secure.tandem.app
Open in
urlscan Pro
72.249.146.76
Public Scan
Submission: On June 26 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Starfield Secure Certificate Authorit... on April 3rd 2023. Valid for: a year.
This is the only time secure.tandem.app was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 72.249.146.76 72.249.146.76 | 17378 (AS17378) (AS17378) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c00::9d | 15169 (GOOGLE) (GOOGLE) | |
17 | 5 |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
tandem.app
secure.tandem.app — Cisco Umbrella Rank: 751512 |
2 MB |
3 |
gstatic.com
fonts.gstatic.com |
47 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60 |
21 KB |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 124 |
347 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80 |
1 KB |
17 | 5 |
Domain | Requested by | |
---|---|---|
10 | secure.tandem.app |
secure.tandem.app
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.google-analytics.com |
secure.tandem.app
www.google-analytics.com |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | fonts.googleapis.com |
secure.tandem.app
|
17 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
tandem.app |
Subject Issuer | Validity | Valid | |
---|---|---|---|
tandem.app Starfield Secure Certificate Authority - G2 |
2023-04-03 - 2024-05-04 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://secure.tandem.app/VendorRequests/Respond?id=6b3ba862-4a1b-4cb4-9491-ee16a4bae573
Frame ID: 3F45EA226C2FE62503112CAABF6A65C9
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Respond to Request | TandemDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Tandem
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Respond
secure.tandem.app/VendorRequests/ |
27 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
secure.tandem.app/Content/dist/ |
477 KB 159 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tandem.css
secure.tandem.app/Content/dist/ |
2 MB 538 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.bundle.js
secure.tandem.app/Scripts/dist/ |
2 MB 779 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.bundle.js
secure.tandem.app/Scripts/dist/ |
522 KB 181 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
secure.tandem.app/Scripts/dist/ |
171 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tandem-vue.js
secure.tandem.app/Scripts/dist/ |
481 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo
secure.tandem.app/Customers/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
secure.tandem.app/Content/dist/ |
873 B 813 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tandem-icons.ttf
secure.tandem.app/Content/fonts/ |
37 KB 37 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 210 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 347 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
222 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend boolean| $Anonymous object| webpackChunkTandem function| $ function| jQuery object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| moment function| Color function| Chart string| CKEDITOR_BASEPATH object| CKEDITOR object| CNXTABLE function| AddDynamicPopupMessage function| displayAjaxFormSuccessResponse function| displayAjaxFormErrorResponse function| HasEditorDataChanged object| GaugeChartHelper function| Dropzone function| Fancybox function| _ object| googleTableCssClassNames function| googleTableRemoveCss function| getQueryParams function| isIE function| resizePageWidth function| setPageWidth function| createCookie function| readCookie function| eraseCookie function| initTooltips function| SetFormButtonsLoading function| ClearFormButtonsLoading object| CnxTabs function| postForm function| InitDatePicker function| isDateString function| TimeoutSuccessMessage function| AddCnxTableRow function| GetOptionValue function| GetOptionText function| SetDropDownOptions