furu-po.com

.com crawl

First seen 2026-05-03 · Last seen 2026-05-09 · ok HTTP/1.1 200 2263 ms crawled 2026-05-09

US · 18.165.122.121 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: JTBのふるさと納税ポータルサイト「ふるぽ」
Description: ふるさと納税の返礼品でJTBの「旅行クーポン」や「旅行券」、ホテル旅館の「宿泊券」をGET！選べる旅先多数、北海道から沖縄まで、ふるさと納税で旅にでかけよう。
Language: ja
Canonical: https://furu-po.com/

Technology

CDN: Amazon CloudFront
Server: Apache
CMS: Gatsby

Analytics

Google Tag Manager

Third-party hosts loaded (2)

www.googletagmanager.com×3
b.yjtag.jp×1

Social

Registration

Registrar

GMO Internet Group, Inc. d/b/a Onamae.com

Created

2014-07-15

Expires

2026-07-15 56 days left

Updated

2025-06-29

Name servers

ns-1524.awsdns-62.org
ns-1851.awsdns-39.co.uk
ns-463.awsdns-57.com
ns-957.awsdns-55.net

DNS records live

NS

ns-1524.awsdns-62.org
ns-1851.awsdns-39.co.uk
ns-463.awsdns-57.com
ns-957.awsdns-55.net

TXT

FZWPL04KSuay0ZuGcoCFqlY42ckJYV
hibp-verify=dweb_ne3lqnwwhx4gmzyua6xi9zum

Email authentication no MX

SPF: v=spf1 ip4:124.146.170.8/32 ip4:124.146.170.9/32 -all
strict (-all)
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

Cybertrust Japan SureServer EV CA G3

from 2025-05-01 to 2026-05-31

Expires in 11 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://furu-po.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.furu-po.com https://*.googletagmanager.com https://tagmanager.google.com https://*.yimg.jp https://*.yjtag.jp https://*.yahoo.co.jp https://*.valis-cpx.jp https://*.line-scdn.net https://*.onesdata.com https://*.doubleclick.net https://*.typekit.net https://*.ladsp.com https://connect.facebook.net https://*.ebis.ne.jp https://*.criteo.com https://*.criteo.net https://*.google-analytics.com https://*.twitter.com; connect-src 'self' https://*.furu-po.com https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://*.yahoo.co.jp https://*.onesdata.com https://*.typekit.net https://*.doubleclick.net https://*.googleadservices.com https://*.google.com https://*.google.co.jp https://*.slim02.jp https://*.id5-sync.com; style-src 'self' 'unsafe-inline' blob: https://tagmanager.google.com https://fonts.googleapis.com https://use.fontawesome.com https
strict-transport-security: max-age=31536000; includeSubDomains

Links to (2)

facebook.com×1
twitter.com×1

Linked from (2)

cacaolate.com×1
binchoutan.com×1