thecrownestateworkplaces.com

.com crawl

First seen 2026-05-15 · Last seen 2026-05-19 · ok HTTP/1.1 200 2185 ms crawled 2026-05-19

GB · 20.90.134.21 · AS8075 Microsoft Corporation

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: The Crown Estate Workplaces
Description: At Workplaces, our culture is your success. We're cultivating a thriving professional ecosystem where businesses connect, collaborate and grow.
Language: en-GB
Canonical: https://www.thecrownestateworkplaces.com

Open Graph

title: The Crown Estate Workplaces
locale: en
description: At Workplaces, our culture is your success. We're cultivating a thriving professional ecosystem where businesses connect, collaborate and grow.

Technology

CDN: Azure Front Door
CMS: Next.js

Analytics

Google Tag Manager

Fonts

Adobe Fonts

Third-party hosts loaded (9)

www.datocms-assets.com×4
as-images.imgix.net×3
cookie-cdn.cookiepro.com×2
use.typekit.net×2
cdn.speedcurve.com×1
fast.fonts.net×1
googletagmanager.com×1
images.ctfassets.net×1
js.monitor.azure.com×1

Social

Contact

Email

info@thecrownestateworkplaces.com

Phone

020 8163 2443

Address

1 St James's Market, SW1Y 4AH, London, GB

Registration

Registrar

Tucows Domains Inc.

Created

2022-04-02

Expires

2027-04-02 316 days left

Updated

2026-04-07

Name servers

chelsea.ns.cloudflare.com
leonidas.ns.cloudflare.com

DNS records live

NS

chelsea.ns.cloudflare.com
leonidas.ns.cloudflare.com

MX

0 thecrownestateworkplaces-com.mail.protection.outlook.com

TXT

rbeP6+3KxodF8WLtiGHzS5JZKr2rVe5mNwzLUmnIffNEPN3BFxhpmuGvzQgAKbNIzfEYicJcDZqMA9OnJdnAzA==

Verified for

Google
Microsoft 365

Email authentication partial

SPF: v=spf1 include:spf.protection.outlook.com -all
strict (-all)
DMARC: v=DMARC1; p=none; rua=mailto:dmarc_agg@vali.email;
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

GeoTrust TLS RSA CA G1

from 2026-02-05 to 2026-08-06

Expires in 77 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.thecrownestateworkplaces.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: ambient-light-sensor=(), battery=(), camera=(), display-capture=(), document-domain=(), fullscreen=(self "https://videos.ctfassets.net"), gamepad=(), geolocation=(), gyroscope=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=(), xr-spatial-tracking=()
x-content-type-options: nosniff
content-security-policy: img-src 'self' data: https: images.ctfassets.net cookie-cdn.cookiepro.com lux.speedcurve.com *.reciteme.com *.googleapis.com; media-src 'self' https: *.ctfassets.net/; connect-src 'self' https: cookie-cdn.cookiepro.com *.applicationinsights.azure.com *.google-analytics.com *.reciteme.com *.googletagmanager.com *.googleapis.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https: *.googletagmanager.com js.monitor.azure.com cookie-cdn.cookiepro.com cdn.speedcurve.com www.youtube.com api.reciteme.com; style-src 'self' 'unsafe-inline' api.reciteme.com fonts.googleapis.com fast.fonts.net *.typekit.net; frame-src 'self' *.googletagmanager.com www.youtube.com www.instagram.com my.matterport.com viewings.ehouse.co.uk www.google.com universe.queue-it.net universe.com *.universe.com priorptnrs.s3.eu-west-2.amazonaws.com;
strict-transport-security: max-age=2592000

Links to (1)

linkedin.com×1

Linked from (1)

stjameslondon.co.uk×1