p1p2.ru Open in urlscan Pro
2606:4700:3032::ac43:8d7a  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response p1p2.ru/	50 KB 12 KB	201ms 162ms	Document text/html	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p1p2.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 8f2ba03c4415f983005983d1c4887ac2bf7b2d6d5a907bb64b5927ec6e7c2d69 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8cb2d88cf86b9112-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 30 Sep 2024 08:29:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dU6REhSi0rER5cnoctNR8efeiUkUCrVFgS5QA612wl7nynbcueWZUcEOKEDs1qdw%2B5aft6yoJE9fwtQZtM6rdja8JeLfRPBOxxftTUdxWTECgZA6ow19%2BI%2Fi5rZeTUoidE8ZVoTp"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" x-powered-by PHP/7.2.34
GET H3	200	speculation p1p2.ru/cdn-cgi/	128 B 535 B	14ms 13ms	Other application/speculationrules+json	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p1p2.ru/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://p1p2.ru Referer https://p1p2.ru/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hP47xgfmihHC5DvxJWJBgaZycto5fCiPT3XrMNk7LOCXbRUq4NKe%2F4We2A%2B8Kmu1YlD8DXjmKADDjz3T2suggmrqNUCyJaQG04G%2Fs8S3VLCavwG9mrSXpZA3PiTF9btk7OOKF6GS"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d88f0a549112-FRA access-control-allow-origin https://p1p2.ru content-length 128 date Mon, 30 Sep 2024 08:29:33 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H2	200	css fonts.googleapis.com/	3 KB 988 B	206ms 18ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Exo+2:400,700&subset=cyrillic&display=swap Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d2600b30d39dd5176ddc08a027172da022623ee2cdb1b628aa9f1b20f033bf4d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 30 Sep 2024 08:29:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Sep 2024 08:29:34 GMT content-type text/css; charset=utf-8 last-modified Mon, 30 Sep 2024 08:29:34 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	ee92c.css p1p2.ru/wp-content/cache/minify/21025/	291 B 673 B	256ms 254ms	Stylesheet text/css	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p1p2.ru/wp-content/cache/minify/21025/ee92c.css Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"1a0804b1a9d09705657f91fe7cad4c5a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsojKZoJhCato7Mo1OGq5JIgXxz8VN9K4Ewl1OTmpQuDogCw2bmPlrpkTPFCR19ArJcUiWz3oZXg0thxHsxYBedJBB%2By1TB3LSShuhNLwR0aCr2i4xefTcSCOHePV8SL0ZKmr3vq"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d88f1a5b9112-FRA date Mon, 30 Sep 2024 08:29:34 GMT content-type text/css; charset=utf-8 x-powered-by PHP/7.2.34 vary Accept-Encoding last-modified Tue, 11 Jul 2023 18:56:10 GMT
GET H3	200	a5ff7.css p1p2.ru/wp-content/cache/minify/21025/	87 KB 12 KB	146ms 144ms	Stylesheet text/css	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p1p2.ru/wp-content/cache/minify/21025/a5ff7.css Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 89ceeaea2b372ba34b7278368a4f401ea1878872b63ed57383d689368939aeb9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"e04e2d456e8ff066e553155e88222611" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KD23JgrOb%2FHdeSOnjZC6OwWUetY5ciUrMxXCtzavUD248Aanc1wxeqjJpiKm92sDU25O6FG76%2F8%2BVyKPlMPwToG0P3Nu0DnK2lMpmnn6h5mds%2FbbBMmPu2eliXaKVFcnFRTdgPFf"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d88f1a5c9112-FRA date Mon, 30 Sep 2024 08:29:34 GMT content-type text/css; charset=utf-8 x-powered-by PHP/7.2.34 vary Accept-Encoding last-modified Thu, 30 Mar 2023 20:24:54 GMT
GET H3	200	8e6aa.css p1p2.ru/wp-content/cache/minify/21025/	108 KB 23 KB	197ms 195ms	Stylesheet text/css	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p1p2.ru/wp-content/cache/minify/21025/8e6aa.css Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 3ae00ae15b2b6ec7696b77880e0f1736a2aebbd6543a3f478d26a3c3e7d6703d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"7b49e3d907c5b39710d2e2bd769c21d6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThEStlXkrH9o%2BOjuqyQjqxE6LDL%2FWjofetT73CIaaWTO3%2BTpjfV%2F2YG3HMpJT68i8Sr0ImrQxlDi%2BrpN7bjZ4kHsYo5UURmQiroKjJKY%2FajFrMQh1AcJQMLVbZ1%2BJL3thytKKwFF"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d88f1a5d9112-FRA date Mon, 30 Sep 2024 08:29:34 GMT content-type text/css; charset=utf-8 x-powered-by PHP/7.2.34 vary Accept-Encoding last-modified Thu, 30 Mar 2023 20:24:34 GMT