function| AllowValidationOfHiddenFields function| ValidatePhoneNumber function| ValidateFileUpload function| SubmitOnValidateSuccessMessage function| IframeInit function| InitPopup function| OpenInlinePopup function| OpenHtmlPopup function| OpenVideoPopup function| OpenAjaxPopup function| OpenIframePopup function| OpenPopup function| ClosePopup function| OpenGallery function| PopupInlineInit function| PopupClose function| PopupCloseFromParent function| ShowHideTableBasedOnRowCount function| getPreviousFancyboxIframe function| getParent function| ShowHideParentTableFromPopupBasedOnRowCount function| ShowHideTableByClassBasedOnRowCount function| htmlEncode function| htmlDecode function| ShowHideBasedOnCheckbox function| SetRisk object| InfoSecRiskValues function| GetInfoSecRisk function| GetInfoSecRiskLevelName function| ChangeTimeUnitOptionsPlurality object| monthNames function| RemoveMarginFromLastParagraphs function| SortTable object| TwoLevelSliderValues object| TwoLevelRealValues object| TwoLevelBgPositions object| RiskLevelSliderValues object| RiskLevelRealValues object| RiskLevelBgPositions object| InherentRiskWeights function| IntervalSlideEventHandler function| GetNearestSliderValue function| GetSliderValueIndex function| ConvertRealValueToSliderValue function| FormatPhoneNumbers function| RandomString function| AjaxSortBy function| UpdateParentTableFromPopup function| ReplacePhishingPlaceholdersForPreview function| GetPhishingAttachmentFileExtension function| SetPhishingToolbarButtonTooltips function| SetVendorRequestToolbarButtonTooltips function| EmailPreviewPopup function| EmailPopup function| InitDateRange function| humanFileSize function| ExpandAndCollapse function| ExpandAndCollapseSetup function| CreateExpandableHtml function| CreateExpandableContainer function| PreventMultipleClicks function| ShowSelect function| HideSelect function| ToggleSelect number| mediumPopupWidth number| largePopupWidth number| extraLargePopupWidth number| controlEvidencePopupWidth number| controlVerificationPopupWidth number| requestListItemPopupWidth number| findingsPopupWidth number| findingVerificationPopupWidth number| taskPopupWidth number| regulationPopupWidth number| reviewItemPopupWidth number| revisionLogEntryPopupWidth number| threatRecommendationDetailsPopupWidth number| vendorProfilePopupWidth number| vendorEditManagedPopupWidth number| vendorDeletePopupWidth number| vendorDeactivatePopupWidth number| vendorServicePopupWidth number| vendorServiceContactInfoWidth number| vendorContactPopupWidth number| vendorRequestPopupWidth number| vendorReferencePopupWidth number| vendorDocumentPopupWidth number| vendorContractPopupWidth number| vendorShowContractPopupWidth number| vendorResponsibilityPopupWidth number| vendorServiceContactInfoPopupWidth number| vendorReviewPopupWidth number| vendorNotesPopupWidth number| fireExtinguisherPopupWidth number| stormEventStatisticsPopupWidth number| crimeEventStatisticsPopupWidth number| addControlPopupWidth number| changePasswordPopupWidth number| createInformationAssetRiskAssessmentWidth number| peerAnalysisPopupWidth number| editCustomRiskLevelPopupWidth number| editCustomAuditRatingPopupWidth number| addWorkProgramCategoryPopupWidth number| importWorkProgramCategoryPopupWidth object| globalColors object| dashboardColors function| hexToRgbaString function| colorLuminance function| setCaretPosition function| SetPageMinHeight function| OpenSecondaryMenuSearchTab function| CloseSecondaryMenuTab function| ShowAlert function| DisplayConfirmationMessagePopup function| InitClickEventForEditReadOnlyText function| InitClickEventForAddTextEditor function| InitEventsForReadOnlyTextButtons function| sortCompare function| updateDynamicPagination function| initPluralHandler function| AjaxFormSuccess function| AjaxFormFailure function| ClearValidation function| escapeRegExp function| SetVendorServicesDropDown