urlscan.io logo urlscan.io
SecurityTrails logo

rufonts.pro Open in urlscan Pro
185.197.163.190  Public Scan

Go To Rescan Add Verdict Report
URL: https://rufonts.pro/shrift/amber
Submission: On January 06 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 44 HTTP transactions. The main IP is 185.197.163.190, located in Amsterdam, Netherlands and belongs to THREE-W-INFRA-AS 3W Infra B.V., NL. The main domain is rufonts.pro.
TLS certificate: Issued by E6 on November 7th 2024. Valid for: 3 months.
This is the only time rufonts.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 185.197.163.190 60144 (THREE-W-I...)
2 157.240.0.6 32934 (FACEBOOK)
1 3 185.71.78.222 43247 (YooMoney-...)
1 1 151.101.1.21 54113 (FASTLY)
1 192.229.221.25 15133 (EDGECAST)
3 142.250.186.68 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 15 2a02:6b8::1:119 13238 (YANDEX YA...)
1 157.240.0.35 32934 (FACEBOOK)
44 11
18    185.197.163.190 (Amsterdam, Netherlands)

ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL)
PTR: vps13783.ua-hosting.company
rufonts.pro
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
3    185.71.78.222 (Russian Federation)

ASN43247 (YooMoney-AS "YooMoney" NBCO LLC, RU)
PTR: ip-185-71-78-222.yoomoney.ru
yoomoney.ru
1    151.101.1.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
3    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
15    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
mc.yandex.ru
mc.webvisor.org
1    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
18 rufonts.pro
rufonts.pro
428 KB
13 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4577
82 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
966 B
3 yoomoney.ru
yoomoney.ru — Cisco Umbrella Rank: 209248
446 B
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 27270
895 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
117 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
76 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
1 gstatic.com
www.gstatic.com
220 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
31 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2811
440 B
1 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3003
979 B
44 12
Domain Requested by
18 rufonts.pro rufonts.pro
ajax.googleapis.com
13 mc.yandex.ru 3 redirects cdn.jsdelivr.net
rufonts.pro
3 www.google.com rufonts.pro
www.gstatic.com
3 yoomoney.ru 1 redirects rufonts.pro
2 mc.webvisor.org 1 redirects rufonts.pro
2 cdn.jsdelivr.net rufonts.pro
2 connect.facebook.net rufonts.pro
connect.facebook.net
1 www.facebook.com connect.facebook.net
1 www.gstatic.com www.google.com
1 ajax.googleapis.com rufonts.pro
1 www.paypalobjects.com rufonts.pro
1 www.paypal.com 1 redirects
44 12
Subject Issuer Validity Valid
rufonts.pro
E6		 2024-11-07 -
2025-02-05		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-15 -
2025-01-13		 3 months crt.sh
*.yoomoney.ru
GlobalSign GCC R3 DV TLS CA 2020		 2024-07-30 -
2025-08-31		 a year crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh

This page contains 7 frames:

Primary Page: https://rufonts.pro/shrift/amber
Frame ID: C35AFD71913963BE0CF0748B256674E2
Requests: 46 HTTP requests in this frame

Frame: https://yoomoney.ru/quickpay/fundraise/button?targets=%D0%9D%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%2C%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%88%D1%80%D0%B8%D1%84%D1%82%D1%8B%2C%20%D0%BF%D0%B8%D0%B2%D0%BE%20%D0%B8%20%D0%BA%D0%BE%D1%88%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BA%D0%BE%D1%80%D0%BC%20%3D)&default-sum=149&button-text=14&yamoney-payment-type=on&button-size=s&button-color=orange&successURL=https%3A%2F%2Frufonts.pro%2Fthanks&quickpay=small&account=410014499714023&
Frame ID: CA4BCA14AEA94D8911D1F170D0A83335
Requests: 1 HTTP requests in this frame

Frame: https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9D%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%2C%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%88%D1%80%D0%B8%D1%84%D1%82%D1%8B%2C%20%D0%BF%D0%B8%D0%B2%D0%BE%20%D0%B8%20%D0%BA%D0%BE%D1%88%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BA%D0%BE%D1%80%D0%BC%20%3D)&targets-hint=&default-sum=299&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Frufonts.pro%2Fthanks&quickpay=shop&account=410014499714023
Frame ID: 688F5EF43AD040B30599799440F8F9B3
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: 004B863EB9132C16A745B39791A0FF20
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUNLUUAAAAAP3nih8aM2TO8x7GCZkET5GI1Wxs&co=aHR0cHM6Ly9ydWZvbnRzLnBybzo0NDM.&hl=ru&v=zIriijn3uj5Vpknvt_LnfNbF&theme=light&size=normal&cb=mt5vavxjv1id
Frame ID: E6AA7A7D0763B658E2B309CE6C325A40
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=zIriijn3uj5Vpknvt_LnfNbF&k=6LcUNLUUAAAAAP3nih8aM2TO8x7GCZkET5GI1Wxs
Frame ID: 5FA712C3E8FC92533DB8FBF31599FA4B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.3/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4522b0b0218179d2%26domain%3Drufonts.pro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frufonts.pro%252Ff3627531e49ba6fdd%26relation%3Dparent.parent&color_scheme=light&container_width=1010&height=100&href=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&locale=ru_RU&numposts=20&sdk=joey&version=v3.3&width=
Frame ID: 991CC12F02464FE2CDF1291A8D2189A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amber шрифт | скачать бесплатно для WEB