GET H3	200	logo_new.svg p1p2.ru/wp-content/themes/21025/img/	26 KB 11 KB	166ms 165ms	Image image/svg+xml	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://p1p2.ru/wp-content/themes/21025/img/logo_new.svg Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash b6c7d8a94deee840617df42e4cd0a44feb9cdecc5a5577aa820d4cc932b0c1b0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"cf2a2d9547665777bc083c15fc6c28c0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BceQsX9s4RWXMsR59uz%2BG7pYsHJGCyT2pgRw3KGapMJfv3sYm53UTRXgfQ66fc7NCid%2Fvxf3ypvcoCm2ZwlcHTtsYLLsG6U6B%2FRXY79pgIaG%2F9N4sQIDN%2BnOK4%2FZebp%2BUHhh8baE"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d890bbf29112-FRA date Mon, 30 Sep 2024 08:29:34 GMT content-type image/svg+xml x-powered-by PHP/7.2.34 vary Accept-Encoding last-modified Sat, 11 Jun 2022 04:23:49 GMT
GET H3	200	marafonbet-1.jpg p1p2.ru/wp-content/uploads/sites/21025/	106 KB 107 KB	231ms 229ms	Image image/jpeg	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://p1p2.ru/wp-content/uploads/sites/21025/marafonbet-1.jpg Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 872eb2a6dd11c55945a4b4ccd3adc5cde7a349f45c5f6b7556d31c7b48410109 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "11c7897dc645edd767f0dbbd27b309a2" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4hpUa9uFQ1ZMKMg%2BNK%2Fe5WN4cRMtF5ejhPiUZnOZQyDxZNLUKhJhUmQ1a8IrTTYtbBIh0Sxv7l64P3zve%2Br57%2BDGhDsMFGhExk4opZEDbKk4pbfhag%2F02vSM8L1bKs9R6RaVaLMn"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d88f1a5e9112-FRA date Mon, 30 Sep 2024 08:29:34 GMT content-type image/jpeg x-powered-by PHP/7.2.34 vary Accept-Encoding last-modified Fri, 01 Apr 2022 16:27:13 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	214 KB 77 KB	65ms 34ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-99986680-1 Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 437238ee5fbe38b8aa111a8af996f3a36ddb50c62d3dc6e319ebd99c7d15e48f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 30 Sep 2024 08:29:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Sep 2024 08:29:34 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 30 Sep 2024 06:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 78459 x-xss-protection 0 server Google Tag Manager
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	224ms 14ms	Script text/javascript	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?v=1.1 Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers content-encoding gzip age 374267 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Fri, 26 Sep 2025 00:31:47 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 26 Sep 2024 00:31:47 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 30399 x-xss-protection 0 server sffe
GET H3	200	a830c.js Show response p1p2.ru/wp-content/cache/minify/21025/	9 KB 4 KB	182ms 182ms	Script application/x-javascript	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p1p2.ru/wp-content/cache/minify/21025/a830c.js Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 50e73ea525f34f2249b4425dd344e5a659e3186b8cedb909131fb03ee431a38a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"637dc4fb099e1db42d16cc5727b629ee" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PvLHeRdIbtC8UpG0iYq4JSyZsKOSfxg5XmyhTKy6OT3ZBiUGXqYcyUqQ6qjAc%2B2zB0yrQ%2FIIBNlyv%2BEjvA1%2B%2F7lUmjI4FL38FxNCzdcsiXKQp5UdGSzUj9QeNpspaSMSodpd9l9k"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d8908bd79112-FRA date Mon, 30 Sep 2024 08:29:34 GMT content-type application/x-javascript; charset=utf-8 x-powered-by PHP/7.2.34 vary Accept-Encoding last-modified Thu, 30 Mar 2023 20:26:03 GMT
GET H3	200	broker-vodds.jpg p1p2.ru/wp-content/uploads/sites/21025/	71 KB 71 KB	193ms 193ms	Image image/jpeg	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://p1p2.ru/wp-content/uploads/sites/21025/broker-vodds.jpg Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 75bb7d56faef00b1b390d5c5d6c59def6ce05dc91939ead8471232a78f31b7a9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "905e029a1e3f4ff82d63b013a7c1608f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUh9upi9GJU0fyXBuK7dcaViM9dktQnAa5VeNis4tOrl%2BfqdxFg0jaMXYMJ5SHP6F1K0VF4XfIRjc4pl2NnAv7f22Ueb6eGNu6sgP%2F7HPGrVh2sSvHxof8EYLHTg076zSFPMsQ7N"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d8910c379112-FRA date Mon, 30 Sep 2024 08:29:34 GMT content-type image/jpeg x-powered-by PHP/7.2.34 vary Accept-Encoding last-modified Fri, 01 Apr 2022 16:31:08 GMT
GET H3	200	ECUPIS.jpg p1p2.ru/wp-content/uploads/sites/21025/	60 KB 60 KB	209ms 209ms	Image image/jpeg	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://p1p2.ru/wp-content/uploads/sites/21025/ECUPIS.jpg Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash c27afffb1cced2d896ed5778937a1787dfa2c51f57137ca17f825609d660c25b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "7b55902223a565e2e7296cc25fcd4f84" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXXISJoTb%2FhIYRJ0Ve17A25WguSfWdO%2FxjOIzHZ3GwHGXmURvZ1UPqdqtyZz4ZH7aQzOLO9xbw3%2BlYYPjk2GFteOGKmlxdHqN4l7YtWSGCGIkoF616N4c3im%2FSO0fN04bZwQ9VHz"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d8910c389112-FRA date Mon, 30 Sep 2024 08:29:34 GMT content-type image/jpeg x-powered-by PHP/7.2.34 vary Accept-Encoding last-modified Fri, 01 Apr 2022 16:26:41 GMT
GET H3	200	positivebet.jpg p1p2.ru/wp-content/uploads/sites/21025/	119 KB 120 KB	211ms 203ms	Image image/jpeg	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://p1p2.ru/wp-content/uploads/sites/21025/positivebet.jpg Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash a3d924b2fa09a18704f493c448054c4a9fdfb592a6d95b2c03c4149159a4fe15 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "73530e87d8278b640cc172b7e62d1b46" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NGo8tOEBUnmOKcWkb24DAmBFlnorPj0TXt%2BSjhBKc9Cb9eFfYdEGVV9y4QlXT2F17H%2BAcA4DmDdQYS%2Biedw8VoF0t01U01WzNNleyCSPsqM06ijBWok%2FaXD5DzaOJ4MN1awiCq3L"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d8912c4f9112-FRA date Mon, 30 Sep 2024 08:29:34 GMT content-type image/jpeg x-powered-by PHP/7.2.34 vary Accept-Encoding last-modified Fri, 01 Apr 2022 16:27:24 GMT
GET H3	200	7cHmv4okm5zmbtYsK-4E4Q.woff2 fonts.gstatic.com/s/exo2/v21/	20 KB 20 KB	35ms 13ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/exo2/v21/7cHmv4okm5zmbtYsK-4E4Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Exo+2:400,700&subset=cyrillic&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 20ac558ae4e736f5a22d58c1bcdab41693e106fb485d0c582be711621ef6456d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://p1p2.ru Referer https://fonts.googleapis.com/ Response headers age 295249 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 26 Sep 2025 22:28:45 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 26 Sep 2024 22:28:45 GMT last-modified Wed, 13 Sep 2023 22:26:48 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 20400 x-xss-protection 0 server sffe
GET H3	200	7cHmv4okm5zmbtYoK-4.woff2 fonts.gstatic.com/s/exo2/v21/	39 KB 39 KB	42ms 21ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/exo2/v21/7cHmv4okm5zmbtYoK-4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Exo+2:400,700&subset=cyrillic&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c9c1caceee24c82513919d61734ad3ccb66800fa0a92f71da617c49b8a872fb1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://p1p2.ru Referer https://fonts.googleapis.com/ Response headers age 518609 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 24 Sep 2025 08:26:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 24 Sep 2024 08:26:05 GMT last-modified Wed, 13 Sep 2023 22:31:28 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 40316 x-xss-protection 0 server sffe
GET H3	200	prognozy-na-sport.webp p1p2.ru/wp-content/uploads/sites/21025/	46 KB 46 KB	235ms 234ms	Image image/webp	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://p1p2.ru/wp-content/uploads/sites/21025/prognozy-na-sport.webp Requested by Host: p1p2.ru URL: https://p1p2.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash 394964448710b5c97a3dcee307cf47a4d8a1a6764871e1c78bf4dea5b6a46a9a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "cd8b9c5499655b2818665558752c213f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pjVy%2BNiCgG40%2FpWeMccDmh7D%2BqeQaWTghv3Hijf8WRGeCD1DfU8MTuXcgJYEdbkLB7%2BKGz9hAjkhaUusG4S9TbMynqKv0xtN%2F7ed3aXpeW%2B%2B6dkD1owYlCH9WBFRU%2BBlmTxt3n94"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d8913c659112-FRA date Mon, 30 Sep 2024 08:29:34 GMT content-type image/webp x-powered-by PHP/7.2.34 vary Accept-Encoding last-modified Fri, 01 Apr 2022 16:24:50 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	262 KB 92 KB	28ms 27ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9HB8R0PEN5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-99986680-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8839010b5b69f76c3087b9c53c1afc250b02988e7a256abd32c2dcfb68e7a58b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 30 Sep 2024 08:29:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Sep 2024 08:29:34 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 94136 x-xss-protection 0 server Google Tag Manager
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	41ms 7ms	Script text/javascript	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-99986680-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers content-encoding gzip age 3566 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Mon, 30 Sep 2024 09:30:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Sep 2024 07:30:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
POST H2	204	collect region1.google-analytics.com/g/	0 0	46ms 17ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-9HB8R0PEN5&gtm=45je49p0v9119027972za200&_p=1727684974192&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1826368205.1727684975&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1727684974&sct=1&seg=0&dl=https%3A%2F%2Fp1p2.ru%2F&dt=%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%D1%8B%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%D0%BE%D1%82%20%D0%BF%D1%80%D0%BE%D1%84%D0%B5%D1%81%D1%81%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20P1P2&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=997 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-9HB8R0PEN5&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://p1p2.ru cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Sep 2024 08:29:34 GMT content-type text/plain server Golfe2
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 413 B	17ms 16ms	XHR text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=17357027&t=pageview&_s=1&dl=https%3A%2F%2Fp1p2.ru%2F&ul=de-de&de=UTF-8&dt=%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%D1%8B%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%D0%BE%D1%82%20%D0%BF%D1%80%D0%BE%D1%84%D0%B5%D1%81%D1%81%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20P1P2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=17535801&gjid=447332405&cid=1826368205.1727684975&tid=UA-99986680-1&_gid=518366615.1727684975&_r=1&gtm=457e49p0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&jsscut=1&npa=1&z=96884243 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain Referer https://p1p2.ru/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Sep 2024 08:29:34 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0 access-control-allow-origin https://p1p2.ru cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 1 server Golfe2
GET H3	200	favicon.png p1p2.ru/wp-content/themes/21025/icons/	678 B 1 KB	145ms 144ms	Other image/png	2606:4700:3032::ac43:8d7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://p1p2.ru/wp-content/themes/21025/icons/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:8d7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash ef95f0cdcf9e31e146050bc19ef0065d84b721aa91f3dc5768e95c0f11d41f01 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers server cloudflare cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "92fc164636302fe12395caf913edb252" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5iJS5LDs%2Bu1AZrsHuH9jlREnWUVgMV%2FmxzHl5x%2BZm7WAoG3PQjAUYKHZZC1y5R9436gV8qVBOGwM2jJwWupKWxw2D6DwjqJRz74cmZ9IenjcKtsiNaTiJbUfHZsP4vtjFuJoFrR"}],"group":"cf-nel","max_age":604800} cf-ray 8cb2d8931e1e9112-FRA date Mon, 30 Sep 2024 08:29:34 GMT content-type image/png x-powered-by PHP/7.2.34 vary Accept-Encoding last-modified Fri, 01 Apr 2022 16:25:58 GMT
GET H3	200	collect www.google-analytics.com/	35 B 58 B	9ms 9ms	Image image/gif	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=17357027&t=timing&_s=2&dl=https%3A%2F%2Fp1p2.ru%2F&ul=de-de&de=UTF-8&dt=%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%D1%8B%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%D0%BE%D1%82%20%D0%BF%D1%80%D0%BE%D1%84%D0%B5%D1%81%D1%81%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D0%BE%D0%B2%20P1P2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1015&pdt=7&dns=16&rrt=1&srt=161&tcp=23&dit=880&clt=881&_gst=783&_gbt=1001&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1826368205.1727684975&tid=UA-99986680-1&_gid=518366615.1727684975&gtm=457e49p0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&z=476199938 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://p1p2.ru/ Response headers age 65444 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],} x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 29 Sep 2024 14:18:50 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 35 server Golfe2

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| custom_rating function| gtag object| dataLayer function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| readyHTML function| toggle_menu function| copyPromocode function| send_ajax_custom function| get_ref_custom function| init_ection object| gaGlobal object| gaplugins object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.p1p2.ru/	1970-01-21 09:30:44	Name: _ga_9HB8R0PEN5 Value: GS1.1.1727684974.1.0.1727684974.0.0.0
			.p1p2.ru/	1970-01-21 09:30:44	Name: _ga Value: GA1.2.1826368205.1727684975
			.p1p2.ru/	1970-01-20 23:56:11	Name: _gid Value: GA1.2.518366615.1727684975
			.p1p2.ru/	1970-01-20 23:54:45	Name: _gat_gtag_UA_99986680_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
p1p2.ru
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2001:4860:4802:36::178
2606:4700:3032::ac43:8d7a
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
20ac558ae4e736f5a22d58c1bcdab41693e106fb485d0c582be711621ef6456d
394964448710b5c97a3dcee307cf47a4d8a1a6764871e1c78bf4dea5b6a46a9a
3ae00ae15b2b6ec7696b77880e0f1736a2aebbd6543a3f478d26a3c3e7d6703d
437238ee5fbe38b8aa111a8af996f3a36ddb50c62d3dc6e319ebd99c7d15e48f
50e73ea525f34f2249b4425dd344e5a659e3186b8cedb909131fb03ee431a38a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75bb7d56faef00b1b390d5c5d6c59def6ce05dc91939ead8471232a78f31b7a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
872eb2a6dd11c55945a4b4ccd3adc5cde7a349f45c5f6b7556d31c7b48410109
8839010b5b69f76c3087b9c53c1afc250b02988e7a256abd32c2dcfb68e7a58b
89ceeaea2b372ba34b7278368a4f401ea1878872b63ed57383d689368939aeb9
8f2ba03c4415f983005983d1c4887ac2bf7b2d6d5a907bb64b5927ec6e7c2d69
a3d924b2fa09a18704f493c448054c4a9fdfb592a6d95b2c03c4149159a4fe15
b6c7d8a94deee840617df42e4cd0a44feb9cdecc5a5577aa820d4cc932b0c1b0
c27afffb1cced2d896ed5778937a1787dfa2c51f57137ca17f825609d660c25b
c9c1caceee24c82513919d61734ad3ccb66800fa0a92f71da617c49b8a872fb1
d2600b30d39dd5176ddc08a027172da022623ee2cdb1b628aa9f1b20f033bf4d
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ef95f0cdcf9e31e146050bc19ef0065d84b721aa91f3dc5768e95c0f11d41f01