surprise.secure.force.com Open in urlscan Pro
13.110.11.173 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive
Submission: On January 01 via manual (January 1st 2021, 9:51:43 pm UTC) from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 13.110.11.173, located in United States and belongs to SALESFORCE, US. The main domain is surprise.secure.force.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2020. Valid for: a year.

This is the only time surprise.secure.force.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	13.110.11.173 13.110.11.173	14340 (SALESFORCE) (SALESFORCE)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1 1	136.147.111.190 136.147.111.190	14340 (SALESFORCE) (SALESFORCE)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
12	4

9 13.110.11.173 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl8-ncg0-iad3.na81-ia2.force.com

surprise.secure.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
treatsinc--c.na81.content.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.147.111.190 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl8-dfw.viv-dfw.force.com

treatsinc--c.na30.content.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	force.com 1 redirects surprise.secure.force.com treatsinc--c.na30.content.force.com treatsinc--c.na81.content.force.com	134 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	30 KB
1	gstatic.com fonts.gstatic.com	13 KB
12	3

	Domain	Requested by
8	surprise.secure.force.com	surprise.secure.force.com
1	fonts.gstatic.com	fonts.googleapis.com
1	treatsinc--c.na81.content.force.com	surprise.secure.force.com
1	treatsinc--c.na30.content.force.com	1 redirects
1	fonts.googleapis.com	surprise.secure.force.com
1	ajax.googleapis.com	surprise.secure.force.com
12	6

This site contains no links.

Subject Issuer	Validity	Valid
*.na81.force.com DigiCert SHA2 Secure Server CA	`2020-02-07` - `2021-02-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive
Frame ID: 28B4FE14E3BAD3AE87CE4167DAE897CF
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

12
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

6
Subdomains

4
IPs

2
Countries

176 kB
Transfer

470 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://treatsinc--c.na30.content.force.com/servlet/servlet.ImageServer?id=01536000003E8kd&oid=00D36000000KJU7 HTTP 301
https://treatsinc--c.na81.content.force.com/servlet/servlet.ImageServer?id=01536000003E8kd&oid=00D36000000KJU7

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set survey Show response
surprise.secure.force.com/ 41 KB
20 KB 2677ms
2073ms Document
text/html 13.110.11.173
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.11.173 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg0-iad3.na81-ia2.force.com

Software

/ Salesforce.com ApexPages

Resource Hash

d26d3b807eb566fee0e70d85ca615c36ae83696c120ed1247e6dca27578ece07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: surprise.secure.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 21:51:17 GMT
Strict-Transport-Security: max-age=31536004; includeSubDomains
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D36000000KJU7m";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D36000000KJU7m"
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob: file:; frame-ancestors 'self' *.salesforce.com *.force.com *.visualforce.com *.documentforce.com; font-src https: data: blob: file:; connect-src 'self' https:; report-uri https://csp-report.force.com/_/ContentDomainCSPNoAuth?type=sites
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests frame-ancestors 'self'
Referrer-Policy: origin-when-cross-origin
X-B3-TraceId: 327b13a76310cc9e
X-B3-SpanId: 327b13a76310cc9e
X-B3-Sampled: 0
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Set-Cookie: BrowserId=eeYNHUx7EeuiDTmOAtQqxw; domain=.force.com; path=/; expires=Sat, 01-Jan-2022 21:51:17 GMT; Max-Age=31536000 BrowserId_sec=eeYNHUx7EeuiDTmOAtQqxw; domain=.force.com; path=/; expires=Sat, 01-Jan-2022 21:51:17 GMT; Max-Age=31536000; secure; SameSite=None
X-Powered-By: Salesforce.com ApexPages
P3P: CP="CUR OTR STA"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1 200
OK stub.js Show response
surprise.secure.force.com/survey/static/111213/js/perf/ 1 KB
2 KB 162ms
138ms Script
application/x-javascript 13.110.11.173
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://surprise.secure.force.com/survey/static/111213/js/perf/stub.js

Requested by

Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.11.173 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg0-iad3.na81-ia2.force.com

Software

Resource Hash

5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 17:05:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: 75e62265671c83c3
Age: 103558
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Length: 618
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Dec 2014 19:28:42 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D36000000KJU7m"
Vary: Accept-Encoding
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D36000000KJU7m";
Cache-Control: public,max-age=10368000
X-B3-SpanId: 75e62265671c83c3
X-B3-Sampled: 0
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 30 Apr 2021 17:05:21 GMT

GET
H/1.1 200
OK VFRemote.js Show response
surprise.secure.force.com/survey/jslibrary/1590703074228/sfdc/ 61 KB
21 KB 305ms
143ms Script
application/x-javascript 13.110.11.173
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://surprise.secure.force.com/survey/jslibrary/1590703074228/sfdc/VFRemote.js

Requested by

Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.11.173 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg0-iad3.na81-ia2.force.com

