indexo.dev

tweakbench.com

.com crawl

First seen 2026-04-22 · Last seen 2026-05-16 · ok HTTP/1.1 200 11256 ms crawled 2026-05-16

US · 216.150.1.1 · AS16509 Amazon.com, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Tweakbench - your favorite producer's favorite plugins lol
Description
Experimental audio plugins for creative professionals. We're not sure why you're here, but we're glad you're here.
Language
en
Generator
v0.app

Technology

CDN
Vercel
CMS
Next.js

Social

Registration

Registrar
Porkbun LLC
Created
2002-06-25
Expires
2027-06-25 401 days left
Updated
2026-05-11
Name servers
  • curitiba.ns.porkbun.com
  • fortaleza.ns.porkbun.com
  • maceio.ns.porkbun.com
  • salvador.ns.porkbun.com

DNS records live

NS
  • curitiba.ns.porkbun.com
  • fortaleza.ns.porkbun.com
  • maceio.ns.porkbun.com
  • salvador.ns.porkbun.com
MX
  • 10 mail.protonmail.ch
  • 20 mailsec.protonmail.ch
TXT
  • protonmail-verification=45a46b25ba50528e7d4cd3d5e04b87293290d0cb
  • google-site-verification=ByBUo2293DCJGjy8LUztdqlPleJdTqDaDO39kHru78E

Email authentication strong

SPF
v=spf1 include:_spf.protonmail.ch include:resend.com include:amazonses.com ~all
softfail (~all)
DMARC
v=DMARC1; p=quarantine
policy: quarantine
DKIM
no key found at common selectors

Certificate (current)

R13
from 2026-04-17 to 2026-07-16
Expires in 57 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.tweakbench.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
  • permissions-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
Header values
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
permissions-policy
camera=(), microphone=(), geolocation=()
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://s.adroll.com https://d.adroll.com https://connect.facebook.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https: blob:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https://*.supabase.co wss://*.supabase.co https://*.stripe.com https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.merchant-center-analytics.goog https://*.adroll.com https://connect.facebook.net https://www.facebook.com; frame-src 'self' https://*.stripe.com; object-src 'none'; base-uri 'self'
strict-transport-security
max-age=63072000

Links to (1)

Linked from (1)