ribhek.com/ar/spinwhel-jo/img/2.jpg
104.21.17.21200 OK 8.1 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/2.jpg
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3
Hash d3a748efcc12b64924280109f7b42c99
733dca7bef4f1f344b9bd0176ed9f8e6b38111e9
0f6c00936fa720c5c4b4bd5b410badd270114ba65d06ad148b550617a296ab17
GET /ar/spinwhel-jo/img/2.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/jpeg
content-length: 8149
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "192591960bd52039aaec63c9d453a3a2-ssl"
x-nf-request-id: 01HWQWWRPF744S58H3E697H5A5
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DcfCzRGt3ea7Y8S0H9ttkLsTZF1PrMVP7m0ldZQQ0LbDQClCPYNJ72fH3Ii5rKVJHMxJ8%2BQK6%2F7o7rA%2BmKpddklhrEo0cJgdE9BAHpigML2%2B0eRAj9A%2F6C38SGmE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd34ad356bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/4.jpg
104.21.17.21200 OK 21 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/4.jpg
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 400x400, components 3
Hash 5c6bd23de24730e4b4b37730dd74aef8
6ad9ac3a16e2cd8521eeb8d918f0ceb383fb1f90
2fa0af8cb1cffe84b9fadb389a4750f9fe8a5a1ff0a3bce12ec329d4c5e9bcd8
GET /ar/spinwhel-jo/img/4.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/jpeg
content-length: 21109
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "143c69aaf1e8ba0aabf3dd9ec1d9e445-ssl"
x-nf-request-id: 01HWR7RQJ1ZSBAF67Y0GTN230S
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPjT7CdqRjdiLP4bPcbMXilz674eHk%2FgWlsTCB9oXcCinHhrFw8ZC2MMd4oOG%2BbA2svipTSaoYxY4hC93m3r63DRSLoP0joCzZcv40ohTBH5I3yUJ13Au8LqdJvF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd34ad456bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/8.jpg
104.21.17.21200 OK 4.8 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/8.jpg
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x240, components 3
Hash f1b90b01b26661e37ecdb01a4753a1bf
b6c3960258ba473581daf27df9db972540ec29ed
a8079bac57434af72b399fb198d79cbd9c46a5363096afa97398e4da4228218d
GET /ar/spinwhel-jo/img/8.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/jpeg
content-length: 4831
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "b9ce8499900b91e7201edecbf1f2962e-ssl"
x-nf-request-id: 01HWN39Y7TYYXA2VF5VNFG5R0V
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7RZUmSTaN46OpoPKr%2FACts1OXDhuAhMdR9tWSXuYSIzmUApmioQf8UeziXHp1Pq1IeHgsqBnc%2BcPYMgyzbxj5PTF5%2Bzrtco5lCKVcYnGuL6EkLVmprLYgSxMsOC3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd34ad156bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/spin_vi.png
104.21.17.21200 OK 163 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/spin_vi.png
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 501 x 501, 8-bit/color RGBA, non-interlaced
Size 163 kB (163067 bytes)
Hash 721d27b84f5d72df825d229e1f229f6c
fe7a1cdaba1480ed91a2ce1c5b6d5a0dab8f716f
e7518cc0a9bcfcfc300ae017ec2f7887676683076ecffee15901de3641533f0d
GET /ar/spinwhel-jo/img/spin_vi.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/png
content-length: 163067
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "d66bd3441e52462fda23cb5a1056021c-ssl"
x-nf-request-id: 01HWQWWQY8QBVZMAYM7WREPC51
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3RVKWjpGBQrN2BFSTq5DlZQdmiOCmL8KNFhbhrIa%2Fr0KHZk3NMGd%2FTp9baDL%2FOcyzJ7cWTdwjBndhMhwWHtTUqc5CR7U%2B6p8xKHg4Dhl3U4cSO45ubAwhIRdKuf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd34acd56bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/cash.png
104.21.17.21200 OK 249 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/cash.png
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 640 x 390, 8-bit/color RGBA, non-interlaced
Size 249 kB (248803 bytes)
Hash 8adc4202bf84259bd4f670a9e4de1a77
aeb039dfe904312a52e055616a89c6263bb77f9d
95a3167a429d35419d37390bfbb4acc8342c4b9c12e7d4366baba6a15064e59d
GET /ar/spinwhel-jo/img/cash.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/png
content-length: 248803
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "958398ec237b4abf9c142a78c5a13169-ssl"
x-nf-request-id: 01HWRBM54NF1F3J80NR8Q9WPPB
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Otn4E4fgyGnaFKw%2FfpW9VZFjsaf1mv%2FRLyFk1kSEeCsdcLooGbiQ5R2FtC%2BtHuo0ks0rWc3VP8Blto1ZqFo51soAgSuh49WTs60O4du17OMyQcbInjQPKuH8a59g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd34ad056bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/1.jpg
104.21.17.21200 OK 18 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/1.jpg
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Smiling hispanic or middle eastern young man looking at the camera��], baseline, precision 8, 360x360, components 3
Hash 8d4757a7ca89741ae1ef279ac277739b
e3134530778bbf711de60829f9ee270ae3309d4b
e0b4b9068a7fe672f712bb1a39080e06604c506465394214cfde2382ba52f047
GET /ar/spinwhel-jo/img/1.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/jpeg
content-length: 18232
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "0fdf1d98ca06e6a3b06349fd9985af77-ssl"
x-nf-request-id: 01HWR0ZBPJ9B2RVD40JRDYK5WF
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUIrxsJ8W%2F5G02%2BNqoqsKEQIQ%2BljLdjH%2FG58dTf44FfyMluKv4nQ%2B0Ak0iHLO%2FPNBlzGL3aNF5vkN%2BDr628z7b4dsWV85KsH73hDjicesUinFPpMUnAvhhKLx3E1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd34ad256bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/3.jpg
104.21.17.21200 OK 15 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/3.jpg
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Smiling young man looking at the camera with his arms crossed��], baseline, precision 8, 360x360, components 3
Hash 56612da382cd894c3d9a7066200c8987
b50307ef6d081ab84e04f3077551ef52bc677bf8
235ac72915d61b0433f01ae12e6a2a0dd5a676b0e85fdeeb67f6a5b2ea9bb63d
GET /ar/spinwhel-jo/img/3.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/jpeg
content-length: 14686
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "a84fd5388db24f436ebb6879d0e97503-ssl"
x-nf-request-id: 01HWQWWRT5P0D6QR5452Z0SQ18
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PDOArsncAIiJax6Nim4qgoV0RRLDRhIPvruQhFRqyRUyfZOjFz3Rer6LQK%2B4XrMl9pjeFAAHvzOUMBXE%2F53CnMHGqXRhQoVUQ4diQSKLkTGKoBJtyjlyJ%2Bqq%2Bg0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd34ad756bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/5.jpg
104.21.17.21200 OK 48 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/5.jpg
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, copyright=Shannon Selim], baseline, precision 8, 640x640, components 3
Hash 6b4d6ee00c74e83d9951c81d58ce9295
9594243fe36fb66f7f0cf659cd279be1cf1cc864
49950c2963d8d425b48440d5663c436b5cd6a4ee550f57912120d530c96032d2
GET /ar/spinwhel-jo/img/5.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/jpeg
content-length: 48500
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "b7af897904fb4d58f4a27936259bb793-ssl"
x-nf-request-id: 01HWR7RQWCF0GR261JX73NAFCK
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZlXs0CLpgOyzcxVaIYEXfqmlTYEyNG%2FAFTwlB%2FaV1NPZg%2FgNjF5A6e4FePO1BE1ReSRt3OAg2khJ4pRaA1m884qTsHnjz%2F%2FqN9QPVqrnNXf%2FOApiEcPKAalMQBIG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd35ada56bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/6.jpg
104.21.17.21200 OK 21 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/6.jpg
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=happy refuuge at camp��], baseline, precision 8, 408x408, components 3
Hash ccddf6a16d3fcc1c7ba4acef48fdef50
de01377d44746d8e92c46e1a64788b5df04340d4
a6fc77c7cb826f01f0aa8c3182b8b0006125f0d5fbec3ceff93b004d14e17d01
GET /ar/spinwhel-jo/img/6.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/jpeg
content-length: 20826
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "d9f71630def6a1050f1f740068adb403-ssl"
x-nf-request-id: 01HWRBM6XG8DJ42DX1PMMPJ3VJ
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Dcqb7qUMBZjJc7fvce52UxWViC29Bdcy221tYu3bOJBs3dVj0hdUBKOybd1ekOWSpt7V%2FY7V13YMRvizWPFUJ7IDEPJewy3vwvOsZsRntoVejAlWmrbWT%2BxTDBg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd35ade56bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/7.jpg
104.21.17.21200 OK 26 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/7.jpg
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x400, components 3
Hash 22cb80edd617362c5465bc2e8f8871d0
aa39c3c8c4dfb74089b63abef0e33e74e8fe5210
eaa4bd9a29ee64b0d8e79df7304706004eb6be85fc417f7ffaa0cc7eb6541635
GET /ar/spinwhel-jo/img/7.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/jpeg
content-length: 26430
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "5f713f6c2173d1bb8ea9cf3786e18e19-ssl"
x-nf-request-id: 01HWRBM6XSPJXK6EP81N5XZTB9
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khSPjhsD1fPuyfAF26FHKjqv4Yd8urVfXN0yxbLEt6q82aFJCY1XIQtu09uN82VA%2BRIZg%2FELMdYbqkQdPg0Vm%2F9QqZvP8kqW2VCwu2l6YhRs%2Ba6qA266dlrJPxk1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd35adf56bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/smiley.png
104.21.17.21200 OK 5.0 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/smiley.png
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced
Hash 6a1b1fb2c9a70e8bb232985a5e7c76f2
a371f8e561576cb893e897f1e156597d3abbd0be
68c86e51e47a972e3191621e48685c0d9d1e166235cd816dc74370bc439567fc
GET /ar/spinwhel-jo/img/smiley.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/png
content-length: 4992
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "a770a97f2ef0e3b3edd238062c9e3313-ssl"
x-nf-request-id: 01HWRBM6X0PME4Q61KZE6NFKMS
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P4gyNADRJKIKG0u6tcMs1l3r3Y3dqE4qqt87htYJI45lqB47LFhrU76pKOm86QHJOqUAWnmf8ywOrRijZ4%2FR%2BDUr4F2qQm3iqjisVrUYHj%2B8cdVnVeQiolK9PSIy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd35ae456bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/refresh.png
104.21.17.21200 OK 1.8 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/refresh.png
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced
Hash 2d0f4539e28850747bcdf03e8c9a9f10
c400935fad4c29d04714cf5b9e74fb4d4d8f1e1d
c04fa254d43e1b6db555962ac2dbc6cd67d47aff3c1d7895a229cdaca87a688e
GET /ar/spinwhel-jo/img/refresh.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/png
content-length: 1798
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "a8f2cf0e5f0e85d12faa27e61c1d49a3-ssl"
x-nf-request-id: 01HWR7RQWR2188V3TZ33356KAN
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FvMPj%2B%2B4qQxUsYjx2vxSPEzd1nMCXi01%2BdjlK5qQmeFVof7ZpPg8K3MZKfmO3wycnXNFZuJ%2BhJQY0A%2BUTeQQ%2BKIlUdxMhqubfLmoBABYM%2FJVuSeJJ8hKFHG6KJA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd35ae856bd-OSL
alt-svc: h3=":443"; ma=86400
my.rtmark.net/p.js?f=sync&lr=1&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc
139.45.195.8200 OK 697 B URL GET HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc
IP 139.45.195.8:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File type JavaScript source, ASCII text
Hash 9f449dd93aff5d19981521dc1718011e
704d0f2cef85ba5c7f36a9ba707b9116b88ff8f5
78a9e77051816292528bde89251006ecd6c3f563218f4d78217df175b2883029
GET /p.js?f=sync&lr=1&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 14:28:19 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ribhek.com/ar/spinwhel-jo/img/spin.png
104.21.17.21200 OK 2.4 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/spin.png
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 142 x 173, 8-bit colormap, non-interlaced
Hash 79051a4f9ac575664b4d932d577a65fc
ebae669a090fd6de43fb1854e5ba4868e8e8ffc0
0109faa660c321bbc20f82c8ba38eddd5490bc3b77d72c4b1de965a01a4f12b4
GET /ar/spinwhel-jo/img/spin.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/css/style__base.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/png
content-length: 2444
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "8cf94e3e08876699f7d4768c58d88a1c-ssl"
x-nf-request-id: 01HWR0ZDKVZ7JFYSDMWMKTMVZM
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRYYnOoNKW5ec7Ej25ExcKMWMeMQhvi6v2%2BLMEB3A6L1hrzhV7xTQtfZGlX%2BlAAB6kqxdfY4PxsJ%2F3wMmyIqnp1g503cL2tddL1vfSc2ejFJFnCgzD%2BF4LJ7uTK4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd57d7356bd-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/img/logo.png
104.21.17.21200 OK 5.3 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/img/logo.png
