save.tf Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://save.tf/
Effective URL:
https://save.tf/
Submission: On May 30 via manual (May 30th 2024, 8:17:46 pm UTC) from GB — Scanned from NL

Summary HTTP 30 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 30 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is save.tf.
TLS certificate: Issued by E1 on May 17th 2024. Valid for: 3 months.

This is the only time save.tf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
30	3

28 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

save.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	save.tf 1 redirects save.tf	15 MB
2	google.com www.google.com — Cisco Umbrella Rank: 2	972 B
1	gstatic.com www.gstatic.com	209 KB
30	3

	Domain	Requested by
28	save.tf	1 redirects save.tf
2	www.google.com	save.tf www.gstatic.com
1	www.gstatic.com	www.google.com
30	3

This site contains links to these domains. Also see Links.

Domain
x.com

Subject Issuer	Validity	Valid
save.tf E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://save.tf/
Frame ID: A45E6BC524B7BF02C56D4DCEA9E73ABE
Requests: 27 HTTP requests in this frame

Frame: https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
Frame ID: 6EEA5D426AE35074FAD8A0C0CDE08554
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs&co=aHR0cHM6Ly9zYXZlLnRmOjQ0Mw..&hl=nl&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=ld9417bgmfbv
Frame ID: F2A099714C42DC2416C370B87EE6E4C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome - SaveTF2

Page URL History Show full URLs

http://save.tf/ HTTP 307
https://save.tf/ Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

30
Requests

97 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

15155 kB
Transfer

15757 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://x.com/TeamFortress/status/1529970640224018433
Title: Despite being aware of the bot crisis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://save.tf/ HTTP 307
https://save.tf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://save.tf/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
save.tf/
Redirect Chain

http://save.tf/
https://save.tf/

20 KB
9 KB

383ms
335ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaf379242604638f9e00b8302d2254f2c233b9dc9cd668e915b9f562f82a8cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 88c16898d9463a6a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 30 May 2024 20:17:36 GMT
link: <https://save.tf/build/assets/app-DaMmamHC.css>; rel="preload"; as="style", <https://save.tf/build/assets/app-Cpw1yA3m.js>; rel="modulepreload", <https://save.tf/build/assets/Home-D4-8Rlzf.js>; rel="modulepreload"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=au%2BN29ca7l3LfCSguacwdFGxgx1tZ0pMuSQ%2FIlzMYGtbzOoDJX41VZelmjvg6StGCduU%2B6MTymj0XkpKt2VOiz2mpzUEYMNLih2k9u%2BXvDbBhYzEFQJeiMMM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Inertia
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://save.tf/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 app-DaMmamHC.css
save.tf/build/assets/ 26 KB
6 KB 36ms
35ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e379ae63c9e20364c55182812872db558aa6377291dee6c433ada9cb9b1a848d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4486
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: W/"6658cd12-6752"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tPnPYLfflRSwdt4FIEv2%2BQYwiEx1aJutbbcBPJEBBStLmM5x3JDcjsQNIXiwVEWwjeWmAiX828u%2F%2BT0LooouG9HM%2FfT2j8nvznejsVdlJEmYnUwztc6p%2BJYk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88c1689a4bf53a6a-FRA

GET
H3 200 app-Cpw1yA3m.js Show response
save.tf/build/assets/ 307 KB
101 KB 38ms
38ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/app-Cpw1yA3m.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d5d2fa1869541fee2891c4f3526552d383ef6735d3fdac5fcda0ae443a71a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2550
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 May 2024 19:34:31 GMT
server: cloudflare
etag: W/"6658d4c7-4cd53"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=apHjZmHvAq4az8p7eBBqkBMf%2BWWuAV5UwpB0L8DDHLKHKelwW2ksO%2BhtPYUX89AbD4fvY19uNuCGHS7VbHYip5oKl%2FOWmfA35rV2wSaKbInUN2GJLn91zds0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88c1689a6c353a6a-FRA

GET
H3 200 Home-D4-8Rlzf.js Show response
save.tf/build/assets/ 87 KB
30 KB 133ms
133ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/Home-D4-8Rlzf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dfbeefaed4dc58fa8efa0be522013f3b928ede1588e2cefafdbfec7314120cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2550
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 May 2024 19:34:31 GMT
server: cloudflare
etag: W/"6658d4c7-15db9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFF31Vq2u7OtCoFayA7u%2F9t%2B54sWzXrg77Risfqqlr8gw9HNMCSQJz43rg7SKGkWM5cIHLbKNwluEwG2rm0qCYMen4Oy7bRE3ubGAiqGaz1cuvpjwr%2BodcYq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88c1689a6c3b3a6a-FRA

GET
H3

200

main.js Show response
save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/ Frame 6EEA
Redirect Chain

https://save.tf/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

8 KB
4 KB

4898ms
4897ms

Script
application/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

Requested by

Host: save.tf
URL: https://save.tf/

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c561411ad7ca870ff8699b982d9c7ca60f7179045a9a6827883a5bf53ed4c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Thu, 30 May 2024 20:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85ZuKdBV%2BKE1pjEOKuIbe2vcHNN1C6Z8n%2FQUVAGJV0bEpzRakmKgbQjD4hCT7bjhvbRttNpcAaGSUHxuy4yGRLUuLsO8vNV%2Fhqv0FEtngqsZMCBi7AqNrIhz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 88c1689ecb423a6a-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 30 May 2024 20:17:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0mNQgdrhrAn%2BZiIKVpFr6fa6JwAftjojUakCs9X%2FC9MllJ2OW4V%2B2zAg5DNs1gxfHe7KiVRnWSQLCV2gt9CshbJy0j%2BoC%2FAyXVvPGvoQPb0B0vJU5MZioYd"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 88c1689bbe573a6a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 saveTF2_text_alter-NNo8bocO.png
save.tf/build/assets/ 54 KB
55 KB 33ms
33ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/saveTF2_text_alter-NNo8bocO.png

Requested by

Host: save.tf
URL: https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02a44aa4d7f9b9034abf8ce0bb890a99e6f19cab20f6eb54feb715adaaa3f9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618
alt-svc: h3=":443"; ma=86400
content-length: 55451
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-d89b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EKWMUXAaCd%2FplmcybiXiYYM2bx4%2F%2FllSLnrWtrUFpQyUvy0GoFV%2B6HSWp7kujeglFaLAXWC0Wji37qpskqUkT5iVb10HvgMqQMwjQxDTEwegMU%2FXAAsSBovQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689bfeba3a6a-FRA

GET
H3 200 aimbotshero_header-DynjqURP.png
save.tf/build/assets/ 48 KB
48 KB 53ms
51ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/aimbotshero_header-DynjqURP.png

Requested by

Host: save.tf
URL: https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a9fbc9463be1bed50f4209f4613a188da87ce7e96d5f58bfafaeb57a94b76ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618
alt-svc: h3=":443"; ma=86400
content-length: 48943
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-bf2f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oK7i0vb6ITOS9i219HeEuS10cVgYSVEyw4QeJm9MuxOyzNy%2BJwDxlTpJ9vbAwS6mGKIXzQOLskOVO3TolLuu428NAvwLnuP9dPO27SegvJMbs5xS7FyIamT5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c0ebe3a6a-FRA

GET
H3 200 aimbotImg-DVBW9XSu.png
save.tf/build/assets/ 2 MB
2 MB 73ms
71ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/aimbotImg-DVBW9XSu.png

Requested by

Host: save.tf
URL: https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

145ca14c8357dbf805e6ed3b774abbc492b62f13dcbff21ce68d4ff021307838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618
alt-svc: h3=":443"; ma=86400
content-length: 2423272
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-24f9e8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=unW8uP3TvFcqyXiOYOILd%2B%2Bf%2FuFvVF9%2FuPGrc8ZI417g%2FMuzVVny%2BzhgtKfRoOTwTPWKG98qe3yy2uX9xmyStHyZWmfETtmDSmRqcGdD6Q4VreIrXUBv6jBX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c0ec23a6a-FRA

GET
H3 200 maliciousmachines-bAGf_y7p.png
save.tf/build/assets/ 128 KB
128 KB 73ms
72ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/maliciousmachines-bAGf_y7p.png

