ribhek.com/ar/spinwhel-iq2/img/spin_vi.png
172.67.219.147200 OK 44 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/spin_vi.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 501 x 501, 8-bit colormap, non-interlaced
Hash 909b1e117787148d9077ee694ca5b038
d8d04588707e419f0a2bf04ec891183b3fe64d29
6dd60427599c797204b6698be7b48b5d091e935c72ba8084d3bd343c3b0f79bc
GET /ar/spinwhel-iq2/img/spin_vi.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/png
content-length: 44532
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "a555f273c16794b813250b146236f401-ssl"
x-nf-request-id: 01HWT905AYVRBT2NFP4YJEWH2N
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTsruQn85XVgZEpA3QQKxmQ61g7SeD3S7O5SisvvZEhaCqBX15%2BxPI9fkncX63g5mgc8VN9sxb2dJs6yN7NbRedVMQtRMYPhtGMQjX5bYmO5Q8yY%2B5CJCEkbKHnB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2ccd70b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/cash.png
172.67.219.147200 OK 64 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/cash.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 372 x 368, 8-bit colormap, non-interlaced
Hash 1139894d02e3017837dab31330877007
760500f5a5f8b5ead948094e13d7646079a56aea
4b085445a906c42d4fb009ff252f8f7e8040235b3a7848f0fc9af501316fad9e
GET /ar/spinwhel-iq2/img/cash.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/png
content-length: 64073
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "b0f06bd9dc6e086e00185f96daa3c2a6-ssl"
x-nf-request-id: 01HWT905APHRH8RBY16WDQTSAP
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJlmmjHcMquqIg5d1so%2FlrFdD6jt984a9F93BgE1%2FNHi0OpWtboRbP2QrcBIYlZKFnk27nbsDffTp6FGj6FtiUEG5w5l1Th1w5Yk1c8w4DWqIcgcVzqrfAq1zq6b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2ccd90b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/8.jpg
172.67.219.147200 OK 4.8 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/8.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x240, components 3
Hash f1b90b01b26661e37ecdb01a4753a1bf
b6c3960258ba473581daf27df9db972540ec29ed
a8079bac57434af72b399fb198d79cbd9c46a5363096afa97398e4da4228218d
GET /ar/spinwhel-iq2/img/8.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/jpeg
content-length: 4831
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "b9ce8499900b91e7201edecbf1f2962e-ssl"
x-nf-request-id: 01HWT905AYRBQ2N9SC3CJHFQQJ
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATrdt2nhF8MC%2BZw76fQ5y%2Bj9u4biCGptgWhmKoeMFDlxfdwgRhKTVDOHl8%2FCpkT%2F%2F6dLquU%2BYl2Wy5D59YMdm8pcYEYawWkEZpfcTUf1ExgsgJomWi03ZqgJWFqr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2cce20b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/1.jpg
172.67.219.147200 OK 18 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/1.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Smiling hispanic or middle eastern young man looking at the camera��], baseline, precision 8, 360x360, components 3
Hash 8d4757a7ca89741ae1ef279ac277739b
e3134530778bbf711de60829f9ee270ae3309d4b
e0b4b9068a7fe672f712bb1a39080e06604c506465394214cfde2382ba52f047
GET /ar/spinwhel-iq2/img/1.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/jpeg
content-length: 18232
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "0fdf1d98ca06e6a3b06349fd9985af77-ssl"
x-nf-request-id: 01HWT905A5SAHBH3CMBCZSCE18
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IwjYCHlDRLr0ZFhMoFkzryAJup7P6vfZhYVc1IlNgxRwTqjCheGk3tk%2BGx6idZNKbSHjYdR1mj5BZ8usgcW8Uu%2FyWyEmri0dWMyOAJr1CwHQSpNruFH1aIw1xe1z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2cce30b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/2.jpg
172.67.219.147200 OK 8.1 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/2.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3
Hash d3a748efcc12b64924280109f7b42c99
733dca7bef4f1f344b9bd0176ed9f8e6b38111e9
0f6c00936fa720c5c4b4bd5b410badd270114ba65d06ad148b550617a296ab17
GET /ar/spinwhel-iq2/img/2.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/jpeg
content-length: 8149
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "192591960bd52039aaec63c9d453a3a2-ssl"
x-nf-request-id: 01HWT905AZ5YQG3HKZ8SCW3MW2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxQAON%2BAJ2G27PhQDP6HsNlL65dFjNfdS54mX1J73vFrGjdNRjyyOm6znm6FV73AKfmcDQuYW1V%2FK26a1v4AAH1E5lpy7AsxkUT2SmoqVL3vnytkCj37W%2FNhdAOE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2cce40b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/4.jpg
172.67.219.147200 OK 21 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/4.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 400x400, components 3
Hash 5c6bd23de24730e4b4b37730dd74aef8
6ad9ac3a16e2cd8521eeb8d918f0ceb383fb1f90
2fa0af8cb1cffe84b9fadb389a4750f9fe8a5a1ff0a3bce12ec329d4c5e9bcd8
GET /ar/spinwhel-iq2/img/4.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/jpeg
content-length: 21109
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "143c69aaf1e8ba0aabf3dd9ec1d9e445-ssl"
x-nf-request-id: 01HWT905AVF9V204R1K04REV32
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keuBFNRZAbcJLI0jQzE6IAcE%2BgZ5bYmV8wmx1l8dQ%2B0tWmDfub2aNhaQkREBvq1VS4zON1R1RL9RbJegxj%2Bg7i3xXNXZGjB9rl3A2ZIplnItjgxJXSD8QNsB0ReS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2cce50b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/3.jpg
172.67.219.147200 OK 15 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/3.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Smiling young man looking at the camera with his arms crossed��], baseline, precision 8, 360x360, components 3
Hash 56612da382cd894c3d9a7066200c8987
b50307ef6d081ab84e04f3077551ef52bc677bf8
235ac72915d61b0433f01ae12e6a2a0dd5a676b0e85fdeeb67f6a5b2ea9bb63d
GET /ar/spinwhel-iq2/img/3.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/jpeg
content-length: 14686
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "a84fd5388db24f436ebb6879d0e97503-ssl"
x-nf-request-id: 01HWT905B4HEAQNDF36B281BRV
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iYjm28hWpLtyYfi4XQSNGbYT13jcEA8mVjpacJz7afAndx4bX53v0OSHjSmBoMGcWqW8Hs%2FFxaq1iBmJrhsV6tHrNsv%2FJl9PzCweqHhRYN9jZsVxfdNfsk2rJPAL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2cce90b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/6.jpg
172.67.219.147200 OK 21 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/6.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=happy refuuge at camp��], baseline, precision 8, 408x408, components 3
Hash ccddf6a16d3fcc1c7ba4acef48fdef50
de01377d44746d8e92c46e1a64788b5df04340d4
a6fc77c7cb826f01f0aa8c3182b8b0006125f0d5fbec3ceff93b004d14e17d01
GET /ar/spinwhel-iq2/img/6.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/jpeg
content-length: 20826
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "d9f71630def6a1050f1f740068adb403-ssl"
x-nf-request-id: 01HWT905B51NZ7XBH542JX4QMV
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=50u4D4%2BWlc9eNT8NntQau4m3BF48StTly6IpuviIeVwmoIIn5f%2BHIme1WPfTimtE%2FWRyDQUpUP3XDx3LMv7Aa9Td5ZPEk%2FyYcggL9Xvsi8X24QxdS1N2EFXJyH1U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2ccec0b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/5.jpg
172.67.219.147200 OK 48 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/5.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, copyright=Shannon Selim], baseline, precision 8, 640x640, components 3
Hash 6b4d6ee00c74e83d9951c81d58ce9295
9594243fe36fb66f7f0cf659cd279be1cf1cc864
49950c2963d8d425b48440d5663c436b5cd6a4ee550f57912120d530c96032d2
GET /ar/spinwhel-iq2/img/5.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/jpeg
content-length: 48500
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "b7af897904fb4d58f4a27936259bb793-ssl"
x-nf-request-id: 01HWT905AYGBDBT67EC1F88A33
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SS2s1%2Fq2I3WDpAaz99NMP2DXP%2FuiUdQE4Unqd8%2B0fh7NYoxv5LVpt2JmjQxhgGpdbbtuYIuaadGP7dy%2B0tU0HMWjzENz8CN4WW%2BsBaQrUQFUOo6QLv8FAV2GYHGV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2cceb0b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/7.jpg
172.67.219.147200 OK 26 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/7.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x400, components 3
Hash 22cb80edd617362c5465bc2e8f8871d0
aa39c3c8c4dfb74089b63abef0e33e74e8fe5210
eaa4bd9a29ee64b0d8e79df7304706004eb6be85fc417f7ffaa0cc7eb6541635
GET /ar/spinwhel-iq2/img/7.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/jpeg
content-length: 26430
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "5f713f6c2173d1bb8ea9cf3786e18e19-ssl"
x-nf-request-id: 01HWT905B6DVABHK1CQ0N1EW74
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tp8NKJU89wgnXFdVPlTOKTVhosLDH7bSDsrTV0GPJBdtjs69MGH9nJU%2BKfs5%2BTxgvyZJl56p9Iz7P0L4huPhzrOYH8P84B7lHXFIHQG3438DSIv2zMPXsXc8HvRX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2dcf00b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/smiley.png
172.67.219.147200 OK 5.0 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/smiley.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced
Hash 6a1b1fb2c9a70e8bb232985a5e7c76f2
a371f8e561576cb893e897f1e156597d3abbd0be
68c86e51e47a972e3191621e48685c0d9d1e166235cd816dc74370bc439567fc
GET /ar/spinwhel-iq2/img/smiley.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/png
content-length: 4992
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "a770a97f2ef0e3b3edd238062c9e3313-ssl"
x-nf-request-id: 01HWT905B266V33F6BK7Q55KRY
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9SGBwv1ChDvQfPBLQ0aVIA0SdCDsHEKlQnSM18gCsct7%2Bq7FEvsGvz575mwG7BRFaOGk8N9cO16ERakEub8cajAHDwWZzurhiLUBQO8R%2FDuqj4RVs8CFKOOF4t0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2dcf20b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/refresh.png
172.67.219.147200 OK 1.8 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/refresh.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced
Hash 2d0f4539e28850747bcdf03e8c9a9f10
c400935fad4c29d04714cf5b9e74fb4d4d8f1e1d
c04fa254d43e1b6db555962ac2dbc6cd67d47aff3c1d7895a229cdaca87a688e
GET /ar/spinwhel-iq2/img/refresh.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/png
content-length: 1798
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "a8f2cf0e5f0e85d12faa27e61c1d49a3-ssl"
x-nf-request-id: 01HWT905B912GFXQPEX60NAR0G
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wl39c%2FVybnQ7aFjIMc%2BbfrtRRYnrKAlD9ohZpap3Z4RneCafY38VZpJ8KJluBGNSvAIhZj0XVKcvTSyCw23UU4Ha%2BMrg9Bgbo5qEMMAW7ug2mYrfDvHHDih%2F%2BhLL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf2dcf50b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/css/style_a.css
172.67.219.147200 OK 2.3 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/css/style_a.css
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash 58426b100bb2d1f7a2b9e535d1d53dbf
fad1af737566c2ac0fe6684e4dcb68b177f9a62a
8259a4387fb3e0a8fb603335e81f2aee08f315f68d23c63af03e519a3f5683b1
GET /ar/spinwhel-iq2/css/style_a.css HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"1473adf58d9bbec22e785727559b8c51-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWT905AW1SRB94SVCR5NP1M1
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FgLR1%2FvCX2nuT5%2Bfa40AjbVhLlNW8Hm%2F8EIMU4LL7wWL6qiC9KARFblPO9KVe%2Fe%2Far3NRe1hjClS1KVI%2BExqnPCPhpeObr4x82Lt5S7Jb8NoMBnUDR0GfhnwG2S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eadcf2bcca0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
my.rtmark.net/p.js?f=sync&lr=1&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc
139.45.195.8200 OK 697 B URL GET HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc
IP 139.45.195.8:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File type JavaScript source, ASCII text
Hash 9f449dd93aff5d19981521dc1718011e
704d0f2cef85ba5c7f36a9ba707b9116b88ff8f5
78a9e77051816292528bde89251006ecd6c3f563218f4d78217df175b2883029
GET /p.js?f=sync&lr=1&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:23:03 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ribhek.com/ar/spinwhel-iq2/img/spin.png
172.67.219.147200 OK 2.4 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/spin.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 142 x 173, 8-bit colormap, non-interlaced
Hash 79051a4f9ac575664b4d932d577a65fc
ebae669a090fd6de43fb1854e5ba4868e8e8ffc0
0109faa660c321bbc20f82c8ba38eddd5490bc3b77d72c4b1de965a01a4f12b4
GET /ar/spinwhel-iq2/img/spin.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/css/style__base.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: image/png
content-length: 2444
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "8cf94e3e08876699f7d4768c58d88a1c-ssl"
x-nf-request-id: 01HWT905J0QHKM6N2SQH60G007
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ra4CvdobXPDPj3T1z99PKq3xNXl3ShAgNJ9EW%2FL29lykmgDhoEjzq9iisRFVpgg3LKzQ8m861uJZoDaIVNe2Yq0m5pHnyyV0by0q9gwrZspON714mS4xYA%2FLbXjP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf46f7e0b51-OSL
alt-svc: h3=":443"; ma=86400
bujerdaz.com/pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js
139.45.197.250200 OK 18 kB URL GET HTTP/2 bujerdaz.com/pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js
IP 139.45.197.250:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerLet's Encrypt
Subjectbujerdaz.com
Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3
ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
File type gzip compressed data, max speed, from Unix
Hash e493c53d1cc324fa9b7704c8c0524d59
d51238e83e2d6397c8312e9a9774ebefe3a71d5e
38204e94115b23e0bc59e7c0acb2ff7c37a62670fe759ce12f0e32cf2f97d1da
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:23:03 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:51 GMT
etag: W/"662a3513-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
bujerdaz.com/zone?&pub=0&zone_id=7071124&is_mobile=false&domain=ribhek.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=5e681403-8514-4bf7-a501-bd7c03a32dfb&action=prerequest
139.45.197.250200 OK 0 B URL POST HTTP/2 bujerdaz.com/zone?&pub=0&zone_id=7071124&is_mobile=false&domain=ribhek.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=5e681403-8514-4bf7-a501-bd7c03a32dfb&action=prerequest
IP 139.45.197.250:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerLet's Encrypt
Subjectbujerdaz.com
Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3
ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /zone?&pub=0&zone_id=7071124&is_mobile=false&domain=ribhek.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=5e681403-8514-4bf7-a501-bd7c03a32dfb&action=prerequest HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:23:04 GMT
content-length: 0
x-trace-id: 5adc7054838e8bde2b7c96d615a4980c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ribhek.com/sw-check-permissions-39799.js?zoneId=7071124
172.67.219.147200 OK 775 B URL GET HTTP/3 ribhek.com/sw-check-permissions-39799.js?zoneId=7071124
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash e0144a309aa6909ad0e562fd78b31b8c
271dc63301f2d88f5a87b8cdb320807a6d942e46
0bcf2a9473c63763a589cef771ca39e02fdf01bc4219f34bb0eeb8abce855d91
GET /sw-check-permissions-39799.js?zoneId=7071124 HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:04 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"b66b69ce955a5c83d67e661d27432485-ssl"
x-nf-request-id: 01HWQWWSHBDCFCVH3ANW4N6C7G
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9gmPqKaeLTKVToaGRgTkw7uVuu9ky9MqR2doV7ts1U%2B1yxCbevmXx3SCMkeFAGEop2VNh0X%2BJEH6IWrdo0zwxt4E4FqUGRst%2BCAQ%2FhI0WIpTHgb9CevFmWmfMYq9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf64ab20b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/js/en_date.js
172.67.219.147200 OK 1.5 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/js/en_date.js
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash 159cca5aaccda0ce719041c87f432522
51a7090ebc8d851aab5f87d8f19f392ed260d545
62769705ac94c6659cba7cc5ff84fca57e16dfe3222f613677c3c5da4c2728a5
