urlscan.io logo urlscan.io
SecurityTrails logo

surprise.secure.force.com Open in urlscan Pro
13.110.95.173  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://success.surprise-hr.com/Covid19Policy?fulfillment
Effective URL: https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
Submission: On April 15 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 13.110.95.173, located in United States and belongs to SALESFORCE, US. The main domain is surprise.secure.force.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 22nd 2021. Valid for: a year.
This is the only time surprise.secure.force.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 13.110.95.173 14340 (SALESFORCE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.110.3.173 14340 (SALESFORCE)
2 2a00:1450:400... 15169 (GOOGLE)
8 5
Domain Requested by
4 surprise.secure.force.com surprise.secure.force.com
2 fonts.gstatic.com surprise.secure.force.com
1 treatsinc--c.na81.content.force.com surprise.secure.force.com
1 ajax.googleapis.com surprise.secure.force.com
1 success.surprise-hr.com 1 redirects
8 5

This site contains no links.

Subject Issuer Validity Valid
*.na81.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
Frame ID: E45B52C44D8AE238BB43160D36210DC6
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://success.surprise-hr.com/Covid19Policy?fulfillment HTTP 301
    https://surprise.secure.force.com/menus/Covid19Policy?fulfillment Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

100 kB
Transfer

175 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://success.surprise-hr.com/Covid19Policy?fulfillment HTTP 301
    https://surprise.secure.force.com/menus/Covid19Policy?fulfillment Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Covid19Policy
surprise.secure.force.com/menus/
Redirect Chain
  • http://success.surprise-hr.com/Covid19Policy?fulfillment
  • https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.95.173 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl16-ncg0-phx3.na81-ph2.force.com
Software
/ Salesforce.com ApexPages
Resource Hash
04503d780adf82857914f924372cb0220242924e24c0ac6aa4ca63a0e00230ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security max-age=63072004; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public,max-age=600
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Fri, 15 Apr 2022 21:08:58 GMT
Expires
Fri, 15 Apr 2022 21:18:58 GMT
Last-Modified
Fri, 15 Apr 2022 21:08:58 GMT
P3P
CP="CUR OTR STA"
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072004; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-Powered-By
Salesforce.com ApexPages
X-XSS-Protection
1; mode=block
origin-trial
AklbvN3zzNjVBN1btIvZVEXQottJ9SBp7rLB02aNYemdUf5Qr9j+oRJsDOjqvHP7tqihWlADjfay3d+A5Ky3xAUAAACFeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRGlzYWJsZURpZmZlcmVudE9yaWdpblN1YmZyYW1lRGlhbG9nU3VwcHJlc3Npb24iLCJleHBpcnkiOjE2Mzk1MjYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==

Redirect headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Date
Fri, 15 Apr 2022 21:08:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
Referrer-Policy
origin-when-cross-origin
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
stub.js
surprise.secure.force.com/menus/static/111213/js/perf/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://surprise.secure.force.com/menus/static/111213/js/perf/stub.js
Requested by
Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.95.173 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl16-ncg0-phx3.na81-ph2.force.com
Software
/
Resource Hash
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 21:08:58 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 18 Dec 2014 19:28:42 GMT
Strict-Transport-Security
max-age=63072004; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Sat, 13 Aug 2022 21:08:58 GMT
NetworkTracking.js
surprise.secure.force.com/menus/jslibrary/1635874030236/sfdc/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://surprise.secure.force.com/menus/jslibrary/1635874030236/sfdc/NetworkTracking.js
Requested by
Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.95.173 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl16-ncg0-phx3.na81-ph2.force.com
Software
/
Resource Hash
42dd8dc296f0639d42d5bfbed2b46955b3eee445c257b25e624dd812fdba4f7e
Security Headers
Name Value
Strict-Transport-Security max-age=63072004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 21:08:58 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 13 Apr 2022 19:36:26 GMT
Strict-Transport-Security
max-age=63072004; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Sat, 13 Aug 2022 21:08:58 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://surprise.secure.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 23:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Apr 2023 23:12:54 GMT
servlet.ImageServer
treatsinc--c.na81.content.force.com/servlet/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://treatsinc--c.na81.content.force.com/servlet/servlet.ImageServer?id=01536000003E8kd&oid=00D36000000KJU7
Requested by
Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.3.173 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl8-ncg0-phx3.na81-ph2.force.com
Software
/
Resource Hash
2114c6382de0f1724f2324eca5275444626786e587525a81d4925b8379ad853b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://surprise.secure.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 21:08:59 GMT
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 18 Mar 2020 20:29:04 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
public,max-age=900
Content-Security-Policy
upgrade-insecure-requests
X-Robots-Tag
none
Content-Length
7190
X-Content-Type-Options
nosniff
Expires
Fri, 15 Apr 2022 21:23:59 GMT
OrderForm_Wave.png
surprise.secure.force.com/menus/resource/1643366384000/OrderFormImages/OrderForm/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://surprise.secure.force.com/menus/resource/1643366384000/OrderFormImages/OrderForm/OrderForm_Wave.png
Requested by
Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.95.173 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl16-ncg0-phx3.na81-ph2.force.com
Software
/
Resource Hash
61e7085e6e3fd6e2c916d403cd4e33dc427dd7198a0327d887a9de903d77765b
Security Headers
Name Value
Strict-Transport-Security max-age=63072004; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 21:08:58 GMT
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 28 Jan 2022 10:39:44 GMT
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072004; includeSubDomains
Content-Type
image/png
Content-Length
18463
X-XSS-Protection
1; mode=block
Expires
Mon, 30 May 2022 21:08:59 GMT
truncated
/ 		197 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c60347c0de373fe81701962041f3744a87e1d1194568586b41d92d8bf269c9f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
XRXW3I6Li01BKofAtsGUYevIWzgPDA.woff2
fonts.gstatic.com/s/nunito/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v11/XRXW3I6Li01BKofAtsGUYevIWzgPDA.woff2
Requested by
Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46d06c1348433fc1afc7f1717d589736257e8a006f55539829b324f92751b311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://surprise.secure.force.com/
Origin
https://surprise.secure.force.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 21:08:58 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14264
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:26:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Apr 2023 21:08:58 GMT
XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v11/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v11/XRXV3I6Li01BKofINeaBTMnFcQ.woff2
Requested by
Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/menus/Covid19Policy?fulfillment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f33afb06d483103e78045697d323cbd21efe41c5b53f76d4cf4b7912507636b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://surprise.secure.force.com/
Origin
https://surprise.secure.force.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:56:55 GMT
x-content-type-options
nosniff
age
292323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13804
x-xss-protection
0
last-modified
Mon, 22 Jul 2019 19:27:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Apr 2023 11:56:55 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| PerfConstants object| PerfLogLevel object| Perf object| NetworkTracking object| UITheme function| $ function| jQuery object| pdf2htmlEX

6 Cookies

Domain/Path Name / Value
success.surprise-hr.com/ Name: CookieConsentPolicy
Value: 0:1
success.surprise-hr.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
surprise.secure.force.com/ Name: CookieConsentPolicy
Value: 0:1
surprise.secure.force.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
.force.com/ Name: BrowserId
Value: RE8mPr0AEeymGm187Z2MKQ
.force.com/ Name: BrowserId_sec
Value: RE8mPr0AEeymGm187Z2MKQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security max-age=63072004; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block