ribhek.com/ar/spinwhel-iq2/img/1.jpg
172.67.219.147200 OK 18 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/1.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Smiling hispanic or middle eastern young man looking at the camera��], baseline, precision 8, 360x360, components 3
Hash 8d4757a7ca89741ae1ef279ac277739b
e3134530778bbf711de60829f9ee270ae3309d4b
e0b4b9068a7fe672f712bb1a39080e06604c506465394214cfde2382ba52f047
GET /ar/spinwhel-iq2/img/1.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/jpeg
content-length: 18232
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "0fdf1d98ca06e6a3b06349fd9985af77-ssl"
x-nf-request-id: 01HWT905A5SAHBH3CMBCZSCE18
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GIoXziAqveM%2FpdVkN3k%2B125leVOvzJWl33%2BI%2Feoo43YI7wjWNhjKIu1aG6LmZNgto2TUS1VMZ6IKcuHeO39e2V62EptpbwSkV%2Fl1eDSfvWub5VumbDpx9%2FgYNp%2Ba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89572f848b515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/2.jpg
172.67.219.147200 OK 8.1 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/2.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x200, components 3
Hash d3a748efcc12b64924280109f7b42c99
733dca7bef4f1f344b9bd0176ed9f8e6b38111e9
0f6c00936fa720c5c4b4bd5b410badd270114ba65d06ad148b550617a296ab17
GET /ar/spinwhel-iq2/img/2.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/jpeg
content-length: 8149
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "192591960bd52039aaec63c9d453a3a2-ssl"
x-nf-request-id: 01HWT905AZ5YQG3HKZ8SCW3MW2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5l500uzzrE%2FTfTKkYsbdkPVWhMwnEqaIzHdBKClt%2BsV2pp%2BISjlgwYM1NDhRbITRQhySxjhQtO90FBurOR83OQ1%2FBUrz4FGtGBZn5yd%2BF2K8ZGVkGmlFHviEshOs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89572f84bb515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/spin_vi.png
172.67.219.147200 OK 44 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/spin_vi.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 501 x 501, 8-bit colormap, non-interlaced
Hash 909b1e117787148d9077ee694ca5b038
d8d04588707e419f0a2bf04ec891183b3fe64d29
6dd60427599c797204b6698be7b48b5d091e935c72ba8084d3bd343c3b0f79bc
GET /ar/spinwhel-iq2/img/spin_vi.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/png
content-length: 44532
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "a555f273c16794b813250b146236f401-ssl"
x-nf-request-id: 01HWT905AYVRBT2NFP4YJEWH2N
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WMJMSJFoyCaNUpd2SXqZ7rKIAUuB4B98GxVgCFsbWOC8BOJvrNMEY3UED4LGzpn8%2B7EE7%2BWRs9AN5blj5XV7J6hni%2BpL8mwu3bbmUsXSuZRA%2F8NUNv5MrEXZR0Ga"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89572f83fb515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/cash.png
172.67.219.147200 OK 64 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/cash.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 372 x 368, 8-bit colormap, non-interlaced
Hash 1139894d02e3017837dab31330877007
760500f5a5f8b5ead948094e13d7646079a56aea
4b085445a906c42d4fb009ff252f8f7e8040235b3a7848f0fc9af501316fad9e
GET /ar/spinwhel-iq2/img/cash.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/png
content-length: 64073
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "b0f06bd9dc6e086e00185f96daa3c2a6-ssl"
x-nf-request-id: 01HWT905APHRH8RBY16WDQTSAP
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gszjsP53nMShfmeTN2Mpe%2BQ1MIN5RXv7ks%2FOX0cLWFfGpGRgC7lb4EoubKdUTZ0Ov%2FG6LKlgDKXWftaB9hIfEGzvKCYUOTpQ2ZtBAysj58N6BEKI5NHKDiG7PYUe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89572f842b515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/8.jpg
172.67.219.147200 OK 4.8 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/8.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 240x240, components 3
Hash f1b90b01b26661e37ecdb01a4753a1bf
b6c3960258ba473581daf27df9db972540ec29ed
a8079bac57434af72b399fb198d79cbd9c46a5363096afa97398e4da4228218d
GET /ar/spinwhel-iq2/img/8.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/jpeg
content-length: 4831
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "b9ce8499900b91e7201edecbf1f2962e-ssl"
