scrolllaunch.com

.com crawl

First seen 2026-04-29 · Last seen 2026-05-15 · ok HTTP/1.1 200 2540 ms crawled 2026-05-07

US · 216.150.1.1 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: ScrollLaunch — Launch Your Product. Get Seen Weekly.
Description: ScrollLaunch is the best Product Hunt alternative for indie makers and SaaS founders. Launch your product, climb the weekly rankings, earn high-DR…
Language: en
Generator: Next.js
Canonical: https://www.scrolllaunch.com

Open Graph

url: https://www.scrolllaunch.com
title: ScrollLaunch — Launch Your Product. Get Seen Weekly.
locale: en_US
site name: ScrollLaunch
description: ScrollLaunch is the best Product Hunt alternative for indie makers and SaaS founders. Launch your product, climb the weekly rankings, earn high-DR…

Technology

CDN: Vercel
CMS: Next.js

Third-party hosts loaded (12)

res.cloudinary.com×15
datafa.st×3
dofollow.tools×2
findly.tools×2
peerlist.io×2
startupfa.me×2
startupfa.st×2
submitaitools.org×2
twelve.tools×2
ufind.best×2
wired.business×2
submitmysaas.com×1

Social

Registration

Registrar

Spaceship, Inc.

Created

2026-03-22

Expires

2027-03-22 307 days left

Updated

2026-03-22

Name servers

launch1.spaceship.net
launch2.spaceship.net

DNS records live

NS

launch1.spaceship.net
launch2.spaceship.net

TXT

google-site-verification=SznYk21JIhqxbKEJ0rtQOfDXjPVNSumV54F5eKy_iKs

Email authentication no MX

SPF: not published
DMARC: v=DMARC1; p=none;
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-03-23 to 2026-06-21

Expires in 33 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.scrolllaunch.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy
cross-origin-resource-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: strict-origin-when-cross-origin
permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://va.vercel-scripts.com https://vercel.live https://datafa.st; script-src-elem 'self' 'unsafe-inline' https://va.vercel-scripts.com https://vercel.live https://datafa.st; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https://res.cloudinary.com https://www.google.com https://*.googleusercontent.com https://*.gravatar.com https://avatars.githubusercontent.com https://peerlist.io https://dofollow.tools https://wired.business https://twelve.tools https://submitaitools.org https://findly.tools https://startupfa.st https://www.startupfa.st https://startupfa.me https://www.startupfa.me https://ufind.best; font-src 'self' data:; connect-src 'self' https://va.vercel-scripts.com https://vitals.vercel-insights.com https://vercel.live wss://ws-us3.pusher.com https://datafa.st; media-src 'self' https://res.cloudinary.com; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com https://player.v
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin