thriveworks.com — domain check, WHOIS, DNS & reputation

HTML metadata

Title: Therapy & Psychiatry Near You—Online or In Person | Thriveworks
Description: Find therapists, psychiatrists, & mental health providers—online or in person. Same-day or same-week appointments, 340+ locations, most insurance plans accepted.
Language: en-US
Generator: WordPress 7.0
Canonical: https://thriveworks.com/

Open Graph

url: https://thriveworks.com/
title: Therapy & Psychiatry Near You—Online or In Person | Thriveworks
locale: en_US
site name: Thriveworks
description: Find therapists, psychiatrists, & mental health providers—online or in person. Same-day or same-week appointments, 340+ locations, most insurance plans accepted.

Technology

CDN: Vercel
CMS: WordPress 7.0

Cookie consent

Osano

Third-party hosts loaded (7)

cdn.callrail.com×2
cdn.split.io×2
stats.wp.com×2
www.google.com×2
cdn.rudderlabs.com×1
cdnjs.cloudflare.com×1
cmp.osano.com×1

Social

Contact

Phone

Address

1000 Jefferson St Suite 1B, 24504, Lynchburg, VA, USA

Registration

Registrar

GoDaddy.com, LLC

Created

2004-02-16

Expires

2027-02-16 259 days left

Updated

2026-02-17

Name servers

jasper.ns.cloudflare.com
paloma.ns.cloudflare.com

DNS records live

NS

jasper.ns.cloudflare.com
paloma.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

JM10012018
MS=6D0F703FA7BB4B241BE8BA15FE54C3813277D11C
SFMC-V8lyy0_ZS7-JnQcg70VAeThW2hjYNgp6sjCePUGh

Verified for

Apple
Google
Miro
Zoom

Email authentication partial

SPF

v=spf1 include:helpscoutemail.com include:thriveworkslearning.com include:_spf.salesforce.com include:_spf.google.com include:emsd1.com include:cust-spf.exacttarget.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; pct=100; fo=1; ri=3600; rua=mailto:b93ceb90@inbox.ondmarc.com,mailto:dmarc-reports@tworks.io; ruf=mailto:b93ceb90@inbox.ondmarc.com;

policy: none (monitoring only)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopMCCcmzBcI6bk/eSE3MYa/hyF4O2bgQmreT/D7F9rbuKfAfINtt1aOxnEf7LG1vau3f75YegIrpdE…
k2: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2aC2KjGKLOwTweBY5A9RpjsxaBXR9r7OAU6U8/zn92ivImI75naUujWbItRI/QmL1jy5PWGqLwoUA…

selectors probed

Certificate (current)

R13

from 2026-05-09 to 2026-08-07

Expires in 67 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://thriveworks.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' *.site.com *.force.com *.my.salesforce.com *.my.salesforce-sites.com static.legitscript.com *.salesforceliveagent.com test.salesforce.com fonts.googleapis.com *.googletagmanager.com *.google-analytics.com *.google.com *.rudderlabs.com api.rudderstack.com *.osano.com wp-origin.thriveworks.com *.thriveworks.com thriveworks.com *.go-vip.net *.wp.com tw-training.thriveworks.com thriveworks.vercel.app *.thriveworks.vercel.app thriveworks--training.sandbox.my.salesforce-sites.com *.facebook.com *.facebook.net *.doubleclick.net *.ensighten.com *.pinterest.com beacon-v2.helpscout.net static.ctctcdn.com *.callrail.com *.googleadservices.com *.bing.com *.zopim.com *.zdassets.com *.gstatic.com *.expertrec.com *.cloudflare.com *.acuityscheduling.com *.wickedreports.com *.visualwebsiteoptimizer.com *.vwo.com *.adroll.com us-u.openx.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net ads.yahoo.com eb2.3lift.com trc.taboola.com simage1.pubmatic.com sima
strict-transport-security: max-age=31536000

Links to (7)

Linked from (1)

sportsmoz.org×1