URL: https://www.saverisk.com/flogin.aspx
Submission: On February 14 via api from IN — Scanned from SG

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 52.220.0.175, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is www.saverisk.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 19th 2023. Valid for: a year.
This is the only time www.saverisk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 52.220.0.175 16509 (AMAZON-02)
11 1
Apex Domain
Subdomains
Transfer
11 saverisk.com
www.saverisk.com
227 KB
11 1
Domain Requested by
11 www.saverisk.com www.saverisk.com
11 1

This site contains no links.

Subject Issuer Validity Valid
*.saverisk.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-19 -
2024-10-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.saverisk.com/flogin.aspx
Frame ID: 002B1DF339D960B71BB66EAD0BA828C3
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

SaveRisk Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

227 kB
Transfer

610 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request flogin.aspx
www.saverisk.com/
63 KB
64 KB
Document
General
Full URL
https://www.saverisk.com/flogin.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.220.0.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-0-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
285d0399a93b8f424759f469e8589f15fde100d93a44c8d72635d99d1f53f39b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-methods
GET,POST
cache-control
private,private, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length
64366
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Wed, 14 Feb 2024 05:46:49 GMT
etag
None
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
pragma
no-cache
strict-transport-security
1; mode=max-age=31536000; includeSubDomains; preload
x-content-type
nosniff
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
jquery-1.10.2.min.js
www.saverisk.com/js/
91 KB
32 KB
Script
General
Full URL
https://www.saverisk.com/js/jquery-1.10.2.min.js?v=2
Requested by
Host: www.saverisk.com
URL: https://www.saverisk.com/flogin.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.220.0.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-0-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.saverisk.com/flogin.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
1; mode=max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
x-permitted-cross-domain-policies
none
date
Wed, 14 Feb 2024 05:46:52 GMT
cross-origin-resource-policy
same-site
content-length
32915
x-xss-protection
1; mode=block
x-content-type
nosniff
pragma
no-cache
last-modified
Fri, 11 Oct 2019 05:33:12 GMT
etag
"09c4e5ff57fd51:0",None
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
private, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
logincombinejs.min.js
www.saverisk.com/js/
334 KB
97 KB
Script
General
Full URL
https://www.saverisk.com/js/logincombinejs.min.js?v=1
Requested by
Host: www.saverisk.com
URL: https://www.saverisk.com/flogin.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.220.0.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-0-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ff4854acf5735c3d357400bcde7f7afc08a5611d14d65b8d55e1145f26b3565e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.saverisk.com/flogin.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
1; mode=max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
x-permitted-cross-domain-policies
none
date
Wed, 14 Feb 2024 05:46:52 GMT
cross-origin-resource-policy
same-site
content-length
98785
x-xss-protection
1; mode=block
x-content-type
nosniff
pragma
no-cache
last-modified
Fri, 11 Oct 2019 05:33:12 GMT
etag
"09c4e5ff57fd51:0",None
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
private, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
flogin.js
www.saverisk.com/js/
16 KB
3 KB
Script
General
Full URL
https://www.saverisk.com/js/flogin.js?v=5
Requested by
Host: www.saverisk.com
URL: https://www.saverisk.com/flogin.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.220.0.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-0-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
10b97ce1f1c4f55d103bf891cd5296c5e12fe1defbb1ebde07a86e554abd4f1a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.saverisk.com/flogin.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
1; mode=max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
x-permitted-cross-domain-policies
none
date
Wed, 14 Feb 2024 05:46:52 GMT
cross-origin-resource-policy
same-site
content-length
2386
x-xss-protection
1; mode=block
x-content-type
nosniff
pragma
no-cache
last-modified
Fri, 19 Jan 2024 16:23:11 GMT
etag
"808159cbf34ada1:0",None
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
private, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
searchcss.css
www.saverisk.com/css/
82 KB
9 KB
Stylesheet
General
Full URL
https://www.saverisk.com/css/searchcss.css
Requested by
Host: www.saverisk.com
URL: https://www.saverisk.com/flogin.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.220.0.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-0-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
bac422cf119aa5329eb504254e9ced50efd27d09a907afed6fdc0ebf5d49e87e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.saverisk.com/flogin.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
1; mode=max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
x-permitted-cross-domain-policies
none
date
Wed, 14 Feb 2024 05:46:52 GMT
cross-origin-resource-policy
same-site
content-length
9540
x-xss-protection
1; mode=block
x-content-type
nosniff
pragma
no-cache
last-modified
Mon, 12 Jul 2021 14:38:18 GMT
etag
"029fa8d2b77d71:0",None
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
private, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
logincss.css
www.saverisk.com/css/
1 KB
2 KB
Stylesheet
General
Full URL
https://www.saverisk.com/css/logincss.css
Requested by
Host: www.saverisk.com
URL: https://www.saverisk.com/flogin.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.220.0.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-0-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
4a8d4424437fe21afdab34ecd8c191e29938bad46250a233f874ae7c8410d2a0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.saverisk.com/flogin.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
1; mode=max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
x-content-type-options
nosniff
date
Wed, 14 Feb 2024 05:46:52 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-site
content-length
1501
x-xss-protection
1; mode=block
x-content-type
nosniff
pragma
no-cache
last-modified
Mon, 12 Jul 2021 14:38:18 GMT
etag
"70802d8e2b77d71:0",None
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
text/css
cache-control
private, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
ajax-loader-black.gif
www.saverisk.com/images/
2 KB
2 KB
Image
General
Full URL
https://www.saverisk.com/images/ajax-loader-black.gif
Requested by
Host: www.saverisk.com
URL: https://www.saverisk.com/flogin.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.220.0.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-0-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
319cbe0cd9461936f0110dda4e72151cdeebb637cfe85908c599283e1f64ce25
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.saverisk.com/flogin.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
1; mode=max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
x-content-type-options
nosniff
date
Wed, 14 Feb 2024 05:46:52 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-site
content-length
1993
x-xss-protection
1; mode=block
x-content-type
nosniff
pragma
no-cache
last-modified
Fri, 11 Oct 2019 05:33:04 GMT
etag
"411c975af57fd51:0",None
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/gif
cache-control
private, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
flatlogo.png
www.saverisk.com/images/
13 KB
13 KB
Image
General
Full URL
https://www.saverisk.com/images/flatlogo.png
Requested by
Host: www.saverisk.com
URL: https://www.saverisk.com/flogin.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.220.0.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-0-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
f08abbf4b92e2bcd93e89dd8027d00e822dec300a942363dd8901111f01a67f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.saverisk.com/flogin.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
1; mode=max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
x-content-type-options
nosniff
date
Wed, 14 Feb 2024 05:46:52 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-site
content-length
13646
x-xss-protection
1; mode=block
x-content-type
nosniff
pragma
no-cache
last-modified
Fri, 11 Oct 2019 05:33:05 GMT
etag
"6ce3495bf57fd51:0",None
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/png
cache-control
private, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
Cross2.png
www.saverisk.com/images/
154 B
247 B
Image
General
Full URL
https://www.saverisk.com/images/Cross2.png
Requested by
Host: www.saverisk.com
URL: https://www.saverisk.com/flogin.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.220.0.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-0-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
64c3dc68258c6793c416e77c2438d03e60ea25f93ad44aa108662552d8a3be79
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.saverisk.com/flogin.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
1; mode=max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
x-content-type-options
nosniff
date
Wed, 14 Feb 2024 05:46:53 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-site
content-length
154
x-xss-protection
1; mode=block
x-content-type
nosniff
pragma
no-cache
last-modified
Fri, 11 Oct 2019 05:33:04 GMT
etag
"6458e5bf57fd51:0",None
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/png
cache-control
private, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
login-bg.png
www.saverisk.com/images/
3 KB
4 KB
Image
General
Full URL
https://www.saverisk.com/images/login-bg.png
Requested by
Host: www.saverisk.com
URL: https://www.saverisk.com/flogin.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.220.0.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-0-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
117648e4cc96afa019c7a3626a894918b5dc31b049761a35f9c71c572246b6b3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.saverisk.com/flogin.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
1; mode=max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
x-content-type-options
nosniff
date
Wed, 14 Feb 2024 05:46:53 GMT
x-permitted-cross-domain-policies
none
cross-origin-resource-policy
same-site
content-length
3529
x-xss-protection
1; mode=block
x-content-type
nosniff
pragma
no-cache
last-modified
Fri, 11 Oct 2019 05:33:05 GMT
etag
"4b9b985bf57fd51:0",None
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
image/png
cache-control
private, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes
swfstore.min.js
www.saverisk.com/src/
3 KB
2 KB
XHR
General
Full URL
https://www.saverisk.com/src/swfstore.min.js?_=1707889612805
Requested by
Host: www.saverisk.com
URL: https://www.saverisk.com/js/logincombinejs.min.js?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.220.0.175 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-0-175.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1693e355edb5935b26f2621c5cdef5bf10372593d5ff479414c912e6f23e9b30
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.saverisk.com/flogin.aspx
X-Requested-With
XMLHttpRequest
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
1; mode=max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
x-permitted-cross-domain-policies
none
date
Wed, 14 Feb 2024 05:46:53 GMT
cross-origin-resource-policy
same-site
content-length
1457
x-xss-protection
1; mode=block
x-content-type
nosniff
pragma
no-cache
last-modified
Fri, 11 Oct 2019 05:35:57 GMT
etag
"809ca7c1f57fd51:0",None
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
private, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Call function| submittosearchcomphm function| Recent_Companies function| bindinputauto function| checkkeycode function| CheckCart function| CheckUser_Aval function| submitaform function| submitlogin function| sendusertobrowsepage function| sendusertodirpage function| sendusertoaddresspage function| Send_Pin object| pg_pageurl object| urlarr string| prefixurl function| openunlock function| openpwd function| calluser function| s4 function| guid function| getFonts function| getPlugin function| ShowOTPDiv function| getParameterByName function| encodeCustomURL function| ShowPinDiv function| ShowPinDivwithMsg function| ShowSignUp function| ShowSignIn function| validatefpwd function| validatechangepwd function| validatelogin function| validatesignup function| checkuser function| showsignuptable function| ShowdivisionDiv undefined| DefaultSearchAjax function| Bind_filters function| selectfundivision function| savedata function| ResendOtp function| otpcountdown function| GetCounter function| SwfStore

1 Cookies

Domain/Path Name / Value
www.saverisk.com/ Name: api_session_xx
Value: xzd3e4hhcqf13ycenh5q2krq

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security error URL: https://www.saverisk.com/flogin.aspx
Message:
Refused to load plugin data from 'https://www.saverisk.com/storage.swf' because it violates the following Content Security Policy directive: "object-src 'none'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-hashes' 'unsafe-eval' https://saverisk.com https://www.saverisk.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com blob:; object-src 'none'; child-src 'self'; img-src * 'self' https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com data:;
Strict-Transport-Security 1; mode=max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block