Open
Cached
·
just now
82/100
SECURITY SCORE
Certificate Information
Subject
CN=twitter.com
Issuer
C=US, O=Let's Encrypt, CN=E7
Valid From
December 08, 2025
Valid Until
March 08, 2026
51 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
53:27:BC:19:9A:36:9D:A8:10:D0:48:94:24:F6:F1:E9:76:08:14:10:75:6C:9C:CD:81:E1:A2:83:B9:AF:1C:78
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=631138519; includeSubdomains
Content-Security-Policy
Good
default-src; connect-src; font-src; +8 more
default-src 'self' ; connect-src 'self' https://*.twimg.com https://*.twitter.com https://*.x.com https://syndication.twitter.com https://*.analytics.google.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.googletagmanager.com https://analytics.google.com https://google.com https://pagead2.googlesyndication.com https://www.google.com https://www.googleadservices.com https://api.meetup.com https://s1259914507.t.eloqua.com; font-src 'self' https://*.twimg.com https://*.twitter.com https://*.x.com https://cdn.cms-twdigitalassets.com https://fonts.googleapis.com https://fonts.gstatic.com data:; frame-src 'self' https://twitter.com https://x.com https://*.twitter.com https://*.x.com https://td.doubleclick.net https://www.googletagmanager.com https://iframe.arkoselabs.com https://www.gstatic.com https://www.google.com https://docs.google.com https://www.youtube.com https://glitch.com https://trello.com; img-src 'self' https://*.twimg.com https://*.twitter.com https://*.x.com https://twitter.com https://x.com https://t.co https://cdn.cms-twdigitalassets.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://pagead2.googlesyndication.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google.com https://www.google.ad https://www.google.ae https://www.google.com.af https://www.google.com.ag https://www.google.al https://www.google.am https://www.google.co.ao https://www.google.com.ar https://www.google.as https://www.google.at https://www.google.com.au https://www.google.az https://www.google.ba https://www.google.com.bd https://www.google.be https://www.google.bf https://www.google.bg https://www.google.com.bh https://www.google.bi https://www.google.bj https://www.google.com.bn https://www.google.com.bo https://www.google.com.br https://www.google.bs https://www.google.bt https://www.google.co.bw https://www.google.by https://www.google.com.bz https://www.google.ca https://www.google.cd https://www.google.cf https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.co.ck https://www.google.cl https://www.google.cm https://www.google.cn https://www.google.com.co https://www.google.co.cr https://www.google.com.cu https://www.google.cv https://www.google.com.cy https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dk https://www.google.dm https://www.google.com.do https://www.google.dz https://www.google.com.ec https://www.google.ee https://www.google.com.eg https://www.google.es https://www.google.com.et https://www.google.fi https://www.google.com.fj https://www.google.fm https://www.google.fr https://www.google.ga https://www.google.ge https://www.google.gg https://www.google.com.gh https://www.google.com.gi https://www.google.gl https://www.google.gm https://www.google.gr https://www.google.com.gt https://www.google.gy https://www.google.com.hk https://www.google.hn https://www.google.hr https://www.google.ht https://www.google.hu https://www.google.co.id https://www.google.ie https://www.google.co.il https://www.google.im https://www.google.co.in https://www.google.iq https://www.google.is https://www.google.it https://www.google.je https://www.google.com.jm https://www.google.jo https://www.google.co.jp https://www.google.co.ke https://www.google.com.kh https://www.google.ki https://www.google.kg https://www.google.co.kr https://www.google.com.kw https://www.google.kz https://www.google.la https://www.google.com.lb https://www.google.li https://www.google.lk https://www.google.co.ls https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.com.ly https://www.google.co.ma https://www.google.md https://www.google.me https://www.google.mg https://www.google.mk https://www.google.ml https://www.google.com.mm https://www.google.mn https://www.google.com.mt https://www.google.mu https://www.google.mv https://www.google.mw https://www.google.com.mx https://www.google.com.my https://www.google.co.mz https://www.google.com.na https://www.google.com.ng https://www.google.com.ni https://www.google.ne https://www.google.nl https://www.google.no https://www.google.com.np https://www.google.nr https://www.google.nu https://www.google.co.nz https://www.google.com.om https://www.google.com.pa https://www.google.com.pe https://www.google.com.pg https://www.google.com.ph https://www.google.com.pk https://www.google.pl https://www.google.pn https://www.google.com.pr https://www.google.ps https://www.google.pt https://www.google.com.py https://www.google.com.qa https://www.google.ro https://www.google.ru https://www.google.rw https://www.google.com.sa https://www.google.com.sb https://www.google.sc https://www.google.se https://www.google.com.sg https://www.google.sh https://www.google.si https://www.google.sk https://www.google.com.sl https://www.google.sn https://www.google.so https://www.google.sm https://www.google.sr https://www.google.st https://www.google.com.sv https://www.google.td https://www.google.tg https://www.google.co.th https://www.google.com.tj https://www.google.tl https://www.google.tm https://www.google.tn https://www.google.to https://www.google.com.tr https://www.google.tt https://www.google.com.tw https://www.google.co.tz https://www.google.com.ua https://www.google.co.ug https://www.google.co.uk https://www.google.com.uy https://www.google.co.uz https://www.google.com.vc https://www.google.co.ve https://www.google.co.vi https://www.google.com.vn https://www.google.vu https://www.google.ws https://www.google.rs https://www.google.co.za https://www.google.co.zm https://www.google.co.zw https://www.google.cat https://google.com https://google.ad https://google.ae https://google.com.af https://google.com.ag https://google.al https://google.am https://google.co.ao https://google.com.ar https://google.as https://google.at https://google.com.au https://google.az https://google.ba https://google.com.bd https://google.be https://google.bf https://google.bg https://google.com.bh https://google.bi https://google.bj https://google.com.bn https://google.com.bo https://google.com.br https://google.bs https://google.bt https://google.co.bw https://google.by https://google.com.bz https://google.ca https://google.cd https://google.cf https://google.cg https://google.ch https://google.ci https://google.co.ck https://google.cl https://google.cm https://google.cn https://google.com.co https://google.co.cr https://google.com.cu https://google.cv https://google.com.cy https://google.cz https://google.de https://google.dj https://google.dk https://google.dm https://google.com.do https://google.dz https://google.com.ec https://google.ee https://google.com.eg https://google.es https://google.com.et https://google.fi https://google.com.fj https://google.fm https://google.fr https://google.ga https://google.ge https://google.gg https://google.com.gh https://google.com.gi https://google.gl https://google.gm https://google.gr https://google.com.gt https://google.gy https://google.com.hk https://google.hn https://google.hr https://google.ht https://google.hu https://google.co.id https://google.ie https://google.co.il https://google.im https://google.co.in https://google.iq https://google.is https://google.it https://google.je https://google.com.jm https://google.jo https://google.co.jp https://google.co.ke https://google.com.kh https://google.ki https://google.kg https://google.co.kr https://google.com.kw https://google.kz https://google.la https://google.com.lb https://google.li https://google.lk https://google.co.ls https://google.lt https://google.lu https://google.lv https://google.com.ly https://google.co.ma https://google.md https://google.me https://google.mg https://google.mk https://google.ml https://google.com.mm https://google.mn https://google.com.mt https://google.mu https://google.mv https://google.mw https://google.com.mx https://google.com.my https://google.co.mz https://google.com.na https://google.com.ng https://google.com.ni https://google.ne https://google.nl https://google.no https://google.com.np https://google.nr https://google.nu https://google.co.nz https://google.com.om https://google.com.pa https://google.com.pe https://google.com.pg https://google.com.ph https://google.com.pk https://google.pl https://google.pn https://google.com.pr https://google.ps https://google.pt https://google.com.py https://google.com.qa https://google.ro https://google.ru https://google.rw https://google.com.sa https://google.com.sb https://google.sc https://google.se https://google.com.sg https://google.sh https://google.si https://google.sk https://google.com.sl https://google.sn https://google.so https://google.sm https://google.sr https://google.st https://google.com.sv https://google.td https://google.tg https://google.co.th https://google.com.tj https://google.tl https://google.tm https://google.tn https://google.to https://google.com.tr https://google.tt https://google.com.tw https://google.co.tz https://google.com.ua https://google.co.ug https://google.co.uk https://google.com.uy https://google.co.uz https://google.com.vc https://google.co.ve https://google.co.vi https://google.com.vn https://google.vu https://google.ws https://google.rs https://google.co.za https://google.co.zm https://google.co.zw https://google.cat https://www.google.com/pagead/1p-user-list/780419404/ https://maps.googleapis.com https://s1259914507.t.eloqua.com https://px.ads.linkedin.com https://p.adsymptotic.com/d/px https://maps.gstatic.com https://udc-neb.kampyle.com/ data:; media-src 'self' https://*.twimg.com https://*.twitter.com https://*.x.com https://cdn.cms-twdigitalassets.com; object-src 'self' ; script-src 'self' https://*.twimg.com https://*.twitter.com https://*.x.com https://cdn.cms-twdigitalassets.com https://static.ads-twitter.com 'sha256-9G5TwxImuKFNB+uY9x5+mjMfXDSza+S1DEsjxK1xeWw=' 'strict-dynamic' 'nonce-aKCGLqmgbwnASM9S8bMCSPOt' https://*.googletagmanager.com https://googleads.g.doubleclick.net https://pagead2.googlesyndication.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://api.meetup.com; style-src 'self' 'unsafe-inline' https://*.twimg.com https://*.twitter.com https://*.x.com https://cdn.cms-twdigitalassets.com https://fonts.googleapis.com; report-uri https://twitter.com/i/csp_report https://x.com/i/csp_report; frame-ancestors 'self' https://docs.x.com https://x-preview.mintlify.app http://localhost:3000 https://localhost:3000
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Strengthen CSP by removing 'unsafe-eval'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports