save.tf
Open in
urlscan Pro
188.114.96.9
Public Scan
Effective URL: https://save.tf/
Submission: On June 04 via manual from US — Scanned from NL
Summary
TLS certificate: Issued by E1 on May 17th 2024. Valid for: 3 months.
This is the only time save.tf was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 29 | 188.114.96.9 188.114.96.9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 216.58.206.68 216.58.206.68 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2003 | 15169 (GOOGLE) (GOOGLE) | |
31 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
save.tf
1 redirects
save.tf — Cisco Umbrella Rank: 369125 |
15 MB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 5 |
972 B |
1 |
gstatic.com
www.gstatic.com |
209 KB |
31 | 3 |
Domain | Requested by | |
---|---|---|
29 | save.tf |
1 redirects
save.tf
|
2 | www.google.com |
save.tf
www.gstatic.com |
1 | www.gstatic.com |
www.google.com
|
31 | 3 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
save.tf E1 |
2024-05-17 - 2024-08-15 |
3 months | crt.sh |
*.google.com WR2 |
2024-05-21 - 2024-08-13 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-05-21 - 2024-08-13 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://save.tf/
Frame ID: 6218F101FB7BE5420524F05094727415
Requests: 28 HTTP requests in this frame
Frame:
https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
Frame ID: 34371646FED16332D7DD34021F79032A
Requests: 2 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs&co=aHR0cHM6Ly9zYXZlLnRmOjQ0Mw..&hl=nl&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=nvjh9qh6urf5
Frame ID: 68621BF9C22A81D57FD7B0EE892BCCC4
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Welcome - #SaveTF2 PetitionPage URL History Show full URLs
-
http://save.tf/
HTTP 307
https://save.tf/ Page URL
Detected technologies
reCAPTCHA (Captchas) ExpandDetected patterns
- /recaptcha/api\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Despite being aware of the bot crisis
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://save.tf/
HTTP 307
https://save.tf/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://save.tf/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
save.tf/ Redirect Chain
|
21 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app-rO70e25X.css
save.tf/build/assets/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app-r2CJCX5l.js
save.tf/build/assets/ |
308 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Home-n1EL_2ZC.js
save.tf/build/assets/ |
106 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/ Frame 3437 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
savefixtf2_-BuByyqdd.png
save.tf/build/assets/ |
138 KB 138 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aimbotshero_header-DynjqURP.png
save.tf/build/assets/ |
48 KB 48 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aimbotImg-DVBW9XSu.png
save.tf/build/assets/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
maliciousmachines-bAGf_y7p.png
save.tf/build/assets/ |
128 KB 128 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
maliciousmachinesphotostack-0VFGvOir.png
save.tf/build/assets/ |
511 KB 512 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
brothersinarms_-5Mcqmnqg.png
save.tf/build/assets/ |
650 KB 650 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
timelessmasterpiece-CWdvy0Zo.png
save.tf/build/assets/ |
44 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Timeless_Masterpiece-CH8ZTN59.png
save.tf/build/assets/ |
381 KB 382 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
map-maUeDwP8.webp
save.tf/build/assets/ |
470 KB 470 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon-D6VY46-y.svg
save.tf/build/assets/ |
1 KB 1 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg_01_alt-DyhPwjrs.png
save.tf/build/assets/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sign_render1-bZKf4C8e.png
save.tf/build/assets/ |
296 KB 297 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
barrier_menu-C3db8t-R.png
save.tf/build/assets/ |
108 KB 109 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg_02-DuOr3Lhx.png
save.tf/build/assets/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
barrier-BTbXkvz7.png
save.tf/build/assets/ |
91 KB 92 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg_05-Cr8tWeI8.png
save.tf/build/assets/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg_06-Ck6rxTSJ.png
save.tf/build/assets/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg_04-BNjYlBuf.png
save.tf/build/assets/ |
557 KB 558 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
contracker_bg-BAx80L3w.png
save.tf/build/assets/ |
3 MB 3 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
TF2build-gGB78klV.ttf
save.tf/build/assets/ |
56 KB 56 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
TF2secondary-kmQwUjS2.ttf
save.tf/build/assets/ |
29 KB 29 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
www.google.com/recaptcha/ |
1 KB 972 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/ |
526 KB 209 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/api2/ Frame 6862 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
88e9e6a788432bdc
save.tf/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3437 |
0 656 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
save.tf/ |
208 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| route function| Pusher function| axios function| onRecaptchaLoadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_1181603 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
save.tf/ | Name: XSRF-TOKEN Value: eyJpdiI6IkFJNWt2UWkxSDcyZld1NG9IN1RMeXc9PSIsInZhbHVlIjoiMnEzTzMrb3RjNG1qWFIxWGt1NkhsM2hzNURGWVZnRjZpWk1SbmsrNW90Kzh2eGJCbkxmb3gzdm1Kb2czYmI1cWZVb3MrMnkzZXNSSXZKT01rY2hNTDRuYjEyR1cyWm5NV1pUb1Bkd1pWNUdaN0hJbjFnZ2JYNkwvYnFOeCtIenQiLCJtYWMiOiIyZGE1ODYzNmY1MWY3OWNlOGQ4NDdmY2YyOTEwNWVkZjFhZTBmNWYxNGZiZWNiN2QyNzljODM3NjRiNTIwODg2IiwidGFnIjoiIn0%3D |
|
save.tf/ | Name: savetf2_petition_session Value: eyJpdiI6IktxQnZJYWdFVGJyODhHZVVPRTUvYVE9PSIsInZhbHVlIjoicXBTeGJPOWQxMkJiK2h2RWJERkZDdkViOWJaMm9LNjVQY0lZTGVLaURSOWlKL1FBczRaYUpCWlV4VVV6dnVia3VzSDN1U0FVMmg1RW5KbjFCQ0hsUHBEc2FrT0MveHgvK1NSUitReGpIOWNSdUVaS1VYWDRNc0hRTzJSYnRZSXoiLCJtYWMiOiJhMjI1ZmJlOTE1NDY4NjY0N2E1YmIxYWJiZjg3ZGI1ZDdhZGRhYjQxZmYxYzg1Yjk4N2FhYWM3MDA3ZGY1M2NiIiwidGFnIjoiIn0%3D |
|
.save.tf/ | Name: cf_clearance Value: ew0lsVHrFI1O8ZPj.zWfqWInfQx4MmcnmrU1kZ4DFuw-1717524851-1.0.1.1-a_tTjSxORrvhC52ZSvmAA_nHW4TeYT1mzVlvsIQYz2nYkTye9mbXm6VRu0J61ExtSs_r_A7sBJF4KYTOVQ09uA |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
save.tf
www.google.com
www.gstatic.com
188.114.96.9
216.58.206.68
2a00:1450:4001:811::2003
0a9fbc9463be1bed50f4209f4613a188da87ce7e96d5f58bfafaeb57a94b76ea
145ca14c8357dbf805e6ed3b774abbc492b62f13dcbff21ce68d4ff021307838
1c6ff331deb0a07390541203f850f13c71be942625d7f6a2f610856ce3b1b9a3
27c056ecd23eae80a97a67bf69df79ba15406f53a599badc8607fd4eb6615e08
2b0d622d35b93d88ccf2b9cab1a9946d47e1ffd984f620a3970d6278baf216af
36e2c444509d01e6deb25296082c18bd4dc7bc5193b4f5f37bc8ccd99c7e452e
3858642d9be206ed8550378ac793151e2862cf313602545c50b79e0769b900c0
56fd04078aac0232a0b63a311ff0f9d931756aa31f5fd6c46841658ff8747cdf
5ccbb4343ee494fa74aa16bd130506f24109594568a83a499a9f3d88e61156b3
63e07a93b9b35bf726e53300c9bf55a7e707ecaebf6916fa87ba76ec1c3b4a71
65c5ae1508aa0611f34c062a03f3dbbd22cd5266f3fa6453864a4f3c0d0a4a13
667dcd414ad432cc2a35cba430e3aa0ce4bdf392e09cc10ff47f8accfeab76b4
6790f090472e1fcfc57510b55a0fc7abb63be0eac46d60ec3408dbd92c137c26
6d3b24a3517a7c7fee4b1c357395fdb8bff8d57bb0e4b340ef8e5e6fd78bef8d
6f74a64b30c3c5dc8cd09b4eb3f0f08784644034009704c27ed2c2305bdbf3f2
70da36c87e034eb8edc81183ad4452ee6ca072ddb3daef51f363fa647d26d0db
7ede08960545c5061bc25acdcf697ce17b502f5a0e6ab9474616f73b6af76734
81bb134d1bbd3e31e1ddac9449ef1c509b7061a14e15554d625569cb38af44d4
826fe5e45bc770b60e527f1c0d7379ff7c66826b8b71ce97f627b27a4c730048
85ee9cd6a707785dffe77b68144635c679d34a5797c930f9d93805733d53821e
877f450dd6dab2d5378323982b77e3a844a678dffefd8fdf9d3d5008fa8724c1
88e9c44c966195328a86426fa017c9f619bcea3db3450f6571d22a423e8e85a1
ab457a2f13745951f2937b20de43901bea71adc19d197b802d12a81c50495fb7
ac7ad77e162ab09ba66c390407d542cb1998f27071394df3c98b88d7dce871e1
da91bdb6bb459547712adb59fa0ef30bca3eaef52d63f8a142ebbb7aecfd3a66
dfe006ec04a5410b9c567d57e61416c61a572302bae4f88fe51f58ae62ec5060
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea575d83840d0be8b930a03e6f4f1bf864e2e6335d4aea5ab48e973063aa226f
fae50306da189d436ec50f0e2933f2728c5cd0e8ee1d56faa07392676ff8ff6f
fd5a15d1693aaedbd7c6dd5c54fd790fbe0b5207c017ea1d92dea3c395fa86de