lovethework.com

.com crawl

First seen 2026-04-15 · Last seen 2026-05-10 · ok HTTP/1.1 200 3571 ms crawled 2026-05-10

US · 188.114.97.3 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

sector other type homepage

HTML metadata

Title

The Work Homepage

Language

Canonical

https://www.lovethework.com/en

Translations

Open Graph

title: The Work Homepage

Technology

CMS: Next.js

Analytics

Google Tag Manager
Microsoft Clarity

Third-party hosts loaded (4)

cdn.builder.io×55
www.clarity.ms×2
www.googletagmanager.com×2
transcend-cdn.com×1

Social

Contact

Phone

365462636

Registration

Registrar

Amazon Registrar, Inc.

Created

2003-07-18

Expires

2026-07-18 59 days left

Updated

2025-06-13

Name servers

beth.ns.cloudflare.com
wesley.ns.cloudflare.com

DNS records live

NS

beth.ns.cloudflare.com
wesley.ns.cloudflare.com

MX

10 us-smtp-inbound-1.mimecast.com
20 us-smtp-inbound-2.mimecast.com

TXT

Show 9 TXT records

0ed1fe018a5b5ae6cc50e04f01990b93bba582c2dd
MS=ms11079575
MS=ms82839097
google-site-verification=1qqdiU1gR6iCSO6MFf8NRFPunuUjh5-hY3RiYl1Y-cQ
google-site-verification=7y89FC_X3QzP70BgoGx7CiyqV61uOnMWPiUcIyPsJwU
google-site-verification=n676Ia4ya_ScvJ6vjByDeYNYNHGPKzQOotaY41Dwf9g
google-site-verification=s8cpxdix7tbSBso-LYZfPo5QDcWx-rx6T6mY0zHUWMo
uk-federation-domain-verification=225e0f5de257314cabb8b867ef5592ec
0ed1fe018a42c7fa5e51f344b4991243e7bd54d9e6

Email authentication partial

SPF: v=spf1 include:_spf.google.com include:eu._netblocks.mimecast.com include:us._netblocks.mimecast.com include:spf.protection.outlook.com include:mktomail.com ~all
softfail (~all)
DMARC: v=DMARC1; p=none; rua=mailto:0192f4399f6b952@rep.dmarcanalyzer.com; ruf=mailto:0192f4399f6b952@for.dmarcanalyzer.com; fo=1;
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-04-14 to 2026-07-13

Expires in 54 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.lovethework.com/en

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: deny
permissions-policy: camera=(), microphone=(), geolocation=()
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: wss:; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https: https://*.googletagmanager.com https://transcend-cdn.com https://page.ascential.com https://connect.facebook.net; style-src 'self' 'unsafe-inline' nonce-MDBkNGQyYzEtM2E2ZS00YzE1LTg4NmYtNmYxYzI3NzZkN2Q1 https:; img-src 'self' blob: data: https:; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors https://builder.io; frame-src 'self' https://page.ascential.com https://vimeo.com https://player.vimeo.com https://*.googletagmanager.com https://www.youtube.com https://youtube.com https://www.youtube-nocookie.com https://youtube-nocookie.com https://open.spotify.com https://e.infogram.com/; block-all-mixed-content; upgrade-insecure-requests; connect-src 'self' https://s3-eu-west-1.amazonaws.com https://ascentialcdn.filespin.io https://cdn.builder.io https://transcend-cdn.com https://telemetry.transcend.io/collect https://*.google-analytics.com https://*.analyt
strict-transport-security: max-age=31536000 ; includeSubDomains

Links to (8)

Linked from (1)

dubailynx.com×2