thrive.app

HTML metadata

Title

Thrive App - Internal Comms & Engagement Platform

Description

Thrive.App unites office and deskless teams for seamless communication, keeping everyone informed and connected to help your business thrive.

Language

en

Generator

SEOmatic

Canonical

https://thrive.app/

Translations

en-gb
en-ie

Open Graph

url: https://thrive.app/
title: Thrive App - Internal Comms & Engagement Platform
locale: en_GB
site name: Thrive App
description: Thrive.App unites office and deskless teams for seamless communication, keeping everyone informed and connected to help your business thrive.

Technology

Server: nginx

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Social widgets

Vimeo Embed

Third-party hosts loaded (7)

thrive.s3-assets.com×61
use.typekit.net×2
dev.visualwebsiteoptimizer.com×1
js.hs-scripts.com×1
js.hsforms.net×1
player.vimeo.com×1
www.googletagmanager.com×1

Social

Contact

Email

Phone

+44 (0) 20 3198 0600

Address

21 Old Channel Road, BT3 9DE, Belfast, Northern Ireland, UK

DNS records live

NS

ns1-07.azure-dns.com
ns2-07.azure-dns.net
ns3-07.azure-dns.org
ns4-07.azure-dns.info

MX

0 thrive-app.mail.protection.outlook.com

TXT

Show 13 TXT records

k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCkOZiI1jrNvtSABFiYBIE5F4DahYoTo1279R4ImMOWtDl/+mUKriemr5D0v2j0rnAa1rS3cYXlAwTfeqd/5iyGNXbI+M8gxrYeoQoyYQHD5/dS8aeUr8USyIZhyMvFEaHkgEd26OFod44fivC9lWyrI5venfbiomKUKDKFRk/r0QIDAQAB
v=spf1 include:_spf.google.com ~all
MS=ms72937258
v=verifydomain MS=7777527
b7vsmk41sx7qgxqph88tnmgwyhv6bv2p
w42bqq6p5vrzlp77j8z2pxw7yv3w2h1c
Dynatrace-site-verification=45510601-0994-4ec3-8d5f-997690e9d2be__c75cen7r231ec0jp645r4pf2ve
Dynatrace-site-verification=361caafd-97b6-43fc-861a-924691d3b352__v1tgecrtpt1dg0hv36hu0k9van
Dynatrace-site-verification=013cda9e-8517-40c2-bb45-9109e9dceb55__m997tmdtgb3mc1ino0nc81ab1e
_l35wnt4yk3zxop4lizmsu8b5iawwkx9
_o10dvyx6jkl6e0yixtjrv5uzqmbe6rq
_kdzr4q1jeus3wjuehhjc8o0syaukfc9
_6p4mv95276l9yyp9qrxb329plodoshc

Email authentication partial

SPF

v=spf1 include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:dmarc@thrive.app;

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXC07nSCqN1YLRVAenX2dAZQyTUwl3rsRMJNaBMqzWt0Uu/Oe2WV4AtdQtgLpx7MWt2oWQM7HPVHlXpclc98…
smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…

selectors probed

Certificate (current)

Sectigo Public Server Authentication CA DV R36

from 2026-02-05 to 2027-03-08

Expires in 292 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://thrive.app/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-content-type-options: nosniff
content-security-policy: font-src 'self' use.typekit.net fonts.gstatic.com data: default-src 'self'; 'script-src' 'unsafe-inline' *.hsleadflows.net maxcdn.bootstrapcdn.com *.hs-scripts.com *.typekit.net code.jquery.com cdnjs.cloudflare.com cdn-cookieyes.com fonts.gstatic.com www.googleoptimize.com salesiq.zoho.eu cdn.linkedin.oribi.io forms.hubspot.com www.googletagmanager.com cdn.jsdelivr.net unpkg.com unpkg.com *.google-analytics.com pro.ip-api.com *.birdseed.io *.gstatic.com bat.bing.com snap.licdn.com *.zohocdn.com *.zohostatic.eu js.hs-analytics.net js.hs-banner.com *.zohopublic.eu stats.g.doubleclick.net *.googleadservices.com *.google.co.uk thrive-website.azurewebsites.net thrive-website-staging.azurewebsites.net *.google.com api.craftcms.com *.stripe.com *.vimeo.com ws:; img-src *
strict-transport-security: max-age=31536000; includeSubDomains