trafalgartickets.com

HTML metadata

Title: Trafalgar Tickets
Description: A leading international theatre, venue, and hospitality/conference operator based in the UK, Trafalgar Theatres (formerly HQ Theatres) has a proven track record of successfully managing and operating theatres and other cultural venues with high-quality programmes.
Language: en-GB

Open Graph

title: Trafalgar Tickets
description: A leading international theatre, venue, and hospitality/conference operator based in the UK, Trafalgar Theatres (formerly HQ Theatres) has a proven track record of successfully managing and operating theatres and other cultural venues with high-quality programmes.

Technology

CDN: Cloudflare
CMS: Next.js

Analytics

Google Tag Manager

Third-party hosts loaded (4)

images.ctfassets.net×2
js-eu1.hs-scripts.com×1
try.abtasty.com×1
www.googletagmanager.com×1

Social

Contact

Phone

0343 310 0020

Address

33 Southampton Street, WC2E 7HE, London, England

Registration

Registrar

IONOS SE

Created

2020-08-17

Expires

2027-08-17 453 days left

Updated

2025-10-10

Name servers

cheryl.ns.cloudflare.com
lamar.ns.cloudflare.com

DNS records live

NS

cheryl.ns.cloudflare.com
lamar.ns.cloudflare.com

MX

1 eu-smtp-inbound-1.mimecast.com
2 eu-smtp-inbound-2.mimecast.com

TXT

Validity-Domain-Verification=weOtiKQ8/DFcSgLwDsiR6Z3nFr7=
0ed1fe018a3c01ec3054444a76814744bf5235af12

Verified for

Apple
Google
Microsoft 365
Stripe

Email authentication partial

SPF

v=spf1 include:26166057.spf03.hubspotemail.net include:_spf.audienceview.net include:spf.protection.outlook.com include:eu._netblocks.mimecast.com include:sendgrid.net ip4:168.245.56.197 ~all

softfail (~all)

DMARC

v=DMARC1; p=none; rua=mailto:mailflow.reporting@trafalgartickets.com; ruf=mailto:mailflow.reporting@trafalgartickets.com; fo=1; adkim=r; aspf=r

policy: none (monitoring only)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IkRv3YoineHhSnjZLi8rfd18QfybxNAz6VdC4N+h7HOrpV9DyQdBc7zwHBEgCl9ELnr3y0+caJCZC9sUJ…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBSb5Fq8xxmS/17a0vB9ZljLbfTLgjiJTznkW32d6VpYRrvnZB6E86QtDJq1PEMUnBT+aiGobBB6xok0s1…

selectors probed

Certificate (current)

WE1

from 2026-03-12 to 2026-06-10

Expires in 20 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://trafalgartickets.com/

present

strict-transport-security
content-security-policy
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing frame protection

Header values

referrer-policy: origin-when-cross-origin
permissions-policy: camera=(), microphone=(), geolocation=(), browsing-topics=()
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' *.hubspot.com *.hubspot.net *.hsforms.net *.hs-scripts.net *.hs-analytics.net *.hsadspixel.net *.hs-banner.com *.hs-scripts.com *.hs-analytics.net *.hsforms.com static.hsappstatic.net https://www.googletagmanager.com https://*.youtube.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com vercel.live vercel.com https://*.clarity.ms *.doubleclick.net *.usemessages.com *.hscollectedforms.net *.hsleadflows.net *.hsforms.net *.hubspotfeedback.com feedback.hubapi.com *.onetrust.com connect.facebook.net blob: *.abtasty.com https://*.abtasty.com https://*.googlesyndication.com https://*.googleadservices.com cdn.mxpnl.com https://cdn.mxpnl.com; style-src 'report-sample' 'self' 'unsafe-inline' https://fonts.googleapis.com cdn2.hubspot.net static.hsappstatic.net https://www.googletagmanager.com/debug/badge.css https://*.abtasty.com; object-src 'none'; base-uri
strict-transport-security: max-age=63072000; includeSubDomains; preload