GET /ar/spinwhel-iq2/js/en_date.js HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"3ffc4d8daf8a0279c657879a371a6eff-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWT905ARVPSAQ2GG3WY0D7JB
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1G6zHYLFbUeSrbWvJZI4SghlMdkIJYikdnbvRPdDobcEz4MDSVYb2KyVoyG3ZqRhp4nlTyv9KvEJnt42tWrO23voLQcSFC1%2FQXaakcXFp5bt%2Bp%2Bju2hAuHuLn29X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eadcf2bcc20b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
jouteetu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 326
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:23:04 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a2bfe0f3c31b0c10e2740e672bebbaa2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
jouteetu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 329
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:23:04 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 26bf6ac9e9fa714f272c388fd3b38e71
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
jouteetu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 328
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:23:04 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 34d1da4706d90d09e63bf32ed5c922a5
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash 13e0f829ad1f1fe0820cab431d5280b5
a6d38f01fa8f5cc7d51d6af340ef262e8aa9725d
c21451bfc59637597ea087c4e83cef76d9ac1cec7d690984b9e2db398fba8691
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ribhek.com/
Content-Type: application/json
Content-Length: 953
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:23:04 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc&ttl=&rurl=https%3A%2F%2Fribhek.com%2Far%2Fspinwhel-iq2%2F%3Fuclick%3D15a8a0a7%26uclickhash%3D15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1%23
139.45.195.8200 OK 43 B URL GET HTTP/2 my.rtmark.net/img.gif?f=sync&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc&ttl=&rurl=https%3A%2F%2Fribhek.com%2Far%2Fspinwhel-iq2%2F%3Fuclick%3D15a8a0a7%26uclickhash%3D15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1%23
IP 139.45.195.8:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File type GIF image data, version 89a, 1 x 1
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc&ttl=&rurl=https%3A%2F%2Fribhek.com%2Far%2Fspinwhel-iq2%2F%3Fuclick%3D15a8a0a7%26uclickhash%3D15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 19:23:04 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=088052c85ecc4bbcebe18980f5af9b97; expires=Sun, 04 May 2025 19:23:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ribhek.com/ar/spinwhel-iq2/js/bioep.min.js
172.67.219.147200 OK 2.4 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/js/bioep.min.js
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JavaScript source, ASCII text, with very long lines (874), with CRLF line terminators
Hash b4be5a852fefdae43b355f2c154e3d65
d5a07889208ed421085aa023485bec0a133e10fc
325981e28cde77631c69c478b3c5e84e7284218b0659284217f80e9766381641
GET /ar/spinwhel-iq2/js/bioep.min.js HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"16322b53a3ea039d744dc303d398d1dd-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWT905AX94CAGB98BFV3JCR0
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=01atTrarpZ6Af9T02U4Y1iP5tzF5PnBT5uwaxHF5uW1WlYRJTLdCb%2FnK20l5l7SlpunVm1yO8HsLNF2lbITpSIyG%2Fis8sjGO1EMs3yHuM3VPRqNBcdHx4h%2BKtaAY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eadcf2bcd00b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/logo.png
172.67.219.147200 OK 2.9 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/logo.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 128 x 128, 8-bit colormap, non-interlaced
Hash 05209921be4171eee0954c5ae54850f9
3c6e2db019b4483a6e9e4b77cc93734548f30087
2cde3636ca32586133a4a4967f43e3c0f0b64fb6d645d6c9482eff50124692d5
GET /ar/spinwhel-iq2/img/logo.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:04 GMT
content-type: image/png
content-length: 2852
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "9e05192c5a0bab692a490873ae8b7bd2-ssl"
x-nf-request-id: 01HWT905PX43J4AGH8BT527RJ4
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H5KVuKq4IUzF2hHrZsrDzZrIPcgcdprcUM8F9uZHPQ0CdADGZz6iABiBLNDgyWkOWpU%2BY3g2UeOzlU8rb7jEKzx6f7guoHv9rsDgTijBqK5ozjEsCrrWtwv95ebf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87eadcf5b9e10b51-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/css/style__base.css
172.67.219.147200 OK 19 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/css/style__base.css
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash 5af9199e58d12f7d074412e74d9a3d3d
74c11cb489a368220c3144e4570ad5b34afa75c2
708ad2fb793e0817fdf6bd7b0401e172f9566033232f148439e6f42b2f3b0999
GET /ar/spinwhel-iq2/css/style__base.css HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"48cda9d2e1e4882f881c36734d6c0dbf-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWT905ARPM6BX17MHTFQHRDW
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnIr%2FSbHUcQes%2BLIcR%2FuJwStDhgsF9gxb7bCx87hBX5c5w8IMYFhsdz%2F1B7FVDHHVKDmxbKa%2Fry7xJt0o5CmW5MfZaqvsDwUpXwzaapFr5R2ZzStosFzvs%2FSBOdB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eadcf2bcc60b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/js/jquery.min.js
172.67.219.147200 OK 87 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/js/jquery.min.js
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JavaScript source, ASCII text, with very long lines (32058)
Hash 24f2e59beae1680f19632d9c1b89d730
b3a77b35c4809324ab79e64d40c4ee391234e008
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
GET /ar/spinwhel-iq2/js/jquery.min.js HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"ddbc6702bc953f6dedfe3543150cf865-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWT905B328KDTHYS96QQZC21
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8xEYvtdyh71kDPP4E2nJawGHR7RhKrgxXaDa3qYXYxzYuN2%2BTUfzIUu5jbVc%2FSOf2a2Oa9cDmoVE5CMMk5P0XOA2YBotfoiVXTyaYRgjj1h%2B9smy6cS2UKcWsIF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eadcf2dcfd0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
172.67.219.147200 OK 16 kB URL User Request GET HTTP/2 ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
IP 172.67.219.147:443
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1 HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: text/html; charset=UTF-8
age: 30209
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
x-nf-request-id: 01HX2GYMHBZXMTCH78HYQEWG9Q
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJ%2B3AAK2Bxh0WMz8gb%2B5LFE2x2cd3l5RJAr9%2FiLQkKPrf9m5OnA4XhJWdt36dQYOsDZN43azW9pPtokmAX09kg31XQ95o57wOM1O7NJdZUnEUtlU%2FTG6U6r8VJJT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eadcf01c7556a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
backunder.com/script.js
104.21.27.59200 OK 911 B IP 104.21.27.59:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=15a8a0a7&uclickhash=15a8a0a7-15a8a0a7-17he-0-17yd-4kxi-irnt-fb7ac1
Certificate IssuerGoogle Trust Services LLC
Subjectbackunder.com
FingerprintF0:95:C2:A7:B0:15:EB:8D:1E:CE:36:6A:FC:03:95:FA:C0:07:37:96
ValiditySat, 30 Mar 2024 17:02:34 GMT - Fri, 28 Jun 2024 17:02:33 GMT
File type JavaScript source, ASCII text, with very long lines (920), with no line terminators
Hash f60d3d95ba5d3857d3acb6730f06767d
454bf6bf84fc040a03287bf1096d2669804627c8
5c501b55106f7ffe03902742af81cad54e109fec08e9dd005b13ecaa6cbb748e
GET /script.js HTTP/1.1
Host: backunder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 19:23:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1228
etag: W/"4cc-5f2f3364b2fe4-gzip"
last-modified: Mon, 23 Jan 2023 19:14:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 234
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rtkadCXgoxkvF%2Br46UDpVCB6tvr2%2FNKWCoQGOw%2FM2y7oyl3f7uQkU6Ob9pz1ZlmJTMP%2B3LOKXpWf7%2Fme%2BmLw7kyeGvubgTSApEh%2B%2FdSgr9oblAJ1F6955C4Mp%2FBCoj98"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87eadcf2fdeeb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2