URL: https://richhavenspins.com/
Submission: On December 23 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 24 HTTP transactions. The main IP is 2a06:6440:0:2d5c::1, located in Ukraine and belongs to Ukraine-AS Hosting Ukraine LTD, UA. The main domain is richhavenspins.com.
TLS certificate: Issued by R10 on December 23rd 2024. Valid for: 3 months.
This is the only time richhavenspins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2a06:6440:0:2... 200000 (Ukraine-A...)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
3 104.17.24.14 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 142.251.179.94 15169 (GOOGLE)
24 8
Apex Domain
Subdomains
Transfer
6 richhavenspins.com
richhavenspins.com
3 MB
5 gstatic.com
fonts.gstatic.com
120 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
136 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
9 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 29761
125 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
31 KB
24 7
Domain Requested by
6 richhavenspins.com richhavenspins.com
5 fonts.gstatic.com fonts.googleapis.com
3 cdnjs.cloudflare.com richhavenspins.com
cdnjs.cloudflare.com
2 unpkg.com richhavenspins.com
2 cdn.tailwindcss.com 1 redirects richhavenspins.com
1 fonts.googleapis.com richhavenspins.com
1 code.jquery.com richhavenspins.com
24 7

This site contains links to these domains. Also see Links.

Domain
www.begambleaware.org
www.gamblingcommission.gov.uk
www.gamcare.org.uk
www.gamstop.co.uk
Subject Issuer Validity Valid
www.richhavenspins.com
R10
2024-12-23 -
2025-03-23
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
unpkg.com
WE1
2024-12-12 -
2025-03-12
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://richhavenspins.com/
Frame ID: 5B1266FCC2AE65FC3D3C86591AB1124D
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Rich Haven Spins: Discover a Social Casino Full of Rewards

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

75 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

3248 kB
Transfer

4084 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.4.16

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
richhavenspins.com/
33 KB
7 KB
Document
General
Full URL
https://richhavenspins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d5c::1 , Ukraine, ASN200000 (Ukraine-AS Hosting Ukraine LTD, UA),
Reverse DNS
Software
nginx /
Resource Hash
ae97f64c22caad67dcfb6c28d05de3202afff4b42f73f7c1f6d3a5b748993f7a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
date
Mon, 23 Dec 2024 19:44:53 GMT
etag
W/"8410-629f3bcd23175"
last-modified
Mon, 23 Dec 2024 17:58:01 GMT
server
nginx
x-ray
wnp22490:0.010/wn22490:0.010/wa22490:D=421
style.css
richhavenspins.com/assets/css/
344 B
502 B
Stylesheet
General
Full URL
https://richhavenspins.com/assets/css/style.css
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d5c::1 , Ukraine, ASN200000 (Ukraine-AS Hosting Ukraine LTD, UA),
Reverse DNS
Software
nginx /
Resource Hash
fac0c0541485a5a733b008f626694280e4bef7d99e078c1abd1c2d7c0461a219

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

etag
"6769a4a9-158"
accept-ranges
bytes
content-length
344
x-ray
wnp22490:0.011/wn22490:0.000/
date
Mon, 23 Dec 2024 19:44:54 GMT
content-type
text/css
last-modified
Mon, 23 Dec 2024 17:58:01 GMT
server
nginx
3.4.16
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.4.16
398 KB
125 KB
Script
General
Full URL
https://cdn.tailwindcss.com/3.4.16
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/
Protocol
H2
Server
2606:4700:10::ac43:2910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb798bb21731986940cf3a9950fbca386e03633e9a45497701e71f9b87d132ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

server
cloudflare
strict-transport-security
max-age=63072000
cache-control
max-age=31536000
content-encoding
br
x-vercel-cache
MISS
cf-cache-status
HIT
age
1462389
cf-ray
8f6ad95389c3f7bd-LAX
date
Mon, 23 Dec 2024 19:44:54 GMT
content-type
text/javascript
last-modified
Fri, 06 Dec 2024 21:30:37 GMT
vary
Accept-Encoding
x-vercel-id
cle1::iad1::rv4dn-1733520637303-9c55b126e284

