Report - 777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100

Report Overview

Visited public
2023-12-28 20:48:22
Tags
URL
777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100
Finishing URL
777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100
IP / ASN
172.67.201.195
#13335 CLOUDFLARENET
Title
Бонус везунчика

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
777-welcome.lets-up.fun	unknown	unknown	No data	No data	7.5 kB	2.9 MB	172.67.201.195
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-28 10:46:46	4.7 kB	156 kB	142.250.74.131
cdn.lets-fun.top	unknown	2020-05-06	2023-05-14 22:22:07	2023-12-27 18:48:51	432 B	67 kB	172.67.190.176
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-28 11:00:13	916 B	271 kB	142.250.74.168
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-28 09:18:28	496 B	10 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-28 20:47:48	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100	ScriptElement	537 B	2023-10-28	2024-08-20
Pretty URL 777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 IP 172.67.201.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 08:32 Last Seen2024-08-20 22:05 Times Seen47 Hash 029e9b4ae2582e3f44bd770d5b6393b3 edb7797ac6a89ca19764357852bcc583f14591c5 a691a208e843e6e5ebdd3dba38ed2ae01681a27fd473fa29d33d5c0735b6d396 Loading...

	777-welcome.lets-up.fun/ljs/jquery-3.3.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-18
Pretty URL 777-welcome.lets-up.fun/ljs/jquery-3.3.1.min.js IP 172.67.201.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-18 00:56 Times Seen15503 Hash 4b57cf46dc8cb95c4cca54afc85e9540 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 Loading...

	cdn.lets-fun.top/ljs/gp_visits.js?v=10	ScriptElement	13 kB	2023-10-28	2024-08-20
Pretty URL cdn.lets-fun.top/ljs/gp_visits.js?v=10 IP 172.67.190.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 08:32 Last Seen2024-08-20 22:05 Times Seen80 Hash dfc354aaf627308bf183059d2323f49f 0e7ddc94b5b8d521e21980d48bdaa816d876bc94 c7c5ab1162447eb5d767b50e166af2903ca0e73940ccba8efda8687b82116f46 Loading...

	777-welcome.lets-up.fun/main.js?v=3	ScriptElement	130 B	2023-10-28	2024-08-20
Pretty URL 777-welcome.lets-up.fun/main.js?v=3 IP 172.67.201.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 08:32 Last Seen2024-08-20 22:05 Times Seen49 Hash d9b6678ec8d8566a8d2c796aebf89530 5818af7a299556005235ad29714423e648a25e5a 64e73758ee6d138c2c3874876a9419a73e6a272ce05dd86ec5b7ff1eb1803eac Loading...

	www.googletagmanager.com/gtm.js?id=GTM-ND2Q8XNQ	ScriptElement	176 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-ND2Q8XNQ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 14:43 Last Seen2024-08-20 14:43 Times Seen1 Hash b6a28514c2df79fe3f6f55186ed28fcb 8a20d32266a6103a2323c05fff131d58cc71d763 91c7766a68e53549c1705bde96172de1c9f274f269b58cb9083a055af81223d5 Loading...

	www.googletagmanager.com/gtag/js?id=G-9JXW6PKGJE&l=dataLayer&cx=c	ScriptElement	281 kB	2024-08-20	2024-08-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-9JXW6PKGJE&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 14:43 Last Seen2024-08-20 14:43 Times Seen1 Hash 865960989d6aefa430346b1d8e7bec66 3de073e9bc1272974760aa5bac00942c253bc833 9ed21f03e36bd4bb572064e2c328e42be47bcde4b8757f30435e9424694f624b Loading...

	777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100	ScriptElement	344 B	2023-10-28	2024-08-20
Pretty URL 777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 IP 172.67.201.195 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-28 08:32 Last Seen2024-08-20 22:05 Times Seen47 Hash 7d9f4bd096552ddc10e54b7e128b964e f15996842c988bd577ba4e09b1abfef285924719 6649ccbde9c415edb596e3dc25ab3fd7fd91951fc18749c61fd3b1e23ee3241d Loading...

HTTP Transactions (26)

	URL	IP	Response	Size
	777-welcome.lets-up.fun/assets/images/logo777.png?v=2	172.67.201.195	200 OK	367 kB
URL GET HTTP/3 777-welcome.lets-up.fun/assets/images/logo777.png?v=2 IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type PNG image data, 674 x 556, 8-bit/color RGBA, non-interlaced Size 367 kB (367211 bytes) Hash bcdb020817a7ee0a85947dee9ffef476 d8830130a68b1de462e952dbe6065637d5e28590 3c5a187e9a9dab0169d50f0da647f1ead72982d8ab91a9573d3c4a40bf79f014 HTTP Headers GET /assets/images/logo777.png?v=2 HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:53 GMT content-type: image/png content-length: 367211 last-modified: Tue, 17 Oct 2023 07:50:53 GMT etag: "652e3cdd-59a6b" expires: Mon, 22 Jan 2024 09:23:54 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 216764 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJPJ6Of%2BfYeFN%2BWq%2F1GrT6vQmJqPydhxZnT5435ZOTZLlF5%2BfGxBht190BpstdrVp3gskoUB37WFxGZSaTrXfqrLvd94qw1OKOW4DnJEhr4BcClh3h9Dr5Q%2FrgW4%2BgYWH%2F1zToTJPWzhpQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca936cf3eb4eb-OSL alt-svc: h3=":443"; ma=86400

	777-welcome.lets-up.fun/assets/images/logo.png?v=2	172.67.201.195	200 OK	2.0 MB
URL GET HTTP/3 777-welcome.lets-up.fun/assets/images/logo.png?v=2 IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type PNG image data, 1962 x 1278, 8-bit/color RGBA, non-interlaced Size 2.0 MB (1956191 bytes) Hash 3dd408e1f47ddcb39be1e36b201c803e fe6398d380a573128514b6866861272c6396bf7b d08859c9abb70936eb0e939cd5621f7f90c85452e48db46e4af6bb520144c871 HTTP Headers GET /assets/images/logo.png?v=2 HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:53 GMT content-type: image/png content-length: 1956191 last-modified: Tue, 17 Oct 2023 07:50:53 GMT etag: "652e3cdd-1dd95f" expires: Mon, 22 Jan 2024 09:27:44 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 134385 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkFl8CE%2FTHkvCNxnPeONEyIWaro49eParpzMOI2WX0rZqo%2BIXWds1R8KPAH0FlvD5gxrs3iTI9WzohZkj%2FE%2BIIJfFxw7Kt856%2BwD9ZW%2Bv7B4wAOu7GUNR29TuIWe5YWTd5ku0d0AZaHOdA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca936cf3fb4eb-OSL alt-svc: h3=":443"; ma=86400

	777-welcome.lets-up.fun/assets/images/bg.png	172.67.201.195	200 OK	203 kB
URL GET HTTP/3 777-welcome.lets-up.fun/assets/images/bg.png IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type PNG image data, 1440 x 810, 8-bit/color RGBA, non-interlaced Size 203 kB (202896 bytes) Hash 91959e77dfd4b93ac0dd142dadb77c9a 23056a88712f1960094f058b118a07ccc80e8bde 3a648660fef744717bbb424e6f5b1d5ce1b103eda4e96173f650f9a426dd0fdf HTTP Headers `GET /assets/images/bg.png HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/bundle.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:53 GMT content-type: image/png content-length: 202896 last-modified: Tue, 17 Oct 2023 07:50:53 GMT etag: "652e3cdd-31890" expires: Mon, 22 Jan 2024 09:22:53 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 47120 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=343RCS5OV1RepaTKJGMoJTruUzOUHdfy%2FYdg4voB8DIPzvqlS1%2B9UAFvOrhNLWdVp4fX5IWC7UZ2srKu9Aik8bZTBos5RJPGBlFeVx7ylw1OV1ogF%2FhWFRyHFIJzw%2BJBvamiXDiUi0D93Q%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca938a93ab4eb-OSL alt-svc: h3=":443"; ma=86400

	777-welcome.lets-up.fun/assets/images/text-bg.png	172.67.201.195	200 OK	155 kB
URL GET HTTP/3 777-welcome.lets-up.fun/assets/images/text-bg.png IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type PNG image data, 1194 x 1198, 8-bit/color RGBA, non-interlaced Size 155 kB (154958 bytes) Hash 24925cc2e91f77187502f141cf525654 9a57c024e015ebbf92e210ee7e0dd9afa05e74e5 a7bf3991970f436e4a9fc7e211ea5cfd9c945d34b36ab42d715c0ff77b89c3ba HTTP Headers `GET /assets/images/text-bg.png HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/bundle.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:53 GMT content-type: image/png content-length: 154958 last-modified: Tue, 17 Oct 2023 07:50:53 GMT etag: "652e3cdd-25d4e" expires: Sat, 23 Dec 2023 09:22:23 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 1261129 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uH1JIvYv4JSw01uBhmW6l1sJMCtPFy0T4sgsUpvgCMkLLQYpFfGNNMfIy12ou7DXzx2qVXnvCLt1NhTAv%2BqiZxybNIsYyMsk1rhqQiyX9ShHJcFMaWeIz3DEZ%2BhXIIHsagodQBo310fu%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca938a940b4eb-OSL alt-svc: h3=":443"; ma=86400

	777-welcome.lets-up.fun/ljs/jquery-3.3.1.min.js	172.67.201.195	200 OK	75 kB
URL GET HTTP/3 777-welcome.lets-up.fun/ljs/jquery-3.3.1.min.js IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type ASCII text, with very long lines (65451) Size 75 kB (75295 bytes) Hash 4b57cf46dc8cb95c4cca54afc85e9540 05e1ad0cc600a057886deaf237ab6e3d4fcdb5ac a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855 HTTP Headers GET /ljs/jquery-3.3.1.min.js HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:53 GMT content-type: application/javascript last-modified: Fri, 16 Mar 2018 13:09:46 GMT etag: W/"5aabc21a-1538e" expires: Sat, 23 Dec 2023 09:22:23 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 2469050 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYjSFOpTSSEID22EhgAXWVBZh8Ge11C4PbpW03IrtMoJOERAYs6ydzw8f%2Favyqn%2FCFz5gPvCzEsdKIlQT3XbpWpDP0a0KqY0hbEGzpVkOSZCvmmCBvVqv3gysKZsXOj0BOEE5c%2BNYRny6g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca936cf43b4eb-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2	142.250.74.131	200 OK	16 kB
URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 142.250.74.131:443 ASN #15169 GOOGLE Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1 ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0 Size 16 kB (15744 bytes) Hash 15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 HTTP Headers GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://777-welcome.lets-up.fun DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 25 Dec 2023 23:43:03 GMT expires: Tue, 24 Dec 2024 23:43:03 GMT cache-control: public, max-age=31536000 age: 248691 last-modified: Wed, 11 May 2022 19:24:48 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2	142.250.74.131	200 OK	9.6 kB
URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 IP 142.250.74.131:443 ASN #15169 GOOGLE Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1 ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0 Size 9.6 kB (9628 bytes) Hash d9ac47c7e500fb7083b8d595eaf6fe12 112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933 495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9 HTTP Headers GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://777-welcome.lets-up.fun DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 9628 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 27 Dec 2023 21:48:40 GMT expires: Thu, 26 Dec 2024 21:48:40 GMT cache-control: public, max-age=31536000 age: 82754 last-modified: Wed, 11 May 2022 19:24:42 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWE1lELWVN-ttr.woff2	142.250.74.131	200 OK	25 kB
URL GET HTTP/2 fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWE1lELWVN-ttr.woff2 IP 142.250.74.131:443 ASN #15169 GOOGLE Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1 ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT File type Web Open Font Format (Version 2), TrueType, length 25048, version 1.0 Size 25 kB (25048 bytes) Hash d3886174922a9474a1c7e36b63e876a7 dd1f955ff24f38624a41ee08c56e7344bc6a97be 1d3696be6d5cbfdd96ac1ff1bf063012622b10711f4100169aa0cfb44543f957 HTTP Headers GET /s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWE1lELWVN-ttr.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://777-welcome.lets-up.fun DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 25048 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 28 Dec 2023 07:08:20 GMT expires: Fri, 27 Dec 2024 07:08:20 GMT cache-control: public, max-age=31536000 age: 49174 last-modified: Tue, 30 May 2023 20:26:43 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWE1lELWVN-ttr.woff2	142.250.74.131	200 OK	25 kB
URL GET HTTP/2 fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWE1lELWVN-ttr.woff2 IP 142.250.74.131:443 ASN #15169 GOOGLE Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1 ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT File type Web Open Font Format (Version 2), TrueType, length 25048, version 1.0 Size 25 kB (25048 bytes) Hash d3886174922a9474a1c7e36b63e876a7 dd1f955ff24f38624a41ee08c56e7344bc6a97be 1d3696be6d5cbfdd96ac1ff1bf063012622b10711f4100169aa0cfb44543f957 HTTP Headers GET /s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWE1lELWVN-ttr.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://777-welcome.lets-up.fun DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 25048 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 28 Dec 2023 07:08:20 GMT expires: Fri, 27 Dec 2024 07:08:20 GMT cache-control: public, max-age=31536000 age: 49174 last-modified: Tue, 30 May 2023 20:26:43 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWF1lELWVN-ttrN9Y.woff2	142.250.74.131	200 OK	16 kB
URL GET HTTP/2 fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWF1lELWVN-ttrN9Y.woff2 IP 142.250.74.131:443 ASN #15169 GOOGLE Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1 ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT File type Web Open Font Format (Version 2), TrueType, length 16308, version 1.0 Size 16 kB (16308 bytes) Hash 4e259d4d0621f16114872b9cdfeb9764 f86b112f70692326759cd134f7e006a7942945d8 771077580797bdd25763b2e56c3c44dc9a1462bb9d0982ea828b2333faa93fa7 HTTP Headers GET /s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWF1lELWVN-ttrN9Y.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://777-welcome.lets-up.fun DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 16308 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 24 Dec 2023 08:58:46 GMT expires: Mon, 23 Dec 2024 08:58:46 GMT cache-control: public, max-age=31536000 age: 388148 last-modified: Tue, 30 May 2023 20:21:59 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWF1lELWVN-ttrN9Y.woff2	142.250.74.131	200 OK	16 kB
URL GET HTTP/2 fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWF1lELWVN-ttrN9Y.woff2 IP 142.250.74.131:443 ASN #15169 GOOGLE Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1 ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT File type Web Open Font Format (Version 2), TrueType, length 16308, version 1.0 Size 16 kB (16308 bytes) Hash 4e259d4d0621f16114872b9cdfeb9764 f86b112f70692326759cd134f7e006a7942945d8 771077580797bdd25763b2e56c3c44dc9a1462bb9d0982ea828b2333faa93fa7 HTTP Headers GET /s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWF1lELWVN-ttrN9Y.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://777-welcome.lets-up.fun DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 16308 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 24 Dec 2023 08:58:46 GMT expires: Mon, 23 Dec 2024 08:58:46 GMT cache-control: public, max-age=31536000 age: 388148 last-modified: Tue, 30 May 2023 20:21:59 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWF1lELWVN-ttrN9Y.woff2	142.250.74.131	200 OK	16 kB
URL GET HTTP/2 fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWF1lELWVN-ttrN9Y.woff2 IP 142.250.74.131:443 ASN #15169 GOOGLE Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1 ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT File type Web Open Font Format (Version 2), TrueType, length 16308, version 1.0 Size 16 kB (16308 bytes) Hash 4e259d4d0621f16114872b9cdfeb9764 f86b112f70692326759cd134f7e006a7942945d8 771077580797bdd25763b2e56c3c44dc9a1462bb9d0982ea828b2333faa93fa7 HTTP Headers GET /s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWF1lELWVN-ttrN9Y.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://777-welcome.lets-up.fun DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 16308 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 24 Dec 2023 08:58:46 GMT expires: Mon, 23 Dec 2024 08:58:46 GMT cache-control: public, max-age=31536000 age: 388148 last-modified: Tue, 30 May 2023 20:21:59 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWE1lELWVN-ttr.woff2	142.250.74.131	200 OK	25 kB
URL GET HTTP/2 fonts.gstatic.com/s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWE1lELWVN-ttr.woff2 IP 142.250.74.131:443 ASN #15169 GOOGLE Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1 ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT File type Web Open Font Format (Version 2), TrueType, length 25048, version 1.0 Size 25 kB (25048 bytes) Hash d3886174922a9474a1c7e36b63e876a7 dd1f955ff24f38624a41ee08c56e7344bc6a97be 1d3696be6d5cbfdd96ac1ff1bf063012622b10711f4100169aa0cfb44543f957 HTTP Headers GET /s/geologica/v1/oY1l8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckUWE1lELWVN-ttr.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://777-welcome.lets-up.fun DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 25048 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 28 Dec 2023 07:08:20 GMT expires: Fri, 27 Dec 2024 07:08:20 GMT cache-control: public, max-age=31536000 age: 49174 last-modified: Tue, 30 May 2023 20:26:43 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn.lets-fun.top/ljs/gp_visits.js?v=10	172.67.190.176	200 OK	67 kB
URL GET HTTP/2 cdn.lets-fun.top/ljs/gp_visits.js?v=10 IP 172.67.190.176:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-fun.top Fingerprint63:E0:52:6D:B4:CE:83:EA:C9:73:2B:19:3B:29:D4:3A:28:05:4D:86 ValiditySun, 24 Dec 2023 05:59:01 GMT - Sat, 23 Mar 2024 05:59:00 GMT File type ASCII text Size 67 kB (66583 bytes) Hash dfc354aaf627308bf183059d2323f49f 0e7ddc94b5b8d521e21980d48bdaa816d876bc94 c7c5ab1162447eb5d767b50e166af2903ca0e73940ccba8efda8687b82116f46 HTTP Headers `GET /ljs/gp_visits.js?v=10 HTTP/1.1 Host: cdn.lets-fun.top User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Thu, 28 Dec 2023 20:47:53 GMT content-type: application/javascript last-modified: Wed, 11 Oct 2023 10:12:53 GMT etag: W/"65267525-3149" expires: Thu, 28 Dec 2023 05:59:36 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 2553903 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goRZxmYPRHBaVIb2nTodOvmMNMq9Yj4nw7xRHQx6ea9SBUluVT%2Fj%2Bg7c8paJFLXfeQcw%2FiKSi6zSDQxvzyQLwIsr52WHnYx75l9ybot56WZ%2FpMwJnq8UzDqoOtp7EQc%2B0MQZ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca93788a1b521-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	777-welcome.lets-up.fun/assets/images/apple-touch-icon.png	172.67.201.195	200 OK	11 kB
URL GET HTTP/3 777-welcome.lets-up.fun/assets/images/apple-touch-icon.png IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced Size 11 kB (10790 bytes) Hash c33f8f5e9d805247e7b856db19c93723 0a2f0562738ec3a5c769d5ef665470a762a17635 2493901846558be3825d99e4f3dd5bd0cb75ae12baa42510cfad6d7254a61a09 HTTP Headers GET /assets/images/apple-touch-icon.png HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:54 GMT content-type: image/png content-length: 10790 last-modified: Tue, 17 Oct 2023 07:50:53 GMT etag: "652e3cdd-2a26" expires: Sun, 31 Dec 2023 01:52:06 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 400606 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfGGz9hHp2BUJPcjKvc8djdNUFYFxY%2FflPTwhqgwYPxvZVLKMFIgfWXzusNYOeAJ8j8o%2Fo0wG2lKaiDMGiFyRVXlWmlffiHNqknRw%2B6EhS1D8klERmdG7a6Q0dYqotgkCeQp%2Bxxu1x02rg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca93deed7b4eb-OSL alt-svc: h3=":443"; ma=86400

	777-welcome.lets-up.fun/assets/images/favicon-16x16.png	172.67.201.195	200 OK	1.1 kB
URL GET HTTP/3 777-welcome.lets-up.fun/assets/images/favicon-16x16.png IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced Size 1.1 kB (1111 bytes) Hash c8b11e35e9321ab755664acf85cbebc8 77184ec7bcf6571712357cedcc9d249a201661a0 de1fa77226d6e0425df1a2c6c1fd8cb8e0bb953d0a69a9b35fd4ac89826d3b04 HTTP Headers GET /assets/images/favicon-16x16.png HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:54 GMT content-type: image/png content-length: 1111 last-modified: Tue, 17 Oct 2023 07:50:53 GMT etag: "652e3cdd-457" expires: Mon, 22 Jan 2024 09:44:54 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 462580 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivyZ%2ByIXuBKfVgaO%2BGc52HEOxHTzVTt9sbHYoTJFgaZmgPketEoyTXQ27gDtA5psZqmG1O%2ByFpUj%2FqfWfPY6zv%2F9NYH3dUQkC9Y5I6LUBFTYBNRiIsgoheCq%2BWahY2SZKQZZPV95pDOUZQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca93dfed9b4eb-OSL alt-svc: h3=":443"; ma=86400

