presidence.td Open in urlscan Pro
209.16.158.69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://presidence.td/
Submission: On November 12 via manual (November 12th 2021, 9:12:33 pm UTC) from EG — Scanned from CA

Summary HTTP 48 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 48 HTTP transactions. The main IP is 209.16.158.69, located in Canada and belongs to PLANETHOSTER-8, CA. The main domain is presidence.td.
TLS certificate: Issued by R3 on November 7th 2021. Valid for: 3 months.

This is the only time presidence.td was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	209.16.158.69 209.16.158.69	53589 (PLANETHOS...) (PLANETHOSTER-8)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
18 18	195.181.168.47 195.181.168.47	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
48	8

30 209.16.158.69 (Canada)

ASN53589 (PLANETHOSTER-8, CA)
PTR: hybrid3400.ca.ns.planethoster.net

presidence.td	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 195.181.168.47 (New York, United States) 18 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: edge-742.bunnyinfra.net

sp-ao.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	presidence.td presidence.td	2 MB
18	shortpixel.ai 18 redirects sp-ao.shortpixel.ai	12 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	376 KB
4	google.com www.google.com	39 KB
1	google-analytics.com www.google-analytics.com	220 B
1	googleapis.com fonts.googleapis.com	1 KB
1	googletagmanager.com www.googletagmanager.com	61 KB
48	7

	Domain	Requested by
30	presidence.td	presidence.td
18	sp-ao.shortpixel.ai	18 redirects presidence.td
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	presidence.td www.gstatic.com www.google.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	presidence.td
1	www.googletagmanager.com	presidence.td
48	8

This site contains links to these domains. Also see Links.

Domain
fr-fr.facebook.com
twitter.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
*.pr-tchad.org R3	`2021-11-07` - `2022-02-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://presidence.td/
Frame ID: 2B86AA58F04888716F54C166641D0A77
Requests: 42 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNjroUAAAAAOB1qWBC2Jlb0p8GXg88Cqi1Krue&co=aHR0cHM6Ly9wcmVzaWRlbmNlLnRkOjQ0Mw..&hl=en&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=uwb0lncm698x
Frame ID: 94BBB2AB53CA61222DA13A5D260CBC10
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Accueil - Présidence de la République du Tchad

Page Statistics

48
Requests

58 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

2876 kB
Transfer

4709 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://fr-fr.facebook.com/presidencetd

Search URL Search Domain Scan URL

URL: https://twitter.com/gmahamatidi?s=11

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/pr%C3%A9sidencetchad

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZrMX9RbAx1Q6dSzDm0QBXA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2020/10/logoTchad-1.png HTTP 302
https://presidence.td/wp-content/uploads/2020/10/logoTchad-1.png

Request Chain 6

https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_800,h_1200/https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg

Request Chain 7

https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_882,h_1083/https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg

Request Chain 19

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2020/10/accueil_presidence-1-1.jpg HTTP 302
https://presidence.td/wp-content/uploads/2020/10/accueil_presidence-1-1.jpg

Request Chain 20

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/11/8-2-1024x708.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/11/8-2-1024x708.jpg

Request Chain 21

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/11/7-1024x683.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/11/7-1024x683.jpg

Request Chain 22

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/11/3-2-1024x634.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/11/3-2-1024x634.jpg

Request Chain 23

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/11/8-1024x632.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/11/8-1024x632.jpg

Request Chain 24

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/11/3-1024x708.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/11/3-1024x708.jpg

Request Chain 25

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/10/1-8-1024x632.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/10/1-8-1024x632.jpg

Request Chain 40

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg

Request Chain 41

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/1-4.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/04/1-4.jpg

Request Chain 42

https://sp-ao.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_800/https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg

Request Chain 43

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg

Request Chain 44

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg

Request Chain 45

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg

Request Chain 46

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/1-4.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/04/1-4.jpg

Request Chain 48

https://sp-ao.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_882/https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg HTTP 302
https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg

48 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
presidence.td/ 328 KB
25 KB 2728ms
1899ms Document
text/html 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to

Full URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 00f43d946cfb0105b04587d6ee1e06c874850e6e92c251aeb0020e3756448191

