urlscan.io logo urlscan.io
SecurityTrails logo

xcore.astomservice.com Open in urlscan Pro
195.231.10.232  Public Scan

Go To Rescan Add Verdict Report
URL: https://xcore.astomservice.com/
Submission: On July 25 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 195.231.10.232, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is xcore.astomservice.com.
TLS certificate: Issued by R11 on July 25th 2024. Valid for: 3 months.
This is the only time xcore.astomservice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 195.231.10.232 31034 (ARUBA-ASN)
2 108.157.194.32 16509 (AMAZON-02)
2 35.244.179.127 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
16 4
Apex Domain
Subdomains		 Transfer
8 astomservice.com
xcore.astomservice.com
87 KB
4 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 492
5 KB
2 bolddesk.com
astomservice.bolddesk.com
3 KB
2 syncfusion.com
cdn.syncfusion.com — Cisco Umbrella Rank: 68407
5 MB
16 4
Domain Requested by
8 xcore.astomservice.com xcore.astomservice.com
4 storage.googleapis.com astomservice.bolddesk.com
storage.googleapis.com
xcore.astomservice.com
2 astomservice.bolddesk.com xcore.astomservice.com
astomservice.bolddesk.com
2 cdn.syncfusion.com xcore.astomservice.com
16 4

This site contains no links.

Subject Issuer Validity Valid
xcore.astomservice.com
R11		 2024-07-25 -
2024-10-23		 3 months crt.sh
*.syncfusion.com
GeoTrust RSA CA 2018		 2023-08-03 -
2024-08-23		 a year crt.sh
*.bolddesk.com
GeoTrust RSA CA 2018		 2024-01-10 -
2025-01-24		 a year crt.sh
storage.googleapis.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://xcore.astomservice.com/
Frame ID: 009624C4C1F2B44A6091EABCF7DA319C
Requests: 15 HTTP requests in this frame

Frame: https://astomservice.bolddesk.com/widget/bf4821eb-a32a-4421-b589-2757e93dc87a/feedbackform/display_type/popup
Frame ID: D5E88999829CBF9AC5895581FA2A82F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Page - X-CORE

