For SMS and voice callbacks over HTTP, Twilio will drop the username and password (if any) from the URL before computing the signature. For SMS and voice callbacks over HTTPS, Twilio will drop the username, password and port (if any) before computing the signature.
it seems that the port has to be included in the hash when it is an HTTP request, if this is indeed the case this has to be change to something like
var requestedUrl = $"{request.Scheme}://{(request.IsHttps ? request.Host.Host : request.Host.ToUriComponent())}{request.Path}{request.QueryString}";
Based on the docs
it seems that the port has to be included in the hash when it is an HTTP request, if this is indeed the case this has to be change to something like