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

link: <https://presidence.td/wp-json/>; rel="https://api.w.org/", <https://presidence.td/wp-json/wp/v2/pages/661>; rel="alternate"; type="application/json", <https://presidence.td/>; rel=shortlink
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 24705
content-type: text/html; charset=UTF-8
date: Fri, 12 Nov 2021 21:12:24 GMT
server: Apache

GET
H2 200 pressville-icons.ttf
presidence.td/wp-content/themes/pressville/assets/fonts/ 33 KB
19 KB 56ms
55ms Font
font/ttf 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to

Full URL: https://presidence.td/wp-content/themes/pressville/assets/fonts/pressville-icons.ttf?ykgj07
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: d5f402978ed1bc3e330048194f7cf37be9573e0c348b60dcc8f65439e659d504

Request headers

Referer: https://presidence.td/
Origin: https://presidence.td
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
content-encoding: gzip
last-modified: Sun, 25 Oct 2020 17:20:16 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/ttf
accept-ranges: bytes
content-length: 19393

GET
H2 200 autoptimize_73ebf77cdde8ac387b08b1828feb93ca.css
presidence.td/wp-content/cache/autoptimize/css/ 810 KB
87 KB 95ms
95ms Stylesheet
text/css 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to

Full URL: https://presidence.td/wp-content/cache/autoptimize/css/autoptimize_73ebf77cdde8ac387b08b1828feb93ca.css
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 69374a71fd6b1f6ab8e2a371dadd433ffa778046c6b039b053045167fb59e147

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
content-encoding: gzip
last-modified: Sun, 25 Oct 2020 21:18:51 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=30672000, public, immutable
accept-ranges: bytes
expires: Wed, 02 Nov 2022 21:12:26 GMT

GET
H2 200 jquery.js Show response
presidence.td/wp-includes/js/jquery/ 95 KB
33 KB 63ms
63ms Script
application/javascript 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to

Full URL: https://presidence.td/wp-includes/js/jquery/jquery.js
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
content-encoding: gzip
last-modified: Sun, 25 Oct 2020 17:59:04 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 33776

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
61 KB 175ms
64ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1DC86TESKX

Requested by

Host: presidence.td
URL: https://presidence.td/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9e93b31cfc904d4eb7cbc5b87abd18090158000eaec5a5d8bac2c71aa1d98db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 61752
x-xss-protection: 0
expires: Fri, 12 Nov 2021 21:12:27 GMT

GET
H2

200

logoTchad-1.png
presidence.td/wp-content/uploads/2020/10/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2020/10/logoTchad-1.png
https://presidence.td/wp-content/uploads/2020/10/logoTchad-1.png

111 KB
112 KB

91ms
90ms

Image
image/png

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2020/10/logoTchad-1.png
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: b88790f81ce83db123996b0c9ebe07b52321d69b5b3f31efe847be0bc3102768

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Sun, 25 Oct 2020 16:50:34 GMT
server: Apache
accept-ranges: bytes
content-length: 113847
content-type: image/png

Redirect headers

date: Fri, 12 Nov 2021 21:12:27 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 21:12:27
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2020/10/logoTchad-1.png
content-type: text/html; charset=utf-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 04fe868fd70328099e60b751899760b1
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 190ms
64ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C600%2C600italic%2C700%2C700italic&display=swap

Requested by

Host: presidence.td
URL: https://presidence.td/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d6ff9ce590e9d6210ffc6a7a282630fea42336748d898de6cb8e1ec68a97437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 21:12:27 GMT
server: ESF
date: Fri, 12 Nov 2021 21:12:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Nov 2021 21:12:27 GMT

GET
H2

200

Photo-message-nation-4.jpg
presidence.td/wp-content/uploads/2021/04/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_800,h_1200/https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg
https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg

154 KB
155 KB

113ms
112ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 0014e53177158b896d702fb7aaa9d883a9ee6e598c4159a1a515c1bbf9cc1a6b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Tue, 27 Apr 2021 21:07:53 GMT
server: Apache
accept-ranges: bytes
content-length: 157452
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:27 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 21:12:27
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg
content-type: text/html; charset=utf-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 3649b40da52c00e1c589899df679e8d3
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

photo-declaration-CMT-1.jpg
presidence.td/wp-content/uploads/2021/04/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_882,h_1083/https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg
https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg

172 KB
173 KB

51ms
50ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 2a4333e44101fb3233daa16386377880a516ed959967da259d6e76da7d9250ae

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Tue, 27 Apr 2021 21:23:05 GMT
server: Apache
accept-ranges: bytes
content-length: 175980
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:27 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 17:41:44
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 97b2bd152d6776e900a77d2a7cb34d16
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 lazysizes.min.js Show response
presidence.td/wp-content/plugins/autoptimize/classes/external/js/ 9 KB
4 KB 55ms
54ms Script
application/javascript 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to

Full URL: https://presidence.td/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.7.8
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 57135994acd82a57e8341534e7056af792a0b3a82415e67846dc914a1727308b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
content-encoding: gzip
last-modified: Sun, 25 Oct 2020 21:16:57 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 4057

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
875 B 190ms
73ms Script
text/javascript 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfNjroUAAAAAOB1qWBC2Jlb0p8GXg88Cqi1Krue&ver=3.0

Requested by

Host: presidence.td
URL: https://presidence.td/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6442e832fc740d07f05810d8302e7b81cb89f934940eb97d699dfd6e4204fcfe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: clear
content-length: 587
x-xss-protection: 1; mode=block
expires: Fri, 12 Nov 2021 21:12:27 GMT

GET
H2 200 autoptimize_2f2a5752c210de17e1531f3d53b95538.js Show response
presidence.td/wp-content/cache/autoptimize/js/ 206 KB
55 KB 73ms
73ms Script
application/javascript 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to

Full URL: https://presidence.td/wp-content/cache/autoptimize/js/autoptimize_2f2a5752c210de17e1531f3d53b95538.js
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 17d62c3f11fe40749819624c5a237d72bc16704e3b5b5280457440ba8b8bed7a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 02:47:37 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=30672000, public, immutable
accept-ranges: bytes
content-length: 55404
expires: Wed, 02 Nov 2022 21:12:26 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 footer-1.jpg
presidence.td/wp-content/uploads/2020/08/ 155 KB
156 KB 87ms
86ms Image
image/jpeg 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2020/08/footer-1.jpg?id=3996
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 2f44a148f8cc21a9bf3de6676ad10e4c6a54b40874c29c6a446c509f076fb6a0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Sun, 25 Oct 2020 17:02:19 GMT
server: Apache
accept-ranges: bytes
content-length: 158541
content-type: image/jpeg

GET
H2 200 facebook.png
presidence.td/wp-content/uploads/2020/03/ 4 KB
4 KB 70ms
69ms Image
image/png 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2020/03/facebook.png
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: efadd3a169a348f7d6bb32276ba838e7ca4c5c83ad6e504f910f03a986352977

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Sun, 25 Oct 2020 16:45:40 GMT
server: Apache
accept-ranges: bytes
content-length: 3719
content-type: image/png

GET
H2 200 twitter.png
presidence.td/wp-content/uploads/2020/03/ 5 KB
5 KB 68ms
67ms Image
image/png 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2020/03/twitter.png
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 90b72d14006f9c61b04831523963bce1b0440b5e5aa9b2c2f7901d36f13f779d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Sun, 25 Oct 2020 16:45:18 GMT
server: Apache
accept-ranges: bytes
content-length: 5030
content-type: image/png

GET
H2 200 linkedin.png
presidence.td/wp-content/uploads/2020/03/ 4 KB
4 KB 68ms
67ms Image
image/png 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2020/03/linkedin.png
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 110b6177459bf3ca00230e5c2688bd19d4bdfa9334b730df325902e5f4ddf1d3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Sun, 25 Oct 2020 16:45:19 GMT
server: Apache
accept-ranges: bytes
content-length: 4387
content-type: image/png

GET
H2 200 instagram.png
presidence.td/wp-content/uploads/2020/03/ 6 KB
6 KB 68ms
67ms Image
image/png 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2020/03/instagram.png
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 96115e99a8fc812740b2f8c9fd9ae635a8ced71197d99460e9775834965aebb8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Sun, 25 Oct 2020 16:44:42 GMT
server: Apache
accept-ranges: bytes
content-length: 6458
content-type: image/png

GET
H2 200 youtube.png
presidence.td/wp-content/uploads/2020/03/ 5 KB
5 KB 69ms
68ms Image
image/png 209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2020/03/youtube.png
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 9e2e7c564512473b147a05280d35eafaefd85b42af616f6eae1bb647889627bb

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Sun, 25 Oct 2020 16:45:28 GMT
server: Apache
accept-ranges: bytes
content-length: 4833
content-type: image/png

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddf6fdea6eecbb145efbdc4a2f1c02d181a8a8a8c55044a915ba8ee109b6067b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/avif

GET
H2

200

accueil_presidence-1-1.jpg
presidence.td/wp-content/uploads/2020/10/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2020/10/accueil_presidence-1-1.jpg
https://presidence.td/wp-content/uploads/2020/10/accueil_presidence-1-1.jpg

132 KB
132 KB

49ms
49ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2020/10/accueil_presidence-1-1.jpg
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 16f1bb7931163f948713c24ef0228e6e1c32163efcdcd668050a422cacf21630

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Fri, 30 Oct 2020 16:44:12 GMT
server: Apache
accept-ranges: bytes
content-length: 134747
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:27 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 15:07:05
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2020/10/accueil_presidence-1-1.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: dc2c248d111414bc9dac13ee04f27f22
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

8-2-1024x708.jpg
presidence.td/wp-content/uploads/2021/11/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/11/8-2-1024x708.jpg
https://presidence.td/wp-content/uploads/2021/11/8-2-1024x708.jpg

75 KB
75 KB

91ms
90ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/11/8-2-1024x708.jpg
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: ef93ccc3fc87c9934672d8abffb2849c28a3296587d456d666ad3f6e2ed5bc88

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Fri, 12 Nov 2021 15:39:37 GMT
server: Apache
accept-ranges: bytes
content-length: 76978
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:27 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 21:12:27
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/11/8-2-1024x708.jpg
content-type: text/html; charset=utf-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 780db14e6947cfa4ca5dab76f0f14583
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

7-1024x683.jpg
presidence.td/wp-content/uploads/2021/11/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/11/7-1024x683.jpg
https://presidence.td/wp-content/uploads/2021/11/7-1024x683.jpg

112 KB
112 KB

111ms
111ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/11/7-1024x683.jpg
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: e0bbc3e01ce41e61dbb0e90a80f51a461b9cc9dcb0820bbc4da720c4171b8962

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Fri, 12 Nov 2021 06:18:05 GMT
server: Apache
accept-ranges: bytes
content-length: 114836
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:27 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 21:12:27
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/11/7-1024x683.jpg
content-type: text/html; charset=utf-8
cdn-cache: MISS
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: ea2cc894ca5f9cb0a461fb6bec278d7e
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

3-2-1024x634.jpg
presidence.td/wp-content/uploads/2021/11/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/11/3-2-1024x634.jpg
https://presidence.td/wp-content/uploads/2021/11/3-2-1024x634.jpg

93 KB
93 KB

108ms
107ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/11/3-2-1024x634.jpg
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 18d3b2a9faad46ed238013a52708ec46f7812c912e93147e6118230e329a7d80

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Thu, 11 Nov 2021 14:53:13 GMT
server: Apache
accept-ranges: bytes
content-length: 95054
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:27 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 21:12:27
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/11/3-2-1024x634.jpg
content-type: text/html; charset=utf-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 6b611db4711835867d472f5434d95997
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

8-1024x632.jpg
presidence.td/wp-content/uploads/2021/11/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/11/8-1024x632.jpg
https://presidence.td/wp-content/uploads/2021/11/8-1024x632.jpg

108 KB
109 KB

115ms
115ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/11/8-1024x632.jpg
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: decffec0c83697ed24d8692e1598fb50e0e6dbd19928d9dc0520cc87c4a85ca8

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Wed, 10 Nov 2021 17:47:28 GMT
server: Apache
accept-ranges: bytes
content-length: 110873
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:27 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 07:16:02
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/11/8-1024x632.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 2879dc5f6974960e9244dc5f21027370
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

3-1024x708.jpg
presidence.td/wp-content/uploads/2021/11/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/11/3-1024x708.jpg
https://presidence.td/wp-content/uploads/2021/11/3-1024x708.jpg

116 KB
116 KB

108ms
108ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/11/3-1024x708.jpg
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 1fbc5797b773dc28b11553a360020240bfdde4023650dba55d29e0ab2e19a5d3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Mon, 08 Nov 2021 13:03:36 GMT
server: Apache
accept-ranges: bytes
content-length: 118929
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:27 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 21:12:27
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/11/3-1024x708.jpg
content-type: text/html; charset=utf-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 022bab43cce9686fad5f133f4cbff888
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

1-8-1024x632.jpg
presidence.td/wp-content/uploads/2021/10/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/10/1-8-1024x632.jpg
https://presidence.td/wp-content/uploads/2021/10/1-8-1024x632.jpg

94 KB
95 KB

75ms
74ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/10/1-8-1024x632.jpg
Requested by: Host: presidence.td
URL: https://presidence.td/
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: b374095ce7e6a5696543e9bb147861e12590918bb6633cbf8190e38a8049e94e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:26 GMT
last-modified: Fri, 29 Oct 2021 19:06:11 GMT
server: Apache
accept-ranges: bytes
content-length: 96751
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:27 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 17:41:46
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/10/1-8-1024x632.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 7999aaac6afaad724440f5f6028af209
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ 345 KB
135 KB 108ms
32ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfNjroUAAAAAOB1qWBC2Jlb0p8GXg88Cqi1Krue&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2aca871ba09c94615b90626339a470e5688a89ec790d33cde2613fb002676b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://presidence.td/
Origin: https://presidence.td
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 19:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 137527
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 21:26:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 12 Nov 2022 19:37:57 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 126ms
42ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C600%2C600italic%2C700%2C700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://presidence.td
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 22:16:11 GMT
x-content-type-options: nosniff
age: 600976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 22:16:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 134ms
70ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C600%2C600italic%2C700%2C700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://presidence.td
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 09:46:08 GMT
x-content-type-options: nosniff
age: 41179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 09:46:08 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 135ms
79ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C400italic%2C600%2C600italic%2C700%2C700italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://presidence.td
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:45:31 GMT
x-content-type-options: nosniff
age: 584816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 06 Nov 2022 02:45:31 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 94BB 40 KB
21 KB 98ms
97ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNjroUAAAAAOB1qWBC2Jlb0p8GXg88Cqi1Krue&co=aHR0cHM6Ly9wcmVzaWRlbmNlLnRkOjQ0Mw..&hl=en&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=uwb0lncm698x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

586fde10a0b7384631e7687ba4ed6ef0cbfdef4852dd5430f501cb6c6436272e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uRbjPSJj3ZvbZ3Rv5rEhCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 12 Nov 2021 21:12:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-uRbjPSJj3ZvbZ3Rv5rEhCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21195
server: GSE
alt-svc: clear

POST
H2 204 collect
www.google-analytics.com/g/ 0
220 B 211ms
98ms Ping
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1DC86TESKX&gtm=2oeba1&_p=1272568059&sr=1600x1200&ul=en-us&cid=563570863.1636751548&_s=1&dl=https%3A%2F%2Fpresidence.td%2F&dt=Accueil%20-%20Pr%C3%A9sidence%20de%20la%20R%C3%A9publique%20du%20Tchad&sid=1636751547&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1DC86TESKX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://presidence.td/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 21:12:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://presidence.td
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ Frame 94BB 52 KB
26 KB 147ms
47ms Stylesheet
text/css 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNjroUAAAAAOB1qWBC2Jlb0p8GXg88Cqi1Krue&co=aHR0cHM6Ly9wcmVzaWRlbmNlLnRkOjQ0Mw..&hl=en&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=uwb0lncm698x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 21:26:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 12 Nov 2022 13:00:33 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ Frame 94BB 345 KB
134 KB 179ms
80ms Script
text/javascript 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2aca871ba09c94615b90626339a470e5688a89ec790d33cde2613fb002676b45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 19:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 137527
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 21:26:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 12 Nov 2022 19:37:57 GMT

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 94BB 2 KB
2 KB 34ms
33ms Image
image/png 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 13:00:06 GMT
x-content-type-options: nosniff
age: 288742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 16 Nov 2021 13:00:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 94BB 15 KB
15 KB 31ms
31ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 14:35:05 GMT
x-content-type-options: nosniff
age: 23843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 14:35:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 94BB 15 KB
15 KB 37ms
37ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:08:38 GMT
x-content-type-options: nosniff
age: 572630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 06 Nov 2022 06:08:38 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame 94BB 102 B
204 B 70ms
70ms Other
text/javascript 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=yZguKF1TiDm6F3yJWVhmOKQ9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a57c180d66dab482ed8367bd7204f024563c81fbd97c969ea78be332ad20193c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNjroUAAAAAOB1qWBC2Jlb0p8GXg88Cqi1Krue&co=aHR0cHM6Ly9wcmVzaWRlbmNlLnRkOjQ0Mw..&hl=en&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=uwb0lncm698x
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: clear
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 12 Nov 2021 21:12:28 GMT

POST
H2 200 reload Show response
www.google.com/recaptcha/api2/ Frame 94BB 30 KB
17 KB 107ms
107ms XHR
application/json 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfNjroUAAAAAOB1qWBC2Jlb0p8GXg88Cqi1Krue

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22a04c4fe403c53e5634114efbd0f214d734336b541448dfa3485ab62a34bbe0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfNjroUAAAAAOB1qWBC2Jlb0p8GXg88Cqi1Krue&co=aHR0cHM6Ly9wcmVzaWRlbmNlLnRkOjQ0Mw..&hl=en&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=uwb0lncm698x
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 12 Nov 2021 21:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: clear
content-length: 17260
x-xss-protection: 1; mode=block
expires: Fri, 12 Nov 2021 21:12:28 GMT

GET Photo-message-nation-4.jpg
sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_800,h_1200/https://presidence.td/wp-content/uploads/2021/04/ 0
0

GET
H2

200

DSC_3898-1024x683.jpg
presidence.td/wp-content/uploads/2021/04/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg
https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg

144 KB
145 KB

111ms
111ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 1637530e92980ddb58c9b180689f305bfab176fafa077d9f96fb26711f2b23ad

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:28 GMT
last-modified: Tue, 20 Apr 2021 16:18:53 GMT
server: Apache
accept-ranges: bytes
content-length: 147617
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:29 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 17:41:46
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 372591c4f6b9e9cb1104b7cfb34a2730
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

1-4.jpg
presidence.td/wp-content/uploads/2021/04/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/1-4.jpg
https://presidence.td/wp-content/uploads/2021/04/1-4.jpg

71 KB
71 KB

52ms
52ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/04/1-4.jpg
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 574f26b52d5881effb5fd26bdfc1def83a4edcf1b05387ab4871be7b9c4ffdd2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:28 GMT
last-modified: Tue, 20 Apr 2021 11:17:32 GMT
server: Apache
accept-ranges: bytes
content-length: 72538
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:29 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 21:12:29
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/04/1-4.jpg
content-type: text/html; charset=utf-8
cdn-cache: EXPIRED
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: d653055001509cfcba933645eb71eaf5
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

Photo-message-nation-4.jpg
presidence.td/wp-content/uploads/2021/04/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_800/https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg
https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg

154 KB
155 KB

54ms
54ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 0014e53177158b896d702fb7aaa9d883a9ee6e598c4159a1a515c1bbf9cc1a6b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:28 GMT
last-modified: Tue, 27 Apr 2021 21:07:53 GMT
server: Apache
accept-ranges: bytes
content-length: 157452
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:29 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 17:41:46
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: af410bc2dd1ba990d7f88b04be991674
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

IMG-20210420-WA0003.jpg
presidence.td/wp-content/uploads/2021/04/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg
https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg

31 KB
31 KB

57ms
57ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 74e1b46f974fedc11b4cce6c10c7586ec23ccd2844e6eb14f05852e26343d08e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:28 GMT
last-modified: Wed, 21 Apr 2021 06:23:36 GMT
server: Apache
accept-ranges: bytes
content-length: 31695
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:29 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 17:41:46
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 6363c911eb4656cafaa2776653493049
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

DSC_3898-1024x683.jpg
presidence.td/wp-content/uploads/2021/04/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg
https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg

144 KB
145 KB

53ms
53ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 1637530e92980ddb58c9b180689f305bfab176fafa077d9f96fb26711f2b23ad

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:28 GMT
last-modified: Tue, 20 Apr 2021 16:18:53 GMT
server: Apache
accept-ranges: bytes
content-length: 147617
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:29 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 17:41:46
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/04/DSC_3898-1024x683.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 6dd15550356e4e5009875d9c65d84602
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

IMG-20210420-WA0003.jpg
presidence.td/wp-content/uploads/2021/04/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg
https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg

31 KB
31 KB

57