indexo.dev

scratchfulcasino.com

.com crawl

First seen 2026-05-13 · Last seen 2026-05-13 · ok HTTP/1.1 200 1988 ms crawled 2026-05-19

US · 138.197.60.75 · AS14061 DigitalOcean, LLC

Reputation 100/100

Classifying

HTML metadata

Title
Get Scratching! Get 100 Free Spins at Scratchful Casino!
Description
Can you guess where the focus lies at Scratchful Casino? We guess you can figure out the basics, but you can discover way more when you check out our review of the site today.
Language
en
Canonical
https://scratchfulcasino.com/

Technology

Server
nginx
CMS
Nuxt

Third-party hosts loaded (1)

  • service.nyc3.cdn.digitaloceanspaces.com×65

Registration

Registrar
GoDaddy.com, LLC
Created
2024-01-17
Expires
2027-01-17 241 days left
Updated
2026-01-07
Name servers
  • ns1.digitalocean.com
  • ns2.digitalocean.com
  • ns3.digitalocean.com

DNS records live

NS
  • ns1.digitalocean.com
  • ns2.digitalocean.com
  • ns3.digitalocean.com

Email authentication no MX

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R12
from 2026-05-06 to 2026-08-04
Expires in 75 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 95/100 Checked live page: https://scratchfulcasino.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-embedder-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
Header values
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
permissions-policy
camera=(), display-capture=(), fullscreen=(), geolocation=(), microphone=()
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; img-src 'self' data: https://service.nyc3.cdn.digitaloceanspaces.com; object-src 'none'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; script-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests;
strict-transport-security
max-age=15552000; includeSubDomains
cross-origin-opener-policy
same-origin
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
same-origin

Linked from (1)