themefisher.com

HTML metadata

Title: 200+ Website Templates Built with Modern Stacks | Themefisher
Description: 200+ modern website templates built with Astro, Next.js,Tailwind, Hugo & Bootstrap. Perfect for startups, developers, and agencies. Trusted by 120K+ users worldwide.
Language: en
Canonical: https://themefisher.com/

Open Graph

url: https://themefisher.com/
title: 200+ Website Templates Built with Modern Stacks | Themefisher
site name: 200+ Website Templates Built with Modern Stacks | Themefisher
description: 200+ modern website templates built with Astro, Next.js,Tailwind, Hugo & Bootstrap. Perfect for startups, developers, and agencies. Trusted by 120K+ users worldwide.

Technology

CDN: Vercel
CMS: Next.js

Social

Registration

Registrar

Cloudflare, Inc.

Created

2013-07-26

Expires

2026-07-26 67 days left

Updated

2025-06-26

Name servers

gina.ns.cloudflare.com
justin.ns.cloudflare.com

DNS records live

NS

gina.ns.cloudflare.com
justin.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 4 TXT records

Sendinblue-code:980927bd3b429f4e4594c0d3ffa5b35f
brevo-code:980927bd3b429f4e4594c0d3ffa5b35f
google-site-verification=oXVKxXr5YPxe5AxcPP0ZLV0uaaPeST4ycMYEDiepODY
google-site-verification=ojz8vKy2NJ_YiIFNPXjpxBxzSUd7Mwd1S0k5zpEHA_M

Email authentication strong

SPF

v=spf1 include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=quarantine; pct=100

policy: quarantine

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra4LhOGwyt+sFL+ZthM4WRY/UPtJZ1B6OjaKc97/GRPIYH9Ke/bsw0zUuv8r2l51mm4aG11cTmFd+o…
mail: k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z…

selectors probed

Certificate (current)

R12

from 2026-05-11 to 2026-08-09

Expires in 82 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://themefisher.com/

present

strict-transport-security
content-security-policy
x-frame-options

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self'; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://analytics.google.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://connect.facebook.net https://www.redditstatic.com https://pixel-config.reddit.com https://conversions-config.reddit.com https://*.clarity.ms https://*.paddle.com https://*.partnero.com https://*.posthog.com https://www.youtube.com https://www.youtube-nocookie.com https://s.ytimg.com 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' https://www.google-analytics.com https://www.googletagmanager.com https://analytics.google.com https://googleads.g.doubleclick.net https://static.ads-twitter.com https://connect.facebook.net https://www.redditstatic.com https://pixel-config.reddit.com https://conversions-config.reddit.com https://*.clarity.ms https://*.paddle.com https://*.partnero.com https://*.posthog.com https://www.youtube.com https://www.youtube-nocookie.com https://s.ytimg.com
strict-transport-security: max-age=63072000