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

5256 kB
Transfer

25344 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xcore.astomservice.com/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xcore.astomservice.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.231.10.232 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host232-10-231-195.serverdedicati.aruba.it
Software
Kestrel /
Resource Hash
f38edf98942ab239ec2bc83f2001a1bf06e7ff72446a8117f88080e5fad21c8f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Jul 2024 12:03:09 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Kestrel
Strict-Transport-Security
max-age=2592000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
bootstrap.min.css
xcore.astomservice.com/lib/bootstrap/dist/css/ 		159 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xcore.astomservice.com/lib/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: xcore.astomservice.com
URL: https://xcore.astomservice.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.231.10.232 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host232-10-231-195.serverdedicati.aruba.it
Software
Kestrel /
Resource Hash
cfc391e34328c09f0680ae8ff3d63e86224ae7e71c973147ccb84540b2fdd9b8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 25 Jul 2024 12:03:09 GMT
Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Last-Modified
Sun, 26 May 2024 15:52:02 GMT
Server
Kestrel
ETag
"1daaf84a634c6a0-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
site.css
xcore.astomservice.com/css/ 		1 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xcore.astomservice.com/css/site.css?v=HsggPc66zl1xd-4Cq30E9ZBSgTHddVBZfVw3qA8NEik
Requested by
Host: xcore.astomservice.com
URL: https://xcore.astomservice.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.231.10.232 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host232-10-231-195.serverdedicati.aruba.it
Software
Kestrel /
Resource Hash
1ec8203dcebace5d7177ee02ab7d04f590528131dd7550597d5c37a80f0d1229
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 25 Jul 2024 12:03:09 GMT
Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Last-Modified
Thu, 25 Jul 2024 07:54:40 GMT
Server
Kestrel
ETag
"1dade67e709650d-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
560
XCore.WebApi.Client.styles.css
xcore.astomservice.com/ 		1 KB
911 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xcore.astomservice.com/XCore.WebApi.Client.styles.css?v=Skh9ozLbS2Pgz6q17lNIaaYl9nPYB8QwYbnjVG849oI
Requested by
Host: xcore.astomservice.com
URL: https://xcore.astomservice.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.231.10.232 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host232-10-231-195.serverdedicati.aruba.it
Software
Kestrel /
Resource Hash
4a487da332db4b63e0cfaab5ee534869a625f673d807c43061b9e3546f38f682
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 25 Jul 2024 12:03:09 GMT
Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Last-Modified
Sun, 26 May 2024 15:50:06 GMT
Server
Kestrel
ETag
"1daaf8461128f71-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
548
bootstrap5.css
cdn.syncfusion.com/ej2/25.2.7/ 		3 MB
410 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.syncfusion.com/ej2/25.2.7/bootstrap5.css
Requested by
Host: xcore.astomservice.com
URL: https://xcore.astomservice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.194.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-194-32.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e829fa6d1a93110183085c23c8e56dbecf21bc9e731ac95d7e77473702d09270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 17 Jun 2024 15:03:57 GMT
content-encoding
gzip
via
1.1 3ec62d2e72f793ed52a15cbf1919c2d0.cloudfront.net (CloudFront)
x-amz-version-id
JPnQr.g0pugtLRDNeff_yvxQZ9SMQ73U
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MXP53-P2
age
3272353
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
418745
last-modified
Tue, 04 Jun 2024 03:09:01 GMT
server
AmazonS3
etag
"8d4eda9ecc2baadaa416ed5a1e917665"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
S0EiclI8MM6sc2C11A0vRsXHf_xPOpetWoH4Am6J2Ax-NLRmh1qlvQ==
ej2.min.js
cdn.syncfusion.com/ej2/25.2.7/dist/ 		21 MB
5 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syncfusion.com/ej2/25.2.7/dist/ej2.min.js
Requested by
Host: xcore.astomservice.com
URL: https://xcore.astomservice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.194.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-194-32.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81f6ef2a2cef59eab04e9a0e0bfb4cb109de2890063b924d803c19ecf62ce771
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 05 Jun 2024 12:39:03 GMT
content-encoding
gzip
via
1.1 3ec62d2e72f793ed52a15cbf1919c2d0.cloudfront.net (CloudFront)
x-amz-version-id
eOsvjHX_pckiKiQb3U2QlUl6SOg8Qfc_
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MXP53-P2
age
4317847
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4859613
last-modified
Tue, 04 Jun 2024 03:09:01 GMT
server
AmazonS3
etag
"bf15bebf15dd56a66536ef4dff9897a7"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
zTpAKCt7dj_UQz1HLX19MUMYVJCZqoDq_bi8nw4GP7h8ffnyk70Vug==
jquery.min.js
xcore.astomservice.com/lib/jquery/dist/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xcore.astomservice.com/lib/jquery/dist/jquery.min.js
Requested by
Host: xcore.astomservice.com
URL: https://xcore.astomservice.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.231.10.232 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host232-10-231-195.serverdedicati.aruba.it
Software
Kestrel /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 25 Jul 2024 12:03:09 GMT
Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Last-Modified
Sun, 26 May 2024 15:50:33 GMT
Server
Kestrel
ETag
"1daaf84712b371d-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
bootstrap.bundle.min.js
xcore.astomservice.com/lib/bootstrap/dist/js/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xcore.astomservice.com/lib/bootstrap/dist/js/bootstrap.bundle.min.js
Requested by
Host: xcore.astomservice.com
URL: https://xcore.astomservice.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.231.10.232 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host232-10-231-195.serverdedicati.aruba.it
Software
Kestrel /
Resource Hash
2aebc2552d7dadf4e3a0b80cc830c274e91146584dad8e29b04338b9ecedb363
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 25 Jul 2024 12:03:09 GMT
Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Last-Modified
Sun, 26 May 2024 15:52:07 GMT
Server
Kestrel
ETag
"1daaf84a9309f04-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
22488
site.js
xcore.astomservice.com/js/ 		231 B
560 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xcore.astomservice.com/js/site.js?v=hRQyftXiu1lLX2P9Ly9xa4gHJgLeR1uGN5qegUobtGo
Requested by
Host: xcore.astomservice.com
URL: https://xcore.astomservice.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.231.10.232 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host232-10-231-195.serverdedicati.aruba.it
Software
Kestrel /
Resource Hash
1a9bdab702a209f14d5514b63ae86b980f8ffa6afdaa974f08dc12330dc044ed
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 25 Jul 2024 12:03:09 GMT
Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
Last-Modified
Thu, 25 Jul 2024 07:54:41 GMT
Server
Kestrel
ETag
"1dade67e7a1f667-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
190
bf4821eb-a32a-4421-b589-2757e93dc87a
astomservice.bolddesk.com/widget/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://astomservice.bolddesk.com/widget/bf4821eb-a32a-4421-b589-2757e93dc87a
Requested by
Host: xcore.astomservice.com
URL: https://xcore.astomservice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.179.127 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.179.244.35.bc.googleusercontent.com
Software
/
Resource Hash
54fb66f408e096c8912fc85b371f1b674687bbca5927c52271c8b59fa291be7b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com https://www.google-analytics.com/analytics.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.dropbox.com https://accounts.google.com https://apis.google.com https://js.live.net/v7.2/OneDrive.js https://a.omappapi.com/ *.bolddesk.com *.chatbase.co *.helpscout.net *.cloudfront.net; style-src 'self' 'unsafe-inline' *.bolddesk.com https://cdn.syncfusion.com https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css https://fonts.googleapis.com https://storage.googleapis.com https://a.omappapi.com/; font-src 'self' data: https://fonts.gstatic.com; media-src 'self' *.bolddesk.com *.googleapis.com *.syncfusion.com; object-src 'none'; child-src 'none'; frame-src 'self' *.googleapis.com *.syncfusion.com *.loom.com *.sharepoint.com *.olvy.co *.vimeo.com *.wistia.com *.wistia.net *.chatbase.co *.diagrams.net *.google.com *.recaptcha.net syncfusion.atlassian.net https://www.youtube.com https://www.youtube-nocookie.com https://komododecks.com; frame-ancestors *; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 12:03:10 GMT
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com https://www.google-analytics.com/analytics.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.dropbox.com https://accounts.google.com https://apis.google.com https://js.live.net/v7.2/OneDrive.js https://a.omappapi.com/ *.bolddesk.com *.chatbase.co *.helpscout.net *.cloudfront.net; style-src 'self' 'unsafe-inline' *.bolddesk.com https://cdn.syncfusion.com https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css https://fonts.googleapis.com https://storage.googleapis.com https://a.omappapi.com/; font-src 'self' data: https://fonts.gstatic.com; media-src 'self' *.bolddesk.com *.googleapis.com *.syncfusion.com; object-src 'none'; child-src 'none'; frame-src 'self' *.googleapis.com *.syncfusion.com *.loom.com *.sharepoint.com *.olvy.co *.vimeo.com *.wistia.com *.wistia.net *.chatbase.co *.diagrams.net *.google.com *.recaptcha.net syncfusion.atlassian.net https://www.youtube.com https://www.youtube-nocookie.com https://komododecks.com; frame-ancestors *; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1804
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b8f825df-1fd4-406f-bebc-4d823018fd75
pragma
no-cache
referrer-policy
no-referrer
x-frame-options
DENY
content-type
text/javascript
cache-control
no-cache,no-store
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
popup
astomservice.bolddesk.com/widget/bf4821eb-a32a-4421-b589-2757e93dc87a/feedbackform/display_type/ Frame D5E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://astomservice.bolddesk.com/widget/bf4821eb-a32a-4421-b589-2757e93dc87a/feedbackform/display_type/popup
Requested by
Host: astomservice.bolddesk.com
URL: https://astomservice.bolddesk.com/widget/bf4821eb-a32a-4421-b589-2757e93dc87a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.179.127 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.179.244.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com https://www.google-analytics.com/analytics.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.dropbox.com https://accounts.google.com https://apis.google.com https://js.live.net/v7.2/OneDrive.js https://a.omappapi.com/ *.bolddesk.com *.chatbase.co *.helpscout.net *.cloudfront.net; style-src 'self' 'unsafe-inline' *.bolddesk.com https://cdn.syncfusion.com https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css https://fonts.googleapis.com https://storage.googleapis.com https://a.omappapi.com/; font-src 'self' data: https://fonts.gstatic.com; media-src 'self' *.bolddesk.com *.googleapis.com *.syncfusion.com; object-src 'none'; child-src 'none'; frame-src 'self' *.googleapis.com *.syncfusion.com *.loom.com *.sharepoint.com *.olvy.co *.vimeo.com *.wistia.com *.wistia.net *.chatbase.co *.diagrams.net *.google.com *.recaptcha.net syncfusion.atlassian.net https://www.youtube.com https://www.youtube-nocookie.com https://komododecks.com; frame-ancestors *; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xcore.astomservice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache,no-store
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com https://www.google-analytics.com/analytics.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ https://www.dropbox.com https://accounts.google.com https://apis.google.com https://js.live.net/v7.2/OneDrive.js https://a.omappapi.com/ *.bolddesk.com *.chatbase.co *.helpscout.net *.cloudfront.net; style-src 'self' 'unsafe-inline' *.bolddesk.com https://cdn.syncfusion.com https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css https://fonts.googleapis.com https://storage.googleapis.com https://a.omappapi.com/; font-src 'self' data: https://fonts.gstatic.com; media-src 'self' *.bolddesk.com *.googleapis.com *.syncfusion.com; object-src 'none'; child-src 'none'; frame-src 'self' *.googleapis.com *.syncfusion.com *.loom.com *.sharepoint.com *.olvy.co *.vimeo.com *.wistia.com *.wistia.net *.chatbase.co *.diagrams.net *.google.com *.recaptcha.net syncfusion.atlassian.net https://www.youtube.com https://www.youtube-nocookie.com https://komododecks.com; frame-ancestors *; upgrade-insecure-requests; block-all-mixed-content; base-uri 'self'
content-type
text/html; charset=utf-8
date
Thu, 25 Jul 2024 12:03:11 GMT
feature-policy
accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
pragma
no-cache
referrer-policy
no-referrer
request-context
appId=cid-v1:b8f825df-1fd4-406f-bebc-4d823018fd75
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
widgetPopup.min.js
storage.googleapis.com/cdn-bolddesk/customer-app/2024/6/27/h164wimjw1tk6ew6xpcx/js/widget/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/cdn-bolddesk/customer-app/2024/6/27/h164wimjw1tk6ew6xpcx/js/widget/widgetPopup.min.js
Requested by
Host: astomservice.bolddesk.com
URL: https://astomservice.bolddesk.com/widget/bf4821eb-a32a-4421-b589-2757e93dc87a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a3e3cfd44f42197c80b8a919e7f695c078cbe8c5bb1067edddd78c25d9fe8221

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 12:03:12 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
AHxI1nOjyj8kjUkTrkvLlB1wbCDiV6BmBs1HGyPvNp0gGoUTI8bdQBYxJSPW2NMKFDWrZOWGiEM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1161
last-modified
Thu, 27 Jun 2024 07:50:39 GMT
server
UploadServer
etag
"d648ce93c83e0d6276a76b67114f7b1c"
vary
Accept-Encoding
x-goog-generation
1719474639881436
x-goog-hash
crc32c=oHV/pQ==, md5=1kjOk8g+DWJ2p2tnEU97HA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin, Access-Control-Request-Header, x-goog-resumable
cache-control
public, max-age=315360000
x-goog-stored-content-length
1161
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 25 Jul 2025 12:03:12 GMT
widgetClientAPI.min.js
storage.googleapis.com/cdn-bolddesk/customer-app/2024/6/27/h164wimjw1tk6ew6xpcx/js/widget/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/cdn-bolddesk/customer-app/2024/6/27/h164wimjw1tk6ew6xpcx/js/widget/widgetClientAPI.min.js
Requested by
Host: astomservice.bolddesk.com
URL: https://astomservice.bolddesk.com/widget/bf4821eb-a32a-4421-b589-2757e93dc87a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e07b81fa787f12ce0f61cd80609d7d9a5ef2ba86f3f09a22ceadc1043bbdb49d

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 12:03:12 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
AHxI1nMbKYZ4qhSz0_YzrfdwPAKGEdbmoBpCHfyEV_gHmiW351BBUF-ICORjo_2XeZvmTY_msBcRyIiHKA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
993
last-modified
Thu, 27 Jun 2024 07:50:40 GMT
server
UploadServer
etag
"05b04e0ce5641eb75a95bf83de18e312"
vary
Accept-Encoding
x-goog-generation
1719474639934351
x-goog-hash
crc32c=tYU07Q==, md5=BbBODOVkHrdalb+D3hjjEg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin, Access-Control-Request-Header, x-goog-resumable
cache-control
public, max-age=315360000
x-goog-stored-content-length
993
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 25 Jul 2025 12:03:12 GMT
widgetPopup.min.css
storage.googleapis.com/cdn-bolddesk/customer-app/2024/6/27/h164wimjw1tk6ew6xpcx/css/widget/ 		1 KB
721 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/cdn-bolddesk/customer-app/2024/6/27/h164wimjw1tk6ew6xpcx/css/widget/widgetPopup.min.css
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/cdn-bolddesk/customer-app/2024/6/27/h164wimjw1tk6ew6xpcx/js/widget/widgetPopup.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1ed5a08bd993e8ab1eb1c08a52c0040d8e0f5b824b2cc10fe4e9b48ba8fcb0ec

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 12:03:12 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
AHxI1nOScaVWq5F0wDag_W6lhK08C3spuJfA_Uu2u-GkMkniQwa5Uz4cbrg7TcFFOf8gatYjrNz4zk6hYg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
491
last-modified
Thu, 27 Jun 2024 07:50:39 GMT
server
UploadServer
etag
"168995470c0adfef2a17a8ab07f2c2fe"
vary
Accept-Encoding
x-goog-generation
1719474639889478
x-goog-hash
crc32c=b+58tA==, md5=FomVRwwK3+8qF6irB/LC/g==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin, Access-Control-Request-Header, x-goog-resumable
cache-control
public, max-age=315360000
x-goog-stored-content-length
491
accept-ranges
bytes
content-type
text/css
expires
Fri, 25 Jul 2025 12:03:12 GMT
widget_launcher_white.svg
storage.googleapis.com/cdn-bolddesk/customer-app/images/ 		630 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/cdn-bolddesk/customer-app/images/widget_launcher_white.svg
Requested by
Host: xcore.astomservice.com
URL: https://xcore.astomservice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
537ecca3f54c13d48f60346ed861723f34faa28ad45b281feb7780f63d0a29da

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 12:03:12 GMT
age
0
x-guploader-uploadid
AHxI1nMpqjxJWzs2lgv_GGWVBF_Z7N-_iL_kpLO54N1wyH25y4Sqe9CCmjXuJubZb46WxupWZIcV_5Y0IQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
last-modified
Fri, 05 Aug 2022 10:18:39 GMT
server
UploadServer
etag
"40606cbb12b995f8206b1434de2d74a5"
x-goog-generation
1659694719377182
x-goog-hash
crc32c=6P7yPg==, md5=QGBsuxK5lfggaxQ03i10pQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin, Access-Control-Request-Header, x-goog-resumable
cache-control
public, max-age=3600
x-goog-stored-content-length
630
accept-ranges
bytes
content-type
image/svg+xml
expires
Thu, 25 Jul 2024 13:03:12 GMT
favicon.ico
xcore.astomservice.com/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xcore.astomservice.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
195.231.10.232 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host232-10-231-195.serverdedicati.aruba.it
Software
Kestrel /
Resource Hash
26dc5ff4bfb9213291735808465e156d4a4691135f3815e3613761243e1f69c3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xcore.astomservice.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 25 Jul 2024 12:03:14 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Sun, 26 May 2024 15:50:06 GMT
Server
Kestrel
ETag
"1daaf8461129e36"
Content-Type
image/x-icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5430

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ej object| browserDetails object| ejs function| $ function| jQuery number| uidEvent object| bootstrap object| syncfusion object| feedbackPopup object| iframeEle object| feedbackPopupJs object| clientAPIScript object| widgetLauncherDetails object| feedbackWidgetPopup function| WidgetPopup function| BolddeskWidget function| resizeIframeWindow function| triggerEvents

1 Cookies

Domain/Path Name / Value
xcore.astomservice.com/ Name: .AspNetCore.Antiforgery._jzELjqi9Do
Value: CfDJ8MYQkEjf9nFKnq14AJ3DktcpyNCV0C4gqWvy-pOJCp3M5XbIMkJmEEki7oIr2gXpucDuR-PtxI1iG8c7K21Om0nKp05-KQ5wqkbk75c54gSMsXIS26XkMRsbClKXUXX5WK1ACd6m8VIDsjW8YppZroE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN