Check DNS, Urls + Redirects, Certificates and Content of your Website

0 in Queue, 1 of max. 8 Checks (18:18:57)
Why should you only use Prefix - Cookies? |
Hall of Fame - A+ and A

 

Shortcuts: 1. IP-Addresses | 2. DNSSEC | 3. Name Servers | 4. SOA-Entries | 5. Screenshots | 6. Url-Checks | 7. Comments | 8. Connections | 9. Certificates | 10. CT-Logs | 11. Html-Content | 12. Html-Parsing | 13. NameServer-IPAddresses | 14. CAA | 15. TXT | 16. DomainServiceEntries | 17. Cipher Suites | 18. Portchecks |

 

B

 

Missing HSTS or Cookie-warnings

 

Checked:
12.03.2025 19:38:17

 

Older results

 

A - 07.03.2025 12:55:13
B - 21.02.2025 08:33:13
B - 21.02.2025 04:57:41
B - 19.09.2024 00:37:21
B - 18.09.2024 19:26:45
B - 06.08.2024 07:19:13
N - 08.12.2021 05:51:15

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
x.com
A
162.159.140.229
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.
No Hostname found
yes
2
0

A
172.66.0.227
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.
No Hostname found
yes
2
0

AAAA

yes


www.x.com
CNAME
x.com
yes
1
0

A
162.159.140.229
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.
No Hostname found
yes



A
172.66.0.227
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.
No Hostname found
yes


*.x.com
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


 

2. DNSSEC

Zone (*)DNSSEC - Informations


Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






 Status: Valid because published






3 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 26470, Flags 256






Public Key with Algorithm 8, KeyTag 38696, Flags 257 (SEP = Secure Entry Point)






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 02.04.2025, 00:00:00 +, Signature-Inception: 12.03.2025, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: com

com
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=






1 RRSIG RR to validate DS RR found






RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 25.03.2025, 17:00:00 +, Signature-Inception: 12.03.2025, 16:00:00 +, KeyTag 26470, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 26470 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 19718, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 23202, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner com., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 18.03.2025, 15:02:35 +, Signature-Inception: 03.03.2025, 14:57:35 +, KeyTag 19718, Signer-Name: com






 Status: Good - Algorithmus 13 and DNSKEY with KeyTag 19718 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest "isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: x.com

x.com
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "9r92dnfdjnuk8toipl83salcibt8hiaf" between the hashed NSEC3-owner "9r924l0vkvrakebslp2qhmbh3t2beoc2" and the hashed NextOwner "9r92ghol4h50nmhis5kv2cppnuquvnnb". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner 9r924l0vkvrakebslp2qhmbh3t2beoc2.com., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 19.03.2025, 00:17:13 +, Signature-Inception: 11.03.2025, 23:07:13 +, KeyTag 23202, Signer-Name: com






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "ck0pojmg874ljref7efn8430qvit8bsm" as Owner. That's the Hash of "com" with the NextHashedOwnerName "ck0q3udg8cekkae7rukpgct1dvssh8ll". So that domain name is the Closest Encloser of "x.com". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner ck0pojmg874ljref7efn8430qvit8bsm.com., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 16.03.2025, 00:26:40 +, Signature-Inception: 08.03.2025, 23:16:40 +, KeyTag 23202, Signer-Name: com






0 DNSKEY RR found









Zone: www.x.com

www.x.com
0 DS RR in the parent zone found

 

3. Name Servers

DomainNameserverNS-IP
x.com
  a.r10.twtrdns.net
205.251.192.179
Ashburn/Virginia/United States (US) - Amazon.com

 
2600:9000:5300:b300::1
Seattle/Washington/United States (US) - Amazon.com, Inc.

  a.u10.twtrdns.net
204.74.111.101
Herndon/Virginia/United States (US) - Vercara, LLC

 
2600:9000:5300:b300::1
Seattle/Washington/United States (US) - Amazon.com, Inc.

  b.r10.twtrdns.net
205.251.196.198
Herndon/Virginia/United States (US) - Amazon.com

 
2600:9000:5304:c600::1
Dallas/Texas/United States (US) - Amazon.com, Inc.

  b.u10.twtrdns.net
205.251.196.198
Herndon/Virginia/United States (US) - Amazon.com

 
2600:9000:5304:c600::1
Dallas/Texas/United States (US) - Amazon.com, Inc.

  c.r10.twtrdns.net
205.251.194.151
Ashburn/Virginia/United States (US) - Amazon.com

 
2600:9000:5302:9700::1
Seattle/Washington/United States (US) - Amazon.com, Inc.

  c.u10.twtrdns.net
205.251.194.151
Ashburn/Virginia/United States (US) - Amazon.com

 
2600:9000:5302:9700::1
Seattle/Washington/United States (US) - Amazon.com, Inc.

  d.r10.twtrdns.net
205.251.199.195
Ashburn/Virginia/United States (US) - Amazon.com

 
2600:9000:5307:c300::1
Seattle/Washington/United States (US) - Amazon.com, Inc.

  d.u10.twtrdns.net
205.251.199.195
Ashburn/Virginia/United States (US) - Amazon.com

 
2600:9000:5307:c300::1
Seattle/Washington/United States (US) - Amazon.com, Inc.
com
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net

 

4. SOA-Entries


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1741804672
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:9


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1741804687
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:4


Domain:x.com
Zone-Name:x.com
Primary:a.u10.twtrdns.net
Mail:noc.twitter.com
Serial:2023121201
Refresh:3600
Retry:600
Expire:604800
TTL:300
num Entries:15


Domain:x.com
Zone-Name:x.com
Primary:a.u10.twtrdns.net
Mail:noc.twitter.com
Serial:2023189960
Refresh:3600
Retry:600
Expire:604800
TTL:300
num Entries:1


5. Screenshots

Startaddress: https://x.com/, address used: https://x.com/, Screenshot created 2025-03-12 19:40:05 +00:0

 

Mobil (412px x 732px)

 

1225 milliseconds

 

Screenshot mobile - https://x.com/
Mobil + Landscape (732px x 412px)

 

1232 milliseconds

 

Screenshot mobile landscape - https://x.com/
Screen (1280px x 1680px)

 

1511 milliseconds

 

Screenshot Desktop - https://x.com/

 

Mobile- and other Chrome-Checks


widthheight
visual Viewport396732
content Size396996

 

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://x.com/
162.159.140.229
301
https://x.com/
Html is minified: 109.15 %
0.020

Date: Wed, 12 Mar 2025 18:38:56 GMT
Connection: keep-alive
Cache-Control: max-age=3600
Location: https://x.com/
Set-Cookie: __cf_bm=IOPOWcVGCIpIC1xeJCdcAIWjeu2bHJ_5UZfbvDdYtdY-1741804736-1.0.1.1-XvJlpBliQyEEwKxFF1RcPRBb1gBUnekqGeOq7QS_mcXrANuMQ41vW6AWTCXvZDLgNvP.qE6ajnGa.EWeTgFhWFJCGt.Ne5zHOcup9OWBdAk; path=/; expires=Wed, 12-Mar-25 19:08:56 GMT; domain=.x.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 91f569561a7ae531-TXL
Content-Type: text/html
Content-Length: 167
Expires: Wed, 12 Mar 2025 19:38:56 GMT

• http://x.com/
172.66.0.227
301
https://x.com/
Html is minified: 109.15 %
0.013

Date: Wed, 12 Mar 2025 18:38:57 GMT
Connection: keep-alive
Cache-Control: max-age=3600
Location: https://x.com/
Set-Cookie: __cf_bm=Fs._Ra4qwPQTqTPgm.8N_kPOVMIvNvBXQ46U6Oa8.lA-1741804737-1.0.1.1-bcSMcBCqQPdv3sF92GsNGWXpa9QwIqbvzaGxm56ezSroKOBPiQjPnAA7oOAbSyCP1iQJ6G2pKXmZA16SmleFpdLBmVIowi0dURi8j7sF7VM; path=/; expires=Wed, 12-Mar-25 19:08:57 GMT; domain=.x.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 91f569565ba0e523-TXL
Content-Type: text/html
Content-Length: 167
Expires: Wed, 12 Mar 2025 19:38:57 GMT

• http://www.x.com/
162.159.140.229
301
https://www.x.com/
Html is minified: 109.15 %
0.020

Date: Wed, 12 Mar 2025 18:38:56 GMT
Connection: keep-alive
Cache-Control: max-age=3600
Location: https://www.x.com/
Set-Cookie: __cf_bm=JzKc4TD0iq1TT_0LtGKt6ajTPK0izDeWlrqeURCm9CY-1741804736-1.0.1.1-vnlm_lSRCR5WZqCsAVcPZPU13Z7wBvhgnURl1nhTXJXr9BNSHdUs5T.S2WUyPShzELBQZCVFKVZ3ZsPYffeRX6uIcaNJ57U23DJnvAEH3t4; path=/; expires=Wed, 12-Mar-25 19:08:56 GMT; domain=.x.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 91f56955a89fe531-TXL
Content-Type: text/html
Content-Length: 167
Expires: Wed, 12 Mar 2025 19:38:56 GMT

• http://www.x.com/
172.66.0.227
301
https://www.x.com/
Html is minified: 109.15 %
0.023

Date: Wed, 12 Mar 2025 18:38:56 GMT
Connection: keep-alive
Cache-Control: max-age=3600
Location: https://www.x.com/
Set-Cookie: __cf_bm=PLjD9gaX1eC70aPclGUGCcbBE39_hKfawa.VASc2Ulo-1741804736-1.0.1.1-sPEoh7k8DtcWBHW7cU9oO.DdQNP6PdC_xMKPQz9MvhYM7pD.YiUXIXEmwHJMm1KJnUoKqfcYHjdAVdUb4y5jDP.xres.rVfpGXnwFf6S8sw; path=/; expires=Wed, 12-Mar-25 19:08:56 GMT; domain=.x.com; HttpOnly
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 91f56955da29e523-TXL
Content-Type: text/html
Content-Length: 167
Expires: Wed, 12 Mar 2025 19:38:56 GMT

• https://www.x.com/
162.159.140.229
301
https://twitter.com/

2.156
A
Date: Wed, 12 Mar 2025 18:38:57 GMT
Connection: keep-alive
perf: 7402827104
Location: https://twitter.com/
Cache-Control: no-store, no-cache, max-age=0
x-transaction-id: 54fe513d829f18c4
Strict-Transport-Security: max-age=631138519
x-response-time: 107
x-connection-hash: ab0f7563e1d49ae273ee2543f8d3831bd532b08884adda8197cb5714d8642894
cf-cache-status: DYNAMIC
Set-Cookie: __cf_bm=bK7jDCZsQo0hNppw3pEc0icCEQnB19ZhGOolNrE.KK4-1741804737-1.0.1.1-DJm8X_FAfdFtiJRINp74g93tLikfsIuucHfx6R5S4sgjactwvrWBBpJpD6hwvjVT8IF2SxLRSwe7utOkrf3LX4Rn.iazRFbZJmaX.TEYsDs; path=/; expires=Wed, 12-Mar-25 19:08:57 GMT; domain=.x.com; HttpOnly; Secure; SameSite=None
Server: cloudflare,tsa_o
CF-RAY: 91f569569a91e508-TXL
Content-Length: 0

• https://www.x.com/
172.66.0.227
301
https://twitter.com/

2.100
A
Date: Wed, 12 Mar 2025 18:39:01 GMT
Connection: keep-alive
perf: 7402827104
Location: https://twitter.com/
Cache-Control: no-store, no-cache, max-age=0
x-transaction-id: 3dde8af00b1874e0
Strict-Transport-Security: max-age=631138519
x-response-time: 107
x-connection-hash: 2a78d5ac71c997bc02f00dfccf42fa28ae9819dfc0cb9d598ae7d17237c9afe0
cf-cache-status: DYNAMIC
Set-Cookie: __cf_bm=0edeNK3iRo5aodcChWbqT2IcgtYnlrLJOw2eZOoXbTM-1741804741-1.0.1.1-EDJAg_lVygJ22a9vcQOiCBp.lBfy_ViKVFpwl4b8c2zIuFWGPAAmOdyEK2ebUd6y__Gw7ktaJnQdT4iJrWtoyZUXeT5.xSoPRLqAzI9Z_CM; path=/; expires=Wed, 12-Mar-25 19:09:01 GMT; domain=.x.com; HttpOnly; Secure; SameSite=None
Server: cloudflare,tsa_o
CF-RAY: 91f5696feecf2671-TXL
Content-Length: 0

• https://twitter.com/
gzip used - 62 / 36 - -72.22 %
302
https://x.com/
Html is minified: 100.00 %
2.194
A
Date: Wed, 12 Mar 2025 18:39:15 GMT
Connection: keep-alive
perf: 7402827104
Vary: Accept,accept-encoding
expiry: Tue, 31 Mar 1981 05:00:00 GMT
Pragma: no-cache
Location: https://x.com/
Set-Cookie: ct0=; Max-Age=-1741804754; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=Lax,__cf_bm=hvOVo.tvGgVuRbA_XT4faXXpWJOEWyMcBAw6iW1YgPU-1741804755-1.0.1.1-MwYqof5CihHnEoFK8j6UJNQdoK8nkVCEdT5tUMqPR5BbbGLcKv5fg3DWpXtFcHB8Xsx1oYqD13SCQou10gWAcq4FN8TcBAEt4wDf8OJoC38; path=/; expires=Wed, 12-Mar-25 19:09:15 GMT; domain=.twitter.com; HttpOnly; Secure; SameSite=None
X-Powered-By: Express
Cache-Control: no-store, must-revalidate, no-cache, pre-check=0, post-check=0
X-Frame-Options: DENY
x-transaction-id: 087b965d7a7987c5
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Content-Security-Policy: connect-src 'self' blob: https://fonts.googleapis.com/css https://mapsresources-pa.googleapis.com https://maps.googleapis.com https://www.gstatic.com/maps/ https://*.pscp.tv https://*.twimg.com https://*.video.pscp.tv https://aa.twitter.com https://aa.x.com https://accounts.google.com/gsi/ https://ads-api.twitter.com https://ads-api.x.com https://api-stream.twitter.com https://api-stream.x.com https://api.twitter.com https://api.x.ai https://api.x.com https://api.x.com https://caps.twitter.com https://caps.x.com https://grok.x.com https://jf.twitter.com https://jf.x.com https://jf-t.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://ton.twitter.com https://ton.x.com https://twitter.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://x.com https://*.adtrafficquality.google https://*.googlesyndication.com https://*.doubleclick.net https://adservice.google.com https://www.googleadservices.com https://pagead2.googlesyndication.com https://www.google.com https://google.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.eu.intercomcdn.com https://uploads.intercomusercontent.com https://production.plaid.com/ https://sandbox.plaid.com/ https://ingestion.dv.socure.io https://network.dv.socure.io/ https://analytics.dv.socure.io/ https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com https://x.com https://*.x.com https://localhost.twitter.com:3443 https://localhost.x.com:3443 https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; font-src 'self' https://*.twimg.com https://js.intercomcdn.com https://fonts.intercomcdn.com; frame-src 'self' https://accounts.google.com/ https://accounts.google.com/gsi/ https://cards-frame.twitter.com https://cdn.plaid.com/ https://client-api.arkoselabs.com/ https://content.googleapis.com/ https://iframe.arkoselabs.com/ https://mobile.twitter.com https://mobile.x.com https://pay.twitter.com https://pay.x.com https://google.com https://www.google.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://console.googletagservices.com https://*.doubleclick.net https://*.adtrafficquality.google https://*.safeframe.googlesyndication.com https://www.googleadservices.com https://googleadservices.com https://adservice.google.com https://*.googlesyndication.com https://td.doubleclick.net https://payments-dev.x.com/ https://payments-staging.x.com/ https://payments-prod.x.com/ https://sdn.payments-dev.x.com/ https://sdn.payments-staging.x.com/ https://sdn.payments-prod.x.com/ https://money-dev.x.com/ https://money-staging.x.com/ https://money.x.com/ https://sdn.money-dev.x.com/ https://sdn.money-staging.x.com/ https://sdn.money.x.com/ https://p2pcreditcardiframesandbox.crbcos.com https://p2pcreditcardiframe.crbcos.com https://verify-sandbox.plaid.com/ https://twitter.com https://x.com https://recaptcha.net/recaptcha/; img-src 'self' blob: data: https://www.google.com/maps/place/ https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct https://*.googleusercontent.com https://*.gstatic.com https://*.googlesyndication.com https://*.adtrafficquality.google https://www.google.com/ads/measurement/ https://*.google.com/ads/measurement/ https://googleads.g.doubleclick.net https://google.com https://www.google.com https://plaid-merchant-logos.plaid.com https://plaid-counterparty-logos.plaid.com; manifest-src 'self'; media-src 'self' data: blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://js.intercomcdn.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://*.twimg.com https://recaptcha.net/recaptcha/ http://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://accounts.google.com/gsi/client https://apis.google.com/js/api.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://client-api.arkoselabs.com/ https://static.ads-twitter.com https://twitter.com https://www.google-analytics.com https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://x.com https://sdn.payments-dev.x.com/assets/loader.min.js https://sdn.payments-staging.x.com/assets/loader.min.js https://sdn.payments-prod.x.com/assets/loader.min.js https://sdn.money-dev.x.com/assets/loader.min.js https://sdn.money-staging.x.com/assets/loader.min.js https://sdn.money.x.com/assets/loader.min.js https://sdk.dv.socure.io/latest/device-risk-sdk.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://securepubads.g.doubleclick.net https://www.googletagservices.com https://*.googletagservices.com https://pagead2.googlesyndication.com https://adservice.google.com https://www.googleadservices.com https://ads.google.com https://tpc.googlesyndication.com https://*.tpc.googlesyndication.com https://www.google.com https://googleads.g.doubleclick.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'wasm-unsafe-eval' 'nonce-M2ZjN2NiZjktNjQ4Ni00ZmU4LTljODMtNDNiNjRlOWY0NmVm'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://x.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security: max-age=631138519
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
x-response-time: 121
x-connection-hash: 4f20680fb335d1afb2c258c4c24bc85c548c380294dad8282f85b3e2f82ad5f9
cf-cache-status: DYNAMIC
Server: cloudflare,tsa_o
CF-RAY: 91f569c8e869e529-TXL
Content-Type: text/plain; charset=utf-8
Content-Length: 62
Last-Modified: Wed, 12 Mar 2025 18:39:15 GMT
Content-Encoding: gzip

• https://x.com/
162.159.140.229 gzip used - 48316 / 214755 - 77.50 %
200

Html is minified: 106.60 %
2.640
A
Date: Wed, 12 Mar 2025 18:39:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
perf: 7402827104
expiry: Tue, 31 Mar 1981 05:00:00 GMT
Pragma: no-cache
Set-Cookie: guest_id=v1%3A174180474503330942; Max-Age=34214400; Expires=Sun, 12 Apr 2026 18:39:05 GMT; Path=/; Domain=.x.com; Secure; SameSite=None,ct0=; Max-Age=-1741804744; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; Domain=.x.com; Secure; SameSite=Lax,__cf_bm=SpB47pHthjlZynpdgqcs9o5Z1cVhzEoLBn6V6667s7s-1741804745-1.0.1.1-hipg.diAmZM5jU2xPEQlNgFosVPTrkkvbSoIAW25xWrbXOLIexj0JZFPiGUInBVGeTz4DbYtgbnYmYWEKJEBDZHEbg0RSePree5vAdJ1.WY; path=/; expires=Wed, 12-Mar-25 19:09:05 GMT; domain=.x.com; HttpOnly; Secure; SameSite=None
X-Powered-By: Express
Cache-Control: no-store, must-revalidate, no-cache, pre-check=0, post-check=0
X-Frame-Options: DENY
x-transaction-id: aa45db2005b6d61a
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Content-Security-Policy: connect-src 'self' blob: https://fonts.googleapis.com/css https://mapsresources-pa.googleapis.com https://maps.googleapis.com https://www.gstatic.com/maps/ https://*.pscp.tv https://*.twimg.com https://*.video.pscp.tv https://aa.twitter.com https://aa.x.com https://accounts.google.com/gsi/ https://ads-api.twitter.com https://ads-api.x.com https://api-stream.twitter.com https://api-stream.x.com https://api.twitter.com https://api.x.ai https://api.x.com https://api.x.com https://caps.twitter.com https://caps.x.com https://grok.x.com https://jf.twitter.com https://jf.x.com https://jf-t.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://ton.twitter.com https://ton.x.com https://twitter.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://x.com https://*.adtrafficquality.google https://*.googlesyndication.com https://*.doubleclick.net https://adservice.google.com https://www.googleadservices.com https://pagead2.googlesyndication.com https://www.google.com https://google.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.eu.intercomcdn.com https://uploads.intercomusercontent.com https://production.plaid.com/ https://sandbox.plaid.com/ https://ingestion.dv.socure.io https://network.dv.socure.io/ https://analytics.dv.socure.io/ https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com https://x.com https://*.x.com https://localhost.twitter.com:3443 https://localhost.x.com:3443 https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; font-src 'self' https://*.twimg.com https://js.intercomcdn.com https://fonts.intercomcdn.com; frame-src 'self' https://accounts.google.com/ https://accounts.google.com/gsi/ https://cards-frame.twitter.com https://cdn.plaid.com/ https://client-api.arkoselabs.com/ https://content.googleapis.com/ https://iframe.arkoselabs.com/ https://mobile.twitter.com https://mobile.x.com https://pay.twitter.com https://pay.x.com https://google.com https://www.google.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://console.googletagservices.com https://*.doubleclick.net https://*.adtrafficquality.google https://*.safeframe.googlesyndication.com https://www.googleadservices.com https://googleadservices.com https://adservice.google.com https://*.googlesyndication.com https://td.doubleclick.net https://payments-dev.x.com/ https://payments-staging.x.com/ https://payments-prod.x.com/ https://sdn.payments-dev.x.com/ https://sdn.payments-staging.x.com/ https://sdn.payments-prod.x.com/ https://money-dev.x.com/ https://money-staging.x.com/ https://money.x.com/ https://sdn.money-dev.x.com/ https://sdn.money-staging.x.com/ https://sdn.money.x.com/ https://p2pcreditcardiframesandbox.crbcos.com https://p2pcreditcardiframe.crbcos.com https://verify-sandbox.plaid.com/ https://twitter.com https://x.com https://recaptcha.net/recaptcha/; img-src 'self' blob: data: https://www.google.com/maps/place/ https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct https://*.googleusercontent.com https://*.gstatic.com https://*.googlesyndication.com https://*.adtrafficquality.google https://www.google.com/ads/measurement/ https://*.google.com/ads/measurement/ https://googleads.g.doubleclick.net https://google.com https://www.google.com https://plaid-merchant-logos.plaid.com https://plaid-counterparty-logos.plaid.com; manifest-src 'self'; media-src 'self' data: blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://js.intercomcdn.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://*.twimg.com https://recaptcha.net/recaptcha/ http://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://accounts.google.com/gsi/client https://apis.google.com/js/api.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://client-api.arkoselabs.com/ https://static.ads-twitter.com https://twitter.com https://www.google-analytics.com https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://x.com https://sdn.payments-dev.x.com/assets/loader.min.js https://sdn.payments-staging.x.com/assets/loader.min.js https://sdn.payments-prod.x.com/assets/loader.min.js https://sdn.money-dev.x.com/assets/loader.min.js https://sdn.money-staging.x.com/assets/loader.min.js https://sdn.money.x.com/assets/loader.min.js https://sdk.dv.socure.io/latest/device-risk-sdk.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://securepubads.g.doubleclick.net https://www.googletagservices.com https://*.googletagservices.com https://pagead2.googlesyndication.com https://adservice.google.com https://www.googleadservices.com https://ads.google.com https://tpc.googlesyndication.com https://*.tpc.googlesyndication.com https://www.google.com https://googleads.g.doubleclick.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'wasm-unsafe-eval' 'nonce-YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://x.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security: max-age=631138519
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
x-response-time: 119
x-connection-hash: 71e8c02de43c4dbff2089c5bb5744b8860aa73866e24151b23fce9a3424aba80
cf-cache-status: DYNAMIC
Vary: accept-encoding
Server: cloudflare,tsa_o
CF-RAY: 91f569880999e51d-TXL
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 12 Mar 2025 18:39:05 GMT
Content-Encoding: gzip
Content-Length: 48316

• https://x.com/
172.66.0.227 gzip used - 48400 / 214755 - 77.46 %
200

Html is minified: 106.60 %
2.547
A
Date: Wed, 12 Mar 2025 18:39:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
perf: 7402827104
expiry: Tue, 31 Mar 1981 05:00:00 GMT
Pragma: no-cache
Set-Cookie: guest_id=v1%3A174180474984266283; Max-Age=34214400; Expires=Sun, 12 Apr 2026 18:39:09 GMT; Path=/; Domain=.x.com; Secure; SameSite=None,ct0=; Max-Age=-1741804748; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; Domain=.x.com; Secure; SameSite=Lax,__cf_bm=yWNf3NVeM8lakBxD.Y4q9iDyxVMrG9zsVwwQs08I7fw-1741804749-1.0.1.1-WYk0wyeVGnY6s7jKtR6O31e.5AmKEjWvw7AC7mhavjVx_5xM1FRCYHP9QSrCcP25MInYOCJ8fKKv0AUee2tyhAYXCTtYILbBcKXqcLQ6YAs; path=/; expires=Wed, 12-Mar-25 19:09:09 GMT; domain=.x.com; HttpOnly; Secure; SameSite=None
X-Powered-By: Express
Cache-Control: no-store, must-revalidate, no-cache, pre-check=0, post-check=0
X-Frame-Options: DENY
x-transaction-id: 3fe80fc539be0526
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Content-Security-Policy: connect-src 'self' blob: https://fonts.googleapis.com/css https://mapsresources-pa.googleapis.com https://maps.googleapis.com https://www.gstatic.com/maps/ https://*.pscp.tv https://*.twimg.com https://*.video.pscp.tv https://aa.twitter.com https://aa.x.com https://accounts.google.com/gsi/ https://ads-api.twitter.com https://ads-api.x.com https://api-stream.twitter.com https://api-stream.x.com https://api.twitter.com https://api.x.ai https://api.x.com https://api.x.com https://caps.twitter.com https://caps.x.com https://grok.x.com https://jf.twitter.com https://jf.x.com https://jf-t.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://ton.twitter.com https://ton.x.com https://twitter.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://x.com https://*.adtrafficquality.google https://*.googlesyndication.com https://*.doubleclick.net https://adservice.google.com https://www.googleadservices.com https://pagead2.googlesyndication.com https://www.google.com https://google.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.eu.intercomcdn.com https://uploads.intercomusercontent.com https://production.plaid.com/ https://sandbox.plaid.com/ https://ingestion.dv.socure.io https://network.dv.socure.io/ https://analytics.dv.socure.io/ https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com https://x.com https://*.x.com https://localhost.twitter.com:3443 https://localhost.x.com:3443 https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; font-src 'self' https://*.twimg.com https://js.intercomcdn.com https://fonts.intercomcdn.com; frame-src 'self' https://accounts.google.com/ https://accounts.google.com/gsi/ https://cards-frame.twitter.com https://cdn.plaid.com/ https://client-api.arkoselabs.com/ https://content.googleapis.com/ https://iframe.arkoselabs.com/ https://mobile.twitter.com https://mobile.x.com https://pay.twitter.com https://pay.x.com https://google.com https://www.google.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://console.googletagservices.com https://*.doubleclick.net https://*.adtrafficquality.google https://*.safeframe.googlesyndication.com https://www.googleadservices.com https://googleadservices.com https://adservice.google.com https://*.googlesyndication.com https://td.doubleclick.net https://payments-dev.x.com/ https://payments-staging.x.com/ https://payments-prod.x.com/ https://sdn.payments-dev.x.com/ https://sdn.payments-staging.x.com/ https://sdn.payments-prod.x.com/ https://money-dev.x.com/ https://money-staging.x.com/ https://money.x.com/ https://sdn.money-dev.x.com/ https://sdn.money-staging.x.com/ https://sdn.money.x.com/ https://p2pcreditcardiframesandbox.crbcos.com https://p2pcreditcardiframe.crbcos.com https://verify-sandbox.plaid.com/ https://twitter.com https://x.com https://recaptcha.net/recaptcha/; img-src 'self' blob: data: https://www.google.com/maps/place/ https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct https://*.googleusercontent.com https://*.gstatic.com https://*.googlesyndication.com https://*.adtrafficquality.google https://www.google.com/ads/measurement/ https://*.google.com/ads/measurement/ https://googleads.g.doubleclick.net https://google.com https://www.google.com https://plaid-merchant-logos.plaid.com https://plaid-counterparty-logos.plaid.com; manifest-src 'self'; media-src 'self' data: blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://js.intercomcdn.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://*.twimg.com https://recaptcha.net/recaptcha/ http://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://accounts.google.com/gsi/client https://apis.google.com/js/api.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://client-api.arkoselabs.com/ https://static.ads-twitter.com https://twitter.com https://www.google-analytics.com https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://x.com https://sdn.payments-dev.x.com/assets/loader.min.js https://sdn.payments-staging.x.com/assets/loader.min.js https://sdn.payments-prod.x.com/assets/loader.min.js https://sdn.money-dev.x.com/assets/loader.min.js https://sdn.money-staging.x.com/assets/loader.min.js https://sdn.money.x.com/assets/loader.min.js https://sdk.dv.socure.io/latest/device-risk-sdk.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://securepubads.g.doubleclick.net https://www.googletagservices.com https://*.googletagservices.com https://pagead2.googlesyndication.com https://adservice.google.com https://www.googleadservices.com https://ads.google.com https://tpc.googlesyndication.com https://*.tpc.googlesyndication.com https://www.google.com https://googleads.g.doubleclick.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'wasm-unsafe-eval' 'nonce-NTNhM2U3N2QtN2Q4Yy00NWUwLTk1ZTgtZmQ0MzYzMTg4Y2Ew'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://x.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security: max-age=631138519
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
x-response-time: 122
x-connection-hash: 7e9ee647711ed89f1883aec882813fa201e50347089a0a97eb0bcbcb287b01ee
cf-cache-status: DYNAMIC
Vary: accept-encoding
Server: cloudflare,tsa_o
CF-RAY: 91f569a61acf5902-TXL
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 12 Mar 2025 18:39:09 GMT
Content-Encoding: gzip
Content-Length: 48400

• http://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
162.159.140.229
301
https://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

0.190

Visible Content:
Date: Wed, 12 Mar 2025 18:39:14 GMT
Connection: keep-alive
perf: 7402827104
Location: https://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Cache-Control: no-store, no-cache, max-age=0
x-transaction-id: 1558a8a668986ef3
x-response-time: 107
x-connection-hash: a4805fc10359bb8507bef7c8aaf6332f5c89f110ea31cf14db187b4a7e1b98d8
cf-cache-status: DYNAMIC
Set-Cookie: __cf_bm=ZhEVz.kM4ePdA6ttfvA5FnkxqO8JU.hsUWaN4J.wtpQ-1741804754-1.0.1.1-hsxeq_dRaEtklwVs6pyB0cnswtre9iNP.dFnVuXPRyCOgDepBAIJKuuUctA.2sRFhAwyQN.TKun.kH3wYHThZtGzxKp4lTV6YjeIqO_7CFM; path=/; expires=Wed, 12-Mar-25 19:09:14 GMT; domain=.x.com; HttpOnly
Server: cloudflare,tsa_o
CF-RAY: 91f569c53d5ee531-TXL
Content-Length: 0

• http://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
172.66.0.227
301
https://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

0.150

Visible Content:
Date: Wed, 12 Mar 2025 18:39:15 GMT
Connection: keep-alive
perf: 7402827104
Location: https://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Cache-Control: no-store, no-cache, max-age=0
x-transaction-id: 93ba4b70ad9db18c
x-response-time: 107
x-connection-hash: 729b2059d16f7a0840075d7e054d5a362a4b079b1c5d03787dd604936a1be93c
cf-cache-status: DYNAMIC
Set-Cookie: __cf_bm=H5HEdlZrFmq2I7f1BmgvUkaf4ORTfWBglo1jGGJv120-1741804755-1.0.1.1-I1c4PaItSEepXbOySq6slJRWL6O0h5EP3ybRDghRuPOHgKpagcDh6hinWseb5GDZLvEHD.p9KhSFUIrJjzYNm50VK5v.cD15zb3jKYI_r_Y; path=/; expires=Wed, 12-Mar-25 19:09:15 GMT; domain=.x.com; HttpOnly
Server: cloudflare,tsa_o
CF-RAY: 91f569c67fbee523-TXL
Content-Length: 0

• http://www.x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
162.159.140.229
301
https://www.x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

0.164

Visible Content:
Date: Wed, 12 Mar 2025 18:39:14 GMT
Connection: keep-alive
perf: 7402827104
Location: https://www.x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Cache-Control: no-store, no-cache, max-age=0
x-transaction-id: 89ca59f330f8f11b
x-response-time: 106
x-connection-hash: c85c4275bbc2f7724f36d3fba7da228c5b75b1417d60aa4a6eddad65cea0b39c
cf-cache-status: DYNAMIC
Set-Cookie: __cf_bm=1VsdST6Y0GEkHRWyLfHW8sQwiBKD29usbLTothmGTvo-1741804754-1.0.1.1-qXcTFwBnoRl6a5G9eSc9NCf1MV9VLXsuyobTxgtS1T_26fn3FojbIR2sacbLOP_RpXJEtkq9ysqxO.E8z6Srde84VQu5viiYW9zJfYwbA_w; path=/; expires=Wed, 12-Mar-25 19:09:14 GMT; domain=.x.com; HttpOnly
Server: cloudflare,tsa_o
CF-RAY: 91f569c2ec39e531-TXL
Content-Length: 0

• http://www.x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
172.66.0.227
301
https://www.x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

0.166

Visible Content:
Date: Wed, 12 Mar 2025 18:39:14 GMT
Connection: keep-alive
perf: 7402827104
Location: https://www.x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Cache-Control: no-store, no-cache, max-age=0
x-transaction-id: 0f2bb0b9abbb5d92
x-response-time: 107
x-connection-hash: 423f93371c1a8ff2da3adfd66ac10aa4e21f1144a3f1dc53de6eec4cd50432e4
cf-cache-status: DYNAMIC
Set-Cookie: __cf_bm=iw5QIINF7hrWMcj_fZ9aMoCI5CXXzB30EpLo7abKhMU-1741804754-1.0.1.1-uF9Kqw1.HLRsbJDvtXdJg5DMHRGNylY7uP96sefPAA2VOie2VVfFScy_qHKZAVfPGqUghk0wcJtO6DpT9ijRiNuZsaATVUxyNDr3rB3tpvA; path=/; expires=Wed, 12-Mar-25 19:09:14 GMT; domain=.x.com; HttpOnly
Server: cloudflare,tsa_o
CF-RAY: 91f569c40e98e523-TXL
Content-Length: 0

• https://www.x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

301
https://twitter.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

2.170
A
Visible Content:
Date: Wed, 12 Mar 2025 18:39:19 GMT
Connection: keep-alive
perf: 7402827104
Location: https://twitter.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Cache-Control: no-store, no-cache, max-age=0
x-transaction-id: 24e8e4baa38f59d0
Strict-Transport-Security: max-age=631138519
x-response-time: 107
x-connection-hash: ab0f7563e1d49ae273ee2543f8d3831bd532b08884adda8197cb5714d8642894
cf-cache-status: DYNAMIC
Set-Cookie: __cf_bm=Bkhymc4j.6XMKxv0kHprC.Tosq6ylCUsV6hJVZ0eyJc-1741804759-1.0.1.1-9gOy81MusifVpu68fIQqNopUvcpXqC6Ep0yW5tDNwXsSyudHTQ.sIASBxHFjDXoJWSJKWDy_GamrJqlQOurHvZc2Ni5ufP1yiiaTiLCYqBE; path=/; expires=Wed, 12-Mar-25 19:09:19 GMT; domain=.x.com; HttpOnly; Secure; SameSite=None
Server: cloudflare,tsa_o
CF-RAY: 91f569e1ad98e526-TXL
Content-Length: 0

• https://twitter.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
gzip used - 116 / 105 - -10.48 %
302
https://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Html is minified: 100.00 %
2.090
A
Visible Content:
Date: Wed, 12 Mar 2025 18:39:28 GMT
Connection: keep-alive
perf: 7402827104
Vary: Accept,accept-encoding
expiry: Tue, 31 Mar 1981 05:00:00 GMT
Pragma: no-cache
Location: https://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Set-Cookie: ct0=; Max-Age=-1741804767; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=Lax
X-Powered-By: Express
Cache-Control: no-store, must-revalidate, no-cache, pre-check=0, post-check=0
X-Frame-Options: DENY
x-transaction-id: e3ba623c49ea2e59
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Content-Security-Policy: connect-src 'self' blob: https://fonts.googleapis.com/css https://mapsresources-pa.googleapis.com https://maps.googleapis.com https://www.gstatic.com/maps/ https://*.pscp.tv https://*.twimg.com https://*.video.pscp.tv https://aa.twitter.com https://aa.x.com https://accounts.google.com/gsi/ https://ads-api.twitter.com https://ads-api.x.com https://api-stream.twitter.com https://api-stream.x.com https://api.twitter.com https://api.x.ai https://api.x.com https://api.x.com https://caps.twitter.com https://caps.x.com https://grok.x.com https://jf.twitter.com https://jf.x.com https://jf-t.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://ton.twitter.com https://ton.x.com https://twitter.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://x.com https://*.adtrafficquality.google https://*.googlesyndication.com https://*.doubleclick.net https://adservice.google.com https://www.googleadservices.com https://pagead2.googlesyndication.com https://www.google.com https://google.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.eu.intercomcdn.com https://uploads.intercomusercontent.com https://production.plaid.com/ https://sandbox.plaid.com/ https://ingestion.dv.socure.io https://network.dv.socure.io/ https://analytics.dv.socure.io/ https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com https://x.com https://*.x.com https://localhost.twitter.com:3443 https://localhost.x.com:3443 https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; font-src 'self' https://*.twimg.com https://js.intercomcdn.com https://fonts.intercomcdn.com; frame-src 'self' https://accounts.google.com/ https://accounts.google.com/gsi/ https://cards-frame.twitter.com https://cdn.plaid.com/ https://client-api.arkoselabs.com/ https://content.googleapis.com/ https://iframe.arkoselabs.com/ https://mobile.twitter.com https://mobile.x.com https://pay.twitter.com https://pay.x.com https://google.com https://www.google.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://console.googletagservices.com https://*.doubleclick.net https://*.adtrafficquality.google https://*.safeframe.googlesyndication.com https://www.googleadservices.com https://googleadservices.com https://adservice.google.com https://*.googlesyndication.com https://td.doubleclick.net https://payments-dev.x.com/ https://payments-staging.x.com/ https://payments-prod.x.com/ https://sdn.payments-dev.x.com/ https://sdn.payments-staging.x.com/ https://sdn.payments-prod.x.com/ https://money-dev.x.com/ https://money-staging.x.com/ https://money.x.com/ https://sdn.money-dev.x.com/ https://sdn.money-staging.x.com/ https://sdn.money.x.com/ https://p2pcreditcardiframesandbox.crbcos.com https://p2pcreditcardiframe.crbcos.com https://verify-sandbox.plaid.com/ https://twitter.com https://x.com https://recaptcha.net/recaptcha/; img-src 'self' blob: data: https://www.google.com/maps/place/ https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct https://*.googleusercontent.com https://*.gstatic.com https://*.googlesyndication.com https://*.adtrafficquality.google https://www.google.com/ads/measurement/ https://*.google.com/ads/measurement/ https://googleads.g.doubleclick.net https://google.com https://www.google.com https://plaid-merchant-logos.plaid.com https://plaid-counterparty-logos.plaid.com; manifest-src 'self'; media-src 'self' data: blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://js.intercomcdn.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://*.twimg.com https://recaptcha.net/recaptcha/ http://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://accounts.google.com/gsi/client https://apis.google.com/js/api.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://client-api.arkoselabs.com/ https://static.ads-twitter.com https://twitter.com https://www.google-analytics.com https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://x.com https://sdn.payments-dev.x.com/assets/loader.min.js https://sdn.payments-staging.x.com/assets/loader.min.js https://sdn.payments-prod.x.com/assets/loader.min.js https://sdn.money-dev.x.com/assets/loader.min.js https://sdn.money-staging.x.com/assets/loader.min.js https://sdn.money.x.com/assets/loader.min.js https://sdk.dv.socure.io/latest/device-risk-sdk.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://securepubads.g.doubleclick.net https://www.googletagservices.com https://*.googletagservices.com https://pagead2.googlesyndication.com https://adservice.google.com https://www.googleadservices.com https://ads.google.com https://tpc.googlesyndication.com https://*.tpc.googlesyndication.com https://www.google.com https://googleads.g.doubleclick.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'wasm-unsafe-eval' 'nonce-NTU4YjhlMjYtZGNjOC00NzYxLThlNWItYTNkZDkzM2U1Y2Y3'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://x.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security: max-age=631138519
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
x-response-time: 114
x-connection-hash: 363fe8f36c95b6f525ad84a5499bb5160a0af8486dc79aa508a8119cd1a58415
cf-cache-status: DYNAMIC
Server: cloudflare,tsa_o
CF-RAY: 91f56a198841e529-TXL
Content-Type: text/plain; charset=utf-8
Content-Length: 116
Last-Modified: Wed, 12 Mar 2025 18:39:28 GMT
Content-Encoding: gzip

• https://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
gzip used - 48366 / 214755 - 77.48 %
200

Html is minified: 106.60 %
2.634

Visible Content:
Date: Wed, 12 Mar 2025 18:39:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
perf: 7402827104
expiry: Tue, 31 Mar 1981 05:00:00 GMT
Pragma: no-cache
Set-Cookie: ct0=; Max-Age=-1741804762; Expires=Thu, 01 Jan 1970 00:00:01 GMT; Path=/; Domain=.x.com; Secure; SameSite=Lax
X-Powered-By: Express
Cache-Control: no-store, must-revalidate, no-cache, pre-check=0, post-check=0
X-Frame-Options: DENY
x-transaction-id: c339237e6caadd80
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Content-Security-Policy: connect-src 'self' blob: https://fonts.googleapis.com/css https://mapsresources-pa.googleapis.com https://maps.googleapis.com https://www.gstatic.com/maps/ https://*.pscp.tv https://*.twimg.com https://*.video.pscp.tv https://aa.twitter.com https://aa.x.com https://accounts.google.com/gsi/ https://ads-api.twitter.com https://ads-api.x.com https://api-stream.twitter.com https://api-stream.x.com https://api.twitter.com https://api.x.ai https://api.x.com https://api.x.com https://caps.twitter.com https://caps.x.com https://grok.x.com https://jf.twitter.com https://jf.x.com https://jf-t.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://ton.twitter.com https://ton.x.com https://twitter.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://x.com https://*.adtrafficquality.google https://*.googlesyndication.com https://*.doubleclick.net https://adservice.google.com https://www.googleadservices.com https://pagead2.googlesyndication.com https://www.google.com https://google.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.eu.intercomcdn.com https://uploads.intercomusercontent.com https://production.plaid.com/ https://sandbox.plaid.com/ https://ingestion.dv.socure.io https://network.dv.socure.io/ https://analytics.dv.socure.io/ https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com https://x.com https://*.x.com https://localhost.twitter.com:3443 https://localhost.x.com:3443 https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; font-src 'self' https://*.twimg.com https://js.intercomcdn.com https://fonts.intercomcdn.com; frame-src 'self' https://accounts.google.com/ https://accounts.google.com/gsi/ https://cards-frame.twitter.com https://cdn.plaid.com/ https://client-api.arkoselabs.com/ https://content.googleapis.com/ https://iframe.arkoselabs.com/ https://mobile.twitter.com https://mobile.x.com https://pay.twitter.com https://pay.x.com https://google.com https://www.google.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://console.googletagservices.com https://*.doubleclick.net https://*.adtrafficquality.google https://*.safeframe.googlesyndication.com https://www.googleadservices.com https://googleadservices.com https://adservice.google.com https://*.googlesyndication.com https://td.doubleclick.net https://payments-dev.x.com/ https://payments-staging.x.com/ https://payments-prod.x.com/ https://sdn.payments-dev.x.com/ https://sdn.payments-staging.x.com/ https://sdn.payments-prod.x.com/ https://money-dev.x.com/ https://money-staging.x.com/ https://money.x.com/ https://sdn.money-dev.x.com/ https://sdn.money-staging.x.com/ https://sdn.money.x.com/ https://p2pcreditcardiframesandbox.crbcos.com https://p2pcreditcardiframe.crbcos.com https://verify-sandbox.plaid.com/ https://twitter.com https://x.com https://recaptcha.net/recaptcha/; img-src 'self' blob: data: https://www.google.com/maps/place/ https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct https://*.googleusercontent.com https://*.gstatic.com https://*.googlesyndication.com https://*.adtrafficquality.google https://www.google.com/ads/measurement/ https://*.google.com/ads/measurement/ https://googleads.g.doubleclick.net https://google.com https://www.google.com https://plaid-merchant-logos.plaid.com https://plaid-counterparty-logos.plaid.com; manifest-src 'self'; media-src 'self' data: blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://js.intercomcdn.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://*.twimg.com https://recaptcha.net/recaptcha/ http://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://accounts.google.com/gsi/client https://apis.google.com/js/api.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://client-api.arkoselabs.com/ https://static.ads-twitter.com https://twitter.com https://www.google-analytics.com https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://x.com https://sdn.payments-dev.x.com/assets/loader.min.js https://sdn.payments-staging.x.com/assets/loader.min.js https://sdn.payments-prod.x.com/assets/loader.min.js https://sdn.money-dev.x.com/assets/loader.min.js https://sdn.money-staging.x.com/assets/loader.min.js https://sdn.money.x.com/assets/loader.min.js https://sdk.dv.socure.io/latest/device-risk-sdk.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://securepubads.g.doubleclick.net https://www.googletagservices.com https://*.googletagservices.com https://pagead2.googlesyndication.com https://adservice.google.com https://www.googleadservices.com https://ads.google.com https://tpc.googlesyndication.com https://*.tpc.googlesyndication.com https://www.google.com https://googleads.g.doubleclick.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'wasm-unsafe-eval' 'nonce-NDZhZjIyZTgtMmFkNC00ZjRlLTkzMTYtZTE3M2YzMDNlYTZk'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://x.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security: max-age=631138519
cross-origin-opener-policy: unsafe-none
cross-origin-embedder-policy: unsafe-none
x-response-time: 122
x-connection-hash: 0495819803c3134129e781774f1bad7c92fc03ccbb96f174bc18a20c171fcf7d
cf-cache-status: DYNAMIC
Vary: accept-encoding
Server: cloudflare,tsa_o
CF-RAY: 91f569fbee78e509-TXL
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 12 Mar 2025 18:39:23 GMT
Content-Encoding: gzip
Content-Length: 48366

• https://172.66.0.227/
172.66.0.227
-103


0.027
P
SecureConnectionError (3, 0x80131501). The SSL connection could not be established, see inner exception. Authentication failed because the remote party sent a TLS alert: 'HandshakeFailure'. (FF: SSL_ERROR_NO_CYPHER_OVERLAP)

• https://162.159.140.229/
162.159.140.229
-103


0.027
P
SecureConnectionError (3, 0x80131501). The SSL connection could not be established, see inner exception. Authentication failed because the remote party sent a TLS alert: 'HandshakeFailure'. (FF: SSL_ERROR_NO_CYPHER_OVERLAP)

 

7. Comments


1. General Results, most used to calculate the result

Aname "x.com" is domain, public suffix is ".com", top-level-domain is ".com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .com-domains preloaded: 103088 (complete: 263653)
AGood: All ip addresses are public addresses
AGood: Minimal 2 ip addresses per domain name found: www.x.com has 2 different ip addresses (authoritative).
AGood: Minimal 2 ip addresses per domain name found: x.com has 2 different ip addresses (authoritative).
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: www.x.com has no ipv6 address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: x.com has no ipv6 address.
AGood: No asked Authoritative Name Server had a timeout
Ahttps://twitter.com/
302
https://x.com/
Correct redirect https to https
Ahttps://twitter.com/
302
https://x.com/
Correct redirect https to https
Ahttps://twitter.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
302
https://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Correct redirect https to https
AGood: destination is https
AGood - only one version with Http-Status 200
AGood: one preferred version: non-www is preferred
AGood: every cookie sent via https is marked as secure
AGood: Every cookie has a SameSite Attribute with a correct value Strict/Lax/None
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
http://x.com/ 162.159.140.229
301
__cf_bm=IOPOWcVGCIpIC1xeJCdcAIWjeu2bHJ_5UZfbvDdYtdY-1741804736-1.0.1.1-XvJlpBliQyEEwKxFF1RcPRBb1gBUnekqGeOq7QS_mcXrANuMQ41vW6AWTCXvZDLgNvP.qE6ajnGa.EWeTgFhWFJCGt.Ne5zHOcup9OWBdAk; path=/; expires=Wed, 12-Mar-25 19:08:56 GMT; domain=.x.com; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://x.com/ 172.66.0.227
301
__cf_bm=Fs._Ra4qwPQTqTPgm.8N_kPOVMIvNvBXQ46U6Oa8.lA-1741804737-1.0.1.1-bcSMcBCqQPdv3sF92GsNGWXpa9QwIqbvzaGxm56ezSroKOBPiQjPnAA7oOAbSyCP1iQJ6G2pKXmZA16SmleFpdLBmVIowi0dURi8j7sF7VM; path=/; expires=Wed, 12-Mar-25 19:08:57 GMT; domain=.x.com; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://www.x.com/ 162.159.140.229
301
__cf_bm=JzKc4TD0iq1TT_0LtGKt6ajTPK0izDeWlrqeURCm9CY-1741804736-1.0.1.1-vnlm_lSRCR5WZqCsAVcPZPU13Z7wBvhgnURl1nhTXJXr9BNSHdUs5T.S2WUyPShzELBQZCVFKVZ3ZsPYffeRX6uIcaNJ57U23DJnvAEH3t4; path=/; expires=Wed, 12-Mar-25 19:08:56 GMT; domain=.x.com; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://www.x.com/ 172.66.0.227
301
__cf_bm=PLjD9gaX1eC70aPclGUGCcbBE39_hKfawa.VASc2Ulo-1741804736-1.0.1.1-sPEoh7k8DtcWBHW7cU9oO.DdQNP6PdC_xMKPQz9MvhYM7pD.YiUXIXEmwHJMm1KJnUoKqfcYHjdAVdUb4y5jDP.xres.rVfpGXnwFf6S8sw; path=/; expires=Wed, 12-Mar-25 19:08:56 GMT; domain=.x.com; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 162.159.140.229
301
__cf_bm=ZhEVz.kM4ePdA6ttfvA5FnkxqO8JU.hsUWaN4J.wtpQ-1741804754-1.0.1.1-hsxeq_dRaEtklwVs6pyB0cnswtre9iNP.dFnVuXPRyCOgDepBAIJKuuUctA.2sRFhAwyQN.TKun.kH3wYHThZtGzxKp4lTV6YjeIqO_7CFM; path=/; expires=Wed, 12-Mar-25 19:09:14 GMT; domain=.x.com; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 172.66.0.227
301
__cf_bm=H5HEdlZrFmq2I7f1BmgvUkaf4ORTfWBglo1jGGJv120-1741804755-1.0.1.1-I1c4PaItSEepXbOySq6slJRWL6O0h5EP3ybRDghRuPOHgKpagcDh6hinWseb5GDZLvEHD.p9KhSFUIrJjzYNm50VK5v.cD15zb3jKYI_r_Y; path=/; expires=Wed, 12-Mar-25 19:09:15 GMT; domain=.x.com; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://www.x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 162.159.140.229
301
__cf_bm=1VsdST6Y0GEkHRWyLfHW8sQwiBKD29usbLTothmGTvo-1741804754-1.0.1.1-qXcTFwBnoRl6a5G9eSc9NCf1MV9VLXsuyobTxgtS1T_26fn3FojbIR2sacbLOP_RpXJEtkq9ysqxO.E8z6Srde84VQu5viiYW9zJfYwbA_w; path=/; expires=Wed, 12-Mar-25 19:09:14 GMT; domain=.x.com; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://www.x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 172.66.0.227
301
__cf_bm=iw5QIINF7hrWMcj_fZ9aMoCI5CXXzB30EpLo7abKhMU-1741804754-1.0.1.1-uF9Kqw1.HLRsbJDvtXdJg5DMHRGNylY7uP96sefPAA2VOie2VVfFScy_qHKZAVfPGqUghk0wcJtO6DpT9ijRiNuZsaATVUxyNDr3rB3tpvA; path=/; expires=Wed, 12-Mar-25 19:09:14 GMT; domain=.x.com; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
Bhttp://x.com/ 162.159.140.229
301
__cf_bm=IOPOWcVGCIpIC1xeJCdcAIWjeu2bHJ_5UZfbvDdYtdY-1741804736-1.0.1.1-XvJlpBliQyEEwKxFF1RcPRBb1gBUnekqGeOq7QS_mcXrANuMQ41vW6AWTCXvZDLgNvP.qE6ajnGa.EWeTgFhWFJCGt.Ne5zHOcup9OWBdAk; path=/; expires=Wed, 12-Mar-25 19:08:56 GMT; domain=.x.com; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://x.com/ 172.66.0.227
301
__cf_bm=Fs._Ra4qwPQTqTPgm.8N_kPOVMIvNvBXQ46U6Oa8.lA-1741804737-1.0.1.1-bcSMcBCqQPdv3sF92GsNGWXpa9QwIqbvzaGxm56ezSroKOBPiQjPnAA7oOAbSyCP1iQJ6G2pKXmZA16SmleFpdLBmVIowi0dURi8j7sF7VM; path=/; expires=Wed, 12-Mar-25 19:08:57 GMT; domain=.x.com; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://www.x.com/ 162.159.140.229
301
__cf_bm=JzKc4TD0iq1TT_0LtGKt6ajTPK0izDeWlrqeURCm9CY-1741804736-1.0.1.1-vnlm_lSRCR5WZqCsAVcPZPU13Z7wBvhgnURl1nhTXJXr9BNSHdUs5T.S2WUyPShzELBQZCVFKVZ3ZsPYffeRX6uIcaNJ57U23DJnvAEH3t4; path=/; expires=Wed, 12-Mar-25 19:08:56 GMT; domain=.x.com; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://www.x.com/ 172.66.0.227
301
__cf_bm=PLjD9gaX1eC70aPclGUGCcbBE39_hKfawa.VASc2Ulo-1741804736-1.0.1.1-sPEoh7k8DtcWBHW7cU9oO.DdQNP6PdC_xMKPQz9MvhYM7pD.YiUXIXEmwHJMm1KJnUoKqfcYHjdAVdUb4y5jDP.xres.rVfpGXnwFf6S8sw; path=/; expires=Wed, 12-Mar-25 19:08:56 GMT; domain=.x.com; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 162.159.140.229
301
__cf_bm=ZhEVz.kM4ePdA6ttfvA5FnkxqO8JU.hsUWaN4J.wtpQ-1741804754-1.0.1.1-hsxeq_dRaEtklwVs6pyB0cnswtre9iNP.dFnVuXPRyCOgDepBAIJKuuUctA.2sRFhAwyQN.TKun.kH3wYHThZtGzxKp4lTV6YjeIqO_7CFM; path=/; expires=Wed, 12-Mar-25 19:09:14 GMT; domain=.x.com; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 172.66.0.227
301
__cf_bm=H5HEdlZrFmq2I7f1BmgvUkaf4ORTfWBglo1jGGJv120-1741804755-1.0.1.1-I1c4PaItSEepXbOySq6slJRWL6O0h5EP3ybRDghRuPOHgKpagcDh6hinWseb5GDZLvEHD.p9KhSFUIrJjzYNm50VK5v.cD15zb3jKYI_r_Y; path=/; expires=Wed, 12-Mar-25 19:09:15 GMT; domain=.x.com; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://www.x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 162.159.140.229
301
__cf_bm=1VsdST6Y0GEkHRWyLfHW8sQwiBKD29usbLTothmGTvo-1741804754-1.0.1.1-qXcTFwBnoRl6a5G9eSc9NCf1MV9VLXsuyobTxgtS1T_26fn3FojbIR2sacbLOP_RpXJEtkq9ysqxO.E8z6Srde84VQu5viiYW9zJfYwbA_w; path=/; expires=Wed, 12-Mar-25 19:09:14 GMT; domain=.x.com; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://www.x.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 172.66.0.227
301
__cf_bm=iw5QIINF7hrWMcj_fZ9aMoCI5CXXzB30EpLo7abKhMU-1741804754-1.0.1.1-uF9Kqw1.HLRsbJDvtXdJg5DMHRGNylY7uP96sefPAA2VOie2VVfFScy_qHKZAVfPGqUghk0wcJtO6DpT9ijRiNuZsaATVUxyNDr3rB3tpvA; path=/; expires=Wed, 12-Mar-25 19:09:14 GMT; domain=.x.com; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
AGood: More then one ip address per domain name found, checking all ip addresses the same http status and the same certificate found: Domain www.x.com, 2 ip addresses.
AGood: More then one ip address per domain name found, checking all ip addresses the same http status and the same certificate found: Domain x.com, 2 ip addresses.
Info: Checking the ip addresses of that domain name not exact one certificate found. So it's impossible to check if that domain requires Server Name Indication (SNI).: Domain www.x.com, 2 ip addresses.
Info: Checking the ip addresses of that domain name not exact one certificate found. So it's impossible to check if that domain requires Server Name Indication (SNI).: Domain x.com, 2 ip addresses.
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.x.com

2. Header-Checks

Ax.com 162.159.140.229
Content-Security-Policy
Ok: Header without syntax errors found: connect-src 'self' blob: https://fonts.googleapis.com/css https://mapsresources-pa.googleapis.com https://maps.googleapis.com https://www.gstatic.com/maps/ https://*.pscp.tv https://*.twimg.com https://*.video.pscp.tv https://aa.twitter.com https://aa.x.com https://accounts.google.com/gsi/ https://ads-api.twitter.com https://ads-api.x.com https://api-stream.twitter.com https://api-stream.x.com https://api.twitter.com https://api.x.ai https://api.x.com https://api.x.com https://caps.twitter.com https://caps.x.com https://grok.x.com https://jf.twitter.com https://jf.x.com https://jf-t.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://ton.twitter.com https://ton.x.com https://twitter.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://x.com https://*.adtrafficquality.google https://*.googlesyndication.com https://*.doubleclick.net https://adservice.google.com https://www.googleadservices.com https://pagead2.googlesyndication.com https://www.google.com https://google.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.eu.intercomcdn.com https://uploads.intercomusercontent.com https://production.plaid.com/ https://sandbox.plaid.com/ https://ingestion.dv.socure.io https://network.dv.socure.io/ https://analytics.dv.socure.io/ https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com https://x.com https://*.x.com https://localhost.twitter.com:3443 https://localhost.x.com:3443 https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; font-src 'self' https://*.twimg.com https://js.intercomcdn.com https://fonts.intercomcdn.com; frame-src 'self' https://accounts.google.com/ https://accounts.google.com/gsi/ https://cards-frame.twitter.com https://cdn.plaid.com/ https://client-api.arkoselabs.com/ https://content.googleapis.com/ https://iframe.arkoselabs.com/ https://mobile.twitter.com https://mobile.x.com https://pay.twitter.com https://pay.x.com https://google.com https://www.google.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://console.googletagservices.com https://*.doubleclick.net https://*.adtrafficquality.google https://*.safeframe.googlesyndication.com https://www.googleadservices.com https://googleadservices.com https://adservice.google.com https://*.googlesyndication.com https://td.doubleclick.net https://payments-dev.x.com/ https://payments-staging.x.com/ https://payments-prod.x.com/ https://sdn.payments-dev.x.com/ https://sdn.payments-staging.x.com/ https://sdn.payments-prod.x.com/ https://money-dev.x.com/ https://money-staging.x.com/ https://money.x.com/ https://sdn.money-dev.x.com/ https://sdn.money-staging.x.com/ https://sdn.money.x.com/ https://p2pcreditcardiframesandbox.crbcos.com https://p2pcreditcardiframe.crbcos.com https://verify-sandbox.plaid.com/ https://twitter.com https://x.com https://recaptcha.net/recaptcha/; img-src 'self' blob: data: https://www.google.com/maps/place/ https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct https://*.googleusercontent.com https://*.gstatic.com https://*.googlesyndication.com https://*.adtrafficquality.google https://www.google.com/ads/measurement/ https://*.google.com/ads/measurement/ https://googleads.g.doubleclick.net https://google.com https://www.google.com https://plaid-merchant-logos.plaid.com https://plaid-counterparty-logos.plaid.com; manifest-src 'self'; media-src 'self' data: blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://js.intercomcdn.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://*.twimg.com https://recaptcha.net/recaptcha/ http://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://accounts.google.com/gsi/client https://apis.google.com/js/api.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://client-api.arkoselabs.com/ https://static.ads-twitter.com https://twitter.com https://www.google-analytics.com https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://x.com https://sdn.payments-dev.x.com/assets/loader.min.js https://sdn.payments-staging.x.com/assets/loader.min.js https://sdn.payments-prod.x.com/assets/loader.min.js https://sdn.money-dev.x.com/assets/loader.min.js https://sdn.money-staging.x.com/assets/loader.min.js https://sdn.money.x.com/assets/loader.min.js https://sdk.dv.socure.io/latest/device-risk-sdk.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://securepubads.g.doubleclick.net https://www.googletagservices.com https://*.googletagservices.com https://pagead2.googlesyndication.com https://adservice.google.com https://www.googleadservices.com https://ads.google.com https://tpc.googlesyndication.com https://*.tpc.googlesyndication.com https://www.google.com https://googleads.g.doubleclick.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'wasm-unsafe-eval' 'nonce-YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://x.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
B

Info: Header-Element is deprecated. report-uri https://x.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
E

Critical: Duplicated entries found connect-src 'self' blob: https://fonts.googleapis.com/css https://mapsresources-pa.googleapis.com https://maps.googleapis.com https://www.gstatic.com/maps/ https://*.pscp.tv https://*.twimg.com https://*.video.pscp.tv https://aa.twitter.com https://aa.x.com https://accounts.google.com/gsi/ https://ads-api.twitter.com https://ads-api.x.com https://api-stream.twitter.com https://api-stream.x.com https://api.twitter.com https://api.x.ai https://api.x.com https://api.x.com https://caps.twitter.com https://caps.x.com https://grok.x.com https://jf.twitter.com https://jf.x.com https://jf-t.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://ton.twitter.com https://ton.x.com https://twitter.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://x.com https://*.adtrafficquality.google https://*.googlesyndication.com https://*.doubleclick.net https://adservice.google.com https://www.googleadservices.com https://pagead2.googlesyndication.com https://www.google.com https://google.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.eu.intercomcdn.com https://uploads.intercomusercontent.com https://production.plaid.com/ https://sandbox.plaid.com/ https://ingestion.dv.socure.io https://network.dv.socure.io/ https://analytics.dv.socure.io/ https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com

 

Duplicated entries: https://api.x.com, https://mdhdsnappytv-vh.akamaihd.net, https://mmdhdsnappytv-vh.akamaihd.net, https://mpdhdsnappytv-vh.akamaihd.net
E

Critical: Duplicated entries found img-src 'self' blob: data: https://www.google.com/maps/place/ https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct https://*.googleusercontent.com https://*.gstatic.com https://*.googlesyndication.com https://*.adtrafficquality.google https://www.google.com/ads/measurement/ https://*.google.com/ads/measurement/ https://googleads.g.doubleclick.net https://google.com https://www.google.com https://plaid-merchant-logos.plaid.com https://plaid-counterparty-logos.plaid.com

 

Duplicated entries: blob:
E

Critical: Duplicated entries found media-src 'self' data: blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://js.intercomcdn.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net

 

Duplicated entries: https://mdhdsnappytv-vh.akamaihd.net, https://mmdhdsnappytv-vh.akamaihd.net, https://mpdhdsnappytv-vh.akamaihd.net
A

Good: default-src directive only with 'none' or 'self', additional sources are blocked. manifest-src
A

Good: default-src without 'unsafe-inline' or 'unsave-eval'. manifest-src
A

Good: form-action directive found. That reduces the risk sending data to unwanted domains. form-action is a navigation-directive, so default-src isn't used.
E

Bad: No frame-ancestors directive found. Use one to limit the pages allowed to use this page in frame / iframe / object / embed / applet. frame-ancestors is a navigation-directive, so default-src isn't used.
E

Bad: No base-uri directive found. Use one to limit the URLs which can be used in a document's <base> element. Because it's a document directive, default-src isn't used, so an own directive is required.
A

Good: object-src only with 'none' or 'self' found, no scheme, no other urls. That blocks object / embed / applet - elements.
C

Critical: script-src with 'unsafe-inline' or 'unsafe-eval' and with a nonce found. Ok, better with the nonce, but not really good. Don't use 'unsafe' - declarations.
A

Good: script-src without * and a scheme found.
A

Good: script-src without data: schema found. Why is this important? The data: schema allows hidden code injection. Insert <script src='data:application/javascript;base64,YWxlcnQoJ1hTUycpOw=='></script> in your page and see what happens.
A

Good: frame-src without data: defined or frame-src missing and the default-src used as fallback not allows the data: schema. That blocks hidden code injection. Insert <iframe src="data:text/html;charset=utf-8;base64,PCFET0NUWVBFIGh0bWw+PGh0bWw+PGJvZHk+PHA+YmVmb3JlPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPmFsZXJ0KCdYU1MnKTwvc2NyaXB0PjxwPmFmdGVyPC9ib2R5PjwvaHRtbD4="></iframe> in your page and see what happens.
A

Ok: Nonce found.
C

Info: default-src and some other fetch directives have the same list of values. Remove the other fetch directive, default-src is used as fallback. Directives to remove: manifest-src
A
X-Content-Type-Options
Ok: Header without syntax errors found: nosniff
A
X-Frame-Options
Ok: Header without syntax errors found: DENY
B

Info: Header is deprecated. May not longer work in modern browsers. DENY. Better solution: Use a Content-Security-Policy Header with a frame-ancestors directive. DENY - use 'none', SAMEORIGIN - use 'self'. If you want to allow some domains to frame your page, add these urls.
A
X-Xss-Protection
Ok: Header without syntax errors found: 0
B

Info: Header is deprecated. May not longer work in modern browsers. 0
A
Cross-Origin-Embedder-Policy
Ok: Header without syntax errors found: unsafe-none
A
Cross-Origin-Opener-Policy
Ok: Header without syntax errors found: unsafe-none
Ax.com 172.66.0.227
Content-Security-Policy
Ok: Header without syntax errors found: connect-src 'self' blob: https://fonts.googleapis.com/css https://mapsresources-pa.googleapis.com https://maps.googleapis.com https://www.gstatic.com/maps/ https://*.pscp.tv https://*.twimg.com https://*.video.pscp.tv https://aa.twitter.com https://aa.x.com https://accounts.google.com/gsi/ https://ads-api.twitter.com https://ads-api.x.com https://api-stream.twitter.com https://api-stream.x.com https://api.twitter.com https://api.x.ai https://api.x.com https://api.x.com https://caps.twitter.com https://caps.x.com https://grok.x.com https://jf.twitter.com https://jf.x.com https://jf-t.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://ton.twitter.com https://ton.x.com https://twitter.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://x.com https://*.adtrafficquality.google https://*.googlesyndication.com https://*.doubleclick.net https://adservice.google.com https://www.googleadservices.com https://pagead2.googlesyndication.com https://www.google.com https://google.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.eu.intercomcdn.com https://uploads.intercomusercontent.com https://production.plaid.com/ https://sandbox.plaid.com/ https://ingestion.dv.socure.io https://network.dv.socure.io/ https://analytics.dv.socure.io/ https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com ; default-src 'self'; form-action 'self' https://twitter.com https://*.twitter.com https://x.com https://*.x.com https://localhost.twitter.com:3443 https://localhost.x.com:3443 https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io; font-src 'self' https://*.twimg.com https://js.intercomcdn.com https://fonts.intercomcdn.com; frame-src 'self' https://accounts.google.com/ https://accounts.google.com/gsi/ https://cards-frame.twitter.com https://cdn.plaid.com/ https://client-api.arkoselabs.com/ https://content.googleapis.com/ https://iframe.arkoselabs.com/ https://mobile.twitter.com https://mobile.x.com https://pay.twitter.com https://pay.x.com https://google.com https://www.google.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://console.googletagservices.com https://*.doubleclick.net https://*.adtrafficquality.google https://*.safeframe.googlesyndication.com https://www.googleadservices.com https://googleadservices.com https://adservice.google.com https://*.googlesyndication.com https://td.doubleclick.net https://payments-dev.x.com/ https://payments-staging.x.com/ https://payments-prod.x.com/ https://sdn.payments-dev.x.com/ https://sdn.payments-staging.x.com/ https://sdn.payments-prod.x.com/ https://money-dev.x.com/ https://money-staging.x.com/ https://money.x.com/ https://sdn.money-dev.x.com/ https://sdn.money-staging.x.com/ https://sdn.money.x.com/ https://p2pcreditcardiframesandbox.crbcos.com https://p2pcreditcardiframe.crbcos.com https://verify-sandbox.plaid.com/ https://twitter.com https://x.com https://recaptcha.net/recaptcha/; img-src 'self' blob: data: https://www.google.com/maps/place/ https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct https://*.googleusercontent.com https://*.gstatic.com https://*.googlesyndication.com https://*.adtrafficquality.google https://www.google.com/ads/measurement/ https://*.google.com/ads/measurement/ https://googleads.g.doubleclick.net https://google.com https://www.google.com https://plaid-merchant-logos.plaid.com https://plaid-counterparty-logos.plaid.com; manifest-src 'self'; media-src 'self' data: blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://js.intercomcdn.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net; object-src 'none'; script-src 'self' 'unsafe-inline' https://maps.googleapis.com https://*.twimg.com https://recaptcha.net/recaptcha/ http://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://accounts.google.com/gsi/client https://apis.google.com/js/api.js https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js https://client-api.arkoselabs.com/ https://static.ads-twitter.com https://twitter.com https://www.google-analytics.com https://www.gstatic.com/cast/sdk/libs/caf_receiver/v3/cast_receiver_framework.js https://x.com https://sdn.payments-dev.x.com/assets/loader.min.js https://sdn.payments-staging.x.com/assets/loader.min.js https://sdn.payments-prod.x.com/assets/loader.min.js https://sdn.money-dev.x.com/assets/loader.min.js https://sdn.money-staging.x.com/assets/loader.min.js https://sdn.money.x.com/assets/loader.min.js https://sdk.dv.socure.io/latest/device-risk-sdk.js https://cdn.plaid.com/link/v2/stable/link-initialize.js https://securepubads.g.doubleclick.net https://www.googletagservices.com https://*.googletagservices.com https://pagead2.googlesyndication.com https://adservice.google.com https://www.googleadservices.com https://ads.google.com https://tpc.googlesyndication.com https://*.tpc.googlesyndication.com https://www.google.com https://googleads.g.doubleclick.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com 'wasm-unsafe-eval' 'nonce-NTNhM2U3N2QtN2Q4Yy00NWUwLTk1ZTgtZmQ0MzYzMTg4Y2Ew'; style-src 'self' 'unsafe-inline' https://accounts.google.com/gsi/style https://*.twimg.com; worker-src 'self' blob:; report-uri https://x.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
B

Info: Header-Element is deprecated. report-uri https://x.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
E

Critical: Duplicated entries found connect-src 'self' blob: https://fonts.googleapis.com/css https://mapsresources-pa.googleapis.com https://maps.googleapis.com https://www.gstatic.com/maps/ https://*.pscp.tv https://*.twimg.com https://*.video.pscp.tv https://aa.twitter.com https://aa.x.com https://accounts.google.com/gsi/ https://ads-api.twitter.com https://ads-api.x.com https://api-stream.twitter.com https://api-stream.x.com https://api.twitter.com https://api.x.ai https://api.x.com https://api.x.com https://caps.twitter.com https://caps.x.com https://grok.x.com https://jf.twitter.com https://jf.x.com https://jf-t.x.com https://pay.twitter.com https://pay.x.com https://sentry.io https://ton-staging.atla.twitter.com https://ton-staging.atla.x.com https://ton-staging.pdxa.twitter.com https://ton-staging.pdxa.x.com https://ton.twitter.com https://ton.x.com https://twitter.com https://upload.twitter.com https://upload.x.com https://www.google-analytics.com https://x.com https://*.adtrafficquality.google https://*.googlesyndication.com https://*.doubleclick.net https://adservice.google.com https://www.googleadservices.com https://pagead2.googlesyndication.com https://www.google.com https://google.com https://via.intercom.io https://api.intercom.io https://api.au.intercom.io https://api.eu.intercom.io https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io wss://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-b.intercom.io https://nexus-europe-websocket.intercom.io wss://nexus-europe-websocket.intercom.io https://nexus-australia-websocket.intercom.io wss://nexus-australia-websocket.intercom.io https://uploads.intercomcdn.com https://uploads.intercomcdn.eu https://uploads.au.intercomcdn.com https://uploads.eu.intercomcdn.com https://uploads.intercomusercontent.com https://production.plaid.com/ https://sandbox.plaid.com/ https://ingestion.dv.socure.io https://network.dv.socure.io/ https://analytics.dv.socure.io/ https://checkoutshopper-live.adyen.com wss://*.pscp.tv https://vmap.snappytv.com https://vmapstage.snappytv.com https://vmaprel.snappytv.com https://vmap.grabyo.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://ads-twitter.com https://analytics.twitter.com https://analytics.x.com

 

Duplicated entries: https://api.x.com, https://mdhdsnappytv-vh.akamaihd.net, https://mmdhdsnappytv-vh.akamaihd.net, https://mpdhdsnappytv-vh.akamaihd.net
E

Critical: Duplicated entries found img-src 'self' blob: data: https://www.google.com/maps/place/ https://*.cdn.twitter.com https://*.cdn.x.com https://ton.twitter.com https://ton.x.com https://*.twimg.com https://analytics.twitter.com https://analytics.x.com https://cm.g.doubleclick.net https://www.google-analytics.com https://maps.googleapis.com https://www.periscope.tv https://www.pscp.tv https://ads-twitter.com https://ads-api.twitter.com https://ads-api.x.com blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://messenger-apps.eu.intercom.io https://messenger-apps.au.intercom.io https://*.intercom-attachments-1.com https://*.intercom-attachments.eu https://*.au.intercom-attachments.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://static.intercomassets.eu https://static.au.intercomassets.com https://media.riffsy.com https://*.giphy.com https://media.tenor.com https://c.tenor.com https://*.pscp.tv https://*.periscope.tv https://prod-periscope-profile.s3-us-west-2.amazonaws.com https://platform-lookaside.fbsbx.com https://scontent.xx.fbcdn.net https://scontent-sea1-1.xx.fbcdn.net https://*.googleusercontent.com https://t.co/1/i/adsct https://*.googleusercontent.com https://*.gstatic.com https://*.googlesyndication.com https://*.adtrafficquality.google https://www.google.com/ads/measurement/ https://*.google.com/ads/measurement/ https://googleads.g.doubleclick.net https://google.com https://www.google.com https://plaid-merchant-logos.plaid.com https://plaid-counterparty-logos.plaid.com

 

Duplicated entries: blob:
E

Critical: Duplicated entries found media-src 'self' data: blob: https://twitter.com https://x.com https://*.twimg.com https://*.vine.co https://*.pscp.tv https://*.video.pscp.tv https://js.intercomcdn.com https://downloads.intercomcdn.com https://downloads.intercomcdn.eu https://downloads.au.intercomcdn.com https://dhdsnappytv-vh.akamaihd.net https://pdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://mdhdsnappytv-vh.akamaihd.net https://mpdhdsnappytv-vh.akamaihd.net https://mmdhdsnappytv-vh.akamaihd.net https://dwo3ckksxlb0v.cloudfront.net

 

Duplicated entries: https://mdhdsnappytv-vh.akamaihd.net, https://mmdhdsnappytv-vh.akamaihd.net, https://mpdhdsnappytv-vh.akamaihd.net
A

Good: default-src directive only with 'none' or 'self', additional sources are blocked. manifest-src
A

Good: default-src without 'unsafe-inline' or 'unsave-eval'. manifest-src
A

Good: form-action directive found. That reduces the risk sending data to unwanted domains. form-action is a navigation-directive, so default-src isn't used.
E

Bad: No frame-ancestors directive found. Use one to limit the pages allowed to use this page in frame / iframe / object / embed / applet. frame-ancestors is a navigation-directive, so default-src isn't used.
E

Bad: No base-uri directive found. Use one to limit the URLs which can be used in a document's <base> element. Because it's a document directive, default-src isn't used, so an own directive is required.
A

Good: object-src only with 'none' or 'self' found, no scheme, no other urls. That blocks object / embed / applet - elements.
C

Critical: script-src with 'unsafe-inline' or 'unsafe-eval' and with a nonce found. Ok, better with the nonce, but not really good. Don't use 'unsafe' - declarations.
A

Good: script-src without * and a scheme found.
A

Good: script-src without data: schema found. Why is this important? The data: schema allows hidden code injection. Insert <script src='data:application/javascript;base64,YWxlcnQoJ1hTUycpOw=='></script> in your page and see what happens.
A

Good: frame-src without data: defined or frame-src missing and the default-src used as fallback not allows the data: schema. That blocks hidden code injection. Insert <iframe src="data:text/html;charset=utf-8;base64,PCFET0NUWVBFIGh0bWw+PGh0bWw+PGJvZHk+PHA+YmVmb3JlPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPmFsZXJ0KCdYU1MnKTwvc2NyaXB0PjxwPmFmdGVyPC9ib2R5PjwvaHRtbD4="></iframe> in your page and see what happens.
A

Ok: Nonce found.
C

Info: default-src and some other fetch directives have the same list of values. Remove the other fetch directive, default-src is used as fallback. Directives to remove: manifest-src
A
X-Content-Type-Options
Ok: Header without syntax errors found: nosniff
A
X-Frame-Options
Ok: Header without syntax errors found: DENY
B

Info: Header is deprecated. May not longer work in modern browsers. DENY. Better solution: Use a Content-Security-Policy Header with a frame-ancestors directive. DENY - use 'none', SAMEORIGIN - use 'self'. If you want to allow some domains to frame your page, add these urls.
A
X-Xss-Protection
Ok: Header without syntax errors found: 0
B

Info: Header is deprecated. May not longer work in modern browsers. 0
A
Cross-Origin-Embedder-Policy
Ok: Header without syntax errors found: unsafe-none
A
Cross-Origin-Opener-Policy
Ok: Header without syntax errors found: unsafe-none
Fx.com 162.159.140.229
Referrer-Policy
Critical: Missing Header:
Fx.com 162.159.140.229
Permissions-Policy
Critical: Missing Header:
Bx.com 162.159.140.229
Cross-Origin-Resource-Policy
Info: Missing Header
Fx.com 172.66.0.227
Referrer-Policy
Critical: Missing Header:
Fx.com 172.66.0.227
Permissions-Policy
Critical: Missing Header:
Bx.com 172.66.0.227
Cross-Origin-Resource-Policy
Info: Missing Header
F

Critical: Different combinations of domain names and ip addresses checked, Content-Security-Policy - Header with a nonce declaration sent: Different combinations domain + ip with the same nonce. Nonces must be unique!

3. DNS- and NameServer - Checks

AInfo:: 37 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 8 Name Servers.
AInfo:: 37 Queries complete, 37 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
Ok (4 - 8):: An average of 4.6 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 8 different Name Servers found: a.r10.twtrdns.net, a.u10.twtrdns.net, b.r10.twtrdns.net, b.u10.twtrdns.net, c.r10.twtrdns.net, c.u10.twtrdns.net, d.r10.twtrdns.net, d.u10.twtrdns.net, 8 Name Servers included in Delegation: a.r10.twtrdns.net, a.u10.twtrdns.net, b.r10.twtrdns.net, b.u10.twtrdns.net, c.r10.twtrdns.net, c.u10.twtrdns.net, d.r10.twtrdns.net, d.u10.twtrdns.net, 8 Name Servers included in 1 Zone definitions: a.r10.twtrdns.net, a.u10.twtrdns.net, b.r10.twtrdns.net, b.u10.twtrdns.net, c.r10.twtrdns.net, c.u10.twtrdns.net, d.r10.twtrdns.net, d.u10.twtrdns.net, 1 Name Servers listed in SOA.Primary: a.u10.twtrdns.net.
AGood: Only one SOA.Primary Name Server found.: a.u10.twtrdns.net.
AGood: SOA.Primary Name Server included in the delegation set.: a.u10.twtrdns.net.
AGood: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: a.r10.twtrdns.net, a.u10.twtrdns.net, b.r10.twtrdns.net, b.u10.twtrdns.net, c.r10.twtrdns.net, c.u10.twtrdns.net, d.r10.twtrdns.net, d.u10.twtrdns.net
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AGood: Minimal 2 different name servers (public suffix and public ip address) found: 8 different Name Servers found
AGood: All name servers have ipv4- and ipv6-addresses.: 8 different Name Servers found
Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 8 Name Servers, 1 Top Level Domain: net
Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: twtrdns.net
Warning: All Name Servers from the same Country / IP location.: 8 Name Servers, 1 Countries: US
AInfo: Ipv4-Subnet-list: 8 Name Servers, 2 different subnets (first Byte): 204., 205., 2 different subnets (first two Bytes): 204.74., 205.251., 5 different subnets (first three Bytes): 204.74.111., 205.251.192., 205.251.194., 205.251.196., 205.251.199.
AGood: Name Server IPv4-addresses from different subnet found:
AInfo: IPv6-Subnet-list: 8 Name Servers with IPv6, 1 different subnets (first block): 2600:, 1 different subnets (first two blocks): 2600:9000:, 4 different subnets (first three blocks): 2600:9000:5300:, 2600:9000:5302:, 2600:9000:5304:, 2600:9000:5307:, 4 different subnets (first four blocks): 2600:9000:5300:b300:, 2600:9000:5302:9700:, 2600:9000:5304:c600:, 2600:9000:5307:c300:
AGood: Name Server IPv6 addresses from different subnets found.
AInfo: Nameserver mit different domain names found. May be a problem with DNS-Updates
AGood: Nameserver supports TCP connections: 16 good Nameserver
AGood: Nameserver supports Echo Capitalization: 16 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 16 good Nameserver
XFatal error: Nameservers with different SOA Serial Numbers
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

4. Content- and Performance-critical Checks

AGood: Every https result with status 200 and greater 1024 Bytes is compressed (gzip, deflate, br checked).
AGood: Every https result with status 200 has a minified Html-Content with a quota lower then 110 %.
AGood: Every https connection via port 443 supports the http/2 protocol via ALPN.
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
AInfo: Different Server-Headers found
ADuration: 150220 milliseconds, 150.220 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
x.com
162.159.140.229
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
x.com
162.159.140.229
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=x.com


2CN=E5, O=Let's Encrypt, C=US


x.com
172.66.0.227
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

x.com
172.66.0.227
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=x.com


2CN=E5, O=Let's Encrypt, C=US


www.x.com
162.159.140.229
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

www.x.com
162.159.140.229
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=x.com


2CN=E5, O=Let's Encrypt, C=US


www.x.com
172.66.0.227
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

www.x.com
172.66.0.227
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=x.com


2CN=E5, O=Let's Encrypt, C=US


twitter.com
twitter.com
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

twitter.com
twitter.com
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=twitter.com


2CN=E6, O=Let's Encrypt, C=US


x.com
x.com
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

x.com
x.com
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=x.com


2CN=E5, O=Let's Encrypt, C=US


www.x.com
www.x.com
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

www.x.com
www.x.com
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=x.com


2CN=E5, O=Let's Encrypt, C=US


twitter.com
twitter.com
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

twitter.com
twitter.com
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete

1CN=twitter.com


2CN=E6, O=Let's Encrypt, C=US

 

9. Certificates

1.
1.
CN=x.com
06.03.2025
04.06.2025
expires in 72 days		*.x.com, cdn.syndication.x.com, x.com - 3 entries
1.
1.
CN=x.com
06.03.2025

04.06.2025
expires in 72 days


*.x.com, cdn.syndication.x.com, x.com - 3 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA384
Serial Number:03533B789672B035A213599CB5DF2E9D40C0
Thumbprint:B577EE3C1A1E99E99E8B91EDBE0F6822BFDCDC34
SHA256 / Certificate:gvAZMdtjP2q2Nc+6lipPzgNlEEfwAVWpxE9yAcIF2iA=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8bc68e6e94ca7bc476600dd1117da9752623aba979349d5d16de22c24e5ba911
SHA256 hex / Subject Public Key Information (SPKI):8bc68e6e94ca7bc476600dd1117da9752623aba979349d5d16de22c24e5ba911 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://e5.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=E5, O=Let's Encrypt, C=US
13.03.2024
13.03.2027
expires in 719 days

2.
CN=E5, O=Let's Encrypt, C=US
13.03.2024

13.03.2027
expires in 719 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:SHA256 With RSA-Encryption
Serial Number:00838F6C63CEB1398C6206628315C9FDDE
Thumbprint:5F28D9C589EE4BF31A11B78C72B8D13F079DDC45
SHA256 / Certificate:Xf2zzzGybyPYfAnzoM72QvZAaan7fP4pJwu13A8eFrs=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):3586d4ecf070578cbd27aedce20b964e48bc149faeb9dad72f46b857869172b8
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 3724 days

3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 3724 days




KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




2.
1.
CN=twitter.com
06.03.2025
04.06.2025
expires in 72 days		*.twitter.com, cdn.syndication.twitter.com, twitter.com - 3 entries
2.
1.
CN=twitter.com
06.03.2025

04.06.2025
expires in 72 days


*.twitter.com, cdn.syndication.twitter.com, twitter.com - 3 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA384
Serial Number:03CD06E3C508EE2A0CA56E893FBE5D403314
Thumbprint:440383944129819C157AE6106C00AB33465E1049
SHA256 / Certificate:KOJHvICbEZ738x3XQlnXKzVH3pJCm2+Hx9oeStppXk4=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):cd974f59afd6d264e41e8bffd6cb278bc03cd2259b5f6fa94765482da0253441
SHA256 hex / Subject Public Key Information (SPKI):cd974f59afd6d264e41e8bffd6cb278bc03cd2259b5f6fa94765482da0253441 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://e6.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=E6, O=Let's Encrypt, C=US
13.03.2024
13.03.2027
expires in 719 days

2.
CN=E6, O=Let's Encrypt, C=US
13.03.2024

13.03.2027
expires in 719 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:SHA256 With RSA-Encryption
Serial Number:00B0573E9173972770DBB487CB3A452B38
Thumbprint:C94DC4831A901A9FEC0FB49B71BD49B5AAD4FAD0
SHA256 / Certificate:duniiKr8Djf0OQy/lGqtmX1cHJAbPOUT09j626viq4U=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):d016e1fe311948aca64f2de44ce86c9a51ca041df6103bb52a88eb3f761f57d7
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 3724 days

3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 3724 days




KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
0
20
44
CN=R11, O=Let's Encrypt, C=US
0
2
12
CN=R10, O=Let's Encrypt, C=US
0
4
9
CN=E6, O=Let's Encrypt, C=US
0
2
4
CN=R3, O=Let's Encrypt, C=US
0
0
4
CN=E5, O=Let's Encrypt, C=US
0
2
2

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
9712661824
leaf cert		CN=E5, O=Let's Encrypt, C=US
2025-03-06 17:25:47
2025-06-04 17:25:46
*.x.com, cdn.syndication.x.com, x.com - 3 entries


9712667939
leaf cert		CN=R10, O=Let's Encrypt, C=US
2025-03-06 17:25:38
2025-06-04 17:25:37
*.x.com, cdn.syndication.x.com, x.com - 3 entries


9621041226
leaf cert		CN=E6, O=Let's Encrypt, C=US
2025-02-25 16:33:58
2025-05-26 16:33:57
*.twitter.com, *.x.com, isolation.atla.twitter.com, twitter.com, x.com - 5 entries


9478881586
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2025-02-11 00:00:00
2025-05-11 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


9410528095
leaf cert		CN=R10, O=Let's Encrypt, C=US
2025-02-04 18:33:14
2025-05-05 18:33:13
*.x.com, x.com - 2 entries


9409868108
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-02-04 16:33:30
2025-05-05 16:33:29
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


9337550689
leaf cert		CN=R10, O=Let's Encrypt, C=US
2025-01-27 17:42:59
2025-04-27 17:42:58
*.twitter.com, *.x.com, isolation.atla.twitter.com, twitter.com, x.com - 5 entries


9294150007
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-01-22 20:06:23
2025-04-22 20:06:22
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


9174547208
leaf cert		CN=E6, O=Let's Encrypt, C=US
2025-01-10 01:24:44
2025-04-10 01:24:43
*.twitter.com, *.x.com, isolation.atla.twitter.com, twitter.com, x.com - 5 entries


9136742472
leaf cert		CN=E5, O=Let's Encrypt, C=US
2025-01-06 01:05:13
2025-04-06 01:05:12
*.x.com, cdn.syndication.x.com, x.com - 3 entries


9136742202
leaf cert		CN=R10, O=Let's Encrypt, C=US
2025-01-06 01:05:09
2025-04-06 01:05:08
*.x.com, cdn.syndication.x.com, x.com - 3 entries


8992806596
leaf cert		CN=R11, O=Let's Encrypt, C=US
2024-12-20 21:34:17
2025-03-20 21:34:16
*.x.com, x.com - 2 entries


8992630401
leaf cert		CN=R11, O=Let's Encrypt, C=US
2024-12-20 21:04:44
2025-03-20 21:04:43
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8915331568
leaf cert		CN=R11, O=Let's Encrypt, C=US
2024-12-12 18:06:58
2025-03-12 18:06:57
*.twitter.com, *.x.com, isolation.atla.twitter.com, twitter.com, x.com - 5 entries


8841251902
leaf cert		CN=R11, O=Let's Encrypt, C=US
2024-12-05 05:07:15
2025-03-05 05:07:14
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8766087259
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-11-26 00:00:00
2025-02-23 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8570616014
leaf cert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-11-04 00:00:00
2025-12-05 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8365934737
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-10-09 00:00:00
2025-10-08 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8357640024
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-10-08 00:00:00
2025-10-07 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


8348891661
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-10-07 00:00:00
2025-10-06 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8313176588
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-10-02 00:00:00
2025-10-01 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8312854642
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-10-02 00:00:00
2025-10-01 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


8305350274
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-10-01 00:00:00
2025-09-30 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


8305657216
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-10-01 00:00:00
2025-09-30 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8298792556
leaf cert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-09-30 00:00:00
2025-09-29 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8298505463
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-09-30 00:00:00
2025-09-29 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


8270213503
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-09-26 00:00:00
2024-12-24 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8167036056
leaf cert		CN=R10, O=Let's Encrypt, C=US
2024-09-12 16:02:59
2024-12-11 16:02:58
*.twitter.com, *.x.com, isolation.atla.twitter.com, twitter.com, x.com - 5 entries


8158780478
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-09-11 00:00:00
2025-10-12 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8158780389
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-09-11 00:00:00
2025-10-12 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


8144918727
leaf cert		CN=E6, O=Let's Encrypt, C=US
2024-09-09 14:18:15
2024-12-08 14:18:14
*.x.com, cdn.syndication.x.com, x.com - 3 entries


8144925339
leaf cert		CN=R10, O=Let's Encrypt, C=US
2024-09-09 14:18:11
2024-12-08 14:18:10
*.x.com, cdn.syndication.x.com, x.com - 3 entries


8115847638
leaf cert		CN=R11, O=Let's Encrypt, C=US
2024-09-05 20:06:00
2024-12-04 20:05:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


8112796732
leaf cert		CN=E6, O=Let's Encrypt, C=US
2024-09-05 10:43:22
2024-12-04 10:43:21
*.x.com, x.com - 2 entries


8112783237
leaf cert		CN=R11, O=Let's Encrypt, C=US
2024-09-05 10:43:13
2024-12-04 10:43:12
*.x.com, x.com - 2 entries


8073317915
leaf cert		CN=R10, O=Let's Encrypt, C=US
2024-08-31 08:06:03
2024-11-29 08:06:02
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


7979303169
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-08-19 00:00:00
2025-08-18 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


7978998737
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-08-19 00:00:00
2025-09-19 23:59:59
*.x.com, ias.x.com, x.com - 3 entries


7979004223
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-08-19 00:00:00
2025-09-19 23:59:59
*.x.com, ias.x.com, x.com - 3 entries


7979629019
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-08-19 00:00:00
2025-08-18 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


7942296283
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-08-14 00:00:00
2025-08-13 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


7941948414
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-08-14 00:00:00
2025-08-13 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


7819841619
leaf cert		CN=R11, O=Let's Encrypt, C=US
2024-07-29 02:35:21
2024-10-27 02:35:20
*.twitter.com, *.x.com, isolation.atla.twitter.com, twitter.com, x.com - 5 entries


7773729142
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-07-22 00:00:00
2025-07-21 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


7773735169
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-07-22 00:00:00
2024-10-19 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


7766546460
leaf cert		CN=R11, O=Let's Encrypt, C=US
2024-07-21 20:49:42
2024-10-19 20:49:41
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


7729076350
leaf cert		CN=R10, O=Let's Encrypt, C=US
2024-07-17 01:51:07
2024-10-15 01:51:06
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


7501112603
leaf cert		CN=R11, O=Let's Encrypt, C=US
2024-06-14 03:03:53
2024-09-12 03:03:52
*.twitter.com, *.x.com, isolation.atla.twitter.com, twitter.com, x.com - 5 entries


7456950966
leaf cert		CN=R11, O=Let's Encrypt, C=US
2024-06-06 21:02:53
2024-09-04 21:02:52
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


7456919653
leaf cert		CN=R10, O=Let's Encrypt, C=US
2024-06-06 20:53:52
2024-09-04 20:53:51
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


7428123656
leaf cert		CN=R3, O=Let's Encrypt, C=US
2024-06-02 02:08:49
2024-08-31 02:08:48
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


6157934693
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-09 00:00:00
2024-11-07 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


6157927176
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-09 00:00:00
2024-11-07 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


6150629954
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-08 00:00:00
2024-11-06 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


6146013758
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-07 00:00:00
2024-11-05 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


6118307210
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-02 00:00:00
2024-10-31 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


6118307162
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-02 00:00:00
2024-10-31 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


6113018305
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-01 00:00:00
2024-10-30 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


6113056195
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-01 00:00:00
2024-12-01 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


6113018350
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-01 00:00:00
2024-10-30 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


6113063603
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-01 00:00:00
2024-12-01 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


6106263639
leaf cert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-10-31 00:00:00
2024-10-29 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


6106263556
leaf cert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-10-31 00:00:00
2024-10-29 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


6100888050
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-10-30 00:00:00
2024-11-29 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


6100923568
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-10-30 00:00:00
2024-11-29 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


6083434033
leaf cert		CN=R3, O=Let's Encrypt, C=US
2023-10-27 19:28:47
2024-01-25 19:28:46
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


6083315101
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-10-27 00:00:00
2024-11-26 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


5950488392
leaf cert		CN=R3, O=Let's Encrypt, C=US
2023-10-03 18:08:20
2024-01-01 18:08:19
syndication.x.com, td.twitter.com, td.x.com, tdapi.twitter.com, tdapi.x.com, tdweb.twitter.com, tdweb.x.com, ton.twitter.com, ton.x.com, tweetdeck.com, tweetdeck.twitter.com, tweetdeck.x.com, twitter.com, tw-ton.twitter.com, tw-ton.x.com, upload.twitter.com, upload.x.com, web.tweetdeck.com, www.tweetdeck.com, www.twitter.com, x.com - 21 entries


5950341729
leaf cert		CN=R3, O=Let's Encrypt, C=US
2023-10-03 17:29:35
2024-01-01 17:29:34
api.tweetdeck.com, api.twitter.com, api.x.com, blog.tweetdeck.com, cdn.syndication.twimg.com, cdn.syndication.twitter.com, cdn.syndication.x.com, downloads.tweetdeck.com, mobile.twitter.com, mobile.x.com, pro.twitter.com, pro.x.com, support.twitter.com, support.x.com, syndication.twimg.com, syndication.twitter.com, syndication-o.twimg.com, syndication-o.twitter.com, syndication-o.x.com, www.x.com - 20 entries


5876132365
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-09-19 00:00:00
2024-09-17 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


5876132449
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-09-19 00:00:00
2024-09-17 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


5850754004
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-09-14 00:00:00
2024-09-12 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


5850753970
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-09-14 00:00:00
2024-09-12 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


5820458467
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-09-08 00:00:00
2024-10-08 23:59:59
twitter.com, www.twitter.com, www.x.com, x.com - 4 entries


5820466885
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-09-08 00:00:00
2024-10-08 23:59:59
*.twitter.com, *.x.com, twitter.com, x.com - 4 entries


 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuerlast 7 daysactivenum Certs
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
0
0
5
CN=R3, O=Let's Encrypt, C=US
0 /0 new
0
1

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
11049883331
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-08 23:00:00
2024-11-07 22:59:59
*.twitter.com, *.x.com, twitter.com, x.com
4 entries


11049898404
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-08 23:00:00
2024-11-07 22:59:59
twitter.com, www.twitter.com, www.x.com, x.com
4 entries


11037173867
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-07 23:00:00
2024-11-06 22:59:59
twitter.com, www.twitter.com, www.x.com, x.com
4 entries


11029148909
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-11-06 23:00:00
2024-11-05 22:59:59
*.twitter.com, *.x.com, twitter.com, x.com
4 entries


11061304430
leaf cert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-10-30 23:00:00
2024-10-29 22:59:59
*.twitter.com, *.x.com, twitter.com, x.com
4 entries


10588749692
leaf cert		CN=R3, O=Let's Encrypt, C=US
2023-10-03 15:29:35
2024-01-01 16:29:34
api.tweetdeck.com, api.twitter.com, api.x.com, blog.tweetdeck.com, cdn.syndication.twimg.com, cdn.syndication.twitter.com, cdn.syndication.x.com, downloads.tweetdeck.com, mobile.twitter.com, mobile.x.com, pro.twitter.com, pro.x.com, support.twitter.com, support.x.com, syndication.twimg.com, syndication.twitter.com, syndication-o.twimg.com, syndication-o.twitter.com, syndication-o.x.com, www.x.com
20 entries


 

11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404

 

12. Html-Parsing via https://validator.w3.org/nu/

Url used (first standard-https-result with http status 200): https://x.com/

Summary

Good: No non-document-errors
11 errors
15 warnings

TypeMessagenum found
1.errorElement script must not have attribute charset unless attribute src is also specified.4
2.errorBad value onion-location for attribute http-equiv on element meta.1
3.errorA link element with a sizes attribute must have a rel attribute that contains the value icon or the value apple-touch-icon or the value apple-touch-icon-precomposed.1
4.errorBad value origin-trial for attribute http-equiv on element meta.1
5.errorElement head is missing a required instance of child element title.1
6.errorElement style not allowed as child of element noscript in this context. (Suppressing further errors from this subtree.)1
7.errorBad value   for attribute action on element form: Must be non-empty.1
8.errorElement div not allowed as child of element button in this context. (Suppressing further errors from this subtree.)1
9.warningThe charset attribute on the script element is obsolete.7
10.warningThe type attribute is unnecessary for JavaScript resources.7
11.warningPossible misuse of aria-label. (If you disagree with this warning, file an issue report or send e-mail to www-validator@w3.org.)1

Details


TypeMessage + Sample
1errorBad value onion-location for attribute http-equiv on element meta.

From line 1, column 1328 to line 1, column 1445

f2a.js" /><meta http-equiv="onion-location" content="https://twitter3e4tixl4xyajtrzo62zg5vztmjuricljdp2c5kshju4avyoid.onion/" /><meta
2errorA link element with a sizes attribute must have a rel attribute that contains the value icon or the value apple-touch-icon or the value apple-touch-icon-precomposed.

From line 2, column 601 to line 2, column 727

le="Grok"><link rel="mask-icon" sizes="any" href="https://abs.twimg.com/responsive-web/client-web/icon-svg.ea5ff4aa.svg" color="#1D9BF0"><link
3errorBad value origin-trial for attribute http-equiv on element meta.

From line 2, column 965 to line 2, column 1237

000000" /><meta http-equiv="origin-trial" content="AlpCmb40F5ZjDi9ZYe+wnr/V8MF+XmY41K4qUhoq+2mbepJTNd3q4CRqlACfnythEPZqcjryfAS1+ExS0FFRcA8AAABmeyJvcmlnaW4iOiJodHRwczovL3R3aXR0ZXIuY29tOjQ0MyIsImZlYXR1cmUiOiJMYXVuY2ggSGFuZGxlciIsImV4cGlyeSI6MTY1NTI1MTE5OSwiaXNTdWJkb21haW4iOnRydWV9" /><style
4errorElement head is missing a required instance of child element title.

From line 258, column 65 to line 258, column 71

x}</style></head><body
5errorElement style not allowed as child of element noscript in this context. (Suppressing further errors from this subtree.)

From line 258, column 123 to line 258, column 129

<noscript><style> b
6errorBad value   for attribute action on element form: Must be non-empty.

From line 334, column 753 to line 334, column 781

dFailure"><form action="" method="GET"><div c
7errorElement div not allowed as child of element button in this context. (Suppressing further errors from this subtree.)

From line 334, column 1413 to line 334, column 1545

="submit"><div dir="ltr" class="css-146c3p1 r-bcqeeo r-qvutc0 r-1qd0xha r-q4m81j r-a023e6 r-rjixqe r-b88u0q" style="color:rgba(15,20,25,1.00)"><span
8errorElement script must not have attribute charset unless attribute src is also specified.

From line 334, column 7012 to line 334, column 7115

;</script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">window
9errorElement script must not have attribute charset unless attribute src is also specified.

From line 334, column 142623 to line 334, column 142726

></script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">window
10errorElement script must not have attribute charset unless attribute src is also specified.

From line 335, column 10 to line 335, column 113

 </script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">perfor
11errorElement script must not have attribute charset unless attribute src is also specified.

From line 335, column 829 to line 335, column 932

></script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">perfor
12warningPossible misuse of aria-label. (If you disagree with this warning, file an issue report or send e-mail to www-validator@w3.org.)

From line 334, column 163 to line 334, column 283

-12vffkv"><div aria-label="Loading…" class="css-175oi2r r-kemksi r-1p0dtai r-zchlnj r-1d2f490 r-1xcajam r-ipm5af" id="placeholder"><svg v
13warningThe charset attribute on the script element is obsolete.

From line 334, column 7012 to line 334, column 7115

;</script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">window
14warningThe type attribute is unnecessary for JavaScript resources.

From line 334, column 7012 to line 334, column 7115

;</script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">window
15warningThe charset attribute on the script element is obsolete.

From line 334, column 142623 to line 334, column 142726

></script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">window
16warningThe type attribute is unnecessary for JavaScript resources.

From line 334, column 142623 to line 334, column 142726

></script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">window
17warningThe charset attribute on the script element is obsolete.

From line 335, column 10 to line 335, column 113

 </script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">perfor
18warningThe type attribute is unnecessary for JavaScript resources.

From line 335, column 10 to line 335, column 113

 </script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">perfor
19warningThe charset attribute on the script element is obsolete.

From line 335, column 200 to line 335, column 400

)</script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz" crossorigin="anonymous" src="https://abs.twimg.com/responsive-web/client-web/vendor.b44439ba.js"></scri
20warningThe type attribute is unnecessary for JavaScript resources.

From line 335, column 200 to line 335, column 400

)</script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz" crossorigin="anonymous" src="https://abs.twimg.com/responsive-web/client-web/vendor.b44439ba.js"></scri
21warningThe charset attribute on the script element is obsolete.

From line 335, column 410 to line 335, column 611

></script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz" crossorigin="anonymous" src="https://abs.twimg.com/responsive-web/client-web/i18n/en.a652d8da.js"></scri
22warningThe type attribute is unnecessary for JavaScript resources.

From line 335, column 410 to line 335, column 611

></script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz" crossorigin="anonymous" src="https://abs.twimg.com/responsive-web/client-web/i18n/en.a652d8da.js"></scri
23warningThe charset attribute on the script element is obsolete.

From line 335, column 621 to line 335, column 819

></script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz" crossorigin="anonymous" src="https://abs.twimg.com/responsive-web/client-web/main.d4897f2a.js"></scri
24warningThe type attribute is unnecessary for JavaScript resources.

From line 335, column 621 to line 335, column 819

></script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz" crossorigin="anonymous" src="https://abs.twimg.com/responsive-web/client-web/main.d4897f2a.js"></scri
25warningThe charset attribute on the script element is obsolete.

From line 335, column 829 to line 335, column 932

></script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">perfor
26warningThe type attribute is unnecessary for JavaScript resources.

From line 335, column 829 to line 335, column 932

></script><script type="text/javascript" charset="utf-8" nonce="YzhlYzk3MDYtMTk2MS00NTRlLWEwZTMtNjU0YmY3NGNlZDUz">perfor

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: a.r10.twtrdns.net, a.u10.twtrdns.net, b.r10.twtrdns.net, b.u10.twtrdns.net, c.r10.twtrdns.net, c.u10.twtrdns.net, d.r10.twtrdns.net, d.u10.twtrdns.net

 

QNr.DomainTypeNS used
1
net
NS
d.root-servers.net (2001:500:2d::d)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
a.r10.twtrdns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: edns101.ultradns.net, ns-1450.awsdns-53.org, ns-1700.awsdns-20.co.uk, ns-370.awsdns-46.com, ns-975.awsdns-57.net

Answer: edns101.ultradns.net
204.74.110.101, 2610:a1:1014::265

Answer: ns-975.awsdns-57.net
205.251.195.207
3
a.u10.twtrdns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: edns101.ultradns.net, ns-1450.awsdns-53.org, ns-1700.awsdns-20.co.uk, ns-370.awsdns-46.com, ns-975.awsdns-57.net

Answer: edns101.ultradns.net
204.74.110.101, 2610:a1:1014::265

Answer: ns-975.awsdns-57.net
205.251.195.207
4
b.r10.twtrdns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: edns101.ultradns.net, ns-1450.awsdns-53.org, ns-1700.awsdns-20.co.uk, ns-370.awsdns-46.com, ns-975.awsdns-57.net

Answer: edns101.ultradns.net
204.74.110.101, 2610:a1:1014::265

Answer: ns-975.awsdns-57.net
205.251.195.207
5
b.u10.twtrdns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: edns101.ultradns.net, ns-1450.awsdns-53.org, ns-1700.awsdns-20.co.uk, ns-370.awsdns-46.com, ns-975.awsdns-57.net

Answer: edns101.ultradns.net
204.74.110.101, 2610:a1:1014::265

Answer: ns-975.awsdns-57.net
205.251.195.207
6
c.r10.twtrdns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: edns101.ultradns.net, ns-1450.awsdns-53.org, ns-1700.awsdns-20.co.uk, ns-370.awsdns-46.com, ns-975.awsdns-57.net

Answer: edns101.ultradns.net
204.74.110.101, 2610:a1:1014::265

Answer: ns-975.awsdns-57.net
205.251.195.207
7
c.u10.twtrdns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: edns101.ultradns.net, ns-1450.awsdns-53.org, ns-1700.awsdns-20.co.uk, ns-370.awsdns-46.com, ns-975.awsdns-57.net

Answer: edns101.ultradns.net
204.74.110.101, 2610:a1:1014::265

Answer: ns-975.awsdns-57.net
205.251.195.207
8
d.r10.twtrdns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: edns101.ultradns.net, ns-1450.awsdns-53.org, ns-1700.awsdns-20.co.uk, ns-370.awsdns-46.com, ns-975.awsdns-57.net

Answer: edns101.ultradns.net
204.74.110.101, 2610:a1:1014::265

Answer: ns-975.awsdns-57.net
205.251.195.207
9
d.u10.twtrdns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: edns101.ultradns.net, ns-1450.awsdns-53.org, ns-1700.awsdns-20.co.uk, ns-370.awsdns-46.com, ns-975.awsdns-57.net

Answer: edns101.ultradns.net
204.74.110.101, 2610:a1:1014::265

Answer: ns-975.awsdns-57.net
205.251.195.207
10
org
NS
g.root-servers.net (2001:500:12::d0d)

Answer: a0.org.afilias-nst.info, a2.org.afilias-nst.info, b0.org.afilias-nst.org, b2.org.afilias-nst.org, c0.org.afilias-nst.info, d0.org.afilias-nst.org
11
ns-1450.awsdns-53.org
NS
a0.org.afilias-nst.info (2001:500:e::1)

Answer: g-ns-1080.awsdns-53.org, g-ns-1653.awsdns-53.org, g-ns-181.awsdns-53.org, g-ns-759.awsdns-53.org

Answer: g-ns-1080.awsdns-53.org
205.251.196.56, 2600:9000:5304:3800::1

Answer: g-ns-1653.awsdns-53.org
205.251.198.117, 2600:9000:5306:7500::1

Answer: g-ns-181.awsdns-53.org
205.251.192.181, 2600:9000:5300:b500::1

Answer: g-ns-759.awsdns-53.org
205.251.194.247, 2600:9000:5302:f700::1
12
uk
NS
a.root-servers.net (2001:503:ba3e::2:30)

Answer: dns1.nic.uk, dns2.nic.uk, dns3.nic.uk, dns4.nic.uk, nsa.nic.uk, nsb.nic.uk, nsc.nic.uk, nsd.nic.uk
13
ns-1700.awsdns-20.co.uk
NS
dns1.nic.uk (2a01:618:400::1)

Answer: g-ns-1495.awsdns-20.co.uk, g-ns-1816.awsdns-20.co.uk, g-ns-340.awsdns-20.co.uk, g-ns-916.awsdns-20.co.uk

Answer: g-ns-1495.awsdns-20.co.uk
205.251.197.215, 2600:9000:5305:d700::1

Answer: g-ns-1816.awsdns-20.co.uk
205.251.199.24, 2600:9000:5307:1800::1

Answer: g-ns-340.awsdns-20.co.uk
205.251.193.84, 2600:9000:5301:5400::1

Answer: g-ns-916.awsdns-20.co.uk
205.251.195.148, 2600:9000:5303:9400::1
14
com
NS
c.root-servers.net (2001:500:2::c)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
15
ns-370.awsdns-46.com
NS
e.gtld-servers.net (2001:502:1ca1::30)

Answer: g-ns-1198.awsdns-46.com, g-ns-1774.awsdns-46.com, g-ns-47.awsdns-46.com, g-ns-622.awsdns-46.com

Answer: g-ns-1198.awsdns-46.com
205.251.196.174, 2600:9000:5304:ae00::1

Answer: g-ns-1774.awsdns-46.com
205.251.198.238, 2600:9000:5306:ee00::1

Answer: g-ns-47.awsdns-46.com
205.251.192.47, 2600:9000:5300:2f00::1

Answer: g-ns-622.awsdns-46.com
205.251.194.110, 2600:9000:5302:6e00::1
16
ns-1450.awsdns-53.org: 205.251.197.170
A
g-ns-1080.awsdns-53.org (2600:9000:5304:3800::1)
17
ns-1450.awsdns-53.org: 2600:9000:5305:aa00::1
AAAA
g-ns-1080.awsdns-53.org (2600:9000:5304:3800::1)
18
ns-1700.awsdns-20.co.uk: 205.251.198.164
A
g-ns-1495.awsdns-20.co.uk (2600:9000:5305:d700::1)
19
ns-1700.awsdns-20.co.uk: 2600:9000:5306:a400::1
AAAA
g-ns-1495.awsdns-20.co.uk (2600:9000:5305:d700::1)
20
ns-370.awsdns-46.com: 205.251.193.114
A
g-ns-1198.awsdns-46.com (2600:9000:5304:ae00::1)
21
ns-370.awsdns-46.com: 2600:9000:5301:7200::1
AAAA
g-ns-1198.awsdns-46.com (2600:9000:5304:ae00::1)
22
a.r10.twtrdns.net: 205.251.192.179
A
edns101.ultradns.net (2610:a1:1014::265)
23
a.r10.twtrdns.net: 2600:9000:5300:b300::1
AAAA
edns101.ultradns.net (2610:a1:1014::265)
24
a.u10.twtrdns.net: 204.74.111.101
A
edns101.ultradns.net (2610:a1:1014::265)
25
a.u10.twtrdns.net: 2600:9000:5300:b300::1
AAAA
edns101.ultradns.net (2610:a1:1014::265)
26
b.r10.twtrdns.net: 205.251.196.198
A
edns101.ultradns.net (2610:a1:1014::265)
27
b.r10.twtrdns.net: 2600:9000:5304:c600::1
AAAA
edns101.ultradns.net (2610:a1:1014::265)
28
b.u10.twtrdns.net: 205.251.196.198
A
edns101.ultradns.net (2610:a1:1014::265)
29
b.u10.twtrdns.net: 2600:9000:5304:c600::1
AAAA
edns101.ultradns.net (2610:a1:1014::265)
30
c.r10.twtrdns.net: 205.251.194.151
A
edns101.ultradns.net (2610:a1:1014::265)
31
c.r10.twtrdns.net: 2600:9000:5302:9700::1
AAAA
edns101.ultradns.net (2610:a1:1014::265)
32
c.u10.twtrdns.net: 205.251.194.151
A
edns101.ultradns.net (2610:a1:1014::265)
33
c.u10.twtrdns.net: 2600:9000:5302:9700::1
AAAA
edns101.ultradns.net (2610:a1:1014::265)
34
d.r10.twtrdns.net: 205.251.199.195
A
edns101.ultradns.net (2610:a1:1014::265)
35
d.r10.twtrdns.net: 2600:9000:5307:c300::1
AAAA
edns101.ultradns.net (2610:a1:1014::265)
36
d.u10.twtrdns.net: 205.251.199.195
A
edns101.ultradns.net (2610:a1:1014::265)
37
d.u10.twtrdns.net: 2600:9000:5307:c300::1
AAAA
edns101.ultradns.net (2610:a1:1014::265)

 

14. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.x.com



1
0
x.com
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0

 

15. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
x.com
_w548xs1kfxtlqk3jyx19bzwk34c473i
ok
1
0
x.com
3089463
ok
1
0
x.com
adobe-idp-site-verification=ab4d9ce3473a73e81f46238da34ea4967fd5ac80e5c43fbfa8dff46d06a5321c
ok
1
0
x.com
adobe-sign-verification=c693a744ee2d282a36a43e6e724c5ea
ok
1
0
x.com
apple-domain-verification=sEij6tJOW11fVNrG
ok
1
0
x.com
atlassian-domain-verification=j6u0o1PTkobCXC84uEF/sWpIPtaZURBVYqKzmTvT8wugLcHT1vvrzzA63iP1qSLN
ok
1
0
x.com
atlassian-sending-domain-verification=bd424180-8645-4de5-bd6a-285479c7577a
ok
1
0
x.com
figma-domain-verification=ee8420edd01965ba297f3438c907cfc6fbbaa1ee90a07b28f28bcfca8e6017bb-1729630998
ok
1
0
x.com
google-site-verification=8yQmoVhQedzlt36RPeQP41ytrEFk9aHEnde_xm0626g
ok
1
0
x.com
google-site-verification=F6u9mGL--d2lbLljvH3b1UUgXtevQPdcamKr9c8914A
ok
1
0
x.com
kkdl3qb3tcrmdhfsm803p67r0my0svs8
ok
1
0
x.com
shopify-verification-code=cUZazKrqCWgcshrcGvgfFR1lieuhRF
ok
1
0
x.com
slack-domain-verification=Csk4bjCPFnJaDLLaKFUwCTFuUpCVvnYlAm2Tba0i
ok
1
0
x.com
stripe-verification=46F7B88485621DC18923B43D12E90E6CDBCE232F2FEBCF084E6EFA91F6BA707D
ok
1
0
x.com
v=spf1 ip4:199.16.156.0/22 ip4:199.59.148.0/22 include:_spf.google.com include:_spf.salesforce.com include:_oerp.x.com include:phx1.rp.oracleemaildelivery.com include:iad1.rp.oracleemaildelivery.com -all
ok
1
0
www.x.com
_w548xs1kfxtlqk3jyx19bzwk34c473i
ok
1
0
www.x.com
3089463
ok
1
0
www.x.com
adobe-idp-site-verification=ab4d9ce3473a73e81f46238da34ea4967fd5ac80e5c43fbfa8dff46d06a5321c
ok
1
0
www.x.com
adobe-sign-verification=c693a744ee2d282a36a43e6e724c5ea
ok
1
0
www.x.com
apple-domain-verification=sEij6tJOW11fVNrG
ok
1
0
www.x.com
atlassian-domain-verification=j6u0o1PTkobCXC84uEF/sWpIPtaZURBVYqKzmTvT8wugLcHT1vvrzzA63iP1qSLN
ok
1
0
www.x.com
atlassian-sending-domain-verification=bd424180-8645-4de5-bd6a-285479c7577a
ok
1
0
www.x.com
figma-domain-verification=ee8420edd01965ba297f3438c907cfc6fbbaa1ee90a07b28f28bcfca8e6017bb-1729630998
ok
1
0
www.x.com
google-site-verification=8yQmoVhQedzlt36RPeQP41ytrEFk9aHEnde_xm0626g
ok
1
0
www.x.com
google-site-verification=F6u9mGL--d2lbLljvH3b1UUgXtevQPdcamKr9c8914A
ok
1
0
www.x.com
kkdl3qb3tcrmdhfsm803p67r0my0svs8
ok
1
0
www.x.com
shopify-verification-code=cUZazKrqCWgcshrcGvgfFR1lieuhRF
ok
1
0
www.x.com
slack-domain-verification=Csk4bjCPFnJaDLLaKFUwCTFuUpCVvnYlAm2Tba0i
ok
1
0
www.x.com
stripe-verification=46F7B88485621DC18923B43D12E90E6CDBCE232F2FEBCF084E6EFA91F6BA707D
ok
1
0
www.x.com
v=spf1 ip4:199.16.156.0/22 ip4:199.59.148.0/22 include:_spf.google.com include:_spf.salesforce.com include:_oerp.x.com include:phx1.rp.oracleemaildelivery.com include:iad1.rp.oracleemaildelivery.com -all
ok
1
0
_acme-challenge.x.com
feDO9PbziIHlhrvC9yHkdZ8CRcDDLVxg9M1pyL5uQVw
looks good, correct length, correct characters
1
0
_acme-challenge.x.com
mzLStB29s6c22GJx0MdqoqpNaQPpjKcCo2r-jkt7vVY
looks good, correct length, correct characters
1
0
_acme-challenge.www.x.com
FNpinS5k8wt0djBjDRhBZGdtj6dJLwegAewgoxxlGM4
looks good, correct length, correct characters
1
0
_acme-challenge.x.com.x.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.x.com.x.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.x.com.www.x.com

Name Error - The domain name does not exist
1
0

 

16. DomainService - Entries

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
MX

x.com
1
ASPMX.L.GOOGLE.COM
05ok

A


66.102.1.27
01ok

AAAA


2a00:1450:400c:c07::1b
01ok

CNAME


00ok
MX

x.com
5
ALT2.ASPMX.L.GOOGLE.COM
05ok

A


142.251.9.27
01ok

AAAA


2a00:1450:4025:c03::1b
01ok

CNAME


00ok
MX

x.com
5
ALT1.ASPMX.L.GOOGLE.COM
05ok

A


142.250.153.26
01ok

AAAA


2a00:1450:4013:c16::1a
01ok

CNAME


00ok
MX

x.com
10
ALT4.ASPMX.L.GOOGLE.COM
05ok

A


74.125.200.27
01ok

AAAA


2404:6800:4003:c00::1b
01ok

CNAME


00ok
MX

x.com
10
ALT3.ASPMX.L.GOOGLE.COM
05ok

A


142.250.150.27
01ok

AAAA


2a00:1450:4010:c1c::1a
01ok

CNAME


00ok
SPF
TXT
x.com

v=spf1 ip4:199.16.156.0/22 ip4:199.59.148.0/22 include:_spf.google.com include:_spf.salesforce.com include:_oerp.x.com include:phx1.rp.oracleemaildelivery.com include:iad1.rp.oracleemaildelivery.com -all
ok

TXT
_spf.google.com

v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ~all
ok

TXT
_spf.salesforce.com

v=spf1 exists:%{i}._spf.mta.salesforce.com -all
ok

TXT
_oerp.x.com

v=spf1 ip4:144.34.32.247 ip4:144.34.33.247 ip4:144.34.8.247 ip4:144.34.9.247 -all
ok

TXT
phx1.rp.oracleemaildelivery.com

v=spf1 ip4:162.88.4.0/23 ip4:162.88.25.0/24 ip4:192.29.103.128/25 ip4:208.76.63.0/24 ip4:216.146.32.0/24 ~all
ok

TXT
iad1.rp.oracleemaildelivery.com

v=spf1 ip4:147.154.32.0/25 ip4:162.88.8.0/24 ip4:162.88.24.0/24 ip4:162.88.36.0/24 ip4:208.76.62.0/24 ip4:216.146.33.0/24 ~all
ok

TXT
_netblocks.google.com

v=spf1 ip4:35.190.247.0/24 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.177.8.0/21 ip4:173.194.0.0/16 ip4:209.85.128.0/17 ip4:216.58.192.0/19 ip4:216.239.32.0/19 ~all
ok

TXT
_netblocks2.google.com

v=spf1 ip6:2001:4860:4000::/36 ip6:2404:6800:4000::/36 ip6:2607:f8b0:4000::/36 ip6:2800:3f0:4000::/36 ip6:2a00:1450:4000::/36 ip6:2c0f:fb50:4000::/36 ~all
ok

TXT
_netblocks3.google.com

v=spf1 ip4:172.217.0.0/19 ip4:172.217.32.0/20 ip4:172.217.128.0/19 ip4:172.217.160.0/20 ip4:172.217.192.0/19 ip4:172.253.56.0/21 ip4:172.253.112.0/20 ip4:108.177.96.0/19 ip4:35.191.0.0/16 ip4:130.211.0.0/22 ~all
ok
_dmarc
TXT
_dmarc.x.com

v=DMARC1; p=reject; rua=mailto:caf935f12c8645b2921b0749d1fcd49e@dmarc-reports.cloudflare.net
ok

TXT
x.com._report._dmarc.dmarc-reports.cloudflare.net

mailto:caf935f12c8645b2921b0749d1fcd49e@dmarc-reports.cloudflare.net
okMail domain unequal current domain. Check required, if there is a confirming _report._dmarc-Record. See RFC 7489, 7.1.

TXT
x.com._report._dmarc.dmarc-reports.cloudflare.net

v=DMARC1;
okConfirmed. Sending reports to external domain is allowed.

				 
			

				 
			
17. Cipher Suites



Skipped, CDN used or too many ip addresses

				 
			
18. Portchecks



No open Ports <> 80 / 443 found, so no additional Ports checked.



				 
			

				 
			

Permalink: https://check-your-website.server-daten.de/?i=225afec3-f2a2-433a-ab5f-2ec363a650c4

				 
			


Last Result: https://check-your-website.server-daten.de/?q=x.com - 2025-03-12 19:38:17

				 
			
Do you like this page? Support this tool, add a link on your page:

				 
			
<a href="https://check-your-website.server-daten.de/?q=x.com" target="_blank">Check this Site: x.com</a>

				 
			

				 
			


Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

				 
			
QR-Code of this page - https://check-your-website.server-daten.de/?d=x.com

				 
			

				 
			



Jürgen Auer • Friedenstr. 37 • 10249 Berlin • +49(0)30 420 200 60 • info@sql-und-xml.de • 
USt-IdNr.: DE221734518

				 
			


Errors, ideas, questions? Use the 
Contact form • A project using

Server-Daten - Web Database solutions