HTTP Headers Analysis for https://ads.x.com

Detected Technologies from Headers

See all in URL Inspect 15

Arkose Labs

Cloudflare CDN

Oracle Eloqua

Envoy

Google AdSense

Google Analytics

Google Conversion Tracking

Google DoubleClick

Google Search

Google Tag Manager

HubSpot Forms

Simplecast

Twitter

YouTube

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=631138519; includeSubdomains

Content-Security-Policy

Good

default-src; connect-src; font-src; +8 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Strengthen CSP by removing 'unsafe-eval'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

Vary

Performance

Cookie,X-Twitter-Internal,X-Twitter-IP-Tags, accept-encoding

connection: close
transfer-encoding: chunked
vary: Cookie,X-Twitter-Internal,X-Twitter-IP-Tags, accept-encoding

Caching Headers

Age

Caching

34165

Cache-Control

Caching

max-age=0

Expires

Caching

Wed, 13 May 2026 03:35:25 GMT

age: 34165
cache-control: max-age=0
expires: Wed, 13 May 2026 03:35:25 GMT

Content Headers

Content-Type

Content

text/html

content-type: text/html

Server Headers

Server

cloudflare envoy

server: cloudflare envoy

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: guest_id_marketing=v1%3A177864332592463500; Max-Age=63072000; Expires=Fri, 12 May 2028 03:35:25 GMT; Path=/; Domain=.x.com; Secure; SameSite=None
guest_id_ads=v1%3A177864332592463500; Max-Age=63072000; Expires=Fri, 12 May 2028 03:35:25 GMT; Path=/; Domain=.x.com; Secure; SameSite=None
personalization_id="v1_nwATt87DzPWmp8TT8oke2w=="; Max-Age=63072000; Expires=Fri, 12 May 2028 03:35:25 GMT; Path=/; Domain=.x.com; Secure; SameSite=None
guest_id=v1%3A177864332592463500; Max-Age=63072000; Expires=Fri, 12 May 2028 03:35:25 GMT; Path=/; Domain=.x.com; Secure; SameSite=None
ct0=3e16e5010842f53a0a63f2ccf152b7de; Max-Age=21600; Expires=Wed, 13 May 2026 09:35:25 GMT; Path=/; Domain=.x.com; Secure
__cf_bm=opbyJ6KnAeAuQFbujpfO.xqJU8H39I0SsfSdmwJGuX8-1778643325.9078324-1.0.1.1-1qSb5AHOLX_gNMgG119axVzIsNyJ56vhK0dCw_9geUxgxiT_aUkqZjcPBr58F0a2j4Ef4QyFVwb21GHUf4yX1vzAax5zFYqfo9fsEqAxojDGiwsDWt42rRerPgvgLY4q; HttpOnly; SameSite=None; Secure; Path=/; Domain=x.com; Expires=Wed, 13 May 2026 04:05:25 GMT

Other Headers

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9fae9cf2ecfa9167-IAD

Date

Other

Wed, 13 May 2026 03:35:25 GMT

Origin-Cf-Ray

Other

9fae9cf2ecfa9167-IAD

Perf

Other

7402827104

X-Response-Time

Other

8

X-Served-By

Other

t4_a

X-Transaction-Id

Other

9be7b41b9785ef12

cf-cache-status: DYNAMIC
cf-ray: 9fae9cf2ecfa9167-IAD
date: Wed, 13 May 2026 03:35:25 GMT
origin-cf-ray: 9fae9cf2ecfa9167-IAD
perf: 7402827104
x-response-time: 8
x-served-by: t4_a
x-transaction-id: 9be7b41b9785ef12

Recommendations

Enable compression (gzip/brotli) to improve performance