theiatiles.com

.com crawl

First seen 2026-04-24 · Last seen 2026-05-17 · ok HTTP/1.1 200 8497 ms crawled 2026-05-17

DE · 157.245.27.75 · AS14061 DigitalOcean, LLC

Reputation 92/100 no dmarc policy

sector other type homepage

HTML metadata

Title: Theia creative tiles
Description: theia creative tiles . 100% Portuguese design
Language: en
Canonical: https://www.theiatiles.com/

Open Graph

url: https://www.theiatiles.com/
title: Theia creative tiles
description: theia creative tiles . 100% Portuguese design

Technology

CDN: Cloudflare
Server: openresty

Analytics

Google Analytics
Google Tag Manager

Ads

Meta Pixel

Fonts

Google Fonts

Social widgets

Vimeo Embed

Third-party hosts loaded (7)

cdn.bndlyr.com×11
img.bndlyr.com×5
connect.facebook.net×1
fonts.gstatic.com×1
player.vimeo.com×1
www.google-analytics.com×1
www.googletagmanager.com×1

Social

Contact

Email

info@theiatiles.com

Phone

+351218133391

Registration

Registrar

eNom, LLC

Created

2015-05-07

Expires

2027-05-07 352 days left

Updated

2024-09-17

Name servers

dns1.host-redirect.com
dns2.host-redirect.com
dns3.host-redirect.com
dns4.host-redirect.com

DNS records live

NS

dns1.host-redirect.com
dns2.host-redirect.com
dns3.host-redirect.com
dns4.host-redirect.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

Email authentication weak

SPF: not published
DMARC: not published
DKIM: no key found at common selectors

Certificate (current)

R13

from 2026-05-01 to 2026-07-30

Expires in 72 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.theiatiles.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self),microphone=(self),camera=(self),autoplay=(self),picture-in-picture=(self)
x-content-type-options: nosniff
content-security-policy: manifest-src *; default-src 'self' blob:; media-src * data: blob:; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: blob: data:; img-src * 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' data: https:; frame-src *; connect-src https: wss:; object-src 'none'
strict-transport-security: max-age=63072000; includeSubDomains; preload