Submitted URL: https://picker-results.dapresy.com/
Effective URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Submission: On June 22 via api from US — Scanned from NL

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 109.232.226.19, located in Netherlands and belongs to GLOBALLAYER, NL. The main domain is picker-results.dapresy.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on September 29th 2023. Valid for: a year.
This is the only time picker-results.dapresy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 109.232.226.19 57172 (GLOBALLAYER)
3 2a00:1450:400... 15169 (GOOGLE)
18 2
Apex Domain
Subdomains
Transfer
16 dapresy.com
picker-results.dapresy.com
196 KB
3 gstatic.com
fonts.gstatic.com
27 KB
18 2
Domain Requested by
16 picker-results.dapresy.com 1 redirects picker-results.dapresy.com
3 fonts.gstatic.com
18 2

This site contains links to these domains. Also see Links.

Domain
www.dapresy.com
Subject Issuer Validity Valid
*.dapresy.com
GeoTrust TLS RSA CA G1
2023-09-29 -
2024-10-29
a year crt.sh
*.gstatic.com
WR2
2024-06-03 -
2024-08-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Frame ID: 520780E3BBCE7E5B721AE6F9E875BB2B
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Forsta Visualizations

Page URL History Show full URLs

  1. https://picker-results.dapresy.com/ HTTP 302
    https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

223 kB
Transfer

305 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://picker-results.dapresy.com/ HTTP 302
    https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.aspx
picker-results.dapresy.com/
Redirect Chain
  • https://picker-results.dapresy.com/
  • https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
21 KB
22 KB
Document
General
Full URL
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
c310b43e88ca9ab894c48d83bacaf38e4d0cd06840c585e4ae9f656879255864
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.dapresy.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.zdassets.com *.googleapis.com *.cloudflare.com *.dapresy.com; style-src 'self' 'unsafe-inline' *.dapresy.com *.googleapis.com; font-src https:; img-src https: data: blob:; object-src 'none'; base-uri 'none'; connect-src 'self' *.zdassets.com *.bootstrapcdn.com *.zendesk.com *.dapresy.com;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
content-length
21661
content-security-policy
frame-ancestors 'none'; default-src 'self' *.dapresy.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.zdassets.com *.googleapis.com *.cloudflare.com *.dapresy.com; style-src 'self' 'unsafe-inline' *.dapresy.com *.googleapis.com; font-src https:; img-src https: data: blob:; object-src 'none'; base-uri 'none'; connect-src 'self' *.zdassets.com *.bootstrapcdn.com *.zendesk.com *.dapresy.com;
content-type
text/html; charset=utf-8
date
Sat, 22 Jun 2024 06:14:27 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
referrer-policy
strict-origin-when-cross-origin
server
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
content-length
142
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
content-type
text/html; charset=utf-8
date
Sat, 22 Jun 2024 06:14:27 GMT
location
/login.aspx?ReturnUrl=%2f
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
referrer-policy
strict-origin-when-cross-origin
server
strict-transport-security
max-age=31536000; includeSubdomains
x-xss-protection
1; mode=block
boxy.css
picker-results.dapresy.com/App_Themes/Default/
2 KB
2 KB
Stylesheet
General
Full URL
https://picker-results.dapresy.com/App_Themes/Default/boxy.css
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
042f4f1a42ca27b5f27f95744a2dd5c1c2ae6aeaa8431f696f066a5dfb2717a2
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
strict-transport-security
max-age=31536000; includeSubdomains
referrer-policy
strict-origin-when-cross-origin
date
Sat, 22 Jun 2024 06:14:27 GMT
last-modified
Thu, 20 Jul 2017 13:07:49 GMT
server
etag
"101b3e30591d31:0"
content-type
text/css
cache-control
max-age=86400
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
accept-ranges
bytes
content-length
2372
x-xss-protection
1; mode=block
Colors.css
picker-results.dapresy.com/App_Themes/Default/
3 KB
3 KB
Stylesheet
General
Full URL
https://picker-results.dapresy.com/App_Themes/Default/Colors.css
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
3e54b8ca0770d3dc6de47535f68224d3bc113532012ea32ef9eabd9459fac1d2
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
strict-transport-security
max-age=31536000; includeSubdomains
referrer-policy
strict-origin-when-cross-origin
date
Sat, 22 Jun 2024 06:14:27 GMT
last-modified
Tue, 14 May 2024 12:42:26 GMT
server
etag
"0e5a12cfca5da1:0"
content-type
text/css
cache-control
max-age=86400
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
accept-ranges
bytes
content-length
2756
x-xss-protection
1; mode=block
jquery-ui-1.8.16.custom.css
picker-results.dapresy.com/App_Themes/Default/
20 KB
20 KB
Stylesheet
General
Full URL
https://picker-results.dapresy.com/App_Themes/Default/jquery-ui-1.8.16.custom.css
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
b81fc7574751bc62a068bac6bb609a44ca6a521473e5cbd3e539a2cf0f43cff8
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
strict-transport-security
max-age=31536000; includeSubdomains
referrer-policy
strict-origin-when-cross-origin
date
Sat, 22 Jun 2024 06:14:27 GMT
last-modified
Tue, 14 May 2024 12:42:26 GMT
server
etag
"0e5a12cfca5da1:0"
content-type
text/css
cache-control
max-age=86400
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
accept-ranges
bytes
content-length
20759
x-xss-protection
1; mode=block
select2.css
picker-results.dapresy.com/App_Themes/Default/
20 KB
20 KB
Stylesheet
General
Full URL
https://picker-results.dapresy.com/App_Themes/Default/select2.css
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
ee1a66c797f14fce89a4e567abd7b4150dc40a434c7a8b5439a142b1a52d184a
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
strict-transport-security
max-age=31536000; includeSubdomains
referrer-policy
strict-origin-when-cross-origin
date
Sat, 22 Jun 2024 06:14:27 GMT
last-modified
Tue, 14 May 2024 12:42:26 GMT
server
etag
"0e5a12cfca5da1:0"
content-type
text/css
cache-control
max-age=86400
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
accept-ranges
bytes
content-length
20746
x-xss-protection
1; mode=block
select2_new.css
picker-results.dapresy.com/App_Themes/Default/
18 KB
18 KB
Stylesheet
General
Full URL
https://picker-results.dapresy.com/App_Themes/Default/select2_new.css
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
cacea4eaba6acb1b05f77016cbb669227b91891c4ffe15d53ab5825312c67bb1
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
strict-transport-security
max-age=31536000; includeSubdomains
referrer-policy
strict-origin-when-cross-origin
date
Sat, 22 Jun 2024 06:14:27 GMT
last-modified
Tue, 14 May 2024 12:42:26 GMT
server
etag
"0e5a12cfca5da1:0"
content-type
text/css
cache-control
max-age=86400
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
accept-ranges
bytes
content-length
18092
x-xss-protection
1; mode=block
superfish.css
picker-results.dapresy.com/App_Themes/Default/
2 KB
2 KB
Stylesheet
General
Full URL
https://picker-results.dapresy.com/App_Themes/Default/superfish.css
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
f8327389ccd64f554534f0a4df70e282e8aed1d6885c6fdc05b3db4fcff63fdb
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
strict-transport-security
max-age=31536000; includeSubdomains
referrer-policy
strict-origin-when-cross-origin
date
Sat, 22 Jun 2024 06:14:27 GMT
last-modified
Tue, 14 May 2024 12:42:26 GMT
server
etag
"0e5a12cfca5da1:0"
content-type
text/css
cache-control
max-age=86400
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
accept-ranges
bytes
content-length
2477
x-xss-protection
1; mode=block
jquery3.3.1.min.js
picker-results.dapresy.com/App_Themes/urlbranding/picker-results.dapresy.com/assets/libs/
85 KB
38 KB
Script
General
Full URL
https://picker-results.dapresy.com/App_Themes/urlbranding/picker-results.dapresy.com/assets/libs/jquery3.3.1.min.js
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 04 Jul 2018 06:47:06 GMT
server
date
Sat, 22 Jun 2024 06:14:27 GMT
etag
"af1e3d26213d41:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
accept-ranges
bytes
content-length
38892
x-xss-protection
1; mode=block
WebResource.axd
picker-results.dapresy.com/
23 KB
6 KB
Script
General
Full URL
https://picker-results.dapresy.com/WebResource.axd?d=ltMaKQYzaA_5njDqawuw2S0LNq-nx7JcUlRbrqJQTIt_gMmT463WQRyGeqN6f41LBsjxbMCLqyGizO6fH4tVH-uBa7rqS4gG-LxElM1qqEo1&t=638403660553933774
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 09 Jan 2024 02:00:55 GMT
server
date
Sat, 22 Jun 2024 06:14:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
content-length
6007
x-xss-protection
1; mode=block
expires
Mon, 16 Jun 2025 21:40:09 GMT
WebResource.axd
picker-results.dapresy.com/
26 KB
7 KB
Script
General
Full URL
https://picker-results.dapresy.com/WebResource.axd?d=bkzHVi-LZS0NJf6NqIqJfEnf88goM9S23d_VyPIQT5Ls-upanJVu1M4RipDGfplR0pSdD4t48thwsLjj_tf9FeS1PNJ-8hkY1-Bzu2h3z6NZoE-6-5wKkJy2-rORzIS-0&t=638403660553933774
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 09 Jan 2024 02:00:55 GMT
server
date
Sat, 22 Jun 2024 06:14:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
content-length
7228
x-xss-protection
1; mode=block
expires
Mon, 16 Jun 2025 21:45:26 GMT
WebResource.axd
picker-results.dapresy.com/
3 KB
1 KB
Script
General
Full URL
https://picker-results.dapresy.com/WebResource.axd?d=4-R5EDeGgweaFTPziq2YRXjBymv3gZTxt5HOKYioL-PmCOYG4pF84_nCvb4J74Fx_aGytsBIt4uMWnzfobQ9aiwpSwaGiKWKGhXh7AtOO181&t=638403660553933774
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 09 Jan 2024 02:00:55 GMT
server
date
Sat, 22 Jun 2024 06:14:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
content-length
978
x-xss-protection
1; mode=block
expires
Mon, 16 Jun 2025 21:45:26 GMT
ui.css
picker-results.dapresy.com/App_Themes/
38 KB
38 KB
Stylesheet
General
Full URL
https://picker-results.dapresy.com/App_Themes/ui.css
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/App_Themes/Default/Colors.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
08981fec8eb10633cbfc0765c80891f045c2d6400b1b9d0c0fc93e53beb3e3b6
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/App_Themes/Default/Colors.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
strict-transport-security
max-age=31536000; includeSubdomains
referrer-policy
strict-origin-when-cross-origin
date
Sat, 22 Jun 2024 06:14:27 GMT
last-modified
Tue, 14 May 2024 12:42:26 GMT
server
etag
"0e5a12cfca5da1:0"
content-type
text/css
cache-control
max-age=86400
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
accept-ranges
bytes
content-length
39206
x-xss-protection
1; mode=block
picker-bg.png
picker-results.dapresy.com/App_themes/urlbranding/picker-results.dapresy.com/assets/images/
12 KB
12 KB
Image
General
Full URL
https://picker-results.dapresy.com/App_themes/urlbranding/picker-results.dapresy.com/assets/images/picker-bg.png
Requested by
Host: picker-results.dapresy.com
URL: https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
b11372eae8052accbab7c2c38104453ad8a19d73cb905cd4c03b866be2adfa12
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
strict-transport-security
max-age=31536000; includeSubdomains
referrer-policy
strict-origin-when-cross-origin
date
Sat, 22 Jun 2024 06:14:27 GMT
last-modified
Wed, 04 Jul 2018 06:47:26 GMT
server
etag
"dc94c4de6213d41:0"
content-type
image/png
cache-control
max-age=86400
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
accept-ranges
bytes
content-length
12112
x-xss-protection
1; mode=block
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/
Origin
https://picker-results.dapresy.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:48:18 GMT
x-content-type-options
nosniff
age
314770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8892
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:48:18 GMT
picker-logo.png
picker-results.dapresy.com/App_Themes/urlbranding/picker-results.dapresy.com/assets/images/
6 KB
6 KB
Image
General
Full URL
https://picker-results.dapresy.com/App_Themes/urlbranding/picker-results.dapresy.com/assets/images/picker-logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
/
Resource Hash
3d95e9afe4da4c663a69af270db0b13ac461b0aea4346b0e91501e04f5b64871
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
strict-transport-security
max-age=31536000; includeSubdomains
referrer-policy
strict-origin-when-cross-origin
date
Sat, 22 Jun 2024 06:14:27 GMT
last-modified
Wed, 04 Jul 2018 06:47:26 GMT
server
etag
"f6bbc4de6213d41:0"
content-type
image/png
cache-control
max-age=86400
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
accept-ranges
bytes
content-length
5811
x-xss-protection
1; mode=block
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/
Origin
https://picker-results.dapresy.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:11:43 GMT
x-content-type-options
nosniff
age
313365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8732
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:11:43 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/
Origin
https://picker-results.dapresy.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:30:22 GMT
x-content-type-options
nosniff
age
143046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8916
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Jun 2025 14:30:22 GMT
favicon.ico
picker-results.dapresy.com/
0
46 B
Other
General
Full URL
https://picker-results.dapresy.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.232.226.19 , Netherlands, ASN57172 (GLOBALLAYER, NL),
Reverse DNS
connected-by.global-layer.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://picker-results.dapresy.com/login.aspx?ReturnUrl=%2f
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:;
strict-transport-security
max-age=31536000; includeSubdomains
referrer-policy
strict-origin-when-cross-origin
date
Sat, 22 Jun 2024 06:14:27 GMT
server
Microsoft-IIS/10.0
permissions-policy
accelerometer=(), ambient-light-sensor=(), battery=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=()
content-length
0
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| applyMainTemplate object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| WebForm_OnSubmit object| Page_Validators object| LoginControl_UserNameRequired object| LoginControl_PasswordRequired boolean| Page_ValidationActive function| ValidatorOnSubmit function| storeUserScreenSize function| oldonload string| ua boolean| isIE undefined| tlsAlertBox object| Page_ValidationSummaries

1 Cookies

Domain/Path Name / Value
picker-results.dapresy.com/ Name: DID
Value: af9f4127c6804a9f8da85eacba41c344

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
network error URL: https://picker-results.dapresy.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' *.dapresy.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.zdassets.com *.googleapis.com *.cloudflare.com *.dapresy.com; style-src 'self' 'unsafe-inline' *.dapresy.com *.googleapis.com; font-src https:; img-src https: data: blob:; object-src 'none'; base-uri 'none'; connect-src 'self' *.zdassets.com *.bootstrapcdn.com *.zendesk.com *.dapresy.com;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block