function| sortableFixWidthHelper function| dispatchNotificationStatusUpdate object| SocialMediaCommonFunctions boolean| BypassNavigationWarning boolean| AlwaysDisplayNavigationWarning string| NavigationWarningMessageOnUnload string| NavigationWarningMessage function| InitNavigationSaveWarning function| HasFormChanges function| ConfirmNavigationMessage function| CustomInitNavigationSaveWarning function| HasEditorContentChanged function| ResetEditorsDirtyState function| NavigateToCancelUrl function| SaveOriginalState function| SaveOriginalTabState function| SaveOriginalCnxTableState function| CustomIndexBulkEditNavigationSaveWarning function| SaveOriginalBulkEditTableState function| HasBulkEditTableChanged function| SimpleBar function| sqlFormatter object| B64 object| sessionTimer object| downloadManager object| tandem object| errorService function| ajaxForm function| ajaxPagination object| cnxSearch object| storageManager function| titleToCamelCase function| copyToClipboard object| twttr function| Vue object| CnxTableMixin object| GridViewMixin object| RiskSliderMixin function| OnSuccess string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
secure.tandem.app/ | Name: .AspNetCore.Antiforgery.NV-6cH4zrEQ Value: CfDJ8G-jwXij5dhEoZjNlAcVQ1P0FQgg3OX2cBuG2siouXxaogJhmcesvW0pd3-NYCjfXmmu6gnih0f381rIRgv7f_FQEcl1ms_SuGUm-UhN0KgLdb_w1XN7-Is9zYEMWa44N87Q4xS7A3q3RSbSpqO2kog |
|
secure.tandem.app/ | Name: .AspNetCore.Session Value: CfDJ8G%2BjwXij5dhEoZjNlAcVQ1Pc2bfh47derUy0BSq3iOgdNosn8%2Fr0d5U064xIfYx4nWAjwCadkv9qHYFGKkhXnXdDfyBBQiA1a93WPBMOoVT2N4ZZZZcusT99KCAwgtlGbTGaRqPkmjgY%2F8t%2FoHjMv6IHQNLt323E%2FSe5%2Fjp%2B8jQh |
|
.tandem.app/ | Name: _ga Value: GA1.2.1304840756.1687800525 |
|
.tandem.app/ | Name: _gid Value: GA1.2.850088206.1687800525 |
|
.tandem.app/ | Name: _gat Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' *.tandem.app *.conetrix.com 'unsafe-inline' blob: data:; script-src 'self' *.tandem.app *.conetrix.com 'unsafe-inline' blob: data: 'unsafe-eval' google-analytics.com *.google-analytics.com graph.facebook.com cdnjs.cloudflare.com www.gstatic.com maps.googleapis.com *.msecnd.net localhost:*; style-src * 'unsafe-inline' blob: data:; img-src * blob: data:; connect-src 'self' *.tandem.app *.conetrix.com 'unsafe-inline' blob: data: ws: wss: maps.googleapis.com *.google-analytics.com *.analytics.google.com stats.g.doubleclick.net ampcid.google.com graph.facebook.com *.visualstudio.com localhost:*; font-src * blob: data:; media-src 'self' *.tandem.app *.conetrix.com 'unsafe-inline' blob: data: tandem.s3.amazonaws.com s3.amazonaws.com api.twilio.com; frame-src 'self' *.tandem.app *.conetrix.com 'unsafe-inline' blob: data: youtube.com youtu.be www.youtube.com www.youtube-nocookie.com youtube-nocookie.com |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Frame-Options | SAMEORIGIN SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
secure.tandem.app
stats.g.doubleclick.net
www.google-analytics.com
2a00:1450:4001:806::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:400c:c00::9d
72.249.146.76
1a65573584f18171fe54b6d567db44cbc6eacaa264c82bd7849c507f7dd2ff2c
2d3df07fc6e5e446fa308d70d9330b71e23799112ce5220e142721261c37b140
429ed15694a64a9105d63c64d6c7bdc8a420a7ee4df080025309862c28918e1c
5f22dc8feda35e71a779d6f0684c6c06c8887e704d6e53d13a59e57088db33bf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9c8bc25321230bcee0a8ffe05b2a8721900319f3b90cdbf2652f2e74dad02ec3
a28123879a61d9a631065125f531edefaa99a8944a917cb9178912538a823fc2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe2678cc318d49844844614db0817de9bd4dfda0812e2e4013156d4e4e5b9d2
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e4919013c4129b027bf290679f50d2e86585103f788332a67f355ad7a786df67
edba73ae66f5222c8d0507ce20a8ceedabfa2234626eec847c2d1931dc2acc00
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc4204d17162a0a6cff204602c41ea40ecf38e2ec2b86d5e54d1267e33bf0323