x-nf-request-id: 01HWT905AYRBQ2N9SC3CJHFQQJ
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FXdm314Y%2BJb4bCaW8VDatMGaswyznPfPtaGF0q13Opao3%2F6mi%2F%2FEuj7kRbOZ4izCJ06wqvs1UA7xbqBa2wNgWEI84p9exIwPgeUk74HmNQYhQLRapCiG7KjwHZNi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89572f845b515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/4.jpg
172.67.219.147200 OK 21 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/4.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 400x400, components 3
Hash 5c6bd23de24730e4b4b37730dd74aef8
6ad9ac3a16e2cd8521eeb8d918f0ceb383fb1f90
2fa0af8cb1cffe84b9fadb389a4750f9fe8a5a1ff0a3bce12ec329d4c5e9bcd8
GET /ar/spinwhel-iq2/img/4.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/jpeg
content-length: 21109
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "143c69aaf1e8ba0aabf3dd9ec1d9e445-ssl"
x-nf-request-id: 01HWT905AVF9V204R1K04REV32
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hw3XUoCB7M9Jn8VLxqneX9%2B2Iyjb%2BlWc1BZ9Or46I1wqywT1kYp03JFDq%2BJBSXuEIT66jcRIZ%2F0uIhVG1drfCVPZaP5UbJy6%2FuIs92V772fi2AY4WxjyUfkPC%2Fa1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89572f84db515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/3.jpg
172.67.219.147200 OK 15 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/3.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Smiling young man looking at the camera with his arms crossed��], baseline, precision 8, 360x360, components 3
Hash 56612da382cd894c3d9a7066200c8987
b50307ef6d081ab84e04f3077551ef52bc677bf8
235ac72915d61b0433f01ae12e6a2a0dd5a676b0e85fdeeb67f6a5b2ea9bb63d
GET /ar/spinwhel-iq2/img/3.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/jpeg
content-length: 14686
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "a84fd5388db24f436ebb6879d0e97503-ssl"
x-nf-request-id: 01HWT905B4HEAQNDF36B281BRV
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Fj6iwtjWyGwb4f8YFvPL0wjDvdM0XcswdsDwmU0O65%2FkJrPiryK4QW%2Bnck2J2LGPAbMMV8aUr3OAkvH6dUip%2Bl3WKm1HAZaFaTUiaY8Sv1vklKmra7Ypz49lfb4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89572f84fb515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/5.jpg
172.67.219.147200 OK 48 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/5.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, copyright=Shannon Selim], baseline, precision 8, 640x640, components 3
Hash 6b4d6ee00c74e83d9951c81d58ce9295
9594243fe36fb66f7f0cf659cd279be1cf1cc864
49950c2963d8d425b48440d5663c436b5cd6a4ee550f57912120d530c96032d2
GET /ar/spinwhel-iq2/img/5.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/jpeg
content-length: 48500
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "b7af897904fb4d58f4a27936259bb793-ssl"
x-nf-request-id: 01HWT905AYGBDBT67EC1F88A33
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7r%2FZy%2B3JqmlY6MSJ5Dlmu%2BmB27i3poiLuk8O9XXJs7P2T7sONs5qyltV2EmgvY7Ej5%2FN9SuZmF3wwk9qmB1moyp1ELbLnMW8KB3yWMnRhrNf8rVS%2Fct097gLnIGu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89572f850b515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/6.jpg
172.67.219.147200 OK 21 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/6.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=happy refuuge at camp��], baseline, precision 8, 408x408, components 3
Hash ccddf6a16d3fcc1c7ba4acef48fdef50
de01377d44746d8e92c46e1a64788b5df04340d4
a6fc77c7cb826f01f0aa8c3182b8b0006125f0d5fbec3ceff93b004d14e17d01
GET /ar/spinwhel-iq2/img/6.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/jpeg
content-length: 20826
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "d9f71630def6a1050f1f740068adb403-ssl"
x-nf-request-id: 01HWT905B51NZ7XBH542JX4QMV
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6ybTWQrcHTThDDHFrPxCvv13zf4DJLjxmYcjT1flQaJWroxqEQ%2BK%2FPlMqyux1suNCREWG%2BSxqd0tzQ%2FgVds6XmbMbPToBghKs23VT2e2SrWSWtxfPp9x1JUM2V0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89572f856b515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/smiley.png
172.67.219.147200 OK 5.0 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/smiley.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced
Hash 6a1b1fb2c9a70e8bb232985a5e7c76f2
a371f8e561576cb893e897f1e156597d3abbd0be
68c86e51e47a972e3191621e48685c0d9d1e166235cd816dc74370bc439567fc
GET /ar/spinwhel-iq2/img/smiley.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/png
content-length: 4992
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "a770a97f2ef0e3b3edd238062c9e3313-ssl"
x-nf-request-id: 01HWT905B266V33F6BK7Q55KRY
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOTqAQd6G7jryjH8Z1acg3OfWAMF409jRRXSNhMpiRNu%2FJPQD6HoOGXs%2FdwEBaPm0EwNLBPdwh93pIgRsNJJwpgfsq0Nts%2FI5oRbVOUKaTfh0r5re6HheumtH3Hi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89573085cb515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/refresh.png
172.67.219.147200 OK 1.8 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/refresh.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 70 x 70, 8-bit colormap, non-interlaced
Hash 2d0f4539e28850747bcdf03e8c9a9f10
c400935fad4c29d04714cf5b9e74fb4d4d8f1e1d
c04fa254d43e1b6db555962ac2dbc6cd67d47aff3c1d7895a229cdaca87a688e
GET /ar/spinwhel-iq2/img/refresh.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/png
content-length: 1798
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "a8f2cf0e5f0e85d12faa27e61c1d49a3-ssl"
x-nf-request-id: 01HWT905B912GFXQPEX60NAR0G
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qOmMLPKEPic7RSKVdi51wzfNRKDSKtSX8y3w5ZQtjd2kp4wXOAsRYciMudhrZcSu1mA1zwCb1ZZjR5r8XvsgmiD%2FBGLUAKfM9aKSQ0npSRmdEW75P7nWp%2BSnc0yt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89573085fb515-OSL
alt-svc: h3=":443"; ma=86400
my.rtmark.net/p.js?f=sync&lr=1&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc
139.45.195.8200 OK 697 B URL GET HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc
IP 139.45.195.8:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File type JavaScript source, ASCII text
Hash 9f449dd93aff5d19981521dc1718011e
704d0f2cef85ba5c7f36a9ba707b9116b88ff8f5
78a9e77051816292528bde89251006ecd6c3f563218f4d78217df175b2883029
GET /p.js?f=sync&lr=1&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 14:08:31 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ribhek.com/ar/spinwhel-iq2/img/spin.png
172.67.219.147200 OK 2.4 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/spin.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 142 x 173, 8-bit colormap, non-interlaced
Hash 79051a4f9ac575664b4d932d577a65fc
ebae669a090fd6de43fb1854e5ba4868e8e8ffc0
0109faa660c321bbc20f82c8ba38eddd5490bc3b77d72c4b1de965a01a4f12b4
GET /ar/spinwhel-iq2/img/spin.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/css/style__base.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/png
content-length: 2444
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "8cf94e3e08876699f7d4768c58d88a1c-ssl"
x-nf-request-id: 01HWT905J0QHKM6N2SQH60G007
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bD3su4ucX0fwK4jvv0sHvCoFyuHZVg5YZSq3qSXsdpjcQHNAEB2iRNazYVFyGc9UX6ZIhqFpejAfL%2BDjwQCWHTqal2hWUByO7XpOUVNKqcc4d33GeVEjyxlf2qX%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d8957449deb515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/img/logo.png
172.67.219.147200 OK 2.9 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/logo.png
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type PNG image data, 128 x 128, 8-bit colormap, non-interlaced
Hash 05209921be4171eee0954c5ae54850f9
3c6e2db019b4483a6e9e4b77cc93734548f30087
2cde3636ca32586133a4a4967f43e3c0f0b64fb6d645d6c9482eff50124692d5
GET /ar/spinwhel-iq2/img/logo.png HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/png
content-length: 2852
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "9e05192c5a0bab692a490873ae8b7bd2-ssl"
x-nf-request-id: 01HWT905PX43J4AGH8BT527RJ4
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qC%2BPUJe93TbsQ2ecGQys3Bpnw%2BPZM0FRATP9SjD98qj1OdPo9yOKAGwCR4qrWteLSxAdN8NmK%2Fkg3hMQspLhRHBtIqJI%2FpeOiX8Ya7tvuz4NvYkLuFE7hUPdrrOm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d895757bb1b515-OSL
alt-svc: h3=":443"; ma=86400
