indexo.dev

prospera.co

.co crawl

First seen 2026-04-21 · Last seen 2026-05-15 · ok HTTP/1.1 200 2393 ms crawled 2026-05-15

US · 76.76.21.21 · AS16509 Amazon.com, Inc.

Reputation 92/100 no dmarc policy

Classifying

HTML metadata

Title
Próspera | A governance platform where entrepreneurs are Free to Build
Description
Prospera develops zones for entrepreneurs to build better, faster.
Language
en

Open Graph

url
https://prospera.co
title
Próspera | A governance platform where entrepreneurs are Free to Build
locale
en
site name
Prospera develops zones for entrepreneurs to build better, faster.
description
Prospera develops zones for entrepreneurs to build better, faster.

Technology

CDN
Vercel
CMS
Next.js

Third-party hosts loaded (1)

  • js.hsforms.net×1

Social

DNS records live

NS
  • ns1.vercel-dns.com
  • ns2.vercel-dns.com
MX
  • 10 aspmx.l.google.com
  • 20 alt1.aspmx.l.google.com
  • 30 alt2.aspmx.l.google.com
  • 40 aspmx2.googlemail.com
  • 50 aspmx3.googlemail.com
TXT
  • klaviyo-site-verification=St66ti
  • proxy-ssl.webflow.com
  • google-site-verification=fnMqPuvQNbpAe41Ek4PwbJIb0N5dZzFIsl-SFSROX3c

Email authentication weak

SPF
not published
DMARC
not published
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-04-28 to 2026-07-27
Expires in 70 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.prospera.co/en

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing content type protection
  • missing Referrer Policy
  • missing Permissions Policy
Header values
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.youtube.com https://s.ytimg.com https://js.hsforms.net https://forms.hubspot.com https://*.vercel-scripts.com https://widget.intercom.io https://*.intercomcdn.com https://cdn.jsdelivr.net https://cdn.weglot.com https://*.cloudfront.net https://cdn.prod.website-files.com https://*.loom.com; style-src 'self' 'unsafe-inline' https://www.youtube.com https://fonts.googleapis.com https://cdn.prod.website-files.com https://cdn.jsdelivr.net https://cdn.weglot.com; img-src 'self' blob: data: https://i.ytimg.com https://*.hsforms.com https://*.intercomcdn.com https://*.intercomassets.com https://cdn.prod.website-files.com https://*.loom.com; font-src 'self' data: https://fonts.gstatic.com https://*.intercomcdn.com https://cdn.prod.website-files.com; media-src 'self' https://*.intercomcdn.com https://*.loom.com https://storage.googleapis.com https://v20uliacxvh3bj6g.public.blob.vercel-storage.com https:
strict-transport-security
max-age=63072000

Links to (13)

Linked from (1)