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

44
Requests

86 %
HTTPS

36 %
IPv6

12
Domains

12
Subdomains

11
IPs

4
Countries

951 kB
Transfer

1984 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://yoomoney.ru/quickpay/button-widget?targets=%D0%9D%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%2C%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%88%D1%80%D0%B8%D1%84%D1%82%D1%8B%2C%20%D0%BF%D0%B8%D0%B2%D0%BE%20%D0%B8%20%D0%BA%D0%BE%D1%88%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BA%D0%BE%D1%80%D0%BC%20%3D)&default-sum=149&button-text=14&yamoney-payment-type=on&button-size=s&button-color=orange&successURL=https%3A%2F%2Frufonts.pro%2Fthanks&quickpay=small&account=410014499714023& HTTP 301
  • https://yoomoney.ru/quickpay/fundraise/button?targets=%D0%9D%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%2C%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%88%D1%80%D0%B8%D1%84%D1%82%D1%8B%2C%20%D0%BF%D0%B8%D0%B2%D0%BE%20%D0%B8%20%D0%BA%D0%BE%D1%88%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BA%D0%BE%D1%80%D0%BC%20%3D)&default-sum=149&button-text=14&yamoney-payment-type=on&button-size=s&button-color=orange&successURL=https%3A%2F%2Frufonts.pro%2Fthanks&quickpay=small&account=410014499714023&
Request Chain 7
  • https://www.paypal.com/en_AU/i/scr/pixel.gif HTTP 301
  • https://www.paypalobjects.com/en_AU/i/scr/pixel.gif
Request Chain 35
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A1080811132487%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025538%3Aet%3A1736128539%3Ac%3A1%3Arn%3A197501889%3Arqn%3A1%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A319%3Awv%3A2%3Ads%3A129%2C35%2C81%2C17%2C0%2C0%2C%2C151%2C6%2C%2C%2C%2C414%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Ast%3A1736128539&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(65536)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A1080811132487%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025538%3Aet%3A1736128539%3Ac%3A1%3Arn%3A197501889%3Arqn%3A1%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A319%3Awv%3A2%3Ads%3A129%2C35%2C81%2C17%2C0%2C0%2C%2C151%2C6%2C%2C%2C%2C414%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Ast%3A1736128539&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
Request Chain 37
  • https://mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22redesign%22%3A1%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1156780476803%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025538%3Aet%3A1736128539%3Ac%3A1%3Arn%3A609138497%3Arqn%3A1%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A319%3Awv%3A2%3Ads%3A129%2C35%2C81%2C17%2C0%2C0%2C%2C151%2C6%2C%2C%2C%2C414%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Arqnl%3A1%3Ast%3A1736128539%3At%3AAmber%20%D1%88%D1%80%D0%B8%D1%84%D1%82%20%7C%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B4%D0%BB%D1%8F%20WEB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(33628928)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22redesign%22%3A1%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1156780476803%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025538%3Aet%3A1736128539%3Ac%3A1%3Arn%3A609138497%3Arqn%3A1%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A319%3Awv%3A2%3Ads%3A129%2C35%2C81%2C17%2C0%2C0%2C%2C151%2C6%2C%2C%2C%2C414%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Arqnl%3A1%3Ast%3A1736128539%3At%3AAmber%20%D1%88%D1%80%D0%B8%D1%84%D1%82%20%7C%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B4%D0%BB%D1%8F%20WEB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2833628928%29ti%281%29&redirnss=1
Request Chain 40
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10611.RHOq6QQKxDhyvqfH5ed67cIhP6SGp1MElRoj3ifSkot7AikS02tfDOz47q3WwQa0.KtI3UyKP30B9HFXy4Zq2XflUEko%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10611.vFdUdRO43B40O4JnOdm7XSrDRn8_Sx36j0qaZ0eEzHBpcx-MgiFxAeaaqrd2gZoeO9ze9ihLA3keTh14veb5nW9ciDiCMKZJs9PWNbwSjJdC5a5DqLsKepkDbchgSwq5fNv5QoJ649LYrZ6JWZHeZZGPRmIlGtJNwmqOZ22ji66FiRnuxk7-vpYW6QAmcU1OcteEztEhefRS79DmRhMzyXspEttHw4mRqLtgkvSj_B8%2C.aIR1gkneuy1WSckbwCQBSKgmKe0%2C

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request amber
rufonts.pro/shrift/ 		46 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/shrift/amber
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
d4f8a6911474fcf5f24c73e7dd3835eb13d11dd604b92f1f8d89a741b5a06ef4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 06 Jan 2025 01:55:38 GMT
ETag
W/"b97f-Lo9msOkUMFOTzj3/IHCH1lYCNPc"
Keep-Alive
timeout=5
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express
stylesheet.css
rufonts.pro/fonts/ 		5 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/fonts/stylesheet.css
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
e8d37f97364ceaf8c136d5934174b0709a8f0ef5dd87d10132c9fd6040cd5eff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/shrift/amber

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=0
Content-Encoding
gzip
ETag
W/"124d-16ce331c710"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Fri, 30 Aug 2019 15:43:06 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
icons.svg
rufonts.pro/images/ 		17 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/images/icons.svg
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
dc0f12a09fea013c61d9d555f6171cfba47ee5c2fa32f55f330bc8daaba37a88

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/shrift/amber

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=0
Content-Encoding
gzip
ETag
W/"435e-16cd2603480"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Tue, 27 Aug 2019 09:20:16 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
image/svg+xml
logo_white.svg
rufonts.pro/images/ 		22 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rufonts.pro/images/logo_white.svg
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
0cce264372d4c42091edc6502e375cbf67a7b7a1ca4c53b20a13281a2330ed2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/shrift/amber

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=0
Content-Encoding
gzip
ETag
W/"58fc-183605a8be3"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Wed, 21 Sep 2022 14:01:30 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
image/svg+xml
9sdEXSOQfJA.jpg
rufonts.pro/images-files/66bfae26d18b75f5acf59c5c/ 		137 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rufonts.pro/images-files/66bfae26d18b75f5acf59c5c/9sdEXSOQfJA.jpg
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
e955841cba8a6f08aee811dcce0858e4dbaae9d458f4585b3ae2ed1baeda2221

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/shrift/amber

Response headers

Cache-Control
public, max-age=0
ETag
W/"2235c-1915cc0466a"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
140124
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Fri, 16 Aug 2024 19:53:10 GMT
X-Powered-By
Express
Content-Type
image/jpeg
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
2e5b4f74f8f47d0aa615986baefcde985fee76b59bf45e0cd1212cd972aee103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rufonts.pro
Referer
https://rufonts.pro/

Response headers

content-md5
oNPKUiJPgVrXTRuVHWMw6w==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"b4da7832d3767b7214c3dfb53f413ab4"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 01:56:46 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Jan 2025 01:55:38 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
b6b64f92e6550a9cb20acc556538964e
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4472, tp=9, tpl=0, uplat=5, ullat=-1
x-fb-debug
9MRK3EwF8OJFMf+JMzZnl5OwYxy4jMdu5xeljcszS48x9qUVjb8RXurFisQOtDUR/rHLmmnDJd49cG+ilcQloQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1686
origin-agent-cluster
?1
button
yoomoney.ru/quickpay/fundraise/ Frame CA4B
Redirect Chain
  • https://yoomoney.ru/quickpay/button-widget?targets=%D0%9D%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%2C%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%88%D1%80%D0%B8%D1%84%D1%82%D1%8B%2C%20%D0%BF%D0%B8%D...
  • https://yoomoney.ru/quickpay/fundraise/button?targets=%D0%9D%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%2C%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%88%D1%80%D0%B8%D1%84%D1%82%D1%8B%2C%20%D0%BF%D0%B...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://yoomoney.ru/quickpay/fundraise/button?targets=%D0%9D%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%2C%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%88%D1%80%D0%B8%D1%84%D1%82%D1%8B%2C%20%D0%BF%D0%B8%D0%B2%D0%BE%20%D0%B8%20%D0%BA%D0%BE%D1%88%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BA%D0%BE%D1%80%D0%BC%20%3D)&default-sum=149&button-text=14&yamoney-payment-type=on&button-size=s&button-color=orange&successURL=https%3A%2F%2Frufonts.pro%2Fthanks&quickpay=small&account=410014499714023&
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.71.78.222 , Russian Federation, ASN43247 (YooMoney-AS "YooMoney" NBCO LLC, RU),
Reverse DNS
ip-185-71-78-222.yoomoney.ru
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://static.yoomoney.ru; base-uri 'none'; object-src 'none'; script-src 'self' 'unsafe-inline' https: 'nonce-cCyo41cD3yRhKWbsgMzjSg==' 'strict-dynamic' 'report-sample' https://top-fwz1.mail.ru https://static.yoomoney.ru; style-src 'self' 'unsafe-inline' https://static.yoomoney.ru; font-src 'self' https://static.yoomoney.ru https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz https://yastatic.net; img-src 'self' data: https://static.yoomoney.ru https://vk.com https://vk.ru https://*.vk.com https://top-fwz1.mail.ru https://www.google.com https://www.google.ru https://ccomni-ds.yoomoney.ru https://yoomoney.ru https://avatars.mds.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; media-src 'self' https://static.yoomoney.ru; manifest-src 'self' https://static.yoomoney.ru; frame-src 'self' https://ru.id.facct.ru https://www.google.com https://top-fwz1.mail.ru https://multitransfer.online https://smartcaptcha.yandexcloud.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; child-src 'self' blob:; connect-src 'self' https://*.yoomoney.ru https://*.yooteam.ru https://vk.com https://vk.ru https://top-fwz1.mail.ru https://stats.g.doubleclick.net https://*.yoomoney.ru:9091 https://127.0.0.1:* https://*.2gis.com https://*.2gis.ru wss://*.yoomoney.ru https://privacy-cs.mail.ru https://r.mradx.net https://rs.mail.ru https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; form-action 'self' *; upgrade-insecure-requests; block-all-mixed-content; report-to transfer; report-uri https://yoomoney.ru/transfer/platform/report-csp;
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rufonts.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src https://static.yoomoney.ru; base-uri 'none'; object-src 'none'; script-src 'self' 'unsafe-inline' https: 'nonce-cCyo41cD3yRhKWbsgMzjSg==' 'strict-dynamic' 'report-sample' https://top-fwz1.mail.ru https://static.yoomoney.ru; style-src 'self' 'unsafe-inline' https://static.yoomoney.ru; font-src 'self' https://static.yoomoney.ru https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz https://yastatic.net; img-src 'self' data: https://static.yoomoney.ru https://vk.com https://vk.ru https://*.vk.com https://top-fwz1.mail.ru https://www.google.com https://www.google.ru https://ccomni-ds.yoomoney.ru https://yoomoney.ru https://avatars.mds.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; media-src 'self' https://static.yoomoney.ru; manifest-src 'self' https://static.yoomoney.ru; frame-src 'self' https://ru.id.facct.ru https://www.google.com https://top-fwz1.mail.ru https://multitransfer.online https://smartcaptcha.yandexcloud.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; child-src 'self' blob:; connect-src 'self' https://*.yoomoney.ru https://*.yooteam.ru https://vk.com https://vk.ru https://top-fwz1.mail.ru https://stats.g.doubleclick.net https://*.yoomoney.ru:9091 https://127.0.0.1:* https://*.2gis.com https://*.2gis.ru wss://*.yoomoney.ru https://privacy-cs.mail.ru https://r.mradx.net https://rs.mail.ru https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; form-action 'self' *; upgrade-insecure-requests; block-all-mixed-content; report-to transfer; report-uri https://yoomoney.ru/transfer/platform/report-csp;
content-type
text/html; charset=utf-8
date
Mon, 06 Jan 2025 01:55:39 GMT
expect-ct
max-age=0
referrer-policy
same-origin
report-to
{"group":"transfer","max_age":60000,"endpoints":[{"url":"https://yoomoney.ru/transfer/platform/report-csp"}]}
reporting-endpoints
transfer="https://yoomoney.ru/transfer/platform/report-csp", default="https://yoomoney.ru/transfer/platform/report-csp"
strict-transport-security
max-age=15552000; includeSubDomains max-age=15768000
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
13
x-permitted-cross-domain-policies
none
x-robots-tag
noindex
x-xss-protection
0

Redirect headers

content-length
162
content-type
text/html
date
Mon, 06 Jan 2025 01:55:38 GMT
location
https://yoomoney.ru/quickpay/fundraise/button?targets=%D0%9D%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%2C%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%88%D1%80%D0%B8%D1%84%D1%82%D1%8B%2C%20%D0%BF%D0%B8%D0%B2%D0%BE%20%D0%B8%20%D0%BA%D0%BE%D1%88%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BA%D0%BE%D1%80%D0%BC%20%3D)&default-sum=149&button-text=14&yamoney-payment-type=on&button-size=s&button-color=orange&successURL=https%3A%2F%2Frufonts.pro%2Fthanks&quickpay=small&account=410014499714023&
strict-transport-security
max-age=15768000
pay.png
rufonts.pro/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rufonts.pro/images/pay.png
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
9f93790f87dd681e81efb2ad78a870cdbbdb77b74a73dfb1957ad4a0f7849d59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/shrift/amber

Response headers

Cache-Control
public, max-age=0
ETag
W/"502f-16ce36cd440"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20527
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Fri, 30 Aug 2019 16:47:36 GMT
X-Powered-By
Express
Content-Type
image/png
pixel.gif
www.paypalobjects.com/en_AU/i/scr/
Redirect Chain
  • https://www.paypal.com/en_AU/i/scr/pixel.gif
  • https://www.paypalobjects.com/en_AU/i/scr/pixel.gif
43 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_AU/i/scr/pixel.gif
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H2
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489D) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

paypal-debug-id
2fbe1b3a68182
etag
"5d5637b7-2b"
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 02:55:39 GMT
traceparent
00-00000000000000000002fbe1b3a68182-0b7c8bf9a3b8355d-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Mon, 06 Jan 2025 01:55:39 GMT
content-type
image/gif
last-modified
Fri, 16 Aug 2019 04:57:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
content-length
43
server
ECAcc (ama/489D)

Redirect headers

paypal-debug-id
f282426943afc
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
traceparent
00-0000000000000000000f282426943afc-b0a419e989d1a953-01
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS, MISS
date
Mon, 06 Jan 2025 01:55:38 GMT
x-served-by
cache-fra-eddf8230138-FRA, cache-ams2100099-AMS, cache-ams2100099-AMS
x-cache-hits
0, 0, 0
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
location
https://www.paypalobjects.com/en_AU/i/scr/pixel.gif
accept-ch
Sec-CH-UA-Full
x-timer
S1736128539.798917,VS0,VE150
via
1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
0
api.js
www.google.com/recaptcha/ 		1 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=ru
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
ESF /
Resource Hash
b009029aa49764061717f04f17b6e03af749bec1167b6b582e0f1475a14f0b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 01:55:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 06 Jan 2025 01:55:38 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
cat.png
rufonts.pro/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rufonts.pro/images/cat.png
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
9bbe9503074d25d201602a8633dc4e58755c159391fc5824af7a3ea98b5f1852

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/shrift/amber

Response headers

Cache-Control
public, max-age=0
ETag
W/"4249-16cd25d4298"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16969
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Tue, 27 Aug 2019 09:17:03 GMT
X-Powered-By
Express
Content-Type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

content-encoding
gzip
age
405296
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 01 Jan 2026 09:20:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 09:20:42 GMT
last-modified
Mon, 13 May 2019 14:37:17 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30774
x-xss-protection
0
server
sffe
fotorama.css
rufonts.pro/js/plugins/fotorama/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/js/plugins/fotorama/fotorama.css
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/shrift/amber

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=0
Content-Encoding
gzip
ETag
W/"3b25-14c9fafd920"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Thu, 09 Apr 2015 19:37:24 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
fotorama.js
rufonts.pro/js/plugins/fotorama/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/js/plugins/fotorama/fotorama.js
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/shrift/amber

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=0
Content-Encoding
gzip
ETag
W/"9800-14c9fafd920"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Thu, 09 Apr 2015 19:37:24 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
js.js
rufonts.pro/js/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/js/dist/js.js
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
67e6e1f68b0b306131c81bf95326b8f05821abacc3b92e9977b50def18491847

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/shrift/amber

Response headers

Transfer-Encoding
chunked
Cache-Control
public, max-age=0
Content-Encoding
gzip
ETag
W/"220f-16d302e0b78"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Sat, 14 Sep 2019 14:29:47 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
share.js
cdn.jsdelivr.net/npm/yandex-share2/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-share2/share.js
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e9789d8d67df6a6c53a000d036c7ce03139f275395d03aa8c9512d6f433ae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"18fb1-E6EcOXtf49Exy3+AxB6z5Bkvomc"
age
29552
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDQd9IZFNhJBSNVW428u3Zi5Ns8uiPyqQknh6S%2FivxkQ%2BQWj2Ejob9j6byfMzPwTFUEBfUyt%2FKg%2FhXZP%2Bz8Z%2BhEq0e88BD6Bj0M6PmmBwE0e6WTvvJJMIlOQ%2BQjVmOvCx1OkHfDZoKWc3wKf74Q%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 06 Jan 2025 01:55:38 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230136-FRA, cache-lga21941-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8fd816477e0db96c-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
28932
server
cloudflare
x-jsd-version
3.1.0
shop-widget
yoomoney.ru/quickpay/ Frame 688F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://yoomoney.ru/quickpay/shop-widget?writer=seller&targets=%D0%9D%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%2C%20%D0%BD%D0%BE%D0%B2%D1%8B%D0%B5%20%D1%88%D1%80%D0%B8%D1%84%D1%82%D1%8B%2C%20%D0%BF%D0%B8%D0%B2%D0%BE%20%D0%B8%20%D0%BA%D0%BE%D1%88%D0%B0%D1%87%D0%B8%D0%B9%20%D0%BA%D0%BE%D1%80%D0%BC%20%3D)&targets-hint=&default-sum=299&button-text=14&payment-type-choice=on&mobile-payment-type-choice=on&hint=&successURL=https%3A%2F%2Frufonts.pro%2Fthanks&quickpay=shop&account=410014499714023
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.71.78.222 , Russian Federation, ASN43247 (YooMoney-AS "YooMoney" NBCO LLC, RU),
Reverse DNS
ip-185-71-78-222.yoomoney.ru
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://static.yoomoney.ru; base-uri 'none'; object-src 'none'; script-src 'self' 'unsafe-inline' https: 'nonce-xxLROJT/xlQjSuu6E2j5EQ==' 'strict-dynamic' 'report-sample' https://top-fwz1.mail.ru https://static.yoomoney.ru; style-src 'self' 'unsafe-inline' https://static.yoomoney.ru; font-src 'self' https://static.yoomoney.ru https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz https://yastatic.net; img-src 'self' data: https://static.yoomoney.ru https://vk.com https://vk.ru https://*.vk.com https://top-fwz1.mail.ru https://www.google.com https://www.google.ru https://ccomni-ds.yoomoney.ru https://yoomoney.ru https://avatars.mds.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; media-src 'self' https://static.yoomoney.ru; manifest-src 'self' https://static.yoomoney.ru; frame-src 'self' https://ru.id.facct.ru https://www.google.com https://top-fwz1.mail.ru https://multitransfer.online https://smartcaptcha.yandexcloud.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; child-src 'self' blob:; connect-src 'self' https://*.yoomoney.ru https://*.yooteam.ru https://vk.com https://vk.ru https://top-fwz1.mail.ru https://stats.g.doubleclick.net https://*.yoomoney.ru:9091 https://127.0.0.1:* https://*.2gis.com https://*.2gis.ru wss://*.yoomoney.ru https://privacy-cs.mail.ru https://r.mradx.net https://rs.mail.ru https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; form-action 'self' *; upgrade-insecure-requests; block-all-mixed-content; report-to transfer; report-uri https://yoomoney.ru/transfer/platform/report-csp;
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rufonts.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src https://static.yoomoney.ru; base-uri 'none'; object-src 'none'; script-src 'self' 'unsafe-inline' https: 'nonce-xxLROJT/xlQjSuu6E2j5EQ==' 'strict-dynamic' 'report-sample' https://top-fwz1.mail.ru https://static.yoomoney.ru; style-src 'self' 'unsafe-inline' https://static.yoomoney.ru; font-src 'self' https://static.yoomoney.ru https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz https://yastatic.net; img-src 'self' data: https://static.yoomoney.ru https://vk.com https://vk.ru https://*.vk.com https://top-fwz1.mail.ru https://www.google.com https://www.google.ru https://ccomni-ds.yoomoney.ru https://yoomoney.ru https://avatars.mds.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; media-src 'self' https://static.yoomoney.ru; manifest-src 'self' https://static.yoomoney.ru; frame-src 'self' https://ru.id.facct.ru https://www.google.com https://top-fwz1.mail.ru https://multitransfer.online https://smartcaptcha.yandexcloud.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; child-src 'self' blob:; connect-src 'self' https://*.yoomoney.ru https://*.yooteam.ru https://vk.com https://vk.ru https://top-fwz1.mail.ru https://stats.g.doubleclick.net https://*.yoomoney.ru:9091 https://127.0.0.1:* https://*.2gis.com https://*.2gis.ru wss://*.yoomoney.ru https://privacy-cs.mail.ru https://r.mradx.net https://rs.mail.ru https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.uz; form-action 'self' *; upgrade-insecure-requests; block-all-mixed-content; report-to transfer; report-uri https://yoomoney.ru/transfer/platform/report-csp;
content-type
text/html; charset=utf-8
date
Mon, 06 Jan 2025 01:55:38 GMT
expect-ct
max-age=0
referrer-policy
same-origin
report-to
{"group":"transfer","max_age":60000,"endpoints":[{"url":"https://yoomoney.ru/transfer/platform/report-csp"}]}
reporting-endpoints
transfer="https://yoomoney.ru/transfer/platform/report-csp", default="https://yoomoney.ru/transfer/platform/report-csp"
strict-transport-security
max-age=15552000; includeSubDomains max-age=15768000
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
15
x-permitted-cross-domain-policies
none
x-robots-tag
noindex
x-xss-protection
0
OpenSans-Regular.woff2
rufonts.pro/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/fonts/OpenSans-Regular.woff2
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/fonts/stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rufonts.pro
Referer
https://rufonts.pro/fonts/stylesheet.css

Response headers

Cache-Control
public, max-age=0
ETag
W/"ae68-16cbef27b10"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44648
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Fri, 23 Aug 2019 14:47:38 GMT
X-Powered-By
Express
Content-Type
font/woff2
JayaAmber.woff2
rufonts.pro/fonts-files/66bfae26d18b75f5acf59c5c/files/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/fonts-files/66bfae26d18b75f5acf59c5c/files/JayaAmber.woff2
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
8521686be5d351df455141f3287ce2e7f4085e3ecb860d2bc54ff7aa6f52e282

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rufonts.pro
Referer
https://rufonts.pro/shrift/amber

Response headers

Cache-Control
public, max-age=0
ETag
W/"507c-1915cc0467e"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20604
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Fri, 16 Aug 2024 19:53:10 GMT
X-Powered-By
Express
Content-Type
font/woff2
OpenSans-Italic.woff2
rufonts.pro/fonts/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/fonts/OpenSans-Italic.woff2
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/fonts/stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
54fef01d833f38c14a69a3cb14792e03ad94812ef180ee5e10a83bcf2d62cde3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rufonts.pro
Referer
https://rufonts.pro/fonts/stylesheet.css

Response headers

Cache-Control
public, max-age=0
ETag
W/"a614-16cbef27340"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42516
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Fri, 23 Aug 2019 14:47:36 GMT
X-Powered-By
Express
Content-Type
font/woff2
OpenSans-Bold.woff2
rufonts.pro/fonts/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/fonts/OpenSans-Bold.woff2
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/fonts/stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rufonts.pro
Referer
https://rufonts.pro/fonts/stylesheet.css

Response headers

Cache-Control
public, max-age=0
ETag
W/"b57c-16cbef263a0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46460
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Fri, 23 Aug 2019 14:47:32 GMT
X-Powered-By
Express
Content-Type
font/woff2
OpenSans-SemiBold.woff2
rufonts.pro/fonts/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/fonts/OpenSans-SemiBold.woff2
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/fonts/stylesheet.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
7a32484e166e1337fbb0cf4f4262bb385ed9081f1ac20f9efe39e8e50490367a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rufonts.pro
Referer
https://rufonts.pro/fonts/stylesheet.css

Response headers

Cache-Control
public, max-age=0
ETag
W/"b5f0-16cbef27b10"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46576
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Fri, 23 Aug 2019 14:47:38 GMT
X-Powered-By
Express
Content-Type
font/woff2
sdk.js
connect.facebook.net/ru_RU/ 		250 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=57d96c6fe7e30d9d70ae13031ba43bf8
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
d9a0561b220b25c4ba74158fc44905edff7e2fa741357185fb413a1f0a6a8a7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rufonts.pro
Referer
https://rufonts.pro/

Response headers

content-md5
zcHm4gS1aVCwLvw3nC6/xg==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"75920e8413e07af373e4a391a745ecab"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Tue, 06 Jan 2026 00:56:46 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 06 Jan 2025 01:55:38 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
f3ae6a8f15b80b49869d2b256f7c1732
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=26, mss=1232, tbw=8296, tp=14, tpl=0, uplat=3, ullat=-1
x-fb-debug
Pyp1uLgjyvXXBgckubJ8LN4Ww1l5nz3m4d6Bgho7WmDGWIZRqix6Z6wRh8tZnFa7b73PcD/ITZk5kYE/8j/LUw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
75385
origin-agent-cluster
?1
recaptcha__ru.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 		554 KB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__ru.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=ru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8114906af828e5ba491cd0fecf6f4e1ab8715b1ffdb30be6b1ad2c2ebd38a89a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://rufonts.pro
Referer
https://rufonts.pro/

Response headers

content-encoding
gzip
age
172650
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sun, 04 Jan 2026 01:58:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 01:58:08 GMT
last-modified
Tue, 10 Dec 2024 23:05:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
224757
x-xss-protection
0
server
sffe
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		237 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b0b36afbe725b222fceea90394667d8a3bcdf375faab8923db95cafad025ff0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"3b220-kROSxwoFlf0ZaTmfAAjKHMwV0sA"
age
24238
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kerfRKL4%2BIQxN%2F7qEKOfAvDKoaRWabnU26VULUcAVGRJ7gGU%2BqVFP1i6upROc7bmZhjVD2zAwkU1Zi8e%2FSV%2FyhJcR9KVHNhovpbcpxzJPCd6%2FOOgwJXpQm0TqAevdvA4F%2FTRujQTBqKozR8K684%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Mon, 06 Jan 2025 01:55:38 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230100-FRA, cache-lga21941-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8fd816481e4cb96c-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
89146
server
cloudflare
x-jsd-version
1.354.0
tag.js
mc.yandex.ru/metrika/ 		222 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-share2/share.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"67655eba-12b7d"
expires
Mon, 06 Jan 2025 02:55:39 GMT
access-control-allow-origin
*
content-length
76669
date
Mon, 06 Jan 2025 01:55:39 GMT
content-type
application/javascript
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
truncated
/ 		285 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8393a801010f09cf1dbfccba8166326a127e901f26f0c06252f357553fbee33e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		861 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32fd30dffe1126b076a9327bc3382239864d40999c06944a624bcbd4528bbaf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		520 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		504 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c013936e7dbdb3f2a85b06a3d81e1d4753bcf683c55d7017e93d5e0b39bf6615

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		463 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e19d6853a1728b99d53bdb34653b77e74bdaa7b582a146473aa00a7a14512c85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		799 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		262 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fdd763dc26bb868dbae3b19e1b5a29b88e85eebb8ba3b9162b6f3e7282d5ab8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
fotorama.png
rufonts.pro/js/plugins/fotorama/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rufonts.pro/js/plugins/fotorama/fotorama.png
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/js/plugins/fotorama/fotorama.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
b94efaf1044e2ba8fc2fb41f5ab2022410086fe50b729b8c95321573b88e8a78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/js/plugins/fotorama/fotorama.css

Response headers

Cache-Control
public, max-age=0
ETag
W/"c97-14c9fafd920"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3223
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Last-Modified
Thu, 09 Apr 2015 19:37:24 GMT
X-Powered-By
Express
Content-Type
image/png
66bfae26d18b75f5acf59c5c
rufonts.pro/shrift/views/ 		5 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/shrift/views/66bfae26d18b75f5acf59c5c
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
74883614c4c79e12bebc45efa35a381bf131416e74f2500c72450a92d39f429c

Request headers

Referer
https://rufonts.pro/shrift/amber
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"5-gfMxhxRyETNqSYTYq4/M3+sRpCw"
Connection
keep-alive
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:38 GMT
Content-Type
text/html; charset=utf-8
X-Powered-By
Express
Vary
Accept-Encoding
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%...
440 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A1080811132487%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025538%3Aet%3A1736128539%3Ac%3A1%3Arn%3A197501889%3Arqn%3A1%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A319%3Awv%3A2%3Ads%3A129%2C35%2C81%2C17%2C0%2C0%2C%2C151%2C6%2C%2C%2C%2C414%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Ast%3A1736128539&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
cda3f1c6bf395d6765a73b2d67f9a6e69fda424578e7791867a99a49a33bd03b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Mon, 06-Jan-2025 01:55:39 GMT
access-control-allow-origin
https://rufonts.pro
content-length
440
x-xss-protection
1; mode=block
date
Mon, 06 Jan 2025 01:55:39 GMT
last-modified
Mon, 06-Jan-2025 01:55:39 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A2%3Adp%3A0%3Als%3A1080811132487%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025538%3Aet%3A1736128539%3Ac%3A1%3Arn%3A197501889%3Arqn%3A1%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A319%3Awv%3A2%3Ads%3A129%2C35%2C81%2C17%2C0%2C0%2C%2C151%2C6%2C%2C%2C%2C414%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Ast%3A1736128539&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Mon, 06-Jan-2025 01:55:39 GMT
access-control-allow-origin
https://rufonts.pro
x-xss-protection
1; mode=block
date
Mon, 06 Jan 2025 01:55:39 GMT
last-modified
Mon, 06-Jan-2025 01:55:39 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
etag
"67655eba-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Mon, 06 Jan 2025 02:55:39 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Mon, 06 Jan 2025 01:55:39 GMT
content-type
image/gif
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
1
mc.yandex.ru/watch/26812653/
Redirect Chain
  • https://mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22redesign%22%3A1%7D&uah=chm%0A%3F0&browser-info...
  • https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22redesign%22%3A1%7D&uah=chm%0A%3F0&browser-in...
611 B
722 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22redesign%22%3A1%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1156780476803%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025538%3Aet%3A1736128539%3Ac%3A1%3Arn%3A609138497%3Arqn%3A1%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A319%3Awv%3A2%3Ads%3A129%2C35%2C81%2C17%2C0%2C0%2C%2C151%2C6%2C%2C%2C%2C414%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Arqnl%3A1%3Ast%3A1736128539%3At%3AAmber%20%D1%88%D1%80%D0%B8%D1%84%D1%82%20%7C%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B4%D0%BB%D1%8F%20WEB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2833628928%29ti%281%29&redirnss=1
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
4cc3d47836f872eb44ac01354fd89b8df32f2d1f022aec94271bbb1e1030b3f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Mon, 06-Jan-2025 01:55:39 GMT
access-control-allow-origin
https://rufonts.pro
content-length
611
date
Mon, 06 Jan 2025 01:55:39 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 06-Jan-2025 01:55:39 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22redesign%22%3A1%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A1156780476803%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025538%3Aet%3A1736128539%3Ac%3A1%3Arn%3A609138497%3Arqn%3A1%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A319%3Awv%3A2%3Ads%3A129%2C35%2C81%2C17%2C0%2C0%2C%2C151%2C6%2C%2C%2C%2C414%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Arqnl%3A1%3Ast%3A1736128539%3At%3AAmber%20%D1%88%D1%80%D0%B8%D1%84%D1%82%20%7C%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B4%D0%BB%D1%8F%20WEB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2833628928%29ti%281%29&redirnss=1
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Mon, 06-Jan-2025 01:55:39 GMT
access-control-allow-origin
https://rufonts.pro
x-xss-protection
1; mode=block
date
Mon, 06 Jan 2025 01:55:39 GMT
last-modified
Mon, 06-Jan-2025 01:55:39 GMT
metrika_match.html
mc.yandex.ru/metrika/ Frame 004B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/metrika_match.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://rufonts.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
2080
content-type
text/html
date
Mon, 06 Jan 2025 01:55:39 GMT
etag
"67655eba-820"
expires
Mon, 06 Jan 2025 02:55:39 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
anchor
www.google.com/recaptcha/api2/ Frame E6AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUNLUUAAAAAP3nih8aM2TO8x7GCZkET5GI1Wxs&co=aHR0cHM6Ly9ydWZvbnRzLnBybzo0NDM.&hl=ru&v=zIriijn3uj5Vpknvt_LnfNbF&theme=light&size=normal&cb=mt5vavxjv1id
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__ru.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n36kXqbXmQTiZpAVov5IrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rufonts.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-n36kXqbXmQTiZpAVov5IrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Jan 2025 01:55:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10611.RHOq6QQKxDhyvqfH5ed67cIhP6SGp1MElRoj3ifSkot7AikS02tfDOz47q3WwQa0.KtI3UyKP30B9HFXy4Zq2XflUEko%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10611.vFdUdRO43B40O4JnOdm7XSrDRn8_Sx36j0qaZ0eEzHBpcx-MgiFxAeaaqrd2gZoeO9ze9ihLA3keTh14veb5nW9ciDiCMKZJs9PWNbwSjJdC5a5DqLsKepkDbchgSwq5fNv5QoJ6...
43 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=10611.vFdUdRO43B40O4JnOdm7XSrDRn8_Sx36j0qaZ0eEzHBpcx-MgiFxAeaaqrd2gZoeO9ze9ihLA3keTh14veb5nW9ciDiCMKZJs9PWNbwSjJdC5a5DqLsKepkDbchgSwq5fNv5QoJ649LYrZ6JWZHeZZGPRmIlGtJNwmqOZ22ji66FiRnuxk7-vpYW6QAmcU1OcteEztEhefRS79DmRhMzyXspEttHw4mRqLtgkvSj_B8%2C.aIR1gkneuy1WSckbwCQBSKgmKe0%2C
Requested by
Host: rufonts.pro
URL: https://rufonts.pro/shrift/amber
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
date
Mon, 06 Jan 2025 01:55:40 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.webvisor.org/sync_cookie_image_decide?token=10611.vFdUdRO43B40O4JnOdm7XSrDRn8_Sx36j0qaZ0eEzHBpcx-MgiFxAeaaqrd2gZoeO9ze9ihLA3keTh14veb5nW9ciDiCMKZJs9PWNbwSjJdC5a5DqLsKepkDbchgSwq5fNv5QoJ649LYrZ6JWZHeZZGPRmIlGtJNwmqOZ22ji66FiRnuxk7-vpYW6QAmcU1OcteEztEhefRS79DmRhMzyXspEttHw4mRqLtgkvSj_B8%2C.aIR1gkneuy1WSckbwCQBSKgmKe0%2C
x-xss-protection
1; mode=block
date
Mon, 06 Jan 2025 01:55:39 GMT
1
mc.yandex.ru/watch/26812653/ 		43 B
86 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/26812653/1?page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&charset=utf-8&uah=chm%0A%3F0&hittoken=1736128539_f766722e459d331513dce9334c63a2a03aa2ac8515324856a0bbd2f38e7b34fb&browser-info=pa%3A1%3Aar%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A1%3Als%3A1156780476803%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025539%3Aet%3A1736128539%3Ac%3A1%3Arn%3A38282762%3Arqn%3A2%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736128539&t=gdpr(14)mc(p-3)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(33628928)ti(0)&force-urlencoded=1&site-info=%7B%22services%22%3A%22facebook%2Creddit%2Cdigg%2Ctwitter%2Clinkedin%2Cblogger%2Cvkontakte%2Codnoklassniki%2Cmoimir%2Ccollections%2Clj%2Ctumblr%2Cviber%2Cwhatsapp%2Cskype%2Ctelegram%22%7D
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Mon, 06-Jan-2025 01:55:39 GMT
access-control-allow-origin
https://rufonts.pro
content-length
43
date
Mon, 06 Jan 2025 01:55:39 GMT
x-xss-protection
1; mode=block
content-type
image/gif
last-modified
Mon, 06-Jan-2025 01:55:39 GMT
1
mc.yandex.ru/watch/26812653/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/26812653/1?page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&charset=utf-8&uah=chm%0A%3F0&hittoken=1736128539_f766722e459d331513dce9334c63a2a03aa2ac8515324856a0bbd2f38e7b34fb&browser-info=pa%3A1%3Aar%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A1%3Als%3A1156780476803%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025539%3Aet%3A1736128539%3Ac%3A1%3Arn%3A312119646%3Arqn%3A3%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736128539&t=gdpr(14)mc(p-3)clc(0-0-0)rqnt(3)aw(1)rcm(1)cdl(na)eco(33628928)ti(0)&force-urlencoded=1&site-info=%7B%22services%22%3A%22facebook%2Creddit%2Cdigg%2Ctwitter%2Clinkedin%2Cblogger%2Cvkontakte%2Codnoklassniki%2Cmoimir%2Ccollections%2Clj%2Ctumblr%2Cviber%2Cwhatsapp%2Cskype%2Ctelegram%22%7D
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Mon, 06-Jan-2025 01:55:39 GMT
access-control-allow-origin
https://rufonts.pro
content-length
43
date
Mon, 06 Jan 2025 01:55:39 GMT
x-xss-protection
1; mode=block
content-type
image/gif
last-modified
Mon, 06-Jan-2025 01:55:39 GMT
1
mc.yandex.ru/watch/26812653/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/26812653/1?page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&charset=utf-8&uah=chm%0A%3F0&hittoken=1736128539_f766722e459d331513dce9334c63a2a03aa2ac8515324856a0bbd2f38e7b34fb&browser-info=pa%3A1%3Aar%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A1%3Adp%3A1%3Als%3A1156780476803%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025539%3Aet%3A1736128539%3Ac%3A1%3Arn%3A13147897%3Arqn%3A4%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736128539&t=gdpr(14)mc(p-3)clc(0-0-0)rqnt(4)aw(1)rcm(1)cdl(na)eco(33628928)ti(0)&force-urlencoded=1&site-info=%7B%22services%22%3A%22facebook%2Creddit%2Cdigg%2Ctwitter%2Clinkedin%2Cblogger%2Cvkontakte%2Codnoklassniki%2Cmoimir%2Ccollections%2Clj%2Ctumblr%2Cviber%2Cwhatsapp%2Cskype%2Ctelegram%22%7D
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Mon, 06-Jan-2025 01:55:39 GMT
access-control-allow-origin
https://rufonts.pro
content-length
43
date
Mon, 06 Jan 2025 01:55:39 GMT
x-xss-protection
1; mode=block
content-type
image/gif
last-modified
Mon, 06-Jan-2025 01:55:39 GMT
55085803
mc.yandex.ru/watch/ 		615 B
829 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/55085803?wmode=7&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1551%3Acn%3A3%3Adp%3A0%3Als%3A159675431578%3Ahid%3A779374533%3Az%3A60%3Ai%3A20250106025538%3Aet%3A1736128539%3Ac%3A1%3Arn%3A812829022%3Arqn%3A1%3Au%3A1736128539715674174%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A319%3Awv%3A2%3Ads%3A129%2C35%2C81%2C17%2C0%2C0%2C%2C151%2C6%2C%2C%2C%2C414%3Aco%3A0%3Acpf%3A1%3Ans%3A1736128538475%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1736128540%3At%3AAmber%20%D1%88%D1%80%D0%B8%D1%84%D1%82%20%7C%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%B4%D0%BB%D1%8F%20WEB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
aeb57d120c4f830ae12378fe0987dbd7f3fe91438543a1870bfce42943d0a6e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Mon, 06-Jan-2025 01:55:40 GMT
access-control-allow-origin
https://rufonts.pro
content-length
615
date
Mon, 06 Jan 2025 01:55:40 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 06-Jan-2025 01:55:40 GMT
content-type
application/json; charset=utf-8
bframe
www.google.com/recaptcha/api2/ Frame 5FA7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=ru&v=zIriijn3uj5Vpknvt_LnfNbF&k=6LcUNLUUAAAAAP3nih8aM2TO8x7GCZkET5GI1Wxs
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__ru.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-T3mkTldH_DwFj5vqndG9Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rufonts.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-T3mkTldH_DwFj5vqndG9Lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 06 Jan 2025 01:55:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
comments.php
www.facebook.com/v3.3/plugins/ Frame 991C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.3/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4522b0b0218179d2%26domain%3Drufonts.pro%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frufonts.pro%252Ff3627531e49ba6fdd%26relation%3Dparent.parent&color_scheme=light&container_width=1010&height=100&href=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&locale=ru_RU&numposts=20&sdk=joey&version=v3.3&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=57d96c6fe7e30d9d70ae13031ba43bf8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://rufonts.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 06 Jan 2025 01:55:40 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7456615302605441993"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7456615302605441993"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4478, tp=9, tpl=0, uplat=26, ullat=0
x-fb-debug
JHT4PULDjrWxn8HRxAJSwv5LneaM05K+iX8GtZHa765kvD/WjT06xcJc931sSwhe1Ck2nXHoR9ftimilO8jvvQ==
x-frame-options
DENY
x-xss-protection
0
favicon-32x32.png
rufonts.pro/images/favicon/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rufonts.pro/images/favicon/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.197.163.190 Amsterdam, Netherlands, ASN60144 (THREE-W-INFRA-AS 3W Infra B.V., NL),
Reverse DNS
vps13783.ua-hosting.company
Software
/ Express
Resource Hash
caadf25d2ee100275770485a6c4eb52a398f5cd4426a15e99fb44f1d503b3440

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://rufonts.pro/shrift/amber

Response headers

Cache-Control
public, max-age=0
ETag
W/"58a-183605a42ff"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1418
Keep-Alive
timeout=5
Date
Mon, 06 Jan 2025 01:55:40 GMT
Last-Modified
Wed, 21 Sep 2022 14:01:11 GMT
X-Powered-By
Express
Content-Type
image/png
55085803
mc.yandex.ru/webvisor/ 		0
0
55085803
mc.yandex.ru/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/55085803?wv-part=1&wv-type=7&wmode=0&wv-hit=779374533&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&rn=809919174&browser-info=we%3A1%3Aet%3A1736128543%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20250106025542%3Au%3A1736128539715674174%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Ast%3A1736128543&t=gdpr(14)ti(1)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://rufonts.pro/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Mon, 06-Jan-2025 01:55:43 GMT
access-control-allow-origin
https://rufonts.pro
content-length
43
date
Mon, 06 Jan 2025 01:55:43 GMT
x-xss-protection
1; mode=block
content-type
image/gif
last-modified
Mon, 06-Jan-2025 01:55:43 GMT
55085803
mc.yandex.ru/webvisor/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.ru
URL
https://mc.yandex.ru/webvisor/55085803?wv-part=1&wv-type=7&wmode=0&wv-hit=779374533&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&rn=864875373&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736128543%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20250106025542%3Au%3A1736128539715674174%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Ast%3A1736128543&t=gdpr(14)ti(1)
Domain
mc.yandex.ru
URL
https://mc.yandex.ru/webvisor/55085803?wv-part=1&wv-type=7&wmode=0&wv-hit=779374533&page-url=https%3A%2F%2Frufonts.pro%2Fshrift%2Famber&rn=864875373&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1736128543%3Aw%3A1600x1200%3Av%3A1551%3Az%3A60%3Ai%3A20250106025542%3Au%3A1736128539715674174%3Avf%3A14pwap7gbnncs44thfrhqpu3c8nz%3Ast%3A1736128544&t=gdpr(14)ti(2)

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 string| fontSlug object| FB object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery string| fotoramaVersion function| _typeof function| setCookie function| getCookie function| ym object| Ya object| __buffer object| yaCounter26812653 object| yaCounter55085803 object| recaptcha object| closure_lm_705920

32 Cookies

Domain/Path Name / Value
.rufonts.pro/ Name: _ym_uid
Value: 1736128539715674174
.rufonts.pro/ Name: _ym_d
Value: 1736128539
.paypal.com/ Name: ts
Value: vreXpYrS%3D1767664538%26vteXpYrS%3D1736130338%26vr%3D395328fd1940ad1249261d27eeb3c31a%26vt%3D395328fd1940ad1249261d27eeb3c319%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D395328fd1940ad1249261d27eeb3c31a%26vt%3D395328fd1940ad1249261d27eeb3c319
rufonts.pro/ Name: view66bfae26d18b75f5acf59c5c
Value: 1
yoomoney.ru/ Name: yoouid
Value: 668025461736128539
.rufonts.pro/ Name: _ym_isad
Value: 2
.yandex.ru/ Name: yashr
Value: 8789846791736128539
.yandex.ru/ Name: ymex
Value: 1767664539.yrts.1736128539#1767664539.yrtsi.1736128539
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
mc.yandex.ru/ Name: yabs-sid
Value: 1766942621736128539
.yandex.ru/ Name: i
Value: g9NxH6yY/Y6qgP+NQcL5CBDwvjFJmVQ4+P3ekyPjFvSgyJg0+BF3SEQiUC0RXeRKO0V8z7oU0ZKy+uEae2zzy69Sy5I=
.yandex.ru/ Name: yandexuid
Value: 1027125321736128539
.yandex.ru/ Name: yuidss
Value: 1027125321736128539
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 163604782fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2635270424fake
.webvisor.org/ Name: yandexuid
Value: 1027125321736128539
.webvisor.org/ Name: yuidss
Value: 1027125321736128539
.webvisor.org/ Name: i
Value: g9NxH6yY/Y6qgP+NQcL5CBDwvjFJmVQ4+P3ekyPjFvSgyJg0+BF3SEQiUC0RXeRKO0V8z7oU0ZKy+uEae2zzy69Sy5I=
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.rufonts.pro/ Name: _ym_visorc
Value: w
.yandex.ru/ Name: bh
Value: EkEiR29vZ2xlIENocm9tZSI7dj0iMTMxIiwgIkNocm9taXVtIjt2PSIxMzEiLCAiTm90X0EgQnJhbmQiO3Y9IjI0IioCPzA6ByJMaW51eCJgnPDsuwY=
.yoomoney.ru/ Name: _ym_uid
Value: 1736128540532052493
.yoomoney.ru/ Name: _ym_d
Value: 1736128540
.yandex.com/ Name: yashr
Value: 3690301321736128540
.yoomoney.ru/ Name: _ym_isad
Value: 2
mc.yandex.com/ Name: yabs-sid
Value: 1770165501736128540
.yandex.com/ Name: i
Value: /kMMvkh1PdQSA6CNQ9mvDGwnOm5xlvQbAuqjxQZYH8ejhP1nuFRM3uPy0coYgp/7utF9Y1Jg1lced9Nm2XiIXzdENTU=
.yandex.com/ Name: yandexuid
Value: 8363835871736128540
.yandex.com/ Name: yuidss
Value: 8363835871736128540
.yandex.com/ Name: ymex
Value: 1767664540.yrts.1736128540#1767664540.yrtsi.1736128540
.yandex.com/ Name: bh
Value: Ej8iR29vZ2xlIENocm9tZSI7dj0iMTMxIiwiQ2hyb21pdW0iO3Y9IjEzMSIsIk5vdF9BIEJyYW5kIjt2PSIyNCIaBSJ4ODYiIhAiMTMxLjAuNjc3OC4yMDQiKgI/MDoHIkxpbnV4IkIHIjYuOC4wIkoEIjY0IlJcIkdvb2dsZSBDaHJvbWUiO3Y9IjEzMS4wLjY3NzguMjA0IiwiQ2hyb21pdW0iO3Y9IjEzMS4wLjY3NzguMjA0IiwiTm90X0EgQnJhbmQiO3Y9IjI0LjAuMC4wIiI=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
connect.facebook.net
mc.webvisor.org
mc.yandex.ru
rufonts.pro
www.facebook.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
yoomoney.ru
mc.yandex.ru
142.250.186.68
151.101.1.21
157.240.0.35
157.240.0.6
185.197.163.190
185.71.78.222
192.229.221.25
2606:4700::6812:bb1f
2a00:1450:4001:810::2003
2a00:1450:4001:828::200a
2a02:6b8::1:119
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0cce264372d4c42091edc6502e375cbf67a7b7a1ca4c53b20a13281a2330ed2c
1b0b36afbe725b222fceea90394667d8a3bcdf375faab8923db95cafad025ff0
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5b4f74f8f47d0aa615986baefcde985fee76b59bf45e0cd1212cd972aee103
32fd30dffe1126b076a9327bc3382239864d40999c06944a624bcbd4528bbaf3
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb
4cc3d47836f872eb44ac01354fd89b8df32f2d1f022aec94271bbb1e1030b3f9
4f9fd83d65a6ad09005ec3e12537a23beb340cd017fce8749e138bfeb530da68
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54fef01d833f38c14a69a3cb14792e03ad94812ef180ee5e10a83bcf2d62cde3
67e6e1f68b0b306131c81bf95326b8f05821abacc3b92e9977b50def18491847
74883614c4c79e12bebc45efa35a381bf131416e74f2500c72450a92d39f429c
7a32484e166e1337fbb0cf4f4262bb385ed9081f1ac20f9efe39e8e50490367a
8114906af828e5ba491cd0fecf6f4e1ab8715b1ffdb30be6b1ad2c2ebd38a89a
8393a801010f09cf1dbfccba8166326a127e901f26f0c06252f357553fbee33e
8521686be5d351df455141f3287ce2e7f4085e3ecb860d2bc54ff7aa6f52e282
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd
9bbe9503074d25d201602a8633dc4e58755c159391fc5824af7a3ea98b5f1852
9f93790f87dd681e81efb2ad78a870cdbbdb77b74a73dfb1957ad4a0f7849d59
9fdd763dc26bb868dbae3b19e1b5a29b88e85eebb8ba3b9162b6f3e7282d5ab8
ab6f545892f640da445a4695190e0e9eab30b2119cbbb2a0e40b2d96462eb039
aeb57d120c4f830ae12378fe0987dbd7f3fe91438543a1870bfce42943d0a6e0
b009029aa49764061717f04f17b6e03af749bec1167b6b582e0f1475a14f0b08
b94efaf1044e2ba8fc2fb41f5ab2022410086fe50b729b8c95321573b88e8a78
c013936e7dbdb3f2a85b06a3d81e1d4753bcf683c55d7017e93d5e0b39bf6615
c2e9789d8d67df6a6c53a000d036c7ce03139f275395d03aa8c9512d6f433ae1
caadf25d2ee100275770485a6c4eb52a398f5cd4426a15e99fb44f1d503b3440
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4
cda3f1c6bf395d6765a73b2d67f9a6e69fda424578e7791867a99a49a33bd03b
d4f8a6911474fcf5f24c73e7dd3835eb13d11dd604b92f1f8d89a741b5a06ef4
d9a0561b220b25c4ba74158fc44905edff7e2fa741357185fb413a1f0a6a8a7b
dc0f12a09fea013c61d9d555f6171cfba47ee5c2fa32f55f330bc8daaba37a88
dfaff480d3d69518a9293729aeb2d9c8c651d4bf6f1a38d1d64afab8566ed817
e19d6853a1728b99d53bdb34653b77e74bdaa7b582a146473aa00a7a14512c85
e8d37f97364ceaf8c136d5934174b0709a8f0ef5dd87d10132c9fd6040cd5eff
e955841cba8a6f08aee811dcce0858e4dbaae9d458f4585b3ae2ed1baeda2221