indexo.dev

pococha.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-07 · ok HTTP/1.1 200 2629 ms crawled 2026-05-19

JP · 13.114.209.194 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Pococha - Live Broadcasting Platform - Pococha
Description
Pococha is a LIVE broadcasting app operated by DeNA. Download the app to live stream and connect with others in real time.
Language
en-us
Canonical
https://www.pococha.com/

Open Graph

url
https://www.pococha.com/
title
Pococha - Live Broadcasting Platform - Pococha
locale
ja_JP
site name
Pococha
description
Pococha is a LIVE broadcasting app operated by DeNA. Download the app to live stream and connect with others in real time.

Technology

CDN
Vercel
CMS
Next.js
Analytics
  • Google Tag Manager
Fonts
  • Google Fonts

Third-party hosts loaded (3)

  • fonts.googleapis.com×2
  • fonts.gstatic.com×1
  • www.googletagmanager.com×1

Registration

Registrar
GMO Internet Group, Inc. d/b/a Onamae.com
Created
2016-10-21
Expires
2026-10-21 153 days left
Updated
2025-09-10
Name servers
  • ns-1450.awsdns-53.org
  • ns-1727.awsdns-23.co.uk
  • ns-414.awsdns-51.com
  • ns-958.awsdns-55.net

DNS records live

NS
  • ns-1450.awsdns-53.org
  • ns-1727.awsdns-23.co.uk
  • ns-414.awsdns-51.com
  • ns-958.awsdns-55.net
MX
  • 1 aspmx.l.google.com
  • 10 alt3.aspmx.l.google.com
  • 10 alt4.aspmx.l.google.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
Verified for
  • Google

Email authentication partial

SPF
v=spf1 include:mail.zendesk.com a:smtpidc-sv01.dena.jp a:smtpidc-sv02.dena.jp ~all
softfail (~all)
DMARC
v=DMARC1; p=none
policy: none (monitoring only)
DKIM
no key found at common selectors

Certificate (current)

Amazon RSA 2048 M01
from 2026-04-23 to 2026-11-07
Expires in 170 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://www.pococha.com/en-us

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
sameorigin
x-content-type-options
nosniff
content-security-policy
default-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' https://www.google-analytics.com https://token.paygent.co.jp https://distribute.cafisbrain.com https://use.typekit.net https://*.googletagmanager.com https://player.live-video.net https://web.sdk.qcloud.com https://*.mieru-ca.com; style-src 'self' 'unsafe-inline' https://use.typekit.net https://fonts.googleapis.com; img-src * data:; media-src 'self' blob: https://*.live-video.net https://pococha-livestreaming.cdn-dena.com https://*.live-streaming.tech https://pococha-livestreaming-for-ivs-rts-production.s3.us-west-2.amazonaws.com https://css-playback.pococha.com https://css-playback-poc.pococha.com https://pococha.cdn-dena.com https://use.typekit.net; font-src 'self' data: https://use.typekit.net https://fonts.gstatic.com; child-src blob: https://www.youtube.com; connect-src 'self' blob: https://api.pococha.com/ https://*.live-video.net wss://*.live-video.net https://pococha-livestreaming.cdn-d
strict-transport-security
max-age=63072000; includeSubDomains

Linked from (1)