save.tf Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://save.tf/
Submission: On June 01 via manual (June 1st 2024, 11:02:55 pm UTC) from US — Scanned from NL

Summary HTTP 30 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 30 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is save.tf.
TLS certificate: Issued by E1 on May 17th 2024. Valid for: 3 months.

This is the only time save.tf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
30	3

28 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

save.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	save.tf 1 redirects save.tf	15 MB
2	google.com www.google.com — Cisco Umbrella Rank: 2	972 B
1	gstatic.com www.gstatic.com	209 KB
30	3

	Domain	Requested by
28	save.tf	1 redirects save.tf
2	www.google.com	save.tf www.gstatic.com
1	www.gstatic.com	www.google.com
30	3

This site contains links to these domains. Also see Links.

Domain
x.com

Subject Issuer	Validity	Valid
save.tf E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://save.tf/
Frame ID: 07AF9F8779A6A7F0A9FC2CFD22600145
Requests: 27 HTTP requests in this frame

Frame: https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
Frame ID: DE02F3E6AE3BF29E2FE319781D5EA643
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs&co=aHR0cHM6Ly9zYXZlLnRmOjQ0Mw..&hl=nl&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=a3q14qrjthh0
Frame ID: F0D905BBB95522508503AC2878A567C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome - #SaveTF2 Petition

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

30
Requests

97 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

15285 kB
Transfer

15897 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://x.com/TeamFortress/status/1529970640224018433
Title: Despite being aware of the bot crisis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://save.tf/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
save.tf/ 21 KB
9 KB 128ms
68ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5041f24f3e1bbfb80c4962b879c800fedb336d42bc69d624b843562c15e628fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 88d2d5518ee4bb73-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 01 Jun 2024 23:02:47 GMT
link: <https://save.tf/build/assets/app-5gGXZEy-.css>; rel="preload"; as="style", <https://save.tf/build/assets/app-DjoMmwAw.js>; rel="modulepreload", <https://save.tf/build/assets/Home-CU_YEkeU.js>; rel="modulepreload"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E00%2Frz0jWzZiSjBP%2BliZh%2FZlP3wMjTYry3%2B0Y0WOukjcyDQdVPEZ4nA3US4zSjBpuxObstWRomK4wyc0wxN%2B19E1kfypitL4TdQ75allR3Kp0hnvY572HQNE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Inertia
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H3 200 app-5gGXZEy-.css
save.tf/build/assets/ 26 KB
6 KB 28ms
28ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c796e9ddc60c88ca47715278423db4048b50f726104d70e11c1d1d31196c1e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2849
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: W/"665b488e-6841"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1boQjAvWCD%2FXcHh4%2Btm0cfvzd2Zt5iUBKDogVgS3ObD3VUalNoi7GikacddIGvHNTCd6DAjHvdqhpsgdxIWt1oBxBtKpI%2F0uUc0mbqSYWrLTY2x9qdUGIUi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88d2d5533fe7bb73-FRA

GET
H3 200 app-DjoMmwAw.js Show response
save.tf/build/assets/ 308 KB
103 KB 39ms
39ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/app-DjoMmwAw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d213e5a4865dac1ce160d620becc4a406663d190332beba2537e9b208833cb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2753
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: W/"665b488e-4ce0c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XODnbHhZdkEbclu%2BZsT9zup%2Bov6EcjI3SIQNOLGrTyEdfH3gQgqDhvbsIMr%2FdKn4Ca5N5s8Nz0%2BY2Rv88CN5pcSLPjRB81ROKacG%2F7NyoQySpmNwkl%2Bgn2um"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88d2d5534ff1bb73-FRA

GET
H3 200 Home-CU_YEkeU.js Show response
save.tf/build/assets/ 107 KB
37 KB 33ms
33ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/Home-CU_YEkeU.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a1272d244ef54c394f5a719a09ad96a91bf5dc9f3cd91316ab0e4ffe2aca89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2753
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: W/"665b488e-1aace"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThDJh8FKSeQ97nYcsM20s%2B7XqjZSqahI0toNBGkz9YY9jKa4Hnko%2ByKfo%2BnwsgctPR2hpePaIePKBBiJ4ox8s4wgCcAF229kyeaLODSOTI0htM%2FuX31ZvsQj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88d2d5534ff2bb73-FRA

GET
H3

200

main.js Show response
save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/ Frame DE02
Redirect Chain

https://save.tf/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

8 KB
4 KB

3051ms
3051ms

Script
application/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7575244467b5f016d761d026e1e8b132b4dd5fd0a04b486ee1dd9404033a840a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chVigVN4f4LjQS%2BKbZv2WPwGhL59y2IczFWzGR6m9pwzik26hHoy21rh0kUEJI6fShiLt2M7%2BSeYuRtFQ1OKWmHO9WEEhrTKPXxa7rr8aobF%2BC6OJsSPgqnC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 88d2d55468cbbb73-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 01 Jun 2024 23:02:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BmKFduzk5Ct1TIzi59FfDbjVZME01K6B85Xwld0OLTtW6nse85jHuHa1aMdQCeniFYjC7xs0fG%2BVjN3uxn%2FGUF8LpnCOMxRofgiflTPlDOSSQ7IdKRCRxx4n"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 88d2d553f86cbb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 saveTF2_text_alter-NNo8bocO.png
save.tf/build/assets/ 54 KB
55 KB 56ms
55ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/saveTF2_text_alter-NNo8bocO.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02a44aa4d7f9b9034abf8ce0bb890a99e6f19cab20f6eb54feb715adaaa3f9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 55451
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-d89b"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvH8IrdxP%2B52Lq%2BowQXRV29h1sQY5P8RdDzj7gB2T%2BXpzvYcfooBqHbBnKexcU6xDJ9zAKXGCMV3hXVYoIWs0bogEMLSFarGG2GQLEbDRoGP%2FVNY%2B0ug2fju"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d5542898bb73-FRA

GET
H3 200 aimbotshero_header-DynjqURP.png
save.tf/build/assets/ 48 KB
48 KB 34ms
33ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/aimbotshero_header-DynjqURP.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a9fbc9463be1bed50f4209f4613a188da87ce7e96d5f58bfafaeb57a94b76ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 48943
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-bf2f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47UWivjAmKMAVFjBPukcoMUuDgIym%2FbWBH9qY1BX2AuxTu2sCizmj1%2BtL2Mw%2B73rx83Fr8NI7ER0uxSJnk1ei3n8baOcCC4KurJEfQIucNm1rNYSPFEw6g3K"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d5542899bb73-FRA

GET
H3 200 aimbotImg-DVBW9XSu.png
save.tf/build/assets/ 2 MB
2 MB 82ms
81ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/aimbotImg-DVBW9XSu.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

145ca14c8357dbf805e6ed3b774abbc492b62f13dcbff21ce68d4ff021307838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5522
alt-svc: h3=":443"; ma=86400
content-length: 2423272
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-24f9e8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHuOsxUU%2B6fY18g%2BEwaB1HY2WbJEYaKeFPtGktrfh2K%2FVllvm9kPhqruFy52luYdkuz1LNEC33J085j%2BK3J2l489l2mM5Ri4M4JMn72KS8brVEop7FDMOKUI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d554289abb73-FRA

GET
H3 200 maliciousmachines-bAGf_y7p.png
save.tf/build/assets/ 128 KB
128 KB 896ms
895ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/maliciousmachines-bAGf_y7p.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fae50306da189d436ec50f0e2933f2728c5cd0e8ee1d56faa07392676ff8ff6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 130649
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-1fe59"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2F8%2F5w2s8%2Bwo93S1QXo%2FeMIrUfLb8YU43eBWHOdkfFtVUZtaNFtZ0lM1H%2By5yH01jAhWaiElGPYz5HN%2FeJR5s2xKZHmCFPz2K%2BAv%2BrHvjrlKJBfd4oTxoY9P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d554289cbb73-FRA

GET
H3 200 maliciousmachinesphotostack-0VFGvOir.png
save.tf/build/assets/ 511 KB
512 KB 926ms
925ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/maliciousmachinesphotostack-0VFGvOir.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6790f090472e1fcfc57510b55a0fc7abb63be0eac46d60ec3408dbd92c137c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 523501
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-7fced"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoabNebjykW3ovYzBwaC3JKymTPsJuyl89yRFxJN5ahNEU1j1oJKA3C6RbicrUK0cVbBDFz2rfe2aRhL5krVU0m6I%2B6jc4Bcw2tdCJXo4KY5pptx1rF00%2FKI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d554289ebb73-FRA

GET
H3 200 brothersinarms_-5Mcqmnqg.png
save.tf/build/assets/ 650 KB
651 KB 1058ms
1057ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/brothersinarms_-5Mcqmnqg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab457a2f13745951f2937b20de43901bea71adc19d197b802d12a81c50495fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6552
alt-svc: h3=":443"; ma=86400
content-length: 665456
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-a2770"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mcgMrnqbt2qfdyJLHmyc53bn9ivSO7f1%2BQlGRh3Lt1FwcPVRpYX8Drj3Bo7LmOqzE%2FXNEostCxxtpZ5%2F5RCuiXHUXzAhJxUl3RboJby8Zc028ZOLX%2F1mQfBg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d554289fbb73-FRA

GET
H3 200 timelessmasterpiece-CWdvy0Zo.png
save.tf/build/assets/ 44 KB
44 KB 1215ms
1215ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/timelessmasterpiece-CWdvy0Zo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e2c444509d01e6deb25296082c18bd4dc7bc5193b4f5f37bc8ccd99c7e452e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 44625
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-ae51"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8BjH53ev8c5iEjEYfjnr4m2hhXCtouVnaJLmlHDMZFU2zanwvhPA%2FUNVwwwA7htduTzIFvxPgTUG4pSDe0fVhX3ytvB67Dq0eJQDqNIzG57NcT5fea%2BqLpz3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55428a1bb73-FRA

GET
H3 200 Timeless_Masterpiece-CH8ZTN59.png
save.tf/build/assets/ 381 KB
382 KB 1223ms
1222ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/Timeless_Masterpiece-CH8ZTN59.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70da36c87e034eb8edc81183ad4452ee6ca072ddb3daef51f363fa647d26d0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6634
alt-svc: h3=":443"; ma=86400
content-length: 390497
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-5f561"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BoY0cE7NlsNpYM4lDGKUOubcoYdKL1na3t2UqVQKhVoy9p7NEmnSnkC81%2F%2Brd1iJ%2Bf3ZTPHM6v4VB3kvCC0yMf8dlM7URzAxYEtCMuEnVdUAZWycGHa5qMS2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55428a2bb73-FRA

GET
H3 200 map-maUeDwP8.webp
save.tf/build/assets/ 470 KB
471 KB 1312ms
1311ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/map-maUeDwP8.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85ee9cd6a707785dffe77b68144635c679d34a5797c930f9d93805733d53821e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6634
alt-svc: h3=":443"; ma=86400
content-length: 481164
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-7578c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmGB04Pn7ONJnB4Yd9v8VMn2Pl%2BaYkbK3UXQxYkq4XQ22er2mqQDl%2BRJzUm9quPxuOA19hcmia9sY8iUz8MzFoDrWiFD9FMTPh8YQAzrGtjy6D26Bd25d%2Bh0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55428a3bb73-FRA

GET
H3 200 bg_01_alt-DyhPwjrs.png
save.tf/build/assets/ 1 MB
1 MB 1403ms
1403ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_01_alt-DyhPwjrs.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63e07a93b9b35bf726e53300c9bf55a7e707ecaebf6916fa87ba76ec1c3b4a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-5gGXZEy-.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6634
alt-svc: h3=":443"; ma=86400
content-length: 1414439
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-159527"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8dGZemq8cOdLTNSSh9aanHBetZKBj6iH5MwSeIez2mYLjEMuRBecFBwhV70d16hJrra76Q7d3Ycv0z%2FrxaKPBI%2FQ%2BErJKKZUanbCf2wB7JtFMq0b58u3KNyD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55428a6bb73-FRA

GET
H3 200 sign_render1-bZKf4C8e.png
save.tf/build/assets/ 296 KB
297 KB 1660ms
1660ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/sign_render1-bZKf4C8e.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

667dcd414ad432cc2a35cba430e3aa0ce4bdf392e09cc10ff47f8accfeab76b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-5gGXZEy-.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6552
alt-svc: h3=":443"; ma=86400
content-length: 303281
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-4a0b1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7IvtWatHJQ%2FNlR%2BWQ0y1Zf6VDPPbwOMFRjHtmpee9AhKLGp9ecXK70w%2BPjEARgV0dyq%2By9fkhBEJarMb%2Bv%2F5EgLoiU7CKsV6yDgnxYLB%2FSzPO2zknAsMuRI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55428a8bb73-FRA

GET
H3 200 barrier_menu-C3db8t-R.png
save.tf/build/assets/ 108 KB
109 KB 1711ms
1711ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/barrier_menu-C3db8t-R.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe006ec04a5410b9c567d57e61416c61a572302bae4f88fe51f58ae62ec5060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-5gGXZEy-.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6634
alt-svc: h3=":443"; ma=86400
content-length: 111075
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-1b1e3"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rXms5ZmEDKnt7UyMGpGlGldeRHU1ljgQELNU7OC7M%2B5CU8J6un%2F1x552VyRR144c20qB1pdhfYNCxOn1MZ6YKdU40m5M00w9jKt%2F2h7NdzawCTVtNTnMOR%2Bo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55428a9bb73-FRA

GET
H3 200 bg_02-DuOr3Lhx.png
save.tf/build/assets/ 1 MB
1 MB 1729ms
1729ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_02-DuOr3Lhx.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c6ff331deb0a07390541203f850f13c71be942625d7f6a2f610856ce3b1b9a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-5gGXZEy-.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 1358366
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-14ba1e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c3ftJGuWRau%2F3XXEe%2BJnSTDqLrWsOpYCgw4ZGObPOLMvAMtx%2FPHwF5ci4Ymr4J6oipK5LXG9v3tbWHcXRWh%2FIAK7ysod3Q41lsPM96ZPiGsx6O%2BxJmzGq%2BZd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55428aabb73-FRA

GET
H3 200 barrier-BTbXkvz7.png
save.tf/build/assets/ 91 KB
92 KB 1940ms
1939ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/barrier-BTbXkvz7.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65c5ae1508aa0611f34c062a03f3dbbd22cd5266f3fa6453864a4f3c0d0a4a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-5gGXZEy-.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 93244
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-16c3c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRcj%2BFlI3dXQeReQIA7mDJpAL44C%2FHnZJtWkZr0I7EE6d9NDaPjfPLjCT948mllvVS%2FdUKhd007uVP%2B6mmlBIjly1p%2FUwQFdpomxdGhmlA5j35VwK7YDlRSN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55428abbb73-FRA

GET
H3 200 bg_05-Cr8tWeI8.png
save.tf/build/assets/ 2 MB
2 MB 1960ms
1959ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_05-Cr8tWeI8.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccbb4343ee494fa74aa16bd130506f24109594568a83a499a9f3d88e61156b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-5gGXZEy-.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 1736411
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-1a7edb"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OkgARn7oegbhSpQdOToWKXHCsyM3p43dM4ROB4H4PzvxQFlJkn6%2F87nD%2Bj0WSb4QTxCu4hldKDxEYAcP9mYIwvD1xqqqwg0HvAd8U8HlEA%2FTFl0V5hfvm%2Fsp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55438adbb73-FRA

GET
H3 200 bg_06-Ck6rxTSJ.png
save.tf/build/assets/ 2 MB
2 MB 2226ms
2226ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_06-Ck6rxTSJ.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac7ad77e162ab09ba66c390407d542cb1998f27071394df3c98b88d7dce871e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-5gGXZEy-.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 1712370
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-1a20f2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yfbZrt%2FeaRLFkAeCfJ%2FTUr2aXgL8kLzSXjrZBVf9bu%2BSz8ONU6ERJP37F3C4WSgXRVDXoQVif1IVPNcVAigODyNz48GzH6WZJZkzLTP7HO5cV1D%2FTh%2Fw269o"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55438afbb73-FRA

GET
H3 200 bg_04-BNjYlBuf.png
save.tf/build/assets/ 557 KB
558 KB 2484ms
2483ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/bg_04-BNjYlBuf.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56fd04078aac0232a0b63a311ff0f9d931756aa31f5fd6c46841658ff8747cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-5gGXZEy-.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 570736
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-8b570"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TUEkVN%2FDeREgiab%2BXSumAJTFpyGtg14NwtWrXPkevXyJZlknhW5xrONctq%2B39y9TvP6%2FrJNZz93e%2B300hiK7CGeFkVAXkUbW3WMC86j%2FM4fBqxVbzZisHWev"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55438b0bb73-FRA

GET
H3 200 contracker_bg-BAx80L3w.png
save.tf/build/assets/ 3 MB
3 MB 2560ms
2559ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://save.tf/build/assets/contracker_bg-BAx80L3w.png

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5a15d1693aaedbd7c6dd5c54fd790fbe0b5207c017ea1d92dea3c395fa86de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-5gGXZEy-.css
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 3107168
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-2f6960"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ei1JkRXfRoWSW1lTS5iJuhmbspSuj61sa8%2BYhOR1egGkN0NcmfECATA6U6A%2BNCKtm2TxLWXUsXJDeDpdpjv%2F3nI0DagVFbVRohla8K8IYlrvRPYYMe0vLUVo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55438b1bb73-FRA

GET
H3 200 TF2build-gGB78klV.ttf
save.tf/build/assets/ 56 KB
56 KB 3037ms
3036ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/TF2build-gGB78klV.ttf

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d3b24a3517a7c7fee4b1c357395fdb8bff8d57bb0e4b340ef8e5e6fd78bef8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-5gGXZEy-.css
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5348
alt-svc: h3=":443"; ma=86400
content-length: 57168
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-df50"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UqQi4PyfvniR4%2F6rHUNwj%2B4M%2F5XgLUR2xVkBpOtKqOf3Wn6mHDMzByGjxNcIuBlHPNNOI8bS%2BROxyIlJ%2FsgvrhSnE%2F9fixXdRZf1qxfJu7aTbNrflyyWsT%2Bx"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55478dfbb73-FRA

GET
H3 200 TF2secondary-kmQwUjS2.ttf
save.tf/build/assets/ 29 KB
29 KB 3046ms
3046ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/TF2secondary-kmQwUjS2.ttf

Requested by

Host: save.tf
URL: https://save.tf/build/assets/app-5gGXZEy-.css

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea575d83840d0be8b930a03e6f4f1bf864e2e6335d4aea5ab48e973063aa226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/build/assets/app-5gGXZEy-.css
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2110
alt-svc: h3=":443"; ma=86400
content-length: 29452
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: "665b488e-730c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJJDkJOWgn%2BvBiiMl3jz6UqVJD9PGGF7caZSlOSciQcwNtQPXAAFVcS%2FQ9o0TjedAUhglT8Mm31fuN3GPJ1wp8pfd2LtfscT49W9wLWA7sPUxb7IFr9Fm9a0"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88d2d55478e0bb73-FRA

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
972 B 81ms
32ms Script
text/javascript 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs

Requested by

Host: save.tf
URL: https://save.tf/build/assets/Home-CU_YEkeU.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

7ede08960545c5061bc25acdcf697ce17b502f5a0e6ab9474616f73b6af76734

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 01 Jun 2024 23:02:47 GMT

GET
H3 200 favicon-D6VY46-y.svg
save.tf/build/assets/ 1 KB
1 KB 3037ms
3036ms Other
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://save.tf/build/assets/favicon-D6VY46-y.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27c056ecd23eae80a97a67bf69df79ba15406f53a599badc8607fd4eb6615e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 23:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1208
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 01 Jun 2024 16:13:02 GMT
server: cloudflare
etag: W/"665b488e-4d2"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jW79%2B90xv82YG3vi1FoGD%2BFbYsoSx7GuQZQbAc2MjyJ%2F82476fw2iN4pkQzyEpLfnYm93DO0QIPogTFkSmVqRwGS5Lxs3OuieYaFZDDOXZ%2FJaa1xCj49NdLR"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 88d2d55478ddbb73-FRA

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/ 526 KB
209 KB 129ms
30ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81bb134d1bbd3e31e1ddac9449ef1c509b7061a14e15554d625569cb38af44d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://save.tf/
Origin: https://save.tf
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 12:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 213502
x-xss-protection: 0
last-modified: Mon, 27 May 2024 02:00:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Jun 2025 12:44:10 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame F0D9 0
0 78ms
38ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_y-gpAAAAAI5DJ0aFnCkZcJgUvLdwhYW6BAhs&co=aHR0cHM6Ly9zYXZlLnRmOjQ0Mw..&hl=nl&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=a3q14qrjthh0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dtc28veLeuGp4GfYvVslng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://save.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dtc28veLeuGp4GfYvVslng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jun 2024 23:02:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 88d2d5518ee4bb73 Show response
save.tf/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame DE02 0
572 B 41ms
40ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://save.tf/cdn-cgi/challenge-platform/h/g/jsd/r/88d2d5518ee4bb73
Requested by: Host: save.tf
URL: https://save.tf/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 01 Jun 2024 23:02:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6mjUBz6KGlW%2BGXOoYvc%2BiMJarUNnfRJouPmPh0t2hEc3AaTk40dsJ6wApnZuvhHOco%2BiPSs8YMEaZThCAaCQy8K2tGHvlzBN2SR2pgorkNpSMBweudRBtrtZ"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 88d2d5684f51bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
save.tf/	1970-01-20 21:01:30	Name: XSRF-TOKEN Value: eyJpdiI6IlRBQTdGZ0pCajZhd0RYZXgzUlhTcVE9PSIsInZhbHVlIjoiUyt0TTRqRXVodDUwZnNIYWJiRnl4SUhpeGJ4aVlHSzFjaHUzdUsrVFk5a0RvZjFnaHRvZnVPUW9aUENJYkM1K2JFZlJxSGMvZ0V4a0VQaU9GcU5NUm1KYUpvRS9lUUN2NzRuUVhSTEpueHFQWXJ5Q2xpUVh2SysveGVwdEJJMU4iLCJtYWMiOiI4Zjg5YzNlODc0NzU1MWNhN2E3ZDVlZDk1NWIxOGI1ZWNkOWU0ZDczMjQ4MmI5ZjFiMTRiNjhhYTUzM2UzMjkzIiwidGFnIjoiIn0%3D
save.tf/	1970-01-20 21:01:30	Name: savetf2_petition_session Value: eyJpdiI6InlZWDlUclhzeXN6OGNERHRkRnFCdEE9PSIsInZhbHVlIjoiWHJkVWM0S09RRmVFN2gyelRjT0Y1c21vczNUeDlia3lOL0lnaGdXbkw2RnNMRnQydTJzL3paMjBZc3pMQnFKM3NpWEExbkdxTmRRUUZ2VnRWU1dLSlU2M1g1RVFhTEU5Skt1eVphZTU5S0xxcFZJL1pXVTRnbXdYQVRkb1RDREMiLCJtYWMiOiJhZGJiMzRjZDQ5NGM1NTM4OWUzNTBkNmM3N2VjMWYwZDIzMWYzOGQzODQ1MjI2MDFmM2UyODVjYjJlMTkxZjQ1IiwidGFnIjoiIn0%3D
.save.tf/	1970-01-21 05:46:58	Name: cf_clearance Value: KKP093xOCdem2fiA7cJiWo.tPgZaHQW9NLaaFv8K_yU-1717282970-1.0.1.1-bzNaA_f1TYIUaPUuHxusLyQl07W0fWoK1MgENrLDbIh5NJOP20t2ldGRy_yjv6zvLDsMD.A0DGtk5NgCo1HguA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

save.tf
www.google.com
www.gstatic.com
142.250.181.228
188.114.96.3
2a00:1450:4001:800::2003
02a44aa4d7f9b9034abf8ce0bb890a99e6f19cab20f6eb54feb715adaaa3f9d5
0a9fbc9463be1bed50f4209f4613a188da87ce7e96d5f58bfafaeb57a94b76ea
145ca14c8357dbf805e6ed3b774abbc492b62f13dcbff21ce68d4ff021307838
1c6ff331deb0a07390541203f850f13c71be942625d7f6a2f610856ce3b1b9a3
27c056ecd23eae80a97a67bf69df79ba15406f53a599badc8607fd4eb6615e08
36e2c444509d01e6deb25296082c18bd4dc7bc5193b4f5f37bc8ccd99c7e452e
3d213e5a4865dac1ce160d620becc4a406663d190332beba2537e9b208833cb7
5041f24f3e1bbfb80c4962b879c800fedb336d42bc69d624b843562c15e628fa
56fd04078aac0232a0b63a311ff0f9d931756aa31f5fd6c46841658ff8747cdf
5ccbb4343ee494fa74aa16bd130506f24109594568a83a499a9f3d88e61156b3
63e07a93b9b35bf726e53300c9bf55a7e707ecaebf6916fa87ba76ec1c3b4a71
65c5ae1508aa0611f34c062a03f3dbbd22cd5266f3fa6453864a4f3c0d0a4a13
667dcd414ad432cc2a35cba430e3aa0ce4bdf392e09cc10ff47f8accfeab76b4
6790f090472e1fcfc57510b55a0fc7abb63be0eac46d60ec3408dbd92c137c26
6d3b24a3517a7c7fee4b1c357395fdb8bff8d57bb0e4b340ef8e5e6fd78bef8d
70da36c87e034eb8edc81183ad4452ee6ca072ddb3daef51f363fa647d26d0db
7575244467b5f016d761d026e1e8b132b4dd5fd0a04b486ee1dd9404033a840a
7c796e9ddc60c88ca47715278423db4048b50f726104d70e11c1d1d31196c1e3
7ede08960545c5061bc25acdcf697ce17b502f5a0e6ab9474616f73b6af76734
81bb134d1bbd3e31e1ddac9449ef1c509b7061a14e15554d625569cb38af44d4
85ee9cd6a707785dffe77b68144635c679d34a5797c930f9d93805733d53821e
a6a1272d244ef54c394f5a719a09ad96a91bf5dc9f3cd91316ab0e4ffe2aca89
ab457a2f13745951f2937b20de43901bea71adc19d197b802d12a81c50495fb7
ac7ad77e162ab09ba66c390407d542cb1998f27071394df3c98b88d7dce871e1
dfe006ec04a5410b9c567d57e61416c61a572302bae4f88fe51f58ae62ec5060
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea575d83840d0be8b930a03e6f4f1bf864e2e6335d4aea5ab48e973063aa226f
fae50306da189d436ec50f0e2933f2728c5cd0e8ee1d56faa07392676ff8ff6f
fd5a15d1693aaedbd7c6dd5c54fd790fbe0b5207c017ea1d92dea3c395fa86de

save.tf Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

15285 kBTransfer

15897 kBSize

3 Cookies

1 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

save.tf Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

15285 kB
Transfer

15897 kB
Size

3
Cookies

30 HTTP transactions
0 data transactions