Requested by

Host: save.tf
URL: https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fae50306da189d436ec50f0e2933f2728c5cd0e8ee1d56faa07392676ff8ff6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2617
alt-svc: h3=":443"; ma=86400
content-length: 130649
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-1fe59"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKvFNzWHKAiBvxWjDEsnHnBbfj%2FoJc5Ez7KvAs40xun73J%2BTOK2MLtO1dPHqCNkxMXCbFnbHJbWIVXqCqFV3lsXk%2BjWblFtrJ1rzGvE2SteL7yYNnO4YVnlb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c0ec43a6a-FRA

GET
H3 200 maliciousmachinesphotostack-0VFGvOir.png
save.tf/build/assets/ 511 KB
512 KB 103ms
101ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/maliciousmachinesphotostack-0VFGvOir.png

Requested by

Host: save.tf
URL: https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6790f090472e1fcfc57510b55a0fc7abb63be0eac46d60ec3408dbd92c137c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618
alt-svc: h3=":443"; ma=86400
content-length: 523501
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-7fced"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LmoJ5hwuHwKDZNl%2FpBIfx94%2BjfZZqrA%2BHGLaPInGYNZiQvIonpcVvtqYKLSBBDfvP4y8NP3YIimTngL6Y1IDvOBCAYDk%2BmKJfrvizABzN0AA19DeWM%2FMjGxS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c0ec63a6a-FRA

GET
H3 200 brothersinarms_-5Mcqmnqg.png
save.tf/build/assets/ 650 KB
651 KB 152ms
150ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/brothersinarms_-5Mcqmnqg.png

Requested by

Host: save.tf
URL: https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab457a2f13745951f2937b20de43901bea71adc19d197b802d12a81c50495fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618
alt-svc: h3=":443"; ma=86400
content-length: 665456
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-a2770"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hv9YO6rZAqOYlfg%2FcXIivTjgZDPEOqUaa8mF1f4tP86Nsd7kY5V6y2zkJcAvDDRvAiAmgnMCrJoY8eg5f2AGhzO%2F0keix3KtvW0ma3HJXzabF79MkNoH432R"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c2f073a6a-FRA

GET
H3 200 timelessmasterpiece-CWdvy0Zo.png
save.tf/build/assets/ 44 KB
44 KB 153ms
151ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/timelessmasterpiece-CWdvy0Zo.png

Requested by

Host: save.tf
URL: https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e2c444509d01e6deb25296082c18bd4dc7bc5193b4f5f37bc8ccd99c7e452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2617
alt-svc: h3=":443"; ma=86400
content-length: 44625
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-ae51"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fvfvb0oLUHT1wGDKDjRa77gkPYMG%2Fv2mLb3pKptcQBK57C6VQzrOZIEHCVKorzqb2ebCksCo92EJRsHZ6bW6NjrIUVZk5QcS7GBRjvp0PfOy5fMz%2BRJGBV4I"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c2f083a6a-FRA

GET
H3 200 Timeless_Masterpiece-CH8ZTN59.png
save.tf/build/assets/ 381 KB
382 KB 153ms
150ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/Timeless_Masterpiece-CH8ZTN59.png

Requested by

Host: save.tf
URL: https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70da36c87e034eb8edc81183ad4452ee6ca072ddb3daef51f363fa647d26d0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2617
alt-svc: h3=":443"; ma=86400
content-length: 390497
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-5f561"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxTERROokpLWn9OKsyY%2FQZFXyp9oejexiq1Q6c%2FComli82qPiXXXxrYCZDttNlPrHixc8XPEbnvfM9u7ahtw4PZqRI7BQLkI5F9un5A7rwgf85C9DOp0PlRz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c2f0d3a6a-FRA

GET
H3 200 map-maUeDwP8.webp
save.tf/build/assets/ 470 KB
470 KB 179ms
176ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/map-maUeDwP8.webp

Requested by

Host: save.tf
URL: https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85ee9cd6a707785dffe77b68144635c679d34a5797c930f9d93805733d53821e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2617
alt-svc: h3=":443"; ma=86400
content-length: 481164
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-7578c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vk1nqOWTWl%2BA4DTstJdLQrDVd8LtNp4cZONunkJF3mYbIc4cBtWyIL74LYS%2FYg%2B1Gndi4CPQsas%2F%2FqgNzpBP41M5hYQXX3uAhcY4iMTvLBQ%2FhDw1ekDjQijy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c2f0e3a6a-FRA

GET
H3 200 bg_01_alt-lAU9aJod.png
save.tf/build/assets/ 1 MB
1 MB 180ms
177ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_01_alt-lAU9aJod.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0e7632fe04772c9834427d1ba179e1e2a50fc2811c88d9f131bb4a5a9a8b528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-DaMmamHC.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618
alt-svc: h3=":443"; ma=86400
content-length: 1291456
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-13b4c0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3TeBejudCHPHi9G8ItIOaa24Knx94ZPKwBjrBqorSnNnZITiN9NZhFaZ6HYOILEuFNKu1Z2dhUfGzaE%2BE4vn2L%2BhBkLUi%2FL%2BrgTA0r%2BCFbShhrC2p3t%2Fv89g"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c2f103a6a-FRA

GET
H3 200 sign_render1-bZKf4C8e.png
save.tf/build/assets/ 296 KB
297 KB 180ms
177ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/sign_render1-bZKf4C8e.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

667dcd414ad432cc2a35cba430e3aa0ce4bdf392e09cc10ff47f8accfeab76b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-DaMmamHC.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618
alt-svc: h3=":443"; ma=86400
content-length: 303281
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-4a0b1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y7MTAhxFF%2F%2FVAC%2FtXnKU3sZCqogIDhS2%2BRE8OAr8eIuBfs8Nr19X0Iw4tzmf%2BTJQYmDS7SqXTSP4hiqwe7vagmlk75f2IL%2Bo%2B%2Bcj2QBj7A6N1rPr3Bc7E0eR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c0eca3a6a-FRA

GET
H3 200 barrier_menu-C3db8t-R.png
save.tf/build/assets/ 108 KB
109 KB 179ms
178ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/barrier_menu-C3db8t-R.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe006ec04a5410b9c567d57e61416c61a572302bae4f88fe51f58ae62ec5060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-DaMmamHC.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2617
alt-svc: h3=":443"; ma=86400
content-length: 111075
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-1b1e3"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bd8KW8u6ZEJUuTW9jDm%2FGG11vYrxiNJyoSygEY2s6HJyS29ZUaUWjFCZx1zv%2B5Zs5%2F83Krr28in9w45NBnYynn2Trao1hJHk00bBvLpHL22nZTcKKby11N0W"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c7f983a6a-FRA

GET
H3 200 bg_02-DuOr3Lhx.png
save.tf/build/assets/ 1 MB
1 MB 2563ms
2562ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_02-DuOr3Lhx.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c6ff331deb0a07390541203f850f13c71be942625d7f6a2f610856ce3b1b9a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-DaMmamHC.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2617
alt-svc: h3=":443"; ma=86400
content-length: 1358366
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-14ba1e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzhHTWUV7Ep5sHimR%2F9XKIxXvXv609MJ4pO3rZcFyDlhGLpshOLwu4gGwdrRgVNrejXiMRqoy3ja2R%2F0O4kwRz%2FeCINCLSqvfDln%2BAYr%2BoNpI%2FH%2FV83ogl5s"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689cafda3a6a-FRA

GET
H3 200 barrier-BTbXkvz7.png
save.tf/build/assets/ 91 KB
92 KB 2933ms
2932ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/barrier-BTbXkvz7.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65c5ae1508aa0611f34c062a03f3dbbd22cd5266f3fa6453864a4f3c0d0a4a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-DaMmamHC.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2617
alt-svc: h3=":443"; ma=86400
content-length: 93244
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-16c3c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KLnDBtsMf%2Bt%2B4Hgml3bQlH1DYWdlsQkN1K%2FAVgz%2FcvnwX4gZIZcNT7ktzu8MsodPVYL9ilK%2Bhs57BFdeI3l09zEfFGVpPD5vaCIb1CkkfCL3sSugid8fYA%2FD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689c0ecd3a6a-FRA

GET
H3 200 bg_05-Cr8tWeI8.png
save.tf/build/assets/ 2 MB
2 MB 2953ms
2952ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_05-Cr8tWeI8.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccbb4343ee494fa74aa16bd130506f24109594568a83a499a9f3d88e61156b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-DaMmamHC.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618
alt-svc: h3=":443"; ma=86400
content-length: 1736411
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-1a7edb"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sd76ZvZ%2F8dgLXHgizROL6WfC14K3pbtPv98S%2F6Nz35s5K47Kd8OuZ2MxpDqAWkRFDXNt%2B7YwbwoHxbZK3pUCfJ4aJ8p%2Bfk2eO6t5Jg2n9IO1eK9%2FKRsi5UAk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689cafdd3a6a-FRA

GET
H3 200 bg_06-Ck6rxTSJ.png
save.tf/build/assets/ 2 MB
2 MB 3397ms
3396ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_06-Ck6rxTSJ.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac7ad77e162ab09ba66c390407d542cb1998f27071394df3c98b88d7dce871e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-DaMmamHC.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2617
alt-svc: h3=":443"; ma=86400
content-length: 1712370
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-1a20f2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=slIxCswZVtnOF56cANUCGa%2B1A0zIZQwMqId7FnGzQlNq%2FrPBGLAtNBQs2GuqlOiCSvMP1WRzmQXf6XMXbkms5vMbyAP7ad1Ikaw84zeUtOSHytu0r2vSHigy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689cafde3a6a-FRA

GET
H3 200 bg_04-BNjYlBuf.png
save.tf/build/assets/ 557 KB
558 KB 3847ms
3847ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_04-BNjYlBuf.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56fd04078aac0232a0b63a311ff0f9d931756aa31f5fd6c46841658ff8747cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-DaMmamHC.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618
alt-svc: h3=":443"; ma=86400
content-length: 570736
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-8b570"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oM0px4K0%2BBDtITtW3ryPDEIBghlwRC%2BOIvNp4wjVtnqQwckl%2BHB1ekgqubmGpLr1qIgenm51nBK%2Bq%2FrsKq5bRGvleyXKnhUkXSNNTEZHyjoHGOiinFhJBHML"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689ecb383a6a-FRA

GET
H3 200 contracker_bg-BAx80L3w.png
save.tf/build/assets/ 3 MB
3 MB 3980ms
3980ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/contracker_bg-BAx80L3w.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5a15d1693aaedbd7c6dd5c54fd790fbe0b5207c017ea1d92dea3c395fa86de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-DaMmamHC.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2619
alt-svc: h3=":443"; ma=86400
content-length: 3107168
last-modified: Thu, 30 May 2024 19:01:38 GMT
server: cloudflare
etag: "6658cd12-2f6960"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxnlpLKocNlHCVqe4t%2FwsGerQStXx5Y%2FiDl17lZLzn%2BOYkJJxvPeOsrO8v%2FtwG8UuyIaQoHO3NKkW9wu08GuR8Z%2BrjT1Evueb%2BxlBU3QUMFLfQq%2BW34rOOqD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689ecb3a3a6a-FRA

GET
H3 200 TF2secondary-kmQwUjS2.ttf
save.tf/build/assets/ 29 KB
29 KB 4891ms
4891ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/TF2secondary-kmQwUjS2.ttf

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea575d83840d0be8b930a03e6f4f1bf864e2e6335d4aea5ab48e973063aa226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-DaMmamHC.css
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1686
alt-svc: h3=":443"; ma=86400
content-length: 29452
last-modified: Thu, 30 May 2024 19:34:31 GMT
server: cloudflare
etag: "6658d4c7-730c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQIcArYOG6Ku65JhTeHXEfdzVk97wdhGT%2BaSkGlbuATLtr0%2FdwmaJWbNXP0houocr%2FwTx5UICUYp1CoRF6nqZvWihqSZwDUMmpfNtF5cWhPpZDOI%2FI7zyAlI"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689ecb3c3a6a-FRA

GET
H3 200 TF2build-gGB78klV.ttf
save.tf/build/assets/ 56 KB
56 KB 4894ms
4894ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/TF2build-gGB78klV.ttf

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-DaMmamHC.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d3b24a3517a7c7fee4b1c357395fdb8bff8d57bb0e4b340ef8e5e6fd78bef8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-DaMmamHC.css
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1686
alt-svc: h3=":443"; ma=86400
content-length: 57168
last-modified: Thu, 30 May 2024 19:34:31 GMT
server: cloudflare
etag: "6658d4c7-df50"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGL8wcU09Vd%2Fae0q%2FrRedeLCc%2BYC17Sdm7%2BV3AtKz4V8UCIuQqH5y3IKi3lHBugXzasT4ZV9cK0x%2BlEqEnXfSVmRlvR4VuJvKWu1V8t6qicRJLY1RjLuidWn"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88c1689ecb3f3a6a-FRA

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
972 B 180ms
50ms Script
text/javascript 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs

Requested by

Host: save.tf
URL: https://save.tf/build/assets/Home-D4-8Rlzf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f4.1e100.net

Software

GSE /

Resource Hash

7ede08960545c5061bc25acdcf697ce17b502f5a0e6ab9474616f73b6af76734

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 30 May 2024 20:17:36 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/ 526 KB
209 KB 86ms
29ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81bb134d1bbd3e31e1ddac9449ef1c509b7061a14e15554d625569cb38af44d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 05:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213502
x-xss-protection: 0
last-modified: Mon, 27 May 2024 02:00:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 May 2025 05:14:20 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame F2A0 0
0 90ms
51ms Document
text/html 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs&co=aHR0cHM6Ly9zYXZlLnRmOjQ0Mw..&hl=nl&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=ld9417bgmfbv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3H8uBIwS42m39jnynGO45g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://save.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3H8uBIwS42m39jnynGO45g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 May 2024 20:17:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 88c16898d9463a6a Show response
save.tf/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6EEA 0
573 B 248ms
116ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://save.tf/cdn-cgi/challenge-platform/h/g/jsd/r/88c16898d9463a6a
Requested by: Host: save.tf
URL: https://save.tf/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 May 2024 20:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPY0ahKVpN6P%2BZIRi6q82h5CLuw40lJWYUTVoSsblXlX680sDjMyFbKlBFdmMj8QGKturKlsumU89xkf%2FzQiIJ2CtvKBJ3exKuwiDB9tayCIO9yWyTf844dm"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 88c168bbffa03a6a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 favicon-D6VY46-y.svg
save.tf/build/assets/ 1 KB
1 KB 186ms
185ms Other
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/favicon-D6VY46-y.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27c056ecd23eae80a97a67bf69df79ba15406f53a599badc8607fd4eb6615e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 20:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5913
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 May 2024 13:53:06 GMT
server: cloudflare
etag: W/"665884c2-4d2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JpCFlokCqbEU4bKttgHuTfqa4aIh9RSRr1HBwxpmSzClELsOG5FoLmWTLRbynHeG2sfs4KioZQ1qxVTELv7HmvdTwtLS%2BtwdUKjRr7EIV883Xz9sLPyRxrq"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88c168bcd8da3a6a-FRA

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
save.tf/	1970-01-20 20:58:27	Name: XSRF-TOKEN Value: eyJpdiI6IkRXdFhsZFBQUUE5elhoOENXeHgwdGc9PSIsInZhbHVlIjoiL3FLT084ZXhHL1RhaUZMdkFQQmpUM2s3Qm1jMkVUdzdqOVN2elM2OW1XbVI3Ymw4ZXh0OHdKRWgxc3JjWGkyNWlqUkdiTmN2SXZNNUFmYm9Pam5YVzdxRjg2UXNaTXA4Tk8zRUpJc0Exb01FQ2lnTnd3bDhXaEtzcmNjeW1UakUiLCJtYWMiOiI4ZDczMGY3M2EzYjRmYWJjMTI5NWFhOGMxMDU0NDE4NmI0ZTYzYTQzNGEyZjU1NDVmNDEwZmFjY2ZlYWE5ZGE5IiwidGFnIjoiIn0%3D
save.tf/	1970-01-20 20:58:27	Name: savetf2_session Value: eyJpdiI6IktLN1ZrMVJXQkExUlJjYXNzWlY2Qmc9PSIsInZhbHVlIjoiK3d2NWNpaGdzRnBjbVdxWUVTVmk5UmNQMng5Y1lWdW93RmE1enZoZk0yQ1RlZ01QM3FRNHdnczhsRVhUS3pCODB2RUpFeU9CWThhZEFjMS82eStPVWNzY0FjalVOUjV1cjUxc25xdlFoOEZYMFN0YlVLejJ6WENpanF4Qk4vaGMiLCJtYWMiOiI0ZTZjYjAyMjNmMDJkOTM1MGRkN2UwZmFlZjkzNTg2YTBkMGZlYjMwYTI2ZDY3ZDVhZGU0OWVlZGQwMzE2MmJmIiwidGFnIjoiIn0%3D
.save.tf/	1970-01-21 05:43:56	Name: cf_clearance Value: 2kdNDs4IED5YsZlozgRME8PdjNvhhRneeEM9pmbh7fA-1717100261-1.0.1.1-V2t5lzviyQwwA0kl4r1gSjaXCRv_dANxV.CBRTQaZoUgpnLXJJ1hQh7mfWzwqD.odVHodVmM.7maVbXmE6aC8w

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

save.tf
www.google.com
www.gstatic.com
172.217.16.196
188.114.96.3
2a00:1450:4001:81c::2003
02a44aa4d7f9b9034abf8ce0bb890a99e6f19cab20f6eb54feb715adaaa3f9d5
0a9fbc9463be1bed50f4209f4613a188da87ce7e96d5f58bfafaeb57a94b76ea
145ca14c8357dbf805e6ed3b774abbc492b62f13dcbff21ce68d4ff021307838
1c6ff331deb0a07390541203f850f13c71be942625d7f6a2f610856ce3b1b9a3
27c056ecd23eae80a97a67bf69df79ba15406f53a599badc8607fd4eb6615e08
36e2c444509d01e6deb25296082c18bd4dc7bc5193b4f5f37bc8ccd99c7e452e
3d5d2fa1869541fee2891c4f3526552d383ef6735d3fdac5fcda0ae443a71a76
56fd04078aac0232a0b63a311ff0f9d931756aa31f5fd6c46841658ff8747cdf
5c561411ad7ca870ff8699b982d9c7ca60f7179045a9a6827883a5bf53ed4c34
5ccbb4343ee494fa74aa16bd130506f24109594568a83a499a9f3d88e61156b3
5dfbeefaed4dc58fa8efa0be522013f3b928ede1588e2cefafdbfec7314120cf
65c5ae1508aa0611f34c062a03f3dbbd22cd5266f3fa6453864a4f3c0d0a4a13
667dcd414ad432cc2a35cba430e3aa0ce4bdf392e09cc10ff47f8accfeab76b4
6790f090472e1fcfc57510b55a0fc7abb63be0eac46d60ec3408dbd92c137c26
6d3b24a3517a7c7fee4b1c357395fdb8bff8d57bb0e4b340ef8e5e6fd78bef8d
70da36c87e034eb8edc81183ad4452ee6ca072ddb3daef51f363fa647d26d0db
7ede08960545c5061bc25acdcf697ce17b502f5a0e6ab9474616f73b6af76734
81bb134d1bbd3e31e1ddac9449ef1c509b7061a14e15554d625569cb38af44d4
85ee9cd6a707785dffe77b68144635c679d34a5797c930f9d93805733d53821e
ab457a2f13745951f2937b20de43901bea71adc19d197b802d12a81c50495fb7
ac7ad77e162ab09ba66c390407d542cb1998f27071394df3c98b88d7dce871e1
c0e7632fe04772c9834427d1ba179e1e2a50fc2811c88d9f131bb4a5a9a8b528
dfe006ec04a5410b9c567d57e61416c61a572302bae4f88fe51f58ae62ec5060
e379ae63c9e20364c55182812872db558aa6377291dee6c433ada9cb9b1a848d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea575d83840d0be8b930a03e6f4f1bf864e2e6335d4aea5ab48e973063aa226f
eaf379242604638f9e00b8302d2254f2c233b9dc9cd668e915b9f562f82a8cd8
fae50306da189d436ec50f0e2933f2728c5cd0e8ee1d56faa07392676ff8ff6f
fd5a15d1693aaedbd7c6dd5c54fd790fbe0b5207c017ea1d92dea3c395fa86de

save.tf Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

15155 kBTransfer

15757 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

save.tf Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

15155 kB
Transfer

15757 kB
Size

3
Cookies

30 HTTP transactions
0 data transactions