	www.googletagmanager.com/gtag/js?id=G-9JXW6PKGJE&l=dataLayer&cx=c	142.250.74.168	200 OK	93 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-9JXW6PKGJE&l=dataLayer&cx=c IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT File type ASCII text, with very long lines (5955) Size 93 kB (93053 bytes) Hash 865960989d6aefa430346b1d8e7bec66 3de073e9bc1272974760aa5bac00942c253bc833 9ed21f03e36bd4bb572064e2c328e42be47bcde4b8757f30435e9424694f624b HTTP Headers `GET /gtag/js?id=G-9JXW6PKGJE&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 28 Dec 2023 20:47:54 GMT expires: Thu, 28 Dec 2023 20:47:54 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 93053 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	777-welcome.lets-up.fun/proxy/visit.php?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100	172.67.201.195	200 OK	15 B
URL GET HTTP/3 777-welcome.lets-up.fun/proxy/visit.php?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type ASCII text, with no line terminators Size 15 B (15 bytes) Hash d145c406b488dbceeaca5450bf2a2328 4f81c6486acc356673c642f2a5dc89f265a57169 510252149fdd73f1368113e64b94c80804be00fa3349bb18577f85a9aac5dddc HTTP Headers GET /proxy/visit.php?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:54 GMT content-type: text/html; charset=UTF-8 expires: Sat, 27 Jan 2024 20:47:54 GMT cache-control: max-age=2592000 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtlBleGwbcRxFZqFXLyLhoxikX95Ufe%2BWMIBb3krQ9r5VYg1gPjQgWsz9DHOVBN453uyGqd2NubBIPisAwyiF3T0iwtZGZfNdZi5tWw%2FjBeF2qq2BnJLeB87mJSpOboBlAb2%2BSHIZwc5%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 83cca93aab32b4eb-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100	172.67.201.195	200 OK	5.2 kB
URL User Request GET HTTP/2 777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (4983), with no line terminators Size 5.2 kB (5189 bytes) Hash 769b9049bf54a21d0c2b81add8f4fb91 26ed18364745a4f64a8be0e6dbec63653b231c9d 0bc850681c64b5dc6442a3915df83a350e286b95bef7a69163c8653ca3725c94 HTTP Headers GET /?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Thu, 28 Dec 2023 20:47:52 GMT content-type: text/html last-modified: Tue, 17 Oct 2023 08:50:21 GMT expires: Sat, 27 Jan 2024 20:47:52 GMT cache-control: max-age=2592000 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgSVMVHx74rpxY2IBHZygeHkGIr%2BLF%2FbrsuA4LuPahScrAiK%2BC8nSmv4XV3m0Dsi6WNzfcycvQgrTCR9l34OvcFduyeB9CHn%2Fv6PisavpWMyTvjcNTOUz9YQ22L1O%2BujrNfaVwOIgU0%2Fow%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 83cca9337f3c7130-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtm.js?id=GTM-ND2Q8XNQ	142.250.74.168	200 OK	176 kB
URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-ND2Q8XNQ IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT File type ASCII text, with very long lines (3026) Size 176 kB (176484 bytes) Hash b6a28514c2df79fe3f6f55186ed28fcb 8a20d32266a6103a2323c05fff131d58cc71d763 91c7766a68e53549c1705bde96172de1c9f274f269b58cb9083a055af81223d5 HTTP Headers `GET /gtm.js?id=GTM-ND2Q8XNQ HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 28 Dec 2023 20:47:54 GMT expires: Thu, 28 Dec 2023 20:47:54 GMT cache-control: private, max-age=900 last-modified: Thu, 28 Dec 2023 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 63185 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	777-welcome.lets-up.fun/fonts/1f074653ddeb1b31f259d24206d3795d.woff	172.67.201.195	200 OK	44 kB
URL GET HTTP/3 777-welcome.lets-up.fun/fonts/1f074653ddeb1b31f259d24206d3795d.woff IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type Web Open Font Format, TrueType, length 44016, version 7.504 Size 44 kB (44016 bytes) Hash b90ad561a694cb6303192e5f0f5a79d0 34ae225c72d0ba039ad072629586e5225d92b455 16c880819b5bf801eb4df8176fe8af41093981ff7c913185d1f661c010d2f240 HTTP Headers GET /fonts/1f074653ddeb1b31f259d24206d3795d.woff HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/bundle.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:54 GMT content-type: application/font-woff content-length: 44016 last-modified: Tue, 17 Oct 2023 07:50:53 GMT etag: "652e3cdd-abf0" expires: Fri, 29 Dec 2023 03:50:59 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 349529 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQ%2B9Lgu79zKEOZsdOA4jKwezGImKVKtMiR9dTO2%2BjULiP%2FRllmQlUldz2t%2BsJpT1GFb9WdgBG3zB2623il%2FdLrIfZrBqMC3SHYeP2GLfPuBI%2Bk1IAFscdIZBodPAu%2F2nOwl2QXxba%2BMj1w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca93a8aedb4eb-OSL alt-svc: h3=":443"; ma=86400

	777-welcome.lets-up.fun/bundle.css	172.67.201.195	200 OK	7.4 kB
URL GET HTTP/3 777-welcome.lets-up.fun/bundle.css IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type ASCII text, with very long lines (7402), with no line terminators Size 7.4 kB (7387 bytes) Hash 9cc7f593fb52960ace480a44a8f3ea03 cf3220f53f9e1d9957ed0c980eb771c84499e466 2697f85aa9e11df6f92e4a1f11825e79411b81067e64abc730d37676f4c95327 HTTP Headers `GET /bundle.css HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:53 GMT content-type: text/css last-modified: Tue, 17 Oct 2023 07:50:53 GMT etag: W/"652e3cdd-1cdb" expires: Sun, 31 Dec 2023 05:11:30 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 41292 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7gDTXul18A8StwjSZsyDBmS7wvk%2FHWiIDrlMgepcrvHbQ7zHV7OpmV2TwLTr88pff%2BkJfefmNnN%2FVoDwC%2F5GrqtbcrQIrvoTLkj6cijOWHnKvNlMqnfC4CmmPj7w14F%2BWird078Od6aCA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca936cf3db4eb-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	777-welcome.lets-up.fun/assets/images/cloud.svg?v=1	172.67.201.195	200 OK	11 kB
URL GET HTTP/3 777-welcome.lets-up.fun/assets/images/cloud.svg?v=1 IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type SVG Scalable Vector Graphics image Size 11 kB (11180 bytes) Hash 3c73873ddfb50acce5b878327fe25094 4ea07e8a8a3d55dda0d779eb16bab4468ff8d477 a6f711f3976025db9ecb72d4343453ddd4340a98efb337b0a3b85b5358b5c853 HTTP Headers GET /assets/images/cloud.svg?v=1 HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:53 GMT content-type: image/svg+xml last-modified: Tue, 17 Oct 2023 07:50:53 GMT etag: W/"652e3cdd-2bac" expires: Fri, 29 Dec 2023 05:20:31 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 47120 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dWR60bsJ1BzMFjMRHvwVhiln6KuNnXs6%2FclMT88Db6f9nWmxHcCDUO5FvSzphtT%2B6x7W3jSE%2F5lT79E8Tw9OgUxUrSAJCn35sQ2duFj08eBOzs%2FN4JiKnFd0VhcSJxkJZoayTpkzXswDA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca936cf40b4eb-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	fonts.googleapis.com/css2?family=Geologica:wght@400;500;900&family=Roboto&display=swap	142.250.74.106	200 OK	9.5 kB
URL GET HTTP/2 fonts.googleapis.com/css2?family=Geologica:wght@400;500;900&family=Roboto&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT File type ASCII text, with very long lines (9747), with no line terminators Size 9.5 kB (9522 bytes) Hash 25fdc008c6287b95768c669f85b36550 aa7030b11db22019182c5a51c72d8bffcf5ea0f0 3393f123b3d7c208897772eff864beed13595e0dec4a68ed29fe1eabff4c340a HTTP Headers `GET /css2?family=Geologica:wght@400;500;900&family=Roboto&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 28 Dec 2023 20:47:53 GMT date: Thu, 28 Dec 2023 20:47:53 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	777-welcome.lets-up.fun/assets/images/partners-list.svg?v=1	172.67.201.195	200 OK	59 kB
URL GET HTTP/3 777-welcome.lets-up.fun/assets/images/partners-list.svg?v=1 IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type SVG Scalable Vector Graphics image Size 59 kB (58772 bytes) Hash 611c8f1102b460788cd3ff7c4771a548 ea68babe0b56c9cf009b9a66e6ab307d2548687f a10625aacb0f4b53b034dbd81f9fa8928426c264a60c3343427ca843f81f2988 HTTP Headers GET /assets/images/partners-list.svg?v=1 HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:53 GMT content-type: image/svg+xml last-modified: Tue, 17 Oct 2023 07:50:53 GMT etag: W/"652e3cdd-e594" expires: Sun, 31 Dec 2023 03:49:19 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 364071 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02iVqLHigv7IisRCMPr6GtVn%2F6Q%2ByIVGKP%2FSa1A%2F3wKs5ho1gA7ZOc7UjJEjsliYJUoHqkxvcJ%2FYltsKA%2Fbf7psZbtN7yF462NoY9rfVT00aAyIkAcCFi5WNEj05HjqBYVfBMloOERbFDA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca936cf42b4eb-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	777-welcome.lets-up.fun/main.js?v=3	172.67.201.195	200 OK	130 B
URL GET HTTP/3 777-welcome.lets-up.fun/main.js?v=3 IP 172.67.201.195:443 ASN #13335 CLOUDFLARENET Requested by https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Certificate IssuerGoogle Trust Services LLC Subjectlets-up.fun Fingerprint88:0E:D7:2D:81:C9:65:97:B5:CE:D6:69:1A:F1:8F:FB:98:D6:7F:B9 ValiditySun, 10 Dec 2023 01:39:11 GMT - Sat, 09 Mar 2024 01:39:10 GMT File type ASCII text, with no line terminators Size 130 B (130 bytes) Hash 308be761dc513122b8c4593f678d9797 ed72f3d01ce0b3f6bf44148a98f919d3c31cd0bb a075b285a18006850c407446231f42fa6deeb0407eb4b327c2ebda34d7bf91ba HTTP Headers `GET /main.js?v=3 HTTP/1.1 Host: 777-welcome.lets-up.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://777-welcome.lets-up.fun/?refcode=P6Gkt1JqAruPl&click_id=658dded3386c0f0001773bb7&s1=15&s2=100 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Thu, 28 Dec 2023 20:47:53 GMT content-type: application/javascript last-modified: Tue, 17 Oct 2023 08:50:02 GMT etag: W/"652e4aba-82" expires: Fri, 29 Dec 2023 04:47:09 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 462607 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Gunr1x5N2HyAvwpXOOXs9jI%2Bz%2BncnU7nWCh2HD7pQW870T0MGN%2BXWeiHyAh7Ak9HzHgoSjzUIc%2FE24MTnhxhZs9Cy3zf0arHzBDwXWkV%2BnGgFbVfvOTjoT9fuFj1dHDpM4pd2KoDfp2ZA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 83cca936cf46b4eb-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (26)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash