inflowave.io

HTML metadata

Title

Inflowave - #1 Instagram CRM for Coaches & Agencies

Description

Inflowave is the #1 Instagram CRM for coaches & agencies. Manage DM conversations, track leads, connect 100 clients. Start your 7-day free trial today!

Language

en

Canonical

https://inflowave.io

Translations

cs
da
de
el
en
es
fi
fr
it
nl
no
pl
pt
ru
sv

Open Graph

url: https://inflowave.io
title: Inflowave - #1 Instagram CRM for Coaches & Agencies
locale: en_US
site name: Inflowave
description: Inflowave is the #1 Instagram CRM for coaches & agencies. Manage DM conversations, track leads, connect 100 clients. Start your 7-day free trial today!

Technology

CDN: Cloudflare

Analytics

Cloudflare Insights
Google Tag Manager
Microsoft Clarity

Ads

Meta Pixel

Fonts

Google Fonts

Third-party hosts loaded (9)

fonts.googleapis.com×2
mc.yandex.ru×2
www.googletagmanager.com×2
connect.facebook.net×1
fazier.com×1
img.youtube.com×1
startupfa.me×1
static.cloudflareinsights.com×1
www.clarity.ms×1

Social

Contact

Email

Phone

+447445334361

DNS records live

NS

ben.ns.cloudflare.com
lilith.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

zoom-domain-verification=ZOOM_verify_c43bf255b162414c9d297322c9aee259

Verified for

Google

Email authentication strong

SPF

v=spf1 include:_spf.google.com include:sendgrid.net -all

strict (-all)

DMARC

v=DMARC1; p=reject; rua=mailto:b48531b617fe4550839ca347a763814c@dmarc-reports.cloudflare.net

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs46EDkcskgzlk8kwpwM4ySHeo7kOYI+2rL/dAf4JsKkgbbe2bFrpi98Rxwfw7O++onhLjCN3d80bcR…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoqNWw3xqROiJTJrdcrLPQRfk/7dS+pUDsauOwLnxojVBQF5jhPoM2baAKO5KOtA43GZXhcK6FTuOC5z2M…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9lMi/LzwcFSbGWz68UdmP03c8d/2Mj+kFeAn0E8pYlpDA4j1M8ZFM0wykbpp7LVicQs3nXyZFuI05ya/b…

selectors probed

Certificate (current)

WE1

from 2026-04-15 to 2026-07-14

Expires in 54 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://inflowave.io/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: DENY
permissions-policy: geolocation=(), microphone=(self "https://sdk.twilio.com" "https://*.twilio.com"), camera=(self), payment=(), usb=(), magnetometer=(), gyroscope=(), accelerometer=(), autoplay=(self), encrypted-media=(self), picture-in-picture=(self)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://www.clarity.ms https://scripts.clarity.ms https://connect.facebook.net https://cdn.jsdelivr.net https://cdn.firstpromoter.com https://challenges.cloudflare.com https://static.cloudflareinsights.com https://assets.calendly.com https://link.msgsndr.com https://mc.yandex.ru https://mc.yandex.com https://js.pusher.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self' data: https: blob:; media-src 'self' https: blob:; connect-src 'self' https://api.inflowave.io https://www.googletagmanager.com https://www.google-analytics.com https://www.clarity.ms https://scripts.clarity.ms https://a.clarity.ms https://connect.facebook.net https://www.facebook.com https://api.ipify.org https://*.calendly.com https://link.msgsndr.com wss://*.calendly.com https://challenges.cloudflare.com htt
strict-transport-security: max-age=31536000; includeSubDomains; preload

Links to (6)

Linked from (1)

curlship.com×1