Software

Resource Hash

598be25b05af8f4e4c744e164d3493cd63731dddc1f9fc2565da07bc87fd8429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 19:10:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: 5091efa846431624
Age: 9654
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Length: 20640
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Dec 2020 22:13:00 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D36000000KJU7m"
Vary: Accept-Encoding
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D36000000KJU7m";
Cache-Control: public,max-age=10368000
X-B3-SpanId: 5091efa846431624
X-B3-Sampled: 0
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Sat, 01 May 2021 19:10:25 GMT

GET
H/1.1 200
OK SfdcCore.js Show response
surprise.secure.force.com/survey/jslibrary/1599859468228/ui-sfdc-javascript-impl/ 181 KB
62 KB 389ms
132ms Script
application/x-javascript 13.110.11.173
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://surprise.secure.force.com/survey/jslibrary/1599859468228/ui-sfdc-javascript-impl/SfdcCore.js

Requested by

Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.11.173 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg0-iad3.na81-ia2.force.com

Software

Resource Hash

99c8477ee61489df9fd6a9f6385e4b1c0701469fb9a80b4f05904d3d5591cd1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 17:05:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: 3d151f3c8459d663
Age: 103558
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Length: 62790
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Dec 2020 22:13:00 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D36000000KJU7m"
Vary: Accept-Encoding
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D36000000KJU7m";
Cache-Control: public,max-age=10368000
X-B3-SpanId: 3d151f3c8459d663
X-B3-Sampled: 0
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 30 Apr 2021 17:05:21 GMT

GET
H/1.1 200
OK connection.js Show response
surprise.secure.force.com/soap/ajax/40.0/ 61 KB
12 KB 431ms
165ms Script
application/x-javascript 13.110.11.173
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://surprise.secure.force.com/soap/ajax/40.0/connection.js

Requested by

Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.11.173 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg0-iad3.na81-ia2.force.com

Software

Resource Hash

70f4b30ed8e8682078d8bed993d4332dc2bd0a0ca8d1cef650977db820c26516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Referer: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 21:51:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Sep 2017 01:10:06 GMT
X-B3-TraceId: fb88585eabbc4bca
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
X-B3-SpanId: fb88585eabbc4bca
X-B3-Sampled: 0
Strict-Transport-Security: max-age=31536004; includeSubDomains
Accept-Ranges: bytes
Transfer-Encoding: chunked
Expires: Sat, 01 May 2021 21:51:19 GMT

GET
H/1.1 200
OK apex.js Show response
surprise.secure.force.com/soap/ajax/40.0/ 2 KB
1 KB 440ms
153ms Script
application/x-javascript 13.110.11.173
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://surprise.secure.force.com/soap/ajax/40.0/apex.js

Requested by

Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.11.173 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg0-iad3.na81-ia2.force.com

Software

Resource Hash

d638c531ed1bef3d36528c369ea099bebf4c11316fc5ebe53ffd97c3b8f80b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Referer: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 19:10:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2017 18:49:44 GMT
X-B3-TraceId: 9e3fbdd4f3f4cbfb
Age: 9655
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
X-B3-SpanId: 9e3fbdd4f3f4cbfb
X-B3-Sampled: 0
Strict-Transport-Security: max-age=31536004; includeSubDomains
Accept-Ranges: bytes
Content-Length: 876
Expires: Sat, 01 May 2021 19:10:24 GMT

GET
H/1.1 200
OK picklist4.js Show response
surprise.secure.force.com/survey/static/111213/js/ 10 KB
4 KB 457ms
159ms Script
application/x-javascript 13.110.11.173
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://surprise.secure.force.com/survey/static/111213/js/picklist4.js

Requested by

Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.11.173 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg0-iad3.na81-ia2.force.com

Software

Resource Hash

7da058a4e1bd6368be16eb513d108c61e9016968c859b28bc24ac2629e401773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 16:40:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: 1fcb7cae818be043
Age: 105024
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Length: 3221
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 28 Sep 2018 01:08:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D36000000KJU7m"
Vary: Accept-Encoding
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D36000000KJU7m";
Cache-Control: public,max-age=10368000
X-B3-SpanId: 1fcb7cae818be043
X-B3-Sampled: 0
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 30 Apr 2021 16:40:55 GMT

GET
H/1.1 200
OK VFState.js Show response
surprise.secure.force.com/survey/jslibrary/1590082528228/sfdc/ 6 KB
3 KB 461ms
161ms Script
application/x-javascript 13.110.11.173
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://surprise.secure.force.com/survey/jslibrary/1590082528228/sfdc/VFState.js

Requested by

Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.11.173 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg0-iad3.na81-ia2.force.com

Software

Resource Hash

e55095f2f0d923703ef778008cc5b9a0f42dfb7e487c58d357691addbd7c72f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 16:40:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-B3-TraceId: df937fa6fe183f2e
Age: 105024
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Length: 1851
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Dec 2020 22:13:00 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D36000000KJU7m"
Vary: Accept-Encoding
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D36000000KJU7m";
Cache-Control: public,max-age=10368000
X-B3-SpanId: df937fa6fe183f2e
X-B3-Sampled: 0
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Fri, 30 Apr 2021 16:40:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surprise.secure.force.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 23:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340759
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Dec 2021 23:12:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
603 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ea81e185046ddc545855deca2ca9474176038f0937fd8817eff21e3b1075668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surprise.secure.force.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Jan 2021 21:49:45 GMT
server: ESF
date: Fri, 01 Jan 2021 21:51:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Jan 2021 21:51:19 GMT

GET
H/1.1

200
OK

servlet.ImageServer
treatsinc--c.na81.content.force.com/servlet/
Redirect Chain

https://treatsinc--c.na30.content.force.com/servlet/servlet.ImageServer?id=01536000003E8kd&oid=00D36000000KJU7
https://treatsinc--c.na81.content.force.com/servlet/servlet.ImageServer?id=01536000003E8kd&oid=00D36000000KJU7

7 KB
8 KB

550ms
147ms

Image
image/png

13.110.11.173
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://treatsinc--c.na81.content.force.com/servlet/servlet.ImageServer?id=01536000003E8kd&oid=00D36000000KJU7

Requested by

Host: surprise.secure.force.com
URL: https://surprise.secure.force.com/survey?sId=a0M3600000AZy6I&cId=0031Q00002L3vimQAB&zId=5001Q000016pu3jQAA&csat=Positive

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.11.173 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl8-ncg0-iad3.na81-ia2.force.com

Software

Resource Hash

2114c6382de0f1724f2324eca5275444626786e587525a81d4925b8379ad853b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surprise.secure.force.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 21:51:21 GMT
X-Content-Type-Options: nosniff
X-B3-TraceId: 53c6d3fd761ba2d1
Content-Length: 7190
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 18 Mar 2020 20:29:04 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Content-Type: image/png
Cache-Control: public,max-age=900
X-B3-SpanId: 53c6d3fd761ba2d1
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
X-B3-Sampled: 0
Expires: Fri, 01 Jan 2021 22:06:21 GMT

Redirect headers

X-B3-Sampled: 0
Date: Fri, 01 Jan 2021 21:51:20 GMT
Referrer-Policy: origin-when-cross-origin
X-B3-TraceId: 493ad03420f6bff6
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Location: https://treatsinc--c.na81.content.force.com/servlet/servlet.ImageServer?id=01536000003E8kd&oid=00D36000000KJU7
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
X-B3-SpanId: 493ad03420f6bff6
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: nofollow, noindex, noarchive, nosnippet
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v16/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaBTMnFcQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26d1d56972b1c15c2e6306998afb7ed6df5f80d4d8d95ff4234bf100236f868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://surprise.secure.force.com
Referer: https://fonts.googleapis.com/css?family=Nunito
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 01 Jan 2021 06:12:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Nov 2020 02:44:24 GMT
server: sffe
age: 56311
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13340
x-xss-protection: 0
expires: Sat, 01 Jan 2022 06:12:49 GMT

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.force.com/	1970-01-19 23:51:13	Name: BrowserId_sec Value: eeYNHUx7EeuiDTmOAtQqxw
			.force.com/	1970-01-19 23:51:13	Name: BrowserId Value: eeYNHUx7EeuiDTmOAtQqxw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
surprise.secure.force.com
treatsinc--c.na30.content.force.com
treatsinc--c.na81.content.force.com
13.110.11.173
136.147.111.190
2a00:1450:4001:802::200a
2a00:1450:4001:818::200a
2a00:1450:4001:81e::2003
2114c6382de0f1724f2324eca5275444626786e587525a81d4925b8379ad853b
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
598be25b05af8f4e4c744e164d3493cd63731dddc1f9fc2565da07bc87fd8429
70f4b30ed8e8682078d8bed993d4332dc2bd0a0ca8d1cef650977db820c26516
7da058a4e1bd6368be16eb513d108c61e9016968c859b28bc24ac2629e401773
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8ea81e185046ddc545855deca2ca9474176038f0937fd8817eff21e3b1075668
99c8477ee61489df9fd6a9f6385e4b1c0701469fb9a80b4f05904d3d5591cd1d
a26d1d56972b1c15c2e6306998afb7ed6df5f80d4d8d95ff4234bf100236f868
d26d3b807eb566fee0e70d85ca615c36ae83696c120ed1247e6dca27578ece07
d638c531ed1bef3d36528c369ea099bebf4c11316fc5ebe53ffd97c3b8f80b58
e55095f2f0d923703ef778008cc5b9a0f42dfb7e487c58d357691addbd7c72f5

surprise.secure.force.com Open in urlscan Pro 13.110.11.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

12 Requests

100 %HTTPS

60 %IPv6

3 Domains

6 Subdomains

4 IPs

2 Countries

176 kBTransfer

470 kBSize

2 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

surprise.secure.force.com Open in urlscan Pro
13.110.11.173 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

6
Subdomains

4
IPs

2
Countries

176 kB
Transfer

470 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions