save.tf Open in urlscan Pro
188.114.96.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://save.tf/
Effective URL:
https://save.tf/
Submission: On June 04 via manual (June 4th 2024, 6:14:15 pm UTC) from US — Scanned from NL

Summary HTTP 31 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 31 HTTP transactions. The main IP is 188.114.96.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is save.tf. The Cisco Umbrella rank of the primary domain is 369125.
TLS certificate: Issued by E1 on May 17th 2024. Valid for: 3 months.

This is the only time save.tf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	188.114.96.9 188.114.96.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
31	3

29 188.114.96.9 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

save.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	save.tf 1 redirects save.tf — Cisco Umbrella Rank: 369125	15 MB
2	google.com www.google.com — Cisco Umbrella Rank: 5	972 B
1	gstatic.com www.gstatic.com	209 KB
31	3

	Domain	Requested by
29	save.tf	1 redirects save.tf
2	www.google.com	save.tf www.gstatic.com
1	www.gstatic.com	www.google.com
31	3

This site contains links to these domains. Also see Links.

Domain
x.com

Subject Issuer	Validity	Valid
save.tf E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://save.tf/
Frame ID: 6218F101FB7BE5420524F05094727415
Requests: 28 HTTP requests in this frame

Frame: https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
Frame ID: 34371646FED16332D7DD34021F79032A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs&co=aHR0cHM6Ly9zYXZlLnRmOjQ0Mw..&hl=nl&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=nvjh9qh6urf5
Frame ID: 68621BF9C22A81D57FD7B0EE892BCCC4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome - #SaveTF2 Petition

Page URL History Show full URLs

http://save.tf/ HTTP 307
https://save.tf/ Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

31
Requests

97 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

15367 kB
Transfer

15980 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://x.com/TeamFortress/status/1529970640224018433
Title: Despite being aware of the bot crisis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://save.tf/ HTTP 307
https://save.tf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://save.tf/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
save.tf/
Redirect Chain

http://save.tf/
https://save.tf/

21 KB
9 KB

122ms
76ms

Document
text/html

188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3858642d9be206ed8550378ac793151e2862cf313602545c50b79e0769b900c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 88e9e6a788432bdc-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 04 Jun 2024 18:14:09 GMT
link: <https://save.tf/build/assets/app-rO70e25X.css>; rel="preload"; as="style", <https://save.tf/build/assets/app-r2CJCX5l.js>; rel="modulepreload", <https://save.tf/build/assets/Home-n1EL_2ZC.js>; rel="modulepreload"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YGS0FWRe9oMxMIKB%2B2gQ%2B5FPgwjbAPPx8cjdyDey1J5HTU8OatX0bXNf36EwBbHfV5vVu3UgbYvc%2B5Dmi2kuh0WoU4brN656dTZL1dFD7%2FOTqA50JpEXh%2BSf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Inertia
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://save.tf/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 app-rO70e25X.css
save.tf/build/assets/ 26 KB
6 KB 39ms
39ms Stylesheet
text/css 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f74a64b30c3c5dc8cd09b4eb3f0f08784644034009704c27ed2c2305bdbf3f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3007
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: W/"665f412d-6866"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZszjVv6eL1xjJxUwT4KbevdS4xZnq4J6uvx3uZgMSY2mVI6xRQg0e%2BaStj%2FYC9bAMnWr9y0Hpjy72lTIpPGzTLu%2F4ODA1MiSjE3ac9ZZh7B%2FCTCqwXQR%2FJJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88e9e6a809302bdc-FRA

GET
H3 200 app-r2CJCX5l.js Show response
save.tf/build/assets/ 308 KB
103 KB 62ms
60ms Script
application/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/app-r2CJCX5l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0d622d35b93d88ccf2b9cab1a9946d47e1ffd984f620a3970d6278baf216af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6178
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: W/"665f412d-4ce0c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mjfJJ%2B7JZwGV7BEdRy6yVvqh%2BE1LbKzWDlnfXmLaJqtFaG0LhH9FQSL1Ic%2Fcf%2BWgiNlCUVSPhSpEjxSQyJgd2s0dsINPJfmJ7YT0fr0GWTLDNTSyKtYydgmj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88e9e6a829482bdc-FRA

GET
H3 200 Home-n1EL_2ZC.js Show response
save.tf/build/assets/ 106 KB
37 KB 44ms
42ms Script
application/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/Home-n1EL_2ZC.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da91bdb6bb459547712adb59fa0ef30bca3eaef52d63f8a142ebbb7aecfd3a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6178
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: W/"665f412d-1a9d6"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KofQQLq2V7N7pIUjaaG%2Fw2X9wULtwSO9kwqB6pGESPUN1PFebBJGUgKNulVX1f8QHEtD6GbIsfocYZxy%2Bw20xB2cmZnRi6l36LTZLmDoSiX2%2BNwaBIzq%2Bjpz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88e9e6a8294f2bdc-FRA

GET
H3

200

main.js Show response
save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/ Frame 3437
Redirect Chain

https://save.tf/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

8 KB
4 KB

879ms
879ms

Script
application/javascript

188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

Protocol

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

826fe5e45bc770b60e527f1c0d7379ff7c66826b8b71ce97f627b27a4c730048

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBRVN6F2LQPvRc2CK%2BqfmH%2FGb7xABXo7Vi1KZkuyujDZR3PqcGJtUW1GcGLQqRMAUHeRpOXTHtXnDJMoMAI9IskceDbXjROsI5WQtaTRY1znvg%2FAA4MfwTqP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 88e9e6a90ac62bdc-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 04 Jun 2024 18:14:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTQFQkk75jice1VR4LvRgi53tf%2BkgjGRyVAQzq3MAj5ZBxXYra%2BZJRjokzTLr9x3JDX66x%2Bl9H1emrS20piXlEXZPtrynf2YaA%2F5WtIG3ClBlTIts7vpKNX1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
cache-control: max-age=300, public
cf-ray: 88e9e6a8ea4e2bdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 savefixtf2_-BuByyqdd.png
save.tf/build/assets/ 138 KB
138 KB 43ms
43ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/savefixtf2_-BuByyqdd.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88e9c44c966195328a86426fa017c9f619bcea3db3450f6571d22a423e8e85a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 140929
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-22681"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhoXHex0p5BuwExOPOxNVDHYSlr7i5JjFlP70Dr6Gekntww%2BxRLydPvj4o7SNCGpCDxXpWEeoD93J6HVuPuvcoCDsTA8YMM5h7doRewYeNEsXL%2BNuW0w5atx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a762bdc-FRA

GET
H3 200 aimbotshero_header-DynjqURP.png
save.tf/build/assets/ 48 KB
48 KB 73ms
73ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/aimbotshero_header-DynjqURP.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a9fbc9463be1bed50f4209f4613a188da87ce7e96d5f58bfafaeb57a94b76ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 48943
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-bf2f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eilDh8%2FNkYI0v%2Fq7%2FZnjumPXhdnkx2FRT4awz3CWqcn%2F0jEYJLLDmuczlWeMChwUXs%2FTcozwzb1W6%2BLD5unIWdVwHVtQwiuvCILypd%2FJM6aB1srFiPf77rbZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a7a2bdc-FRA

GET
H3 200 aimbotImg-DVBW9XSu.png
save.tf/build/assets/ 2 MB
2 MB 75ms
74ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/aimbotImg-DVBW9XSu.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

145ca14c8357dbf805e6ed3b774abbc492b62f13dcbff21ce68d4ff021307838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4858
alt-svc: h3=":443"; ma=86400
content-length: 2423272
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-24f9e8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xu%2BIEEt6Fz6e1PU3tTGW%2FAyZoG1CqJRfEhPTg8cT2pnoj2xUpBl5T5bfqkVNTurBz3xWTbrdkOvW9yjKPJDcjtJW604J%2F9zQF2yPqt8oLpN8R%2BKWc9xwfb%2Fm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a7b2bdc-FRA

GET
H3 200 maliciousmachines-bAGf_y7p.png
save.tf/build/assets/ 128 KB
128 KB 76ms
75ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/maliciousmachines-bAGf_y7p.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fae50306da189d436ec50f0e2933f2728c5cd0e8ee1d56faa07392676ff8ff6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 130649
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-1fe59"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uV99u9t7QU%2FDAVgShfhso97z6pe%2B%2FwsE6iBoAVDexV%2B97jNawHjHtc1ZhQnhr6q0UOn%2Fj9GBiZqjIQtLIpi%2FzPxPaO81nrqTK0aWBucdLS%2Bn2t8VIyiA58m9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a802bdc-FRA

GET
H3 200 maliciousmachinesphotostack-0VFGvOir.png
save.tf/build/assets/ 511 KB
512 KB 78ms
77ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/maliciousmachinesphotostack-0VFGvOir.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6790f090472e1fcfc57510b55a0fc7abb63be0eac46d60ec3408dbd92c137c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 523501
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-7fced"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5TtwhHM1DDV5G5htSn%2FTivvj2%2FQGKSeTsKaZm0CRhnsTy9lVXOJcORSyniyy0Wrdk65VD8j8jx4FGKAVRKedt1voWM%2FXAIk5s8%2Bgpzff12QPy390S3FqD7eF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a842bdc-FRA

GET
H3 200 brothersinarms_-5Mcqmnqg.png
save.tf/build/assets/ 650 KB
650 KB 248ms
247ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/brothersinarms_-5Mcqmnqg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab457a2f13745951f2937b20de43901bea71adc19d197b802d12a81c50495fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 665456
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-a2770"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KyMLrPg9Bb1NoApBZcdSxXwF94mJIMj5%2FrdY6gnlQ%2FFOlVQgo99aZFBT0%2Btr5xkYmT81qUIaeyHhrfIERpjH8pE4b4b7LGMVYh4yYoElYwZqVTIGKKBkiVNV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a872bdc-FRA

GET
H3 200 timelessmasterpiece-CWdvy0Zo.png
save.tf/build/assets/ 44 KB
44 KB 272ms
271ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/timelessmasterpiece-CWdvy0Zo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e2c444509d01e6deb25296082c18bd4dc7bc5193b4f5f37bc8ccd99c7e452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 44625
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-ae51"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BBsGd8reIYjelu%2BjzaJNmWDZyMnoKcMq6uPKwdeIMI0mpnwIke63pAvYj3rwswtCNx%2FFXfDY2oepBot2Uryk4A4uyMZrHZVqhDovMOOs4M1Co6Ss3kbveueY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a892bdc-FRA

GET
H3 200 Timeless_Masterpiece-CH8ZTN59.png
save.tf/build/assets/ 381 KB
382 KB 273ms
273ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/Timeless_Masterpiece-CH8ZTN59.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70da36c87e034eb8edc81183ad4452ee6ca072ddb3daef51f363fa647d26d0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 390497
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-5f561"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0r52qUnRRekmANqAwshgJn%2FynWpAsUA2jd7NZLGRZPSePii%2FmeoGv904%2F%2FiSYnxsTD3LHO%2FGuLJUCwKtv6f40EWA83Hndl%2FJqG1kRZwIODsaiwYyw6uT7n0n"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a8a2bdc-FRA

GET
H3 200 map-maUeDwP8.webp
save.tf/build/assets/ 470 KB
470 KB 290ms
290ms Image
image/webp 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/map-maUeDwP8.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85ee9cd6a707785dffe77b68144635c679d34a5797c930f9d93805733d53821e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 481164
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-7578c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WBDEa26zKYr3cbETkL61sJo1ahy7RzckOxWCVcrsx2kVV2uktRYJ4FLeXFduM2V4mecWputamT3X4NXXGfrOeDzUfRBEXMjVuOCUwai%2FeZ16WOXqNn%2FL8IPX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a8b2bdc-FRA

GET
H3 200 favicon-D6VY46-y.svg
save.tf/build/assets/ 1 KB
1 KB 312ms
311ms Other
image/svg+xml 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/favicon-D6VY46-y.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27c056ecd23eae80a97a67bf69df79ba15406f53a599badc8607fd4eb6615e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1624
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: W/"665f412d-4d2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b8ENfiwHIgfLheu6eLTBvUiNPSM2eg5bCgThveDi7c1fyotZr6hWUSysioV32O0VcaOXVfjPjwERSWYZEAsq%2BLzhEOU1EwzkGdHv7GX6M7yopBps26J%2Byepf"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88e9e6a90a912bdc-FRA

GET
H3 200 bg_01_alt-DyhPwjrs.png
save.tf/build/assets/ 1 MB
1 MB 312ms
312ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_01_alt-DyhPwjrs.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63e07a93b9b35bf726e53300c9bf55a7e707ecaebf6916fa87ba76ec1c3b4a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-rO70e25X.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 1414439
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-159527"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7HEmwJC3z1zz%2FiJYWdkWoq4VQCNT7h%2BbHSFaH4ISQoN7Jr0HdbJCCI%2BtGYN7tmUd3pPMhvzqWhvXgkM2B%2By1L4OpqInLiYGWKOMnzXMsXF5zfhIJGUGheT2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a962bdc-FRA

GET
H3 200 sign_render1-bZKf4C8e.png
save.tf/build/assets/ 296 KB
297 KB 367ms
367ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/sign_render1-bZKf4C8e.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

667dcd414ad432cc2a35cba430e3aa0ce4bdf392e09cc10ff47f8accfeab76b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-rO70e25X.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 303281
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-4a0b1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQ3xGnJGNmORcSIMqkOR9pRfYv53F6q%2FBG3%2FnVoD6vdCEiMqfzQiRSR%2FmMg%2FMerAH%2FQ6%2FX3%2FMVRDjjq2NuApefMQQ0gBviuQY6cHnoJSYD6x%2FFgwmucwvg0o"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a992bdc-FRA

GET
H3 200 barrier_menu-C3db8t-R.png
save.tf/build/assets/ 108 KB
109 KB 378ms
378ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/barrier_menu-C3db8t-R.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe006ec04a5410b9c567d57e61416c61a572302bae4f88fe51f58ae62ec5060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-rO70e25X.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 111075
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-1b1e3"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=erYCAN727bEIInthzhgt6AiesPtPn04iGc4f6GNMUvBJeX8WTkjPWDaWhZ2cIzF9YcXOObxdWLXKWubHdbBj1MSx9q9Pd8Fmi%2FQnDBIz0rwR5zcn6lZLRbC%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90a9e2bdc-FRA

GET
H3 200 bg_02-DuOr3Lhx.png
save.tf/build/assets/ 1 MB
1 MB 388ms
388ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_02-DuOr3Lhx.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c6ff331deb0a07390541203f850f13c71be942625d7f6a2f610856ce3b1b9a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-rO70e25X.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 1358366
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-14ba1e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=20KkEOWE94%2BvXjmfyuSavOclV8nIie4y4ZXCPKrhZono62UPuHwYKLZek7B5fj70qQgDS6iI9A7b2p5jUzF1XeeUFR3Y8OMlA3AMEtK%2BbgMwTDakV2bC5iNm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90aa12bdc-FRA

GET
H3 200 barrier-BTbXkvz7.png
save.tf/build/assets/ 91 KB
92 KB 456ms
456ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/barrier-BTbXkvz7.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65c5ae1508aa0611f34c062a03f3dbbd22cd5266f3fa6453864a4f3c0d0a4a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-rO70e25X.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 93244
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-16c3c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HP6goHXHCA9BuFkK5e%2BAvxoyQumnhaeOK4pGTlW%2BR0W3oxCpIGZgXfcAid%2FRV0Y25xUxTL7lIy2HuUtKEHCw%2FRiCAIDUS0eL3P2bmwG9VXxZYJMA2pgqovOW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90aa32bdc-FRA

GET
H3 200 bg_05-Cr8tWeI8.png
save.tf/build/assets/ 2 MB
2 MB 458ms
458ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_05-Cr8tWeI8.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccbb4343ee494fa74aa16bd130506f24109594568a83a499a9f3d88e61156b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-rO70e25X.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 1736411
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-1a7edb"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIMVMPmcBQRM3StbKLvGIXPDTiDs5S2jK6v0lvaqjcR3TMPo%2FDzCFI3qQGZXoeD1ERfeTVviHIxaIFMeYPSVa0QaFE1uBbc8R1710l2Dhxmsx4IrANt4Dwmm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90aa72bdc-FRA

GET
H3 200 bg_06-Ck6rxTSJ.png
save.tf/build/assets/ 2 MB
2 MB 565ms
565ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_06-Ck6rxTSJ.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac7ad77e162ab09ba66c390407d542cb1998f27071394df3c98b88d7dce871e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-rO70e25X.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 1712370
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-1a20f2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wrb5avkQRprzo2yvbPCvgWJVDoaw%2FiJjuq9juDopZX8G3yMwiJF04JqklPikTKsJHARZtsge7TGGEM%2BMSBDbV6ADW6crfY4zOERDIDDX91GjoxyZIq8fjOB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90aaa2bdc-FRA

GET
H3 200 bg_04-BNjYlBuf.png
save.tf/build/assets/ 557 KB
558 KB 658ms
658ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_04-BNjYlBuf.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56fd04078aac0232a0b63a311ff0f9d931756aa31f5fd6c46841658ff8747cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-rO70e25X.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 570736
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-8b570"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cHBTkf74C%2FmCQoZbzPB8pujjnaxh%2BPDO4RTIchkgWdKIUfmhlTjTKzokKOS3loe0A64iUw3MASenFJWNctkPyVpeb8GYeNyxvaRP64TsTUuj786KqRlknHUX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90aad2bdc-FRA

GET
H3 200 contracker_bg-BAx80L3w.png
save.tf/build/assets/ 3 MB
3 MB 698ms
697ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/contracker_bg-BAx80L3w.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5a15d1693aaedbd7c6dd5c54fd790fbe0b5207c017ea1d92dea3c395fa86de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-rO70e25X.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4859
alt-svc: h3=":443"; ma=86400
content-length: 3107168
last-modified: Tue, 04 Jun 2024 16:30:37 GMT
server: cloudflare
etag: "665f412d-2f6960"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNACVl37yIsErp835MMZHBMI2KkWZMXC%2FViiHPLhzcTB4GFMSc5ie66m4nMkRJxRj%2FzA0dWtdmUMcnVjZR%2BuUBbIPgt8WMNcjd5WdL0M72VScFC7VUDBil%2Bz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90ab02bdc-FRA

GET
H3 200 TF2build-gGB78klV.ttf
save.tf/build/assets/ 56 KB
56 KB 878ms
878ms Font
application/octet-stream 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/TF2build-gGB78klV.ttf

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d3b24a3517a7c7fee4b1c357395fdb8bff8d57bb0e4b340ef8e5e6fd78bef8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-rO70e25X.css
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6320
alt-svc: h3=":443"; ma=86400
content-length: 57168
last-modified: Mon, 03 Jun 2024 23:28:53 GMT
server: cloudflare
etag: "665e51b5-df50"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bpOONoGz%2B7jJhYBNhtCfS1kKI%2F9IPcjpFlTMA%2FcthmR8XunOHLizP2V%2Fo7b47J4LI%2BIedZ%2FELdQwZsn9h2PISGp1SJTn4OttO83Ttc1avNOkK3bJv3QhwIva"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90abc2bdc-FRA

GET
H3 200 TF2secondary-kmQwUjS2.ttf
save.tf/build/assets/ 29 KB
29 KB 879ms
879ms Font
application/octet-stream 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/TF2secondary-kmQwUjS2.ttf

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-rO70e25X.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea575d83840d0be8b930a03e6f4f1bf864e2e6335d4aea5ab48e973063aa226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-rO70e25X.css
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6320
alt-svc: h3=":443"; ma=86400
content-length: 29452
last-modified: Mon, 03 Jun 2024 23:28:53 GMT
server: cloudflare
etag: "665e51b5-730c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ECrQ%2B8DwTBCxLYGHTr4R5xUkPwy6QjCvOF1GM0sbaJwtbCjC17x3a9eMEnux4ht2IHDR%2FSHusFVaXYaIppHfDb%2FJOKbBQ0X%2F7J8FbfdmLukZlfk%2BVcoekbR1"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88e9e6a90ac02bdc-FRA

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
972 B 82ms
34ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs

Requested by

Host: save.tf
URL: https://save.tf/build/assets/Home-n1EL_2ZC.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

7ede08960545c5061bc25acdcf697ce17b502f5a0e6ab9474616f73b6af76734

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 04 Jun 2024 18:14:10 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/ 526 KB
209 KB 86ms
38ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81bb134d1bbd3e31e1ddac9449ef1c509b7061a14e15554d625569cb38af44d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213502
x-xss-protection: 0
last-modified: Mon, 27 May 2024 02:00:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jun 2025 14:29:14 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 6862 0
0 86ms
46ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs&co=aHR0cHM6Ly9zYXZlLnRmOjQ0Mw..&hl=nl&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=nvjh9qh6urf5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8JB-569bqbD0BpFsHZiUnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://save.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8JB-569bqbD0BpFsHZiUnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Jun 2024 18:14:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 88e9e6a788432bdc Show response
save.tf/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3437 0
656 B 70ms
70ms XHR
text/plain 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://save.tf/cdn-cgi/challenge-platform/h/g/jsd/r/88e9e6a788432bdc
Requested by: Host: save.tf
URL: https://save.tf/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 Jun 2024 18:14:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eCfac5E1RG6%2B6P7mxa8GIdlwpP9FVuGGT%2BrNB6x7OElOFkRmmf5tPOhQNdyBZcldFrulLQodOIbKYLToS7TIHByzM8w0IC2wFQyTnLDwotoKWgkOareYvb3E"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 88e9e6b02c992bdc-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
save.tf/ 208 B
1 KB 55ms
55ms Fetch
application/json 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/

Requested by

Host: save.tf
URL: https://save.tf/build/assets/Home-n1EL_2ZC.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

877f450dd6dab2d5378323982b77e3a844a678dffefd8fdf9d3d5008fa8724c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-Inertia: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://save.tf/
X-Inertia-Version: 54be63c36a98b6274022a45e07b3003a
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 18:14:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-inertia: true
vary: X-Inertia
x-frame-options: SAMEORIGIN
content-type: application/json
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3dwJBh9UGgADtBi35c7kMjdJjdcj58CIR88w17Elu0m9puIbZD%2FLWhJy76zHcBT0xUhFuZqdbkZQiOiUrT%2B%2FvB%2BV3L420wLX8OcGNSwqhJblYu5tnjvJXY6"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-ray: 88e9e6c85e4e2bdc-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
save.tf/	1970-01-20 21:05:32	Name: XSRF-TOKEN Value: eyJpdiI6IkFJNWt2UWkxSDcyZld1NG9IN1RMeXc9PSIsInZhbHVlIjoiMnEzTzMrb3RjNG1qWFIxWGt1NkhsM2hzNURGWVZnRjZpWk1SbmsrNW90Kzh2eGJCbkxmb3gzdm1Kb2czYmI1cWZVb3MrMnkzZXNSSXZKT01rY2hNTDRuYjEyR1cyWm5NV1pUb1Bkd1pWNUdaN0hJbjFnZ2JYNkwvYnFOeCtIenQiLCJtYWMiOiIyZGE1ODYzNmY1MWY3OWNlOGQ4NDdmY2YyOTEwNWVkZjFhZTBmNWYxNGZiZWNiN2QyNzljODM3NjRiNTIwODg2IiwidGFnIjoiIn0%3D
save.tf/	1970-01-20 21:05:32	Name: savetf2_petition_session Value: eyJpdiI6IktxQnZJYWdFVGJyODhHZVVPRTUvYVE9PSIsInZhbHVlIjoicXBTeGJPOWQxMkJiK2h2RWJERkZDdkViOWJaMm9LNjVQY0lZTGVLaURSOWlKL1FBczRaYUpCWlV4VVV6dnVia3VzSDN1U0FVMmg1RW5KbjFCQ0hsUHBEc2FrT0MveHgvK1NSUitReGpIOWNSdUVaS1VYWDRNc0hRTzJSYnRZSXoiLCJtYWMiOiJhMjI1ZmJlOTE1NDY4NjY0N2E1YmIxYWJiZjg3ZGI1ZDdhZGRhYjQxZmYxYzg1Yjk4N2FhYWM3MDA3ZGY1M2NiIiwidGFnIjoiIn0%3D
.save.tf/	1970-01-21 05:51:00	Name: cf_clearance Value: ew0lsVHrFI1O8ZPj.zWfqWInfQx4MmcnmrU1kZ4DFuw-1717524851-1.0.1.1-a_tTjSxORrvhC52ZSvmAA_nHW4TeYT1mzVlvsIQYz2nYkTye9mbXm6VRu0J61ExtSs_r_A7sBJF4KYTOVQ09uA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

save.tf
www.google.com
www.gstatic.com
188.114.96.9
216.58.206.68
2a00:1450:4001:811::2003
0a9fbc9463be1bed50f4209f4613a188da87ce7e96d5f58bfafaeb57a94b76ea
145ca14c8357dbf805e6ed3b774abbc492b62f13dcbff21ce68d4ff021307838
1c6ff331deb0a07390541203f850f13c71be942625d7f6a2f610856ce3b1b9a3
27c056ecd23eae80a97a67bf69df79ba15406f53a599badc8607fd4eb6615e08
2b0d622d35b93d88ccf2b9cab1a9946d47e1ffd984f620a3970d6278baf216af
36e2c444509d01e6deb25296082c18bd4dc7bc5193b4f5f37bc8ccd99c7e452e
3858642d9be206ed8550378ac793151e2862cf313602545c50b79e0769b900c0
56fd04078aac0232a0b63a311ff0f9d931756aa31f5fd6c46841658ff8747cdf
5ccbb4343ee494fa74aa16bd130506f24109594568a83a499a9f3d88e61156b3
63e07a93b9b35bf726e53300c9bf55a7e707ecaebf6916fa87ba76ec1c3b4a71
65c5ae1508aa0611f34c062a03f3dbbd22cd5266f3fa6453864a4f3c0d0a4a13
667dcd414ad432cc2a35cba430e3aa0ce4bdf392e09cc10ff47f8accfeab76b4
6790f090472e1fcfc57510b55a0fc7abb63be0eac46d60ec3408dbd92c137c26
6d3b24a3517a7c7fee4b1c357395fdb8bff8d57bb0e4b340ef8e5e6fd78bef8d
6f74a64b30c3c5dc8cd09b4eb3f0f08784644034009704c27ed2c2305bdbf3f2
70da36c87e034eb8edc81183ad4452ee6ca072ddb3daef51f363fa647d26d0db
7ede08960545c5061bc25acdcf697ce17b502f5a0e6ab9474616f73b6af76734
81bb134d1bbd3e31e1ddac9449ef1c509b7061a14e15554d625569cb38af44d4
826fe5e45bc770b60e527f1c0d7379ff7c66826b8b71ce97f627b27a4c730048
85ee9cd6a707785dffe77b68144635c679d34a5797c930f9d93805733d53821e
877f450dd6dab2d5378323982b77e3a844a678dffefd8fdf9d3d5008fa8724c1
88e9c44c966195328a86426fa017c9f619bcea3db3450f6571d22a423e8e85a1
ab457a2f13745951f2937b20de43901bea71adc19d197b802d12a81c50495fb7
ac7ad77e162ab09ba66c390407d542cb1998f27071394df3c98b88d7dce871e1
da91bdb6bb459547712adb59fa0ef30bca3eaef52d63f8a142ebbb7aecfd3a66
dfe006ec04a5410b9c567d57e61416c61a572302bae4f88fe51f58ae62ec5060
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea575d83840d0be8b930a03e6f4f1bf864e2e6335d4aea5ab48e973063aa226f
fae50306da189d436ec50f0e2933f2728c5cd0e8ee1d56faa07392676ff8ff6f
fd5a15d1693aaedbd7c6dd5c54fd790fbe0b5207c017ea1d92dea3c395fa86de

save.tf Open in urlscan Pro 188.114.96.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

15367 kBTransfer

15980 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

save.tf Open in urlscan Pro
188.114.96.9 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

15367 kB
Transfer

15980 kB
Size

3
Cookies

31 HTTP transactions
0 data transactions