":"a6520ecf59ed70db88c8ad2dea1e6e20","sha1":"810ef7f6b7f19872f7a129ad97747403980309ff","sha256":"3123094b7a4ef13d2f1fd17422675a4b8f0d60aa9a184e1aab9e966635a54541","sha512":"6d1a944df8648b9f20538c74c953fc836d865d705644f8a2662b2f4665619118d6117caae93995d6214e409028f88e8222703066165ee1fe3a3801ab4908f96c","ssdeep":"96:u+izDeV3cEYQCBybUab7jWQShL+RV4G8QrTo6ee8vm8K4TVOQI3PORp15OYW1QD:u+i2DYQCMbUab7jWt8V4G8Qr06qvm8jj","tlshash":"4fc194887146f1227db734eb20ef841fa4b25294b0550800f149d6fdedb8ee95753b5b","first_seen":"2026-06-07T09:28:56.562081Z","last_seen":"2026-06-07T09:29:16.617105Z","times_seen":2,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/business-navigation-mobile-icons/ico-payments.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.988Z","timestamp":1780824498988,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/business-navigation-mobile-icons/ico-payments.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:36:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5165\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":12244,"size_decoded":5479,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6bd5d3278957180966c4507c1237a9ed","sha1":"979ed3716e2c76e4d6a5e2e4b9f30054810d979c","sha256":"54848d375a519a75c28251c91adede588e749ac4ca283a284ead80412c5e5387","sha512":"4d9e84f07cb5782fee1c49f382d36ae379b0cb7524d19b62cdbe80facd0d25b2ef5f36833e646b89f053322442370c98f16332196861f8d9cc5396bfde04086d","ssdeep":"192:Q8/34UVOkCHuDUo2P+/1Pvbuf8kfT2R5lEjE7M6DTBY0u:Q8/ojkaOg+hvBkfT2RveS3u","tlshash":"cf42f8c5233a93fdb0456afd88139c703ca328e67d059089c7dd2e52a8275d58e5bcdb","first_seen":"2023-11-12T03:48:53Z","last_seen":"2026-06-07T09:29:16.595718Z","times_seen":1201,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/icons/rate-icons/new/ico-savings695e.svg?la=en\u0026hash=0E55614F75FB061850865FD235D7ABDA","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.025Z","timestamp":1780824499025,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/icons/rate-icons/new/ico-savings695e.svg?la=en\u0026hash=0E55614F75FB061850865FD235D7ABDA HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:39:34 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1933\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4526,"size_decoded":2247,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (4564), with no line terminators","md5":"ac87fd47d0994501d22c4c46e3a936c9","sha1":"a31aa1b248f65b864219c3c0388400cf56f70fdd","sha256":"9c5be094222894807da1f55325d9acdabcc6436d5265194b2f60c2fdf7f20749","sha512":"03820e29c08a4f8e2376bae17f662fc001caf4c2e9b5bf52a0561da55d0cdd5782e513d95d14c301681d8aa05e3400bd8a1cf1eae1017398283ce91dddf5c5a1","ssdeep":"96:cwqT5iqdcxqDGrCd5avFkFQ80lcXTopvl1r5EXyh3bltdnfA:7YyqagaviFQ1cX2V5ZC","tlshash":"3b91223703049bff55e6c748ca7a61893365a8a571f5e2c86f93ad06bc095f340b4c71","first_seen":"2026-06-07T09:28:56.563555Z","last_seen":"2026-06-07T09:29:16.551051Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/use.typekit.net/af/f96583/000000000000000000017775/27/le265?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=i7\u0026amp;v=3","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.488Z","timestamp":1780824499488,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/use.typekit.net/af/f96583/000000000000000000017775/27/le265?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=i7\u0026amp;v=3 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/use.typekit.net/ehc6rvq.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Wed, 26 Apr 2023 02:40:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 33412\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":33412,"size_decoded":33574,"mime_type":"application/octet-stream","magic":"ASCII text, with very long lines (44552), with no line terminators","md5":"17dd7aa284ee64dc7d85a1b89204930c","sha1":"50b62555575de59bcacde3d57ca407a50ea35b48","sha256":"1fbbd99f5a14526077288372283ae0dca5270b650cc2c0a6bc7272e478dc03d7","sha512":"2f0a846373454f7246798dcac916ca2dc4bad47f235123db3641cc3a0c2ba4b9cf42d6db90e3ee4cf14b871e4d6eb1cee4187aef5118babb6c3d61ca960b71f6","ssdeep":"768:7gvsThF2nFRZWPcRCD8tKrQ1AE48t1nd0HTZn91dOdizzrsbqt4cIVWMwCJx:7giTy/ZWPcybEBt1nqHlHdYizz6q3IU0","tlshash":"b413f133e509ad819239c96450bbe65fae132f36d4851c09c12c5d8a093ff763acaba4","first_seen":"2026-06-07T09:28:56.564484Z","last_seen":"2026-06-07T09:29:16.599621Z","times_seen":2,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/css/main0338.css","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.637Z","timestamp":1780824498637,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/css/main0338.css HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 27 Apr 2023 08:48:56 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 83090\r\ndate: Sun, 07 Jun 2026 09:28:18 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":687921,"size_decoded":83400,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"7c6b26933aaf82dd28e630ab6a7c5be4","sha1":"412be95771338b31de1b8ec217919f793e3318f3","sha256":"066b7a3e2ce35c4cf8302e94996ca86bb9a537f593717ab864ea4d4453d21eba","sha512":"bc0aced19e8c8d9737bd01f5add18e8d68ddaa0f090b260fd982c04d1b0a9e61a3ee70b175e7ca80fadab3081f6ae1715c534f60c9f3aeef993472ca3086f844","ssdeep":"3072:e/NGvXAm7dalFhG5iEWntuRCkanU720F9P3Qt9t5BA/+zzs+387O6hTxgHIcbeIb:y0aU727A/+HKAm0","tlshash":"52e48414960221065533eb78eff20248e7a98023df0792b9bedd61858ffa1a4d671fdd","first_seen":"2024-05-20T17:32:59Z","last_seen":"2026-06-07T09:29:16.613434Z","times_seen":1027,"resource_available":false,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gtranslate.net/widgets/latest/popup.js","fqdn":"cdn.gtranslate.net","domain":"gtranslate.net","tld":"net"},"ip":{"addr":"104.26.13.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.954Z","timestamp":1780824498954,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtranslate.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Apr 2026 01:55:15 GMT","end":"Sun, 26 Jul 2026 02:55:11 GMT"},"fingerprint":{"sha1":"D6:E2:75:3C:2F:30:B7:97:9A:7C:14:F6:CF:B5:AC:7E:65:97:D7:F2","sha256":"20:CF:1D:C9:5C:C1:82:AF:96:53:40:95:67:34:CE:40:4D:CE:B1:34:17:45:1A:79:F8:1C:7E:60:A5:FF:6F:8E"}}},"request":{"raw":"GET /widgets/latest/popup.js HTTP/1.1\r\nHost: cdn.gtranslate.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:25 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 06 May 2026 19:42:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Sat, 05 Jun 2027 05:59:43 GMT\r\ncache-control: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gyO5Ewdx%2FtzHfUInJonbsu3w%2FuYzIsEpkJhuV0%2FKmKCsA7a1yoyV8gYf1O0TC3wdJ5Hq2daeTPpzd8yULtlGjtpRD33fr0T%2BXNN4YsvjoZP6xzXgQRRcaFFXJ0%2BKi2qqTUHhhg%3D%3D\"}]}\r\nage: 185322\r\ncf-cache-status: HIT\r\netag: W/\"69fb99bb-495e\"\r\ncontent-encoding: br\r\ncf-ray: a07ea06658ac76ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18782,"size_decoded":6734,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3129)","md5":"e4294a7d9bda3e024319d5261d4b3d72","sha1":"3a82b3ec81907f46cba6ade7fd22ca9a4092e209","sha256":"c8f801083cbbed71a7e2c6c1dcae6dc486ead801a900cfbcc09fb82113fabc47","sha512":"e2c3abb2ae2e276be8b5d3baa1445877ce29136b7b7bdccd52e50c12d4443a324c3e45b5c3734d5cf659ce7ca991528face2f911bd18f16706679a87f026974c","ssdeep":"384:UzCKMPZATN09o0mtEMDXYddj517IHVxBCZlXbt/dDsBc:UVMhAh060sEMDXYbZvdd","tlshash":"7c82f95a11b3103e5a171129efff2b0c60ba42978101fc21bf9ddd825fc1a9d96a7bd8","first_seen":"2026-05-06T21:09:43.111959Z","last_seen":"2026-06-10T03:12:36.154548Z","times_seen":102,"resource_available":true,"data":null}},"time_used":6388,"timings":{"blocked":-1,"dns":3,"connect":1,"send":0,"wait":8,"receive":0,"ssl":6375},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/icons/prefooter-icons/icoclock.png","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.071Z","timestamp":1780824499071,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/icons/prefooter-icons/icoclock.png HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Apr 2023 02:38:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1032\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1032,"size_decoded":1297,"mime_type":"image/png","magic":"ASCII text, with very long lines (1378), with no line terminators","md5":"529d67ccf60a24008b22efd3ed7e6c23","sha1":"ac0618b9301827bdc2480d0d516a082494693edf","sha256":"fe7d94e6bf394d59beaf9dd603a736c490679109c19beee1f605cc199a5c6ca9","sha512":"010324d3aefc94c764ae8868661ff228569b0963b9eda6c002ec0ecd9b0b6290d59d3fb03d85d564c179ed728fd7517f5e272fbfc444501212476715bfe0d5fe","ssdeep":"","tlshash":"5221420cbd965225c2d709a8b1aae2d29d511842a694bcbce2997a41e84621ece84f0c","first_seen":"2026-06-07T09:28:56.567144Z","last_seen":"2026-06-07T09:29:16.633608Z","times_seen":2,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.chaport.com/api/public/v1/accounts/69da8a81ef88820152c67dc1/init?id=29c738bb-c475-4f83-813a-2faf14f58084\u0026token=TgvALYcW9ELqy3JDo5PbOARjJEdwE2tGeXSVjRNg","fqdn":"app.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:24.929Z","timestamp":1780824504929,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"GET /api/public/v1/accounts/69da8a81ef88820152c67dc1/init?id=29c738bb-c475-4f83-813a-2faf14f58084\u0026token=TgvALYcW9ELqy3JDo5PbOARjJEdwE2tGeXSVjRNg HTTP/1.1\r\nHost: app.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://tandeminternational.live\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:25 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: Express\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://tandeminternational.live\r\naccess-control-allow-headers: Content-Type, cp-app-id\r\netag: W/\"263-hACLhSJa2vxKNoLZeTgrnt2nn0I\"\r\nx-frame-options: sameorigin\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubdomains;\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y22qIbnX%2FFlLzYkGB27hA8XpV%2F7nVETuAJ3zlVui2JIjaiGclWpQjlTEaObjrUI%2BajBK7JGuuNT5fvcOV0RjQ7bduEIlOSMDpQxkBqZpxTpboUNsqdhHc9OfiHgIz9Ouzg%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: a07ea063cb9456af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":611,"size_decoded":1292,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with very long lines (677), with no line terminators","md5":"8119978ebd84560dba88f40e1a8f210a","sha1":"1f55be24e9413c499c4e75e77929e2c90fd3b4ad","sha256":"6d6e7f39f150c88d6b8d76d792dbeb2f7f84bdc5ee87f5cc915bcc602c7afa26","sha512":"a21dbcec2ab8d546fb433bdc16a5fe574d299037f1a1cdfae3a85235464eb77c0686a300a83c3225b3f5dbfa3e1a0cc859c1697421de9a54f383258680336835","ssdeep":"","tlshash":"6c012d5ceb08cc0bc206081b787a3f73908f010e8290a87895e4eb0103594f82ba9ea1","first_seen":"2026-06-07T09:28:56.570054Z","last_seen":"2026-06-07T09:34:13.512436Z","times_seen":3,"resource_available":false,"data":null}},"time_used":296,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":296,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.chaport.com/images/chaport-launcher-chat-icon-new.png","fqdn":"assets.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:25.300Z","timestamp":1780824505300,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"GET /images/chaport-launcher-chat-icon-new.png HTTP/1.1\r\nHost: assets.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://assets.chaport.com/assets/widget-feab807cfdea6b377d896e38e88479b9.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:25 GMT\r\ncontent-type: image/png\r\ncontent-length: 468\r\nserver: cloudflare\r\nlast-modified: Mon, 25 May 2026 09:47:54 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RpE1QE%2F2WQLi442CpiTe3fsTuchCeaDb08WPVFFHehVb%2BdTiiCfXPARRYjbHyVeMpbJI6Lyak1tapSN0BipJfPfWcnpcHfcW5GA26AKYsZGtVhcIJq81tFcBCo%2FME0uLQTVfWQ%3D%3D\"}]}\r\netag: \"6a141aca-2fa\"\r\nexpires: Wed, 24 Jun 2026 12:59:26 GMT\r\ncache-control: max-age=2592000, public\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubdomains;\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\npriority: u=4;i=?0,cf-chb=(45;u=4;i=?0)\r\ncf-polished: ok, orig_size=762\r\ncf-bgj: h2pri,imgq:100\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 1110539\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: a07ea0662e0d56af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":468,"size_decoded":1483,"mime_type":"image/png","magic":"ASCII text, with very long lines (626), with no line terminators","md5":"456469fab9455da9456ebbb4ceaf9d11","sha1":"38cc3975af7e67185d039a883390a205c43cef17","sha256":"5aac2bf58cd5d6e2090f8a26657871981345209286466bd4eb2bee3ec984c647","sha512":"19a1ad8c43c8a5780eff1ae398d3af464eb2bbb14015bc28f1e4447c0c026011e9bd4d3c90d1ebc014685339f8d72f42321ac9269a38c93abe8f55aca90d0f4a","ssdeep":"","tlshash":"0af062aa0bb12c2561a25cd1f229208f2c2a2deb598ce8c585cab311c0c34b691e99c8","first_seen":"2026-06-07T09:28:56.571021Z","last_seen":"2026-06-07T09:34:13.623849Z","times_seen":3,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/use.typekit.net/ehc6rvq.css","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.635Z","timestamp":1780824498635,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/use.typekit.net/ehc6rvq.css HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:18 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1508\r\ndate: Sun, 07 Jun 2026 09:28:18 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":20784,"size_decoded":1817,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (480)","md5":"bc9a046f11b7bed123990c63d77e4a2d","sha1":"0668e5a3c9bf416fa6e660f07594f37b7aedccd6","sha256":"200580931e02e47c8812a8461adae59f64fc8a546b53d36bc3dc272e06699826","sha512":"b24aa605cbfc07089aec31a66a28f4c34403e213e726f419e2955222561b70e5b57749738219db59121bcd88d8cf8e4db4fa15e627b080ef7b696b2c1fb0eb6f","ssdeep":"384:8plrdJOYSXnDI4/wFwqp6UVHYK3QshT2qtjZME7FKZ4EYvRuw1x:+rdJOYSXnDI4/wFFp6UVHYK3QshT7tjz","tlshash":"da928770804a4cd3e4c05a5132cb7bf2e919395735e49d54b425ceb758fafe3a600bae","first_seen":"2024-05-20T17:32:59Z","last_seen":"2026-06-07T09:29:16.611785Z","times_seen":1116,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/new-brand/click-current-bank-certificate-savings-rates925a.svg?la=en\u0026hash=1259E47B753C2F5FD76918926080E30A","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.024Z","timestamp":1780824499024,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/new-brand/click-current-bank-certificate-savings-rates925a.svg?la=en\u0026hash=1259E47B753C2F5FD76918926080E30A HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1933\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4526,"size_decoded":2247,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (4564), with no line terminators","md5":"ac87fd47d0994501d22c4c46e3a936c9","sha1":"a31aa1b248f65b864219c3c0388400cf56f70fdd","sha256":"9c5be094222894807da1f55325d9acdabcc6436d5265194b2f60c2fdf7f20749","sha512":"03820e29c08a4f8e2376bae17f662fc001caf4c2e9b5bf52a0561da55d0cdd5782e513d95d14c301681d8aa05e3400bd8a1cf1eae1017398283ce91dddf5c5a1","ssdeep":"96:cwqT5iqdcxqDGrCd5avFkFQ80lcXTopvl1r5EXyh3bltdnfA:7YyqagaviFQ1cX2V5ZC","tlshash":"3b91223703049bff55e6c748ca7a61893365a8a571f5e2c86f93ad06bc095f340b4c71","first_seen":"2026-06-07T09:28:56.563555Z","last_seen":"2026-06-07T09:29:16.551051Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/css/images/assets/pattern-bg-medium.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.430Z","timestamp":1780824499430,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/css/images/assets/pattern-bg-medium.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/css/main0338.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 \r\nx-powered-by: PHP/8.4.11\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 0\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.4.11","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":277,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"9d4568c009d203ab10e33ea9953a0264","sha1":"dd29ecf524b030a65261e3059c48ab9e1ecb2585","sha256":"12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126","sha512":"64d24560970ca14d349bea0e7d2526d4754bf3283568ab4dd602bd79eb454dc3657d5bb6f9a30c90ea98d9600ebd0fb45d582f4cae3f8e3c50b0e8fb18059892","ssdeep":"","tlshash":"c710000000000000000000000000000030000000000000000000000000000000000000","first_seen":"2023-03-09T21:44:55Z","last_seen":"2026-06-10T08:15:44.241926Z","times_seen":23722,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/js/main.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.649Z","timestamp":1780824498649,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/js/main.js HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Wed, 26 Apr 2023 02:38:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 198098\r\ndate: Sun, 07 Jun 2026 09:28:18 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":769739,"size_decoded":198337,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32020)","md5":"8752611a187f5ae16099ad3d5a6402e7","sha1":"1b3127454f2621c7c1ddacd0460b093c911fc56b","sha256":"192f961340625ea28eb48091687e7d6038a89df0ab0aeaa3d81f387628e910b9","sha512":"6b82e72d5c1ef45fcdeccfcf7843461694f20cbc1d81bf93fc5a67bea11db7b8e8089fbf444ec1f24795cb4412ffa979d68c5fd40a8964f378a7a66f61a83823","ssdeep":"12288:14jnnJc1bribezvuYh6TxnR6v+TIVOV76AujD0:wnnJcdribezvuYhmnR6v+TIVOV763jD0","tlshash":"76f408897291713282a731f5502f010bb136a9b9f4498868b07dc8e53fb8d9d61bbf7d","first_seen":"2023-11-12T03:48:52Z","last_seen":"2026-06-07T09:29:16.643921Z","times_seen":1184,"resource_available":true,"data":null}},"time_used":366,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":78,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/footer-images/live-video-call.png","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.073Z","timestamp":1780824499073,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/footer-images/live-video-call.png HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Apr 2023 02:36:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4253\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4253,"size_decoded":4518,"mime_type":"image/png","magic":"ASCII text, with very long lines (5674), with no line terminators","md5":"01d9325cc7380e0743498510bc594100","sha1":"7eb191044cb903f5b07d8dbbf9dc755e96da1bc6","sha256":"a8721cca70048f626d2f3e781da95a4d51dc3e2b3c80bd8d11d78ca1feb4ce7a","sha512":"3a55970ba388b50eaec4617a4520ed7f9d4d409836bf9a974d2c65f594f70be28a4eacf6b98ef1b8fa86b591b10b690c8b72cea486fe8f8622f1c0b369624b0f","ssdeep":"96:/okC6EwB8MaD14TFEBAbWMZASRWJ3LBjfZ4IjH0jx8vBkf7lhEW7rq+RFL:2UFiAbWG9RWJ3NGuHg/7LZZ","tlshash":"b2c18d6b22a7b62904e5db97fb4e183e3f2e5b8f5c5a861c007f11460a3c3ac50e51de","first_seen":"2026-06-07T09:28:56.57316Z","last_seen":"2026-06-07T09:29:16.601586Z","times_seen":2,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/uploads/1775869452_8b7bf83ed9499ba5d7c5.png","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:20.932Z","timestamp":1780824500932,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /uploads/1775869452_8b7bf83ed9499ba5d7c5.png HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 11 Apr 2026 01:04:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7007\r\ndate: Sun, 07 Jun 2026 09:28:20 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7007,"size_decoded":7272,"mime_type":"image/png","magic":"ASCII text, with very long lines (9346), with no line terminators","md5":"fb7810200e1c6736fca5b7ae68e3895f","sha1":"074a1616ff2f0cb991f8f6226b884cd3219f598e","sha256":"92bb90c16da15d537de957129e40a4776248ab056d8db0e40a3fece372459615","sha512":"20574aa8c60aa043f6199a8a1d28e8c1ee2c38939ea04b7bcae71f97568749ebd4635334df2750cc93d54d46ab6b3720dc72e750e12a1d63998be136f5505f6c","ssdeep":"192:kogMjh1tFcu88DS6b45zFkOUP3+vTA9CDWcMpu036BJ326AElhNbS+eQG:9gMN1tqucxkQPaO26bnLy","tlshash":"d012bf3534db8e1946a34fdb0530186ebfd48e7f7ef595c1860f0a0a10ca914fd443a0","first_seen":"2026-06-07T09:28:56.538211Z","last_seen":"2026-06-07T09:29:16.575312Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/jquery.validate.min.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.964Z","timestamp":1780824498964,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/sitecore_modules/Web/ExperienceForms/scripts/jquery.validate.min.js HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Wed, 26 Apr 2023 02:40:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7209\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":23079,"size_decoded":7446,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (22941)","md5":"164541834b5a057255336c5ffa93ff4e","sha1":"8c385d635438c0d58321eab06d4a7db6e47c5091","sha256":"30f96f550fbad24cf70c0ee27519d396b9c059dfaf1bcccfb1f8224b548bba5b","sha512":"76e97bb44e2ea7d183f04ea8c8c9fa5eaa1decc74ab640645e6d76274069db80271d124e22144b3fc4272077494a5500cfa8b4d1d4c8bec161c021b1aeacc51d","ssdeep":"384:QhrHpZky+JB6/tX2lHldkMiYnFpY54LjfTANAc0Eny+RWuW7NeoMwV/vtrx+OLDE:c+JB6/8lHldkMioFpY54PgQEny+kLxVc","tlshash":"0ea2978d76d670465e9720f4909b660b61b66da0a008e83cb5f8e4d1baf4ecc50f7f78","first_seen":"2023-08-13T06:11:08Z","last_seen":"2026-06-07T09:29:16.627469Z","times_seen":25,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/tabbed-icons/icon-FAQs.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.041Z","timestamp":1780824499041,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/tabbed-icons/icon-FAQs.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2183\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5613,"size_decoded":2497,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (5665), with no line terminators","md5":"46a5cdc5bc2b5e10fda81c2543e65203","sha1":"dfd561c14223503382de6203d22314ca9f699c0d","sha256":"0ff1b85f39fab4d25f955b69f8afeafe06e773c8f52ff070ddf192cd8370b415","sha512":"2098d277b888df33d6cdc62a23abfa7582cf5fc00753f99c2fab376a4aff4c171e841b06828c23f7b8f5d8f63ada95fad79b7af3a272d59a44435194d2c53079","ssdeep":"96:mlTHTpMnL54B+f8ndx00mEETF28/TRCfzPZJkcAKL3WJG59oerrzotVPHoV9+zhh:M+nL54ZnFmEETFfbRCfzxJkcD79t3orb","tlshash":"9ac1a6d101ba42f9780622ea57724070374738f9f45a00c9c6f9fe46ba2b19ddb68de7","first_seen":"2026-06-07T09:28:56.575672Z","last_seen":"2026-06-07T09:29:16.588286Z","times_seen":2,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/p.typekit.net/p5e61.css?s=1\u0026amp;k=ehc6rvq\u0026amp;ht=tk\u0026amp;f=6846.6847.6848.6849.6850.6851.6852.6853.10954.13453.13454.13455.13456.13457.13458.13459.13460.13461.13462.13463.25680.25681.25682.25683.25684.25685.25686.25687.25688.25689.25690.25691\u0026amp;a=83416576\u0026amp;app=typekit\u0026amp;e=css","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.149Z","timestamp":1780824499149,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/p.typekit.net/p5e61.css?s=1\u0026amp;k=ehc6rvq\u0026amp;ht=tk\u0026amp;f=6846.6847.6848.6849.6850.6851.6852.6853.10954.13453.13454.13455.13456.13457.13458.13459.13460.13461.13462.13463.25680.25681.25682.25683.25684.25685.25686.25687.25688.25689.25690.25691\u0026amp;a=83416576\u0026amp;app=typekit\u0026amp;e=css HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/use.typekit.net/ehc6rvq.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 \r\nx-powered-by: PHP/8.4.11\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 0\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"","fingerprints":[{"name":"PHP:8.4.11","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":277,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"9d4568c009d203ab10e33ea9953a0264","sha1":"dd29ecf524b030a65261e3059c48ab9e1ecb2585","sha256":"12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126","sha512":"64d24560970ca14d349bea0e7d2526d4754bf3283568ab4dd602bd79eb454dc3657d5bb6f9a30c90ea98d9600ebd0fb45d582f4cae3f8e3c50b0e8fb18059892","ssdeep":"","tlshash":"c710000000000000000000000000000030000000000000000000000000000000000000","first_seen":"2023-03-09T21:44:55Z","last_seen":"2026-06-10T08:15:44.241926Z","times_seen":23722,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/rlforms.referlive.com/scripts/ReferLive_share_v2.js","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.639Z","timestamp":1780824498639,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/rlforms.referlive.com/scripts/ReferLive_share_v2.js HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/javascript\r\nlast-modified: Wed, 26 Apr 2023 02:38:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 8468\r\ndate: Sun, 07 Jun 2026 09:28:18 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":68874,"size_decoded":8705,"mime_type":"text/javascript","magic":"ASCII text, with CRLF line terminators","md5":"3a784cdbdfd84355fe39fe2e1875c1d3","sha1":"eb995155dcfdafe931bcdd2c1bbfcdfbf5274239","sha256":"83b4c656567b8e282db78add7952b005db64e582f1609a9ce21df09bc6438e04","sha512":"b9a44e763195c73bdc3dd3f324cb026e51d7ec249a0a0a30b8544e5e37cfcacc27e72b405e6c3b84261d732c6d2b663f5ff8359aba5949123b909e5b348c1c98","ssdeep":"1536:oA9ez/6gx60OWZbQt1Az6Udgy+kJvx9ez/6JoUiBp/LFRFy9dFQeKIatzNeZjNOy:t9ez/6gx60OWZbQt1Az6Udgy+kJZ9ezA","tlshash":"fa63622c296112f3dfb6e176366b1508f6f93123a614d704b84ee4ca5f78c701c6af6a","first_seen":"2023-11-12T03:48:53Z","last_seen":"2026-06-07T09:29:16.639692Z","times_seen":1191,"resource_available":true,"data":null}},"time_used":297,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/new-brand/selected-current-mortgage-loan-rates0981.svg?la=en\u0026hash=57C8882AD80B2212AF34531169CD7E52","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.034Z","timestamp":1780824499034,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/new-brand/selected-current-mortgage-loan-rates0981.svg?la=en\u0026hash=57C8882AD80B2212AF34531169CD7E52 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1048\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2296,"size_decoded":1362,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (2322), with no line terminators","md5":"e90e7b77c0c7c7d124f8ea122c8823cf","sha1":"bb2cd472f8eb0d867c1584ce4c825698a846ca15","sha256":"4a87e9ae8804e701241db1fa59826f90430b5e8fed17c5554bbc0f5442d3619d","sha512":"7819840d783369aec4c682bcffd5ec71ad92091ee9ddd77f7cd4ac536d7c6febefd05df67264b17982e409232dd56660c1ee73cb573649502b29ba5c907ba2f0","ssdeep":"","tlshash":"d941563b0344b7b96ad1cb888959a19837d2645eb1b1d0d44ff39f266c06cf38078d31","first_seen":"2026-06-07T09:28:56.577246Z","last_seen":"2026-06-07T09:29:16.553623Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/learn-and-plan-images/personal-finance-101/8554477.jpg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.063Z","timestamp":1780824499063,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/learn-and-plan-images/personal-finance-101/8554477.jpg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Apr 2023 02:38:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 152892\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":152892,"size_decoded":153160,"mime_type":"image/jpeg","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d9d2bf50d061496532087d4207bbf847","sha1":"17da48a6c988feba2962ced3a4c212a519bbb21e","sha256":"5a1fc10ba5bd7bf8a9b95fe9bdac2561e898d28d1197dc3cf52a480e8127120a","sha512":"cba65a951e7f9b0d0e084ec2f3bfa9e4b091d3f643657e17ca0f550252a15151e156576ab6d71eb65469422cb0a3a62774a0ba4c4e2bb30d0b144d8e0c5ef398","ssdeep":"3072:Ody+nRdy+nuG2EgOqpSXAmI1gZwDwsUo71FUceZjE9lm+pWkygX9Dc0XJOo:UxvxubOqc/ZgwsUohbAY9wXkRe4B","tlshash":"f11412f30c9b3da24b66852c70cf3cd51fac9fa3828d491ad2903cc6a6a97e5d7e5015","first_seen":"2026-06-07T09:28:56.578226Z","last_seen":"2026-06-07T09:29:16.619254Z","times_seen":2,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/use.typekit.net/af/eeca02/00000000000000000001777a/27/le003?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n5\u0026amp;v=3","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.480Z","timestamp":1780824499480,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/use.typekit.net/af/eeca02/00000000000000000001777a/27/le003?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n5\u0026amp;v=3 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/use.typekit.net/ehc6rvq.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Wed, 26 Apr 2023 02:40:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 31908\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":31908,"size_decoded":32070,"mime_type":"application/octet-stream","magic":"ASCII text, with very long lines (42544), with no line terminators","md5":"fffe9a432222900735419be68640500b","sha1":"7b12c27ab92cdea53485f7894c5bf5607bcea42c","sha256":"d21572436db0f6f34f96e3f24d4a25f74f6e4534786e05dc3b99e137adc54a6a","sha512":"69d1fe76ecd4495b5ae4ba91c3f528f4a5646f41ca18562fa0d49c2eaf4691d40dcfe3ca17b0774dc735b73ffe4e1b46cb3a67fc06578f2bbf02b767bcd8b4e2","ssdeep":"768:7vdkUS4ZcxJbRAPMJNgsQEfDCC8TXRwJ8kuUbtd3xu+l+gyxAIP83PsCxZefUZfW:7aUHuRAE0I2C8GUUH3xuO+gyxAIP8fN8","tlshash":"4a130133d412bce34cd49c2992370e43ce59525b6f86bd83ce8a9ec32e4c0559c99aec","first_seen":"2026-06-07T09:28:56.579265Z","last_seen":"2026-06-07T09:29:16.64675Z","times_seen":2,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gtranslate.net/flags/svg/en.svg","fqdn":"cdn.gtranslate.net","domain":"gtranslate.net","tld":"net"},"ip":{"addr":"104.26.13.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:25.368Z","timestamp":1780824505368,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gtranslate.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Apr 2026 01:55:15 GMT","end":"Sun, 26 Jul 2026 02:55:11 GMT"},"fingerprint":{"sha1":"D6:E2:75:3C:2F:30:B7:97:9A:7C:14:F6:CF:B5:AC:7E:65:97:D7:F2","sha256":"20:CF:1D:C9:5C:C1:82:AF:96:53:40:95:67:34:CE:40:4D:CE:B1:34:17:45:1A:79:F8:1C:7E:60:A5:FF:6F:8E"}}},"request":{"raw":"GET /flags/svg/en.svg HTTP/1.1\r\nHost: cdn.gtranslate.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:25 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 16 Dec 2022 23:34:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Fri, 04 Jun 2027 03:43:22 GMT\r\ncache-control: max-age=31536000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dAOwTnsBdoTqF%2FsAL0arCV0mZWzCrTqMvtDHUgqaITjxmICmTmWzGa6PtceXDl636in%2B4hq9LO4XAoqrCIhd69snPwkvb7WDC9XOlAKdMBMWD%2Bn0KZ7pcGi64rBI68UhAscrtg%3D%3D\"}]}\r\nage: 279902\r\ncf-cache-status: HIT\r\netag: W/\"639d0089-35e\"\r\ncontent-encoding: br\r\ncf-ray: a07ea066899976ef-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":862,"size_decoded":1173,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (896), with no line terminators","md5":"e316fac3651cd47253eab6d460407ead","sha1":"c93eccecf4d165cf96f61548cc27ade9c20c22b5","sha256":"da8b7aa2689f5d2a38e7647595585913b987c27207dc08649e28f6066799d0ad","sha512":"14251a0a79252d79c6ae4a6745fed9320d755edd738f572700456ca49ad75ea2ff25e10072770097f6103e14e9d2df5e1c7f05f51b416c0c11f997d1205fea5a","ssdeep":"","tlshash":"b711c0408c5ba06d1cc2d2cbfee45ec102ba32cebda54c84949f125e710495f4380b6d","first_seen":"2026-05-25T23:40:30.419551Z","last_seen":"2026-06-07T18:32:30.534004Z","times_seen":29,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/section-links/ico-credit-cards.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.046Z","timestamp":1780824499046,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/section-links/ico-credit-cards.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 963\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2248,"size_decoded":1276,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (2270), with no line terminators","md5":"bdc20d826e9154a9b98ad5b6760b1c75","sha1":"fe0590294b07e9b812c0dfdb98063931af017dbf","sha256":"5397727da0556f32a91cd301be340223e36dfe385af130519352b8439698f755","sha512":"f0474983be7c9fbcb11e5f5453fb2dcbee44639c9ff20445ed5f3d3de3a9b6a21607ce2bf17b1cfd05be2fb7006ce92c5356f55f6fa3059f00344a10c4c6f868","ssdeep":"","tlshash":"5c4124376f4c47be6153c788881ec55c232eb86a717d90689fafa57a1c06af3c076921","first_seen":"2026-06-07T09:28:56.580964Z","last_seen":"2026-06-07T09:29:16.577312Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/css/images/assets/citadel-logo.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.417Z","timestamp":1780824499417,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/css/images/assets/citadel-logo.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/css/main0338.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 500 \r\nx-powered-by: PHP/8.4.11\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 0\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"500","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.4.11","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":277,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"9d4568c009d203ab10e33ea9953a0264","sha1":"dd29ecf524b030a65261e3059c48ab9e1ecb2585","sha256":"12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126","sha512":"64d24560970ca14d349bea0e7d2526d4754bf3283568ab4dd602bd79eb454dc3657d5bb6f9a30c90ea98d9600ebd0fb45d582f4cae3f8e3c50b0e8fb18059892","ssdeep":"","tlshash":"c710000000000000000000000000000030000000000000000000000000000000000000","first_seen":"2023-03-09T21:44:55Z","last_seen":"2026-06-10T08:15:44.241926Z","times_seen":23722,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/use.typekit.net/af/3df5fe/000000000000000000010b5b/27/lfdcc?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=i4\u0026amp;v=3","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.492Z","timestamp":1780824499492,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/use.typekit.net/af/3df5fe/000000000000000000010b5b/27/lfdcc?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=i4\u0026amp;v=3 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/use.typekit.net/ehc6rvq.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Wed, 26 Apr 2023 02:40:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 25160\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":25160,"size_decoded":25322,"mime_type":"application/octet-stream","magic":"ASCII text, with very long lines (33548), with no line terminators","md5":"20086255a1b3b0345fcc3b456e0e0288","sha1":"61197f16f0efb0fda44852fa0b7904d998f5a667","sha256":"9638b01ba7f6a2224952a29a735156f4d3ecc13bdb42687d4d90bc879c79b4c8","sha512":"1d669061eab78f93edd10678ce4d86d7b12c88952b0a4b3bffeeb9d2be511b3fcbbd77d03708e3536e289016424193d290a8d7c39c256a949ebe7844a2cf1654","ssdeep":"768:U2sGfaM7olX8GbLM4jQGo0RkkLJVd45AQ2igeu:U2JfaCUX8Gbhq2f1VdWAR3eu","tlshash":"d9e2f1ba68ed69cc0bc0e8431d071079bd63d7db08c0a8d6558c27ca1591a6fa1e2fc3","first_seen":"2026-06-06T23:26:38.552931Z","last_seen":"2026-06-07T09:29:16.637636Z","times_seen":3,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/business-navigation-mobile-icons/ico-credit-cards.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.984Z","timestamp":1780824498984,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/business-navigation-mobile-icons/ico-credit-cards.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:36:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 963\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2248,"size_decoded":1276,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (2270), with no line terminators","md5":"bdc20d826e9154a9b98ad5b6760b1c75","sha1":"fe0590294b07e9b812c0dfdb98063931af017dbf","sha256":"5397727da0556f32a91cd301be340223e36dfe385af130519352b8439698f755","sha512":"f0474983be7c9fbcb11e5f5453fb2dcbee44639c9ff20445ed5f3d3de3a9b6a21607ce2bf17b1cfd05be2fb7006ce92c5356f55f6fa3059f00344a10c4c6f868","ssdeep":"","tlshash":"5c4124376f4c47be6153c788881ec55c232eb86a717d90689fafa57a1c06af3c076921","first_seen":"2026-06-07T09:28:56.580964Z","last_seen":"2026-06-07T09:29:16.577312Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/tabbed-icons/icon-calendar.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.039Z","timestamp":1780824499039,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/tabbed-icons/icon-calendar.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2148\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6799,"size_decoded":2462,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (6837), with no line terminators","md5":"33cb928ba72121f8f176a1edf4fe30ad","sha1":"ac901cd3c3d0e28a4ab231cd32fc80fda72d198a","sha256":"dc82569a2f761660a2e3f303740693f538402d7e89405d5398dbfc0334f60c76","sha512":"b395636011f18c16f3d39375b93094f215e759222bf399ca7593f038f05a13634520762337ec5da52a6eb59157c67e83f9f8f6234b8d857b38d43454b6ea75f6","ssdeep":"96:eHoQImqAezsz517rurF5SydUkVaKk0vAeIGMruS1R3xhpV28i+eD49yuJh06zu:Aoi0TbdUaaRpaUuS1Rh/gD499hjzu","tlshash":"27e1a6ce4231caf17e42ab9d8821184439eb34b834f2872ccc8e599d221b8f456576f7","first_seen":"2026-06-07T09:28:56.583142Z","last_seen":"2026-06-07T09:29:16.596485Z","times_seen":2,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/use.typekit.net/af/8dd886/000000000000000000010b5c/27/le003?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n5\u0026amp;v=3","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.484Z","timestamp":1780824499484,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/use.typekit.net/af/8dd886/000000000000000000010b5c/27/le003?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n5\u0026amp;v=3 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/use.typekit.net/ehc6rvq.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Wed, 26 Apr 2023 02:40:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 23180\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":23180,"size_decoded":23342,"mime_type":"application/octet-stream","magic":"ASCII text, with very long lines (30908), with no line terminators","md5":"86a27c84b7988b3bbb315a7fe2c49016","sha1":"bdf213ae01b3a48c4c7214fb7ee2fa6ac05cae13","sha256":"343ce34aadb413fa9f202b2620a2aa78fb4be10b889cba0dd919a06814765f2b","sha512":"e8b8bdec5cb45f5f93b424d6f0a586e93622c7757f7bf52a1287fec55c7d64a4af3992f33dc9588c2e71ce43d26a7d98c6d6a047e817626a727e22b8b40bc735","ssdeep":"384:Ve9XRAKLtOkPLbmeSTOb9UJowujo20Ti5GtkNI0WUpjRTB+D75VEI7McliVv+C5V:Vm7LtdXBjb90io20+4tDuuD7DLi4C5V","tlshash":"34d2f1b6e3093da5d60501ac479547df5fd9f99b180834608cc43b6a8d40b806d7afeb","first_seen":"2026-06-06T23:26:38.614544Z","last_seen":"2026-06-07T09:29:16.590264Z","times_seen":3,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/images/assets/ico-clock.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:18.990Z","timestamp":1780824498990,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/images/assets/ico-clock.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:38:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 297\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":753,"size_decoded":610,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (833), with no line terminators","md5":"d3ff69968c48c6da6adcad49764ec694","sha1":"51bd65a3c1fb0f5c07d26193acf804a36663dfe2","sha256":"2eae98e72f33ad8efb139553d706f8df9c834e4c780aa34ec2946a39cb27debb","sha512":"c760c0db6b7c7cdfd67c3fe656a1425746963c9b80f0408b4b3d3e482401197ce5f6179acd9f4c1d59fbeb2c1ff174f50ae06efacd62b2d4f2ef9fadac9d583a","ssdeep":"","tlshash":"33014e993110f538315644d9d7b6b475206ab0b9169e3309f2e50537612eefe28f39f4","first_seen":"2026-06-07T09:28:56.585157Z","last_seen":"2026-06-07T09:29:16.632291Z","times_seen":2,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/new-brand/selected-current-loan-rates-business-loan-ratese6b5.svg?la=en\u0026hash=54709063507BFE1E2B00883188CF5F2C","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.032Z","timestamp":1780824499032,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/new-brand/selected-current-loan-rates-business-loan-ratese6b5.svg?la=en\u0026hash=54709063507BFE1E2B00883188CF5F2C HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1259\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2733,"size_decoded":1573,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (2755), with no line terminators","md5":"6ad76dfe87459a50133d9225bbf91689","sha1":"b7c999baf8abe2f85fae6218196f71e3b6514093","sha256":"ebafcd75f0a2aaf0f3b0c2834b672826360d2e09005efceb578b1490cb307ce3","sha512":"54bc5ebbae9e84665fdc96547f19ee0c248c2e928a424efe9c751142f7833a026f34ba95a5c0e73d1ead9479311eb68fb2fa0f26565ddf509c834579cd8f5206","ssdeep":"","tlshash":"13514437430497ba5e91cb44ed65a05825365c2b70f0e0c8aff3b546dc059f38038d30","first_seen":"2026-06-07T09:28:56.533875Z","last_seen":"2026-06-07T09:29:16.569345Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/use.typekit.net/af/cef9f3/000000000000000000010b5e/27/l5bba?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n6\u0026amp;v=3","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.476Z","timestamp":1780824499476,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/use.typekit.net/af/cef9f3/000000000000000000010b5e/27/l5bba?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191\u0026amp;fvd=n6\u0026amp;v=3 HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/templates/bank-pro/use.typekit.net/ehc6rvq.css\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nlast-modified: Wed, 26 Apr 2023 02:40:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 24232\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":24232,"size_decoded":24394,"mime_type":"application/octet-stream","magic":"ASCII text, with very long lines (32312), with no line terminators","md5":"84c14e4eea95689366d389c826e74d26","sha1":"cd4a2de8c9c055e8eb1ba42edf3fe0b8012d2b9a","sha256":"1e71171b902b240a69d3f4c22c6549395876383797d56c8b9b1fc704a2902d53","sha512":"596cd0ea520f46da62b6b69c6cc9470c454f077bc7a1e36d95e4ab3978f86fb54b00b29e73dfef318b2433472043be4759e0c928aca4a5b4bdeba784a5d24072","ssdeep":"768:9Ai+atbzmbe4Reezw65m0gPIoazaRFkzMFHQdXDLDEiTl10Ps:9wQzmiHezwAfgPIFsFko4XDLDEAl1Is","tlshash":"31e2f13a9176af5f021d63178a268e5f1c07afe3197647490808af7b601128fe97a7cd","first_seen":"2026-06-07T09:28:56.586224Z","last_seen":"2026-06-07T09:29:16.625912Z","times_seen":2,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"assets.chaport.com/assets/insert-main-2c12d9cc3ded20e8cf09a901b86f5c68.js","fqdn":"assets.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.710Z","timestamp":1780824499710,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"GET /assets/insert-main-2c12d9cc3ded20e8cf09a901b86f5c68.js HTTP/1.1\r\nHost: assets.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 27314\r\nserver: cloudflare\r\nlast-modified: Thu, 15 Jan 2026 08:47:26 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"6968a99e-6ab2\"\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubdomains;\r\naccess-control-allow-origin: *\r\nage: 274743\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jEmM6ODsZ%2F%2BJzU07Bwr40LwTA10Ny8NsiAamBXZLuaQbYZCwX09l1QJpOmOebui1JV5Btd4f%2B8yuQGDXZLpkFnhFqI3v1bCAOJt%2FPKR5ENU06RSlS31C%2BC9SE2fNRhQYEs9klA%3D%3D\"}]}\r\ncf-ray: a07ea0433ec656af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":83491,"size_decoded":28277,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"9b47be60a9205427afaa3db67511ed3a","sha1":"13aba22e343283634526ffa15ffb2ec1e770502b","sha256":"4b15578d1c420a58c1c41c4a88728a887af2540cedcd064f058f92b64299d677","sha512":"7493fe9f50f66a520da4224a3514ee9f8030fae1d79708d17be392c168604c530cf7551f4d8d56659e6d3d59844f053e5b48bfc788962e2f1babc627a54a9d77","ssdeep":"1536:a6VmkhM1hDaYGcvezlk5c6w8N6Od9T2KBjtrEjv4SpkHBKlqWfw2:ZQc4yk5HKp5ffL","tlshash":"898329897040343b0aeb21b6357f310a213fe2696e495460b53ad7d07e7ae5b621bf7c","first_seen":"2026-01-15T11:14:47.62677Z","last_seen":"2026-06-10T11:03:36.097586Z","times_seen":546,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":5,"connect":1,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"assets.chaport.com/images/user-icon-body-60x60.png","fqdn":"assets.chaport.com","domain":"chaport.com","tld":"com"},"ip":{"addr":"104.26.14.45","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:31.282Z","timestamp":1780824511282,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"chaport.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Apr 2026 15:44:44 GMT","end":"Thu, 09 Jul 2026 16:44:25 GMT"},"fingerprint":{"sha1":"91:AA:1B:52:A1:7A:87:32:DD:2A:E8:CC:00:8C:7E:64:A5:F0:D4:BE","sha256":"79:52:5A:75:DF:81:FB:8D:B2:01:A9:7C:CB:0C:89:E5:E4:5E:E6:49:F2:21:FD:7B:67:23:67:DB:CC:30:4C:4F"}}},"request":{"raw":"GET /images/user-icon-body-60x60.png HTTP/1.1\r\nHost: assets.chaport.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://assets.chaport.com/assets/widget-feab807cfdea6b377d896e38e88479b9.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 07 Jun 2026 09:28:31 GMT\r\ncontent-type: image/png\r\ncontent-length: 341\r\nserver: cloudflare\r\nlast-modified: Tue, 26 May 2026 10:49:41 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ai25JeROfsj4G535AcjLl7OeWUN6rXMgLdhdoR1j6q9AG%2Fc2SrycQ%2FYEmrUnVV2g9%2B7S2Y9o5GkffWHvCxjwHCoSfG8w2EAfvE7OiUoNqGpdvhCEzMEYlNyfpM4Zm9V%2Fy3SzrQ%3D%3D\"}]}\r\netag: \"6a157ac5-58d\"\r\nexpires: Tue, 30 Jun 2026 19:56:35 GMT\r\ncache-control: max-age=2592000, public\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubdomains;\r\naccess-control-allow-origin: *\r\naccept-ranges: bytes\r\ncf-bgj: h2pri,imgq:100\r\ncf-polished: ok, orig_size=1421\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4;i=?0,cf-chb=(45;u=4;i=?0)\r\nage: 567115\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\ncf-ray: a07ea08b8be756af-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":341,"size_decoded":1358,"mime_type":"image/png","magic":"ASCII text, with very long lines (458), with no line terminators","md5":"635857761c6c4869f7331aff1da272be","sha1":"eeac9b5a6ccae3f1b75ee5e0d3c269e9c354b4b5","sha256":"4a1ba6118a682ec3af757dcfbb6427d4d2f5c9d587d459d4ac659d0f0fe5d228","sha512":"8f04a98619e3206aa76bddd825091e00a31eed5ec399ad25e07d88975cc16b7d9fe078ae4cd416e43efe579e135c9a0b068234359228161fc99aa62ef8508403","ssdeep":"","tlshash":"4af02b35fe15397dd1ef6404c549dcd91cd138f774f61605e9050baa6d052a6d8066c1","first_seen":"2026-06-07T09:28:56.587698Z","last_seen":"2026-06-07T09:29:16.566742Z","times_seen":2,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-07T09:28:17.696Z","timestamp":1780824497696,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nx-powered-by: PHP/8.4.11\r\nset-cookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635; expires=Sun, 07 Jun 2026 11:28:18 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax; secure\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\ncache-control: no-store, no-cache, must-revalidate, max-age=0\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 07 Jun 2026 09:28:18 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"PHP:8.4.11","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Modernizr","description":"Modernizr is a JavaScript library that detects the features available in a user's browser.","website":"https://modernizr.com","common_platform_enumeration":"","icon":"Modernizr.svg","categories":["JavaScript libraries"]},{"name":"Adobe Fonts","description":"Adobe Fonts is a web-based service providing access to a vast library of high-quality fonts for web and print design.","website":"https://fonts.adobe.com","common_platform_enumeration":"","icon":"Adobe Fonts.svg","categories":["Font scripts"]},{"name":"CodeIgniter","description":"","website":"https://codeigniter.com","common_platform_enumeration":"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*","icon":"CodeIgniter.png","categories":["Web frameworks"]},{"name":"Typekit","description":"Typekit is an online service which offers a subscription library of fonts.","website":"https://typekit.com","common_platform_enumeration":"","icon":"Typekit.png","categories":["Font scripts"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":123887,"size_decoded":12576,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"f18a87e4e80bbf7327b949bd38fa29d0","sha1":"5b0873c448dd1780d9b32e1c7a6865b4f3323190","sha256":"8ca3fce42e243077801803008df04bf280da6c1fc98a25db7c7465457ef77c37","sha512":"94f5283323ea2c254870e337e231fc101cba2608c3977f0cb1a45100f0b66f4aefaae874d3911d79f4099b5f779b82a18f9c73294a121ed8948346727f761d1f","ssdeep":"768:iAzAjA2q1e+IW55qgY16cBszbL/aicjmP:2jMg45qgY16cBszv/ar6P","tlshash":"a6c3da3664c5267702b3c1d6d6289b5afed5814bca869602b2ec6bc71ff3d01cd2b924","first_seen":"2026-06-07T09:28:56.58868Z","last_seen":"2026-06-07T09:28:56.58868Z","times_seen":1,"resource_available":true,"data":null}},"time_used":697,"timings":{"blocked":-1,"dns":256,"connect":87,"send":0,"wait":175,"receive":0,"ssl":179},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/images/assets/ico-x.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.017Z","timestamp":1780824499017,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/images/assets/ico-x.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:38:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 160\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":245,"size_decoded":473,"mime_type":"image/svg+xml","magic":"ASCII text, with no line terminators","md5":"53cd8cdb1133b300ef6a1e8d03f8b377","sha1":"e2567a6d2c638f9164b39a84216c5d5dfd1a0cf8","sha256":"04ca73eb24753c29d8a37ce082e588455e4859a699b947a4df6c8defebaddc9b","sha512":"8d7a5bb4e060d7dfe23ad7113c7f7647e8fcca037bb01a97811bc98d6276f4d6b5796cbcaa46c65c6a67b8c3500ba083682548ddaf1c96e150df5dacd77c0160","ssdeep":"","tlshash":"10d05e39b21a8d3db82ad6649f747b34202771956a861154ece1003832259be2a77ebc","first_seen":"2026-06-07T09:28:56.589717Z","last_seen":"2026-06-07T09:29:16.645695Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/section-links/ico-loans.svg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.048Z","timestamp":1780824499048,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/section-links/ico-loans.svg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Apr 2023 02:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1257\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2732,"size_decoded":1571,"mime_type":"image/svg+xml","magic":"HTML document, ASCII text, with very long lines (2754), with no line terminators","md5":"964a01755ca06ec76be26e468b7f5196","sha1":"80148eb72576ab5010994eab381b14ab4095d502","sha256":"1503fabd45cc85917e0ba49a09e90f9e2cb47e3511a339638a9e1bd2dcba618a","sha512":"8e6ca2762714487e14ff40e98e46bec91f8f36e54b084cf114d96f3bac689560688093cf5303a7fb11942cb7f5b4ae25a93d5b57475fface06e0c31a12627f2c","ssdeep":"","tlshash":"59512337830497ba6e92cb59e966a09925365c2b70f5e1c8aff3b586dc059f38038d70","first_seen":"2026-06-07T09:28:56.548292Z","last_seen":"2026-06-07T09:29:16.593154Z","times_seen":2,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tandeminternational.live/templates/bank-pro/learn-and-plan-images/personal-finance-101/unsplash.jpg","fqdn":"tandeminternational.live","domain":"tandeminternational.live","tld":"live"},"ip":{"addr":"163.61.188.2","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tandeminternational.live/","date":"2026-06-07T09:28:19.061Z","timestamp":1780824499061,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tandeminternational.live","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Apr 2026 06:08:07 GMT","end":"Wed, 29 Jul 2026 06:08:06 GMT"},"fingerprint":{"sha1":"B5:FF:5F:95:A9:20:66:20:47:D1:A7:68:9E:C0:7D:34:87:E1:6E:8D","sha256":"9A:C0:23:CF:68:5B:70:79:8C:9B:B1:B9:39:CD:B0:A8:27:66:C4:AE:D5:3D:99:37:BC:14:6E:C3:34:C1:20:89"}}},"request":{"raw":"GET /templates/bank-pro/learn-and-plan-images/personal-finance-101/unsplash.jpg HTTP/1.1\r\nHost: tandeminternational.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://tandeminternational.live/\r\nCookie: ci_session=69a9c0092090b7f24a5ed4f24206b4dba3482635\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Sun, 14 Jun 2026 09:28:19 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Apr 2023 02:38:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 149017\r\ndate: Sun, 07 Jun 2026 09:28:19 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":149017,"size_decoded":149285,"mime_type":"image/jpeg","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"437f1e5611c592825ad9506b899f96c8","sha1":"88e90c7ea6afa7ab3131f39d63cbf3c9cac8b9b5","sha256":"6f849dcf486c83e7581914cdccc29092e2fbce04db8653c2ba1275a3645a1032","sha512":"a7684a622e6275ef53918b5228192ff7a4f6bbbf93026a8be667fa119a182a839f997fdfed45d11b7be17230c1bb1c564b2d5e4081b4003ffdbcaef2c808b870","ssdeep":"6144:oudUahPYThpNi+7IuyYGX0Ng1cGw++bSesr:ouVhgThL6Xx6Gw+5Nr","tlshash":"e21412332c3d6da10f39e452aadf7ec82e6c8bd3a87d81c4926075c764cbb4446de45a","first_seen":"2026-06-07T09:28:56.590556Z","last_seen":"2026-06-07T09:29:16.574285Z","times_seen":2,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-07","alert":"Sinkholed","trigger":"tandeminternational.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-07","alert":"Phishing Block","trigger":"tandeminternational.live","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}