Redirect headers

strict-transport-security
max-age=63072000
cache-control
max-age=14400
location
/3.4.16
x-vercel-cache
MISS
cf-cache-status
HIT
age
819
cf-ray
8f6ad953080ef7bd-LAX
date
Mon, 23 Dec 2024 19:44:54 GMT
vary
Accept-Encoding
server
cloudflare
x-vercel-id
cle1::iad1::zxl9g-1734982185129-ade8c9bc1cbb
jquery-3.6.0.min.js
code.jquery.com/
87 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15d9d"
age
3506385
x-cache
HIT, HIT
date
Mon, 23 Dec 2024 19:44:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
34, 81362
x-served-by
cache-lga21931-LGA, cache-bur-kbur8200172-BUR
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1734983094.289204,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30875
server
nginx
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/
1 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ec1-514"
age
348410
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsnAno8N97hTYCeMvx0pGvfyBYDKN%2BTNkQxI2HDCsp48I6bG38VMhLsDtXeoI2vCgcZXHfN9UYqmtbqDxeIyapPlaWdINnDFNjXZ0b9XQ7m4jOQIBF6Q7%2BoO%2FWmlG2IKyajGehEb"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 19:44:54 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 23 Dec 2024 19:44:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:45 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f6ad952cdc7cf16-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
591
server
cloudflare
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/
80 KB
15 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"61498362-3826"
age
421153
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJ0HMCmwbwibbZZYJxNdVUhSv4%2Fy8j5M0fX8xcT3HCSnPBSCVapyiaAxiLL2tEs8Or1b7nU64RUlXnHic8G%2BHkPC%2BXvE26sK13OOOcVuBr1LpKTJwBthAh2zXrebiFe6U54i9y2w"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 19:44:54 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 23 Dec 2024 19:44:54 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 21 Sep 2021 07:01:54 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f6ad952cdc4cf16-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
14374
server
cloudflare
aos.css
unpkg.com/aos@2.3.1/dist/
25 KB
4 KB
Stylesheet
General
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.css
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
age
2110942
x-content-type-options
nosniff
date
Mon, 23 Dec 2024 19:44:54 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01JDVKN9CWDVR6G2WQSHRV5CQZ-lax
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f6ad9530b1669ce-LAX
access-control-allow-origin
*
server
cloudflare
logo.png
richhavenspins.com/assets/img/
1 MB
1 MB
Image
General
Full URL
https://richhavenspins.com/assets/img/logo.png
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d5c::1 , Ukraine, ASN200000 (Ukraine-AS Hosting Ukraine LTD, UA),
Reverse DNS
Software
nginx /
Resource Hash
ed0ffba8550925953007dded79b71d850b5cfe8fc1da59d171255d717438f0e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

etag
"6769a4a9-10279b"
accept-ranges
bytes
content-length
1058715
x-ray
wnp22490:0.010/wn22490:0.000/
date
Mon, 23 Dec 2024 19:44:54 GMT
content-type
image/png
last-modified
Mon, 23 Dec 2024 17:58:01 GMT
server
nginx
game1.png
richhavenspins.com/assets/img/
2 MB
2 MB
Image
General
Full URL
https://richhavenspins.com/assets/img/game1.png
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d5c::1 , Ukraine, ASN200000 (Ukraine-AS Hosting Ukraine LTD, UA),
Reverse DNS
Software
nginx /
Resource Hash
0268b7b5e094529c6cdb895067ea7ed9d45442115726d07ac51ae56c5c3dc878

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

etag
"6769a4a9-1bc8ed"
accept-ranges
bytes
content-length
1820909
x-ray
wnp22490:0.001/wn22490:0.000/
date
Mon, 23 Dec 2024 19:44:54 GMT
content-type
image/png
last-modified
Mon, 23 Dec 2024 17:58:01 GMT
server
nginx
game2.png
richhavenspins.com/assets/img/
0
0

game3.png
richhavenspins.com/assets/img/
320 KB
0
Image
General
Full URL
https://richhavenspins.com/assets/img/game3.png
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d5c::1 , Ukraine, ASN200000 (Ukraine-AS Hosting Ukraine LTD, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

etag
"6769a4a9-1b1f44"
accept-ranges
bytes
content-length
1777476
x-ray
wnp22490:0.000/wn22490:0.000/
date
Mon, 23 Dec 2024 19:44:58 GMT
content-type
image/png
last-modified
Mon, 23 Dec 2024 17:58:01 GMT
server
nginx
18-icon.png
richhavenspins.com/assets/img/
0
0

cookie.js
richhavenspins.com/assets/js/
1 KB
1 KB
Script
General
Full URL
https://richhavenspins.com/assets/js/cookie.js
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a06:6440:0:2d5c::1 , Ukraine, ASN200000 (Ukraine-AS Hosting Ukraine LTD, UA),
Reverse DNS
Software
nginx /
Resource Hash
e16c4ba5933f05bff40d11008199f6fbd2d36be40933533194d1700ada5d8d0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

etag
"6769a4a9-476"
accept-ranges
bytes
content-length
1142
x-ray
wnp22490:0.000/wn22490:0.000/
date
Mon, 23 Dec 2024 19:44:58 GMT
content-type
application/javascript
last-modified
Mon, 23 Dec 2024 17:58:01 GMT
server
nginx
modal.js
richhavenspins.com/assets/js/
0
0

main.js
richhavenspins.com/assets/js/
0
0

aos.js
unpkg.com/aos@2.3.1/dist/
14 KB
5 KB
Script
General
Full URL
https://unpkg.com/aos@2.3.1/dist/aos.js
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
age
1757771
x-content-type-options
nosniff
date
Mon, 23 Dec 2024 19:44:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 17 May 2018 22:11:13 GMT
fly-request-id
01JE64FAQKKPASG5WXKHW4FA0D-lax
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8f6ad96f0e3b69ce-LAX
access-control-allow-origin
*
server
cloudflare
css2
fonts.googleapis.com/
72 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: richhavenspins.com
URL: https://richhavenspins.com/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fc0deb5c6a5eed1d2906f40b20966689fb17b90ca9fe19c715ba181667c8b63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://richhavenspins.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 19:44:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 19:44:58 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 23 Dec 2024 19:44:58 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.png
richhavenspins.com/assets/img/
0
0

va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://richhavenspins.com
Referer
https://fonts.googleapis.com/

Response headers

age
255282
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 20:50:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 20:50:17 GMT
last-modified
Tue, 02 May 2023 14:50:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23880
x-xss-protection
0
server
sffe
va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
fonts.gstatic.com/s/firasans/v17/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://richhavenspins.com
Referer
https://fonts.googleapis.com/

Response headers

age
265252
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 18:04:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 18:04:07 GMT
last-modified
Tue, 02 May 2023 14:50:11 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24868
x-xss-protection
0
server
sffe
va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v17/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://richhavenspins.com
Referer
https://fonts.googleapis.com/

Response headers

age
260675
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 19:20:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 19:20:24 GMT
last-modified
Tue, 02 May 2023 14:50:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24020
x-xss-protection
0
server
sffe
va9B4kDNxMZdWfMOD5VnMK7eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/
24 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnMK7eRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
9b8a8f6a011ba6b0f0c157700106f1e5c7882f533bae40c98c28320dab68f2db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://richhavenspins.com
Referer
https://fonts.googleapis.com/

Response headers

age
246571
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 23:15:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 23:15:28 GMT
last-modified
Tue, 02 May 2023 14:50:10 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
25080
x-xss-protection
0
server
sffe
va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v17/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
sffe /
Resource Hash
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://richhavenspins.com
Referer
https://fonts.googleapis.com/

Response headers

age
270869
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 16:30:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 16:30:30 GMT
last-modified
Tue, 02 May 2023 14:50:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
24964
x-xss-protection
0
server
sffe
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/
120 KB
121 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://richhavenspins.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"61498362-1df88"
age
935968
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T30jSqAJ%2BjqNq1h66Kf2JHs1pw2ugmPw34yJA9AQ73ZncUawBhKFtO%2F%2BSUALC0Vltf%2B1N9UExbCX4GpqSJVyyjV4%2FxPV%2By6%2FRl4XzUQ9HK5fcTBHCkBPgIpXNz6ZH42C5ZWX2zyb"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 19:44:59 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 23 Dec 2024 19:44:59 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Tue, 21 Sep 2021 07:01:54 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f6ad970fe7b24c9-SJC
accept-ranges
bytes
access-control-allow-origin
*
content-length
122760
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
richhavenspins.com
URL
https://richhavenspins.com/assets/img/game2.png
Domain
richhavenspins.com
URL
https://richhavenspins.com/assets/img/18-icon.png
Domain
richhavenspins.com
URL
https://richhavenspins.com/assets/js/modal.js
Domain
richhavenspins.com
URL
https://richhavenspins.com/assets/js/main.js
Domain
richhavenspins.com
URL
https://richhavenspins.com/assets/img/main.png

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| tailwind function| $ function| jQuery string| /template.html

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tailwindcss.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
richhavenspins.com
unpkg.com
richhavenspins.com
104.17.24.14
142.251.179.94
2606:4700:10::ac43:2910
2606:4700::6811:f6cb
2607:f8b0:4004:c08::5f
2a04:4e42:200::649
2a06:6440:0:2d5c::1
0268b7b5e094529c6cdb895067ea7ed9d45442115726d07ac51ae56c5c3dc878
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364
45f1b654ec61c60215f597e30df063b0fee38c8a42f7046f99bf9bf3376971dc
57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
9b8a8f6a011ba6b0f0c157700106f1e5c7882f533bae40c98c28320dab68f2db
9fc0deb5c6a5eed1d2906f40b20966689fb17b90ca9fe19c715ba181667c8b63
ae97f64c22caad67dcfb6c28d05de3202afff4b42f73f7c1f6d3a5b748993f7a
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
e16c4ba5933f05bff40d11008199f6fbd2d36be40933533194d1700ada5d8d0c
ed0ffba8550925953007dded79b71d850b5cfe8fc1da59d171255d717438f0e9
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
fac0c0541485a5a733b008f626694280e4bef7d99e078c1abd1c2d7c0461a219
fb798bb21731986940cf3a9950fbca386e03633e9a45497701e71f9b87d132ea
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e