bujerdaz.com/zone?&pub=0&zone_id=7071124&is_mobile=false&domain=ribhek.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=b0ec8eb2-d649-4983-b3f8-d1bd8e0bcf05&action=prerequest
139.45.197.250200 OK 0 B URL POST HTTP/2 bujerdaz.com/zone?&pub=0&zone_id=7071124&is_mobile=false&domain=ribhek.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=b0ec8eb2-d649-4983-b3f8-d1bd8e0bcf05&action=prerequest
IP 139.45.197.250:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerLet's Encrypt
Subjectbujerdaz.com
Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3
ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /zone?&pub=0&zone_id=7071124&is_mobile=false&domain=ribhek.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=b0ec8eb2-d649-4983-b3f8-d1bd8e0bcf05&action=prerequest HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 14:08:31 GMT
content-length: 0
x-trace-id: 60c34e429b3af8f11aa0c3cb7a25e814
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ribhek.com/sw-check-permissions-39799.js?zoneId=7071124
172.67.219.147200 OK 775 B URL GET HTTP/3 ribhek.com/sw-check-permissions-39799.js?zoneId=7071124
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash e0144a309aa6909ad0e562fd78b31b8c
271dc63301f2d88f5a87b8cdb320807a6d942e46
0bcf2a9473c63763a589cef771ca39e02fdf01bc4219f34bb0eeb8abce855d91
GET /sw-check-permissions-39799.js?zoneId=7071124 HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"b66b69ce955a5c83d67e661d27432485-ssl"
x-nf-request-id: 01HWQWWSHBDCFCVH3ANW4N6C7G
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPi0brlUQ7m6HJGnxaEpcy3FvpJk4%2FeAm51wQySK6eECE2Atb1Lp2L%2Br2JeaBbSNKwwlHW4AiiF5fYF0khYxkOStOAK1lJTWpukk0QcCELW0GihQrEZlWKX1me27"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d895768d4db515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
bujerdaz.com/pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js
139.45.197.250200 OK 15 kB URL GET HTTP/2 bujerdaz.com/pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js
IP 139.45.197.250:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerLet's Encrypt
Subjectbujerdaz.com
Fingerprint0C:8C:A0:AE:3A:F2:8E:BC:C9:F8:38:17:34:12:6E:06:46:3D:35:A3
ValidityMon, 15 Apr 2024 05:19:24 GMT - Sun, 14 Jul 2024 05:19:23 GMT
File type gzip compressed data, max speed, from Unix
Hash 79ab4f5f20178d8996c060bb397118cb
1c4b2573fec4c28a0fabe5f38102b69cac5b9e97
05c6f230d524bab329e3cd7e74295e02df901851cc6350c1759b308d2ee09038
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pfe/current/micro.tag.min.js?z=7071124&sw=/sw-check-permissions-39799.js HTTP/1.1
Host: bujerdaz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 14:08:31 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
jouteetu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 328
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 14:08:31 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 346348cdd71669319e3b5dbaa6144b25
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
jouteetu.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 329
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 14:08:31 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 4c7f5bc75b8e124fa14b967e56bd2e7a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ribhek.com/
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 14:08:31 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
amunfezanttor.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash 92e5b51b58b80653b89206a6a4b66e9d
6e4a0359357af6e6f21cc0025c00d5f3a1263c5c
e558087bebdd3e48424141745da3ea9b2808cd94e032d75d86a490568219e23f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ribhek.com/
Content-Type: application/json
Content-Length: 954
Origin: https://ribhek.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 14:08:31 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ribhek.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc&ttl=&rurl=https%3A%2F%2Fribhek.com%2Far%2Fspinwhel-iq2%2F%3Fuclick%3Dj2u3a0fy%26uclickhash%3Dj2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7%23
139.45.195.8200 OK 43 B URL GET HTTP/2 my.rtmark.net/img.gif?f=sync&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc&ttl=&rurl=https%3A%2F%2Fribhek.com%2Far%2Fspinwhel-iq2%2F%3Fuclick%3Dj2u3a0fy%26uclickhash%3Dj2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7%23
IP 139.45.195.8:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File type GIF image data, version 89a, 1 x 1
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=78c5ba6da14c996481201ddfa240d8b93591e970395d5413e95a0a3ef4b61fbc&ttl=&rurl=https%3A%2F%2Fribhek.com%2Far%2Fspinwhel-iq2%2F%3Fuclick%3Dj2u3a0fy%26uclickhash%3Dj2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 14:08:32 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=08805093362346b2f514a082c2edfb53; expires=Fri, 02 May 2025 14:08:31 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ribhek.com/ar/spinwhel-iq2/js/en_date.js
172.67.219.147200 OK 6.7 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/js/en_date.js
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type ASCII text, with very long lines (7106), with no line terminators
Hash ea133004ba2ee7bebc25767e49cb99ff
50c4bbb8423fe9d364798f28c8260cf66916b677
cda4a08060ba5f9871213274ab4f043f97f74311196eb4916fef50700178cff8
GET /ar/spinwhel-iq2/js/en_date.js HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"3ffc4d8daf8a0279c657879a371a6eff-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWT905ARVPSAQ2GG3WY0D7JB
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=muRNfrdrIcYPxI5J09X0May%2FDFC7TKVtatkAT6yMiXmhAslPcPYDlY5BWYGrrxpKHXAalkO%2F170Cae2N8oxbJg88y85aRlWKBjrNPQa0UWsOVuyZgiwcu28KTEK9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d89572e81bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/js/bioep.min.js
172.67.219.147200 OK 5.3 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/js/bioep.min.js
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JavaScript source, ASCII text, with very long lines (5456), with no line terminators
Hash fe234c9b352a64fd48af6671a6460c25
4ab82b1093465cbeba45d0dfd67ed3d8cd30deb2
97043aee10fc7179a85aea1e1e96bbd6a4564d733589548209ccc1358252eb9f
GET /ar/spinwhel-iq2/js/bioep.min.js HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"16322b53a3ea039d744dc303d398d1dd-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWT905AX94CAGB98BFV3JCR0
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1x1mC%2BmN0QMBjct4IkBxGvMc9JeXfcYhwoAP8XBn%2FromEE4eAdUx4I1IPNvg%2B6EYKnyK%2B3s7bK0GQVy%2FT1fwvs0ftMApmYaupRISWseU6CoeY5j26NzdCbQFy0Qn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d89572f831b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/css/style_a.css
172.67.219.147200 OK 6.5 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/css/style_a.css
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type ASCII text, with very long lines (6989), with no line terminators
Hash a53a207a73db213f78c49078dbdde32a
4a5813b3d9a5237141104cd9ab2ef54c8151e168
b37503aacfbae5e87ea942f2a7b5291f4a271af060f01caf7dc1a02160633f8f
GET /ar/spinwhel-iq2/css/style_a.css HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"1473adf58d9bbec22e785727559b8c51-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWT905AW1SRB94SVCR5NP1M1
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cgCHXYj2oJyEbTdYpkuemaeIitc9y7E7HXa6tZZJuOSt7A7IjkrWAalF7mJtHiPGIYq9ef2LD8V9hDOydFgXtudBk1XjkDB5qQBfZjtYDiYTNHzgl09trcKIeWd2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d89572e82bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/js/jquery.min.js
172.67.219.147200 OK 87 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/js/jquery.min.js
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JavaScript source, ASCII text, with very long lines (32058)
Hash 24f2e59beae1680f19632d9c1b89d730
b3a77b35c4809324ab79e64d40c4ee391234e008
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
GET /ar/spinwhel-iq2/js/jquery.min.js HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"ddbc6702bc953f6dedfe3543150cf865-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWT905B328KDTHYS96QQZC21
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yHppkEDRZLmjKf8OJtb8epViTsu9LRDzVrqc6vE5dtRkGYV0tf8XfAZmRdr8lYA9GeRGB13AYKVHOKcMjCjBsEXr3JZ2tOV4F9XHBqvm%2FNOIo7Bh9WyIo5%2BEdwa5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d895730861b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
172.67.219.147200 OK 16 kB URL User Request GET HTTP/2 ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
IP 172.67.219.147:443
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7 HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 14:08:30 GMT
content-type: text/html; charset=UTF-8
age: 7414
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
vary: Accept-Encoding
x-nf-request-id: 01HWWT58KKY0JXDZZWBY4XJZQQ
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DudcgYpQhOBx1yEXB92Z%2BNY0HS%2FK06DuKAlNZgAEg1hNDruxTXXFCB1l1fPE1vQenY030%2BKlCPNQdTbcypNYCHdUBtbpbdo1KCFJK%2FgZlXJzmaOn7YVHHdkYwa9j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d89570796656a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ribhek.com/ar/spinwhel-iq2/img/7.jpg
172.67.219.147200 OK 26 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/img/7.jpg
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x400, components 3
Hash 22cb80edd617362c5465bc2e8f8871d0
aa39c3c8c4dfb74089b63abef0e33e74e8fe5210
eaa4bd9a29ee64b0d8e79df7304706004eb6be85fc417f7ffaa0cc7eb6541635
GET /ar/spinwhel-iq2/img/7.jpg HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: image/jpeg
content-length: 26430
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: "5f713f6c2173d1bb8ea9cf3786e18e19-ssl"
x-nf-request-id: 01HWT905B6DVABHK1CQ0N1EW74
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQ%2BouVRJLe435jA5dBboNu9NDGaG8aPsjVWvcYrVv8oAre0SNwSvKf84v83jBmrdKNYiV7FJZvDCEZiX1HYrdPLG8TbOJln071%2FjKafcF%2B9%2Fw%2F22GXB7%2BxBPD5ZN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d89572f858b515-OSL
alt-svc: h3=":443"; ma=86400
ribhek.com/ar/spinwhel-iq2/css/style__base.css
172.67.219.147200 OK 19 kB URL GET HTTP/3 ribhek.com/ar/spinwhel-iq2/css/style__base.css
IP 172.67.219.147:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectribhek.com
FingerprintFB:64:06:A8:A2:A9:45:39:1D:4E:95:94:5D:B6:C9:DE:A1:4F:AD:8E
ValidityFri, 26 Apr 2024 15:18:05 GMT - Thu, 25 Jul 2024 15:18:04 GMT
Hash 5af9199e58d12f7d074412e74d9a3d3d
74c11cb489a368220c3144e4570ad5b34afa75c2
708ad2fb793e0817fdf6bd7b0401e172f9566033232f148439e6f42b2f3b0999
GET /ar/spinwhel-iq2/css/style__base.css HTTP/1.1
Host: ribhek.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cache-status: "Netlify Edge"; hit
etag: W/"48cda9d2e1e4882f881c36734d6c0dbf-ssl-df"
vary: Accept-Encoding
x-nf-request-id: 01HWT905ARPM6BX17MHTFQHRDW
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mS8ep6wXW85sZE5fJ58xoP4GxPltTE1Knk8SHkUXJkhGW5PFMdTsvWciCze0Xe%2FZynkNQkDgGIHKX7ocsmcN7Uaujx%2FshhUKVWg4YHG%2BxdTlIkgJ9AGK3rFFSJ%2FN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d89572e822b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
backunder.com/script.js
172.67.169.6200 OK 911 B IP 172.67.169.6:443
Requested by https://ribhek.com/ar/spinwhel-iq2/?uclick=j2u3a0fy&uclickhash=j2u3a0fy-j2u3a0fy-17he-0-17yd-4kxi-irnt-991ce7
Certificate IssuerGoogle Trust Services LLC
Subjectbackunder.com
FingerprintF0:95:C2:A7:B0:15:EB:8D:1E:CE:36:6A:FC:03:95:FA:C0:07:37:96
ValiditySat, 30 Mar 2024 17:02:34 GMT - Fri, 28 Jun 2024 17:02:33 GMT
File type JavaScript source, ASCII text, with very long lines (920), with no line terminators
Hash f60d3d95ba5d3857d3acb6730f06767d
454bf6bf84fc040a03287bf1096d2669804627c8
5c501b55106f7ffe03902742af81cad54e109fec08e9dd005b13ecaa6cbb748e
GET /script.js HTTP/1.1
Host: backunder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ribhek.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 14:08:31 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1228
etag: W/"4cc-5f2f3364b2fe4-gzip"
last-modified: Mon, 23 Jan 2023 19:14:45 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lqg19h8yXh%2FT4JCbQY0sEDdYrngT8990gnACIptmrQwqH1zfebFX9OjrzKZ32Kd7M%2BPOyMpl1AllSkbv0ar1S8XC6EoryrKRTQUMH6e4OPb%2BOPTELfwcoCEC5jXHzM%2BN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d895730ef3b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2