lwtheatres.co.uk

HTML metadata

Title: LW Theatres | London Theatre Tickets | Official Box Office
Description: Official website for Andrew Lloyd Webber's theatres in London. Get the best seats at the best price for top London musicals and the best West End shows.
Language: en-GB
Canonical: https://lwtheatres.co.uk/

Open Graph

url: https://lwtheatres.co.uk/
title: LW Theatres | London Theatre Tickets | Official Box Office
site name: LW Theatres
description: Official website for Andrew Lloyd Webber's theatres in London. Get the best seats at the best price for top London musicals and the best West End shows.

Technology

CDN: Cloudflare
CMS: WordPress
jQuery: 3.7.0

Analytics

Google Tag Manager

Cookie consent

OneTrust

Third-party hosts loaded (8)

lwt-live.s3.eu-west-1.amazonaws.com×30
lwt-test-new.s3.eu-west-1.amazonaws.com×26
cdnjs.cloudflare.com×4
code.jquery.com×2
maps.googleapis.com×2
cdn-ukwest.onetrust.com×1
cdn.by.wonderpush.com×1
www.googletagmanager.com×1

Social

Registration

Registrar

123-Reg Limited t/a 123-reg

Created

2013-11-01

Expires

2027-11-01 529 days left

Updated

2025-11-02

Name servers

athena.ns.cloudflare.com.
ray.ns.cloudflare.com.

DNS records live

NS

athena.ns.cloudflare.com
ray.ns.cloudflare.com

MX

10 mx1-eu1.ppe-hosted.com
20 mx2-eu1.ppe-hosted.com

TXT

line-up-domain-verification-cvcydm=zpL43RnmKg9qoOOjYNFzeEB34
ppe-227c014b0dc43497a95cb9d5386d7e30920209c8
4fdgnidi2qdio144hndsal8ral

Verified for

Apple
Brevo
DocuSign
Google
Loader.io
Microsoft 365
Pinterest
Zoom

Email authentication partial

SPF

v=spf1 include:_u.lwtheatres.co.uk._spf.smart.ondmarc.com ~all

softfail (~all)

DMARC

v=DMARC1; p=none; pct=100; sp=none; rua=mailto:bdad7e99@inbox.ondmarc.com,mailto:dmarc@lwtheatres.co.uk; ruf=mailto:bdad7e99@inbox.ondmarc.com,mailto:dmarc@lwtheatres.co.uk; adkim=r; aspf=r; fo=1; rf=afrf; ri=3600

policy: none (monitoring only) · sp=none

DKIM

Show 5 DKIM selectors

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXVsCxU4UtQaEgGKgybfNOwmDwLijMPChuSxnbYRlgVDzQuEh53rDZDUpFadEhM21uwHF5Y2ttT5/b26OdOo…
selector2: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCoEn8yBBL7l/FoUiRzvfN+rHdGRHUyxPn8wB4VGiqDOQXBerMWHiZX58yZgxl19lOcFuSABf34NnT5cVUqz3…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0V6uThhrssyvRrsPXFswd/6j6dCtWSoGIMKePVv+81MVNR0Zf8q87jGGmCa2PtPmJOJknPZs/a9Tr9LW/C…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR943ImDuFK7/0CTc94la0RD2/uUjQqg4qtcUDrD6TPESp8PWoCT094A4MXPLp3pDvyhNL6UhKnxvZkW/kSZA6b…

selectors probed

Certificate (current)

WE1

from 2026-04-23 to 2026-07-22

Expires in 62 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://lwtheatres.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy
cross-origin-opener-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), midi=(), sync-xhr=(), camera=(), microphone=(), magnetometer=(), gyroscope=(), fullscreen=(), payment=()
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; frame-ancestors 'self' https://*.lwtheatres.co.uk https://r1.dotdigital-pages.com https://*.youtube.com https://*.google.com https://td.doubleclick.net https://*.fls.doubleclick.net;
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-opener-policy: same-origin-allow-popups