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Hash f5d64acf78143acb73a116a4c30059c2
b63e4e1e6b388095aef36318bb3a2d13d63d7d15
53fe91634fedea3522c7ab24f307f994b19aaf87f2b745e99916e691c53b35d6
GET /ar/spinwhel-jo/img/logo.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/png
content-length: 5346
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "971de0900309431e7f297a1e26fff1c6-ssl"
x-nf-request-id: 01HWR0ZE4PY8CN6RTQCY621ZC8
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Id7x1aycvhqkjdL3HlqwvrzeOLZI578V8KeYCIvi4gZGnDL3V0CNLtN%2F2UM3z4Z2noLB7SrhDzUycN4pGx8OQ2j4wXj2ohNU3U%2FHBmJiHqWR9TPAwzPv28kgCmgZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd6be8156bd-OSL
alt-svc: h3=":443"; ma=86400
bujerdaz.com/zone?&pub=0&zone_id=7071124&is_mobile=false&domain=ribhek.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=afcda879-fb8e-4906-a8f4-9eac85891182&action=prerequest
139.45.197.250200 OK 0 B URL POST HTTP/2 bujerdaz.com/zone?&pub=0&zone_id=7071124&is_mobile=false&domain=ribhek.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=afcda879-fb8e-4906-a8f4-9eac85891182&action=prerequest
IP 139.45.197.250:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerLet's Encrypt
Subjectbujerdaz.com
Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3
ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /zone?&pub=0&zone_id=7071124&is_mobile=false&domain=ribhek.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=afcda879-fb8e-4906-a8f4-9eac85891182&action=prerequest HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 14:28:19 GMT
content-length: 0
x-trace-id: 052ef655183efbdd473469be5513419f
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
jouteetu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 597
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 14:28:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a1d35df7fe5013d531937548a91657f0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
jouteetu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 595
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 14:28:19 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b5531d232f140d0fef86f1925861fb78
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ribhek.com/ar/spinwhel-jo/css/style__base.css
104.21.17.21200 OK 4.4 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/css/style__base.css
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash 5af9199e58d12f7d074412e74d9a3d3d
74c11cb489a368220c3144e4570ad5b34afa75c2
708ad2fb793e0817fdf6bd7b0401e172f9566033232f148439e6f42b2f3b0999
GET /ar/spinwhel-jo/css/style__base.css HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"48cda9d2e1e4882f881c36734d6c0dbf-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWRBM546JVDF4Z0YT3NA1TDT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FakVWHncodexFkKm6yvX55PFPoVfYqHD3heOLf%2FTAhfcQasPPAD%2BZVMHuQiu%2BQquZI3J75F2n%2F%2F%2FaBCXazomo4VT7aoqeFirDne8wl2kIFJtS3YoVEwggrEuu9Cd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e0efd34aca56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/css/style_a.css
104.21.17.21200 OK 1.8 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/css/style_a.css
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash 58426b100bb2d1f7a2b9e535d1d53dbf
fad1af737566c2ac0fe6684e4dcb68b177f9a62a
8259a4387fb3e0a8fb603335e81f2aee08f315f68d23c63af03e519a3f5683b1
GET /ar/spinwhel-jo/css/style_a.css HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; fwd=miss
etag: W/"1473adf58d9bbec22e785727559b8c51-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWSA3JR71JF3CRCHTECZZY7G
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QCTKMhBHoeddtx6YztdQFk8p1ZKAT0kFnqXtS8zqnCTCZLc0NrZ6z%2BS1t7hPvof0BHqpSSaeKlnnjHDZ4Po3yWOF4r7OoShaBfJaTHDdXwZEIbRoItLaNNijZIc3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e0efd34acb56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash 0ece5325b66423471ef8387acc4de029
f396a0b303a88e159f3a6b697e24a614c3c5fc87
027c25531b0ce1e1288f526aa2da0606dfcd778a270701cc9382a0ffd1dbfe6d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ribhek.com/
Content-Type: application/json
Content-Length: 1223
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 14:28:19 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc&ttl=&rurl=https%3A%2F%2Fribhek.com%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%23
139.45.195.8200 OK 43 B URL GET HTTP/2 my.rtmark.net/img.gif?f=sync&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc&ttl=&rurl=https%3A%2F%2Fribhek.com%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%23
IP 139.45.195.8:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File type GIF image data, version 89a, 1 x 1
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc&ttl=&rurl=https%3A%2F%2Fribhek.com%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%2Far%2Fspinwhel-jo%2F%3Fuclick%3Dj246ojir%26uclickhash%3Dj246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 14:28:19 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0880519ba2d942e5e0b2a55a1ab790bb; expires=Sat, 03 May 2025 14:28:19 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ribhek.com/sw-check-permissions-39799.js?zoneId=7071124
104.21.17.21200 OK 775 B URL GET HTTP/3 ribhek.com/sw-check-permissions-39799.js?zoneId=7071124
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash e0144a309aa6909ad0e562fd78b31b8c
271dc63301f2d88f5a87b8cdb320807a6d942e46
0bcf2a9473c63763a589cef771ca39e02fdf01bc4219f34bb0eeb8abce855d91
GET /sw-check-permissions-39799.js?zoneId=7071124 HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"b66b69ce955a5c83d67e661d27432485-ssl"
x-nf-request-id: 01HWQWWSHBDCFCVH3ANW4N6C7G
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D5hu0p5B%2B3zORAKg70BL%2FP64oMjWoevzCuTR5rTXSp1vrzsM%2FXrmElGxNd3MvEkkbr1dvyM3Gpg8Ok4n8QGALpTp89wwI2rFJ3kf5HrhANJKMmpU9ME5IULZCEtx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e0efd71edb56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/js/en_date.js
104.21.17.21200 OK 6.7 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/js/en_date.js
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type ASCII text, with very long lines (7106), with no line terminators
Hash ea133004ba2ee7bebc25767e49cb99ff
50c4bbb8423fe9d364798f28c8260cf66916b677
cda4a08060ba5f9871213274ab4f043f97f74311196eb4916fef50700178cff8
GET /ar/spinwhel-jo/js/en_date.js HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; fwd=miss
etag: W/"3ffc4d8daf8a0279c657879a371a6eff-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWTSNY8A691MCRT0TE8V442K
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXwHjdoSVdF7hPeazAHncQhOgJjxolo8tsSYzF3BL77qr7V3iAdYzWG6SwOcU7GUbE7lucJtbjH3RHBkMItx%2F%2BE%2BdAlexL2dkMNCrpjcU8q6jup9nrilOwPCIDdU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e0efd34ac856bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
bujerdaz.com/pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js
139.45.197.250200 OK 37 kB URL GET HTTP/2 bujerdaz.com/pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js
IP 139.45.197.250:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerLet's Encrypt
Subjectbujerdaz.com
Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3
ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
File type JavaScript source, ASCII text, with very long lines (37142), with no line terminators
Hash 32d6dbd00a639e2cd10d1704b9159bd5
0dab4c95675393f1d0e13d20f13d80ee12e41d95
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 14:28:19 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ribhek.com/ar/spinwhel-jo?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
104.21.17.21301 Moved Permanently 16 kB URL User Request GET HTTP/2 ribhek.com/ar/spinwhel-jo?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
IP 104.21.17.21:443
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ar/spinwhel-jo?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91 HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 03 May 2024 14:28:18 GMT
content-type: text/html; charset=UTF-8
accept-ranges: bytes
age: 49037
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
location: /ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
x-nf-request-id: 01HWZDP7JZN5T2EZZMTJAQ9NE2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRHCdFfreNfvdOYMjM6knPYL5o2EV7tq1uTZky4fXIiRXyfhd%2FqkuJJCf5WXjjh21rjT4sp79KX%2BP1wFqY7%2FxaSg9r1PDOQb1MXkquvlrjjLS0JAQhLxoqmLrkaz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e0efd05d99569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
backunder.com/script.js
188.114.97.1200 OK 911 B IP 188.114.97.1:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectbackunder.com
FingerprintF0:95:C2:A7:B0:15:EB:8D:1E:CE:36:6A:FC:03:95:FA:C0:07:37:96
ValiditySat, 30 Mar 2024 17:02:34 GMT - Fri, 28 Jun 2024 17:02:33 GMT
File type JavaScript source, ASCII text, with very long lines (920), with no line terminators
Hash f60d3d95ba5d3857d3acb6730f06767d
454bf6bf84fc040a03287bf1096d2669804627c8
5c501b55106f7ffe03902742af81cad54e109fec08e9dd005b13ecaa6cbb748e
GET /script.js HTTP/1.1
Host: backunder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1228
etag: W/"4cc-5f2f3364b2fe4-gzip"
last-modified: Mon, 23 Jan 2023 19:14:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nsEqi7miZCEqOfiC5Ek1bCokHNQd42xD41F2wUHsy6se7zb9RDKjfj%2BWwbbV84DFcDswGeIyMdlBo7BrIpwI7jnCVossf%2F8d2ggj%2FsVQriPXQOB2G1KWUQPZAqYgOV2O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e0efd47f601c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ribhek.com/ar/spinwhel-jo/js/bioep.min.js
104.21.17.21200 OK 5.3 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/js/bioep.min.js
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JavaScript source, ASCII text, with very long lines (5456), with no line terminators
Hash fe234c9b352a64fd48af6671a6460c25
4ab82b1093465cbeba45d0dfd67ed3d8cd30deb2
97043aee10fc7179a85aea1e1e96bbd6a4564d733589548209ccc1358252eb9f
GET /ar/spinwhel-jo/js/bioep.min.js HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"16322b53a3ea039d744dc303d398d1dd-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWR0ZAY16S8Q9BNVE8JFR55P
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4yCqjd4FelpXtSDjr5OV%2FvolHvpYEqQNLzdmGxP5ZVSJtxUt6AHta%2BvnIfRXigGEuTDXBDRMgy00NSlpb6I1Q7Ul7YIb7iU6QvXeOlZNF1xhC3Y6O9a5Xxe0W1WE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e0efd34acc56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
104.21.17.21200 OK 16 kB URL User Request GET HTTP/2 ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
IP 104.21.17.21:443
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91 HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 14:28:18 GMT
content-type: text/html; charset=UTF-8
age: 49036
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
x-nf-request-id: 01HWZDP7NW1WPX5X202QD2STWS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AfwcC2A9tEPhrle9uWAbTCQUeTyIb%2BV2Xmw1BVtY5OR%2F%2BgEPMMNC%2FP9nAa0h4XzGIdiF4HT7jH6%2FIodLlUSVWWO91rW5nwKrsUVu7kSFZ25xKT1B5JSZhRCSdpYV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e0efd10e53569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ribhek.com/ar/spinwhel-jo/js/jquery.min.js
104.21.17.21200 OK 87 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-jo/js/jquery.min.js
IP 104.21.17.21:443
Requested by https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JavaScript source, ASCII text, with very long lines (32058)
Hash 24f2e59beae1680f19632d9c1b89d730
b3a77b35c4809324ab79e64d40c4ee391234e008
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
GET /ar/spinwhel-jo/js/jquery.min.js HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91/ar/spinwhel-jo/?uclick=j246ojir&uclickhash=j246ojir-j246ojir-17b7-0-17x9-twuq-iroj-025b91
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 14:28:19 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"ddbc6702bc953f6dedfe3543150cf865-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWRBM6WY2244Q3MX6H19976H
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1x2Cftdh8H1ceE347wQUR%2F7n0AyxibeXPNJ4r2qF7Z%2BG1fsZcRsj9zP03p8ffd1hGQDRkhgy9iKouerxKr3qJJrSnoqgO8znJRSP9b9maGJiDjPnETv0A3lHJyVc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e0efd35aea56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400