flutterwave.com

HTML metadata

Title: Endless possibilities for every business - Flutterwave
Description: Unlocking boundless payment opportunities for enterprises, individuals, small businesses, emerging markets, and startups alike.
Language: en

Open Graph

url: https://flutterwave.com/
title: Endless possibilities for every business - Flutterwave
locale: en_US
site name: Endless possibilities for every business - Flutterwave
description: Sell online, process payments, build financial products, or use business tools designed to grow your business.

Technology

CDN: Cloudflare
CMS: Nuxt

Third-party hosts loaded (1)

rave-services.myflutterwave.com×4

Social

Contact

Email

hi@flutterwavego.com

Registration

Registrar

eNom, LLC

Created

2015-03-31

Expires

2029-03-31 1046 days left

Updated

2025-05-16

Name servers

austin.ns.cloudflare.com
olga.ns.cloudflare.com

DNS records live

NS

austin.ns.cloudflare.com
olga.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 aspmx2.googlemail.com
10 aspmx3.googlemail.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 15 TXT records

sonatype-OSSRH-47707
_globalsign-domain-verification=WINCkqBIaDhEG9Vfw342WX0-OAGweP8RmCkV8myNhq
ZOOM_verify_nOqqnQjiTWausqc0LU-vOA
google-site-verification=hnXESikcpSScBnMf9IUhJq7wbfn_hq6ECqaTbrJ5RC4
facebook-domain-verification=z85nyfgaglp56pdqmx8aan6ldup28x
google-site-verification=CHwpmnW0eHcAT0PHtkeL6R70aRYdM2aoK0T5yMI5IgY
_globalsign-domain-verification=Zt3MzNZbwvpIPW1R8v81YKXIFxeNsrs-g9WqwEZyJd
google-site-verification=RA1i_mLrMjDsaVTseHTV_FX45b4ORauT_nFj7adZOvU
_globalsign-domain-verification=kcWYcnDLrbOZoYDPSBIJtBV28acQR3SMLtWJCsDhjQ
atlassian-domain-verification=gL0frtsu6pNjaDH60zGz1lnZPYH3M9j8lNKYUJgZAabxVl5G95nKZ7l9VMOHuXXC
_globalsign-domain-verification=jxg4_0sSDli4TCFj6yYVWDZGRffpnV7liL4UdcvgV5
OSSRH-47707
_globalsign-domain-verification=iK5yjrdaIT9j0ZJv9JMUz31ZHmcmflLiE9RaY2KvT6
_globalsign-domain-verification=a83ERQ5wuigJLcuooCiv_xhSQblyKnjY5-y7hLGNNI
notion_verify_bn03ZyCZPzgnLY7oJ72WFxUuyNwRkp8a0EUQv72Fp0c4MaT1pAAmHAXT7wLsJNhbWCT8FQ

Email authentication strong

SPF

v=spf1 +a +mx +ip4:213.175.211.140 +include:spf.mandrillapp.com -all

strict (-all)

DMARC

v=DMARC1; p=quarantine; pct=100; adkim=s; aspf=s

policy: quarantine

DKIM

default: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDa2oExFfeCLLzPrp5iDhb/MnyyT3C5SaIQQZATIxyrDzeqFG5wUoufCzsASJmLAELoCuIhmkVItjYEu4jP4k…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1N9nSOs2AclpVz8eb2G7csGzVmSQm4J+cuAB6iOTkTlyt8iaYLPryH1lPZGZq3YIiC/cyEhURaNtwZtfGt…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeU5qoZvDEvS6uKkkwqQASvGenz6/Qm9AHCAZltgXNrSAOvetObTLX4Edq13zVSJPvGzZuJN8IyoeXWDvgD74nEs…

selectors probed

Certificate (current)

WE1

from 2026-05-06 to 2026-08-04

Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://flutterwave.com/us

present

strict-transport-security
content-security-policy
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection
missing Referrer Policy
missing Permissions Policy

Header values

x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' ; script-src 'self' 'self' * 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: https:, default-src 'self'; script-src 'self' https://www.flutterwave.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com https://static.filestackapi.com; img-src 'self' data: https:; connect-src 'self' https:; object-src 'none'; frame-ancestors 'self' https://app.flutterwave.com https://dashboard.flutterwave.com https://f4b-dashboard-v3-prod.f4b-flutterwave.com https://static.filestackapi.com; script-src-elem 'unsafe-inline' https:; style-src-elem 'self' 'unsafe-inline' blob: https://fonts.googleapis.com https://static.filestackapi.com; frame-src 'self' https:;
strict-transport-security: max-age=15552000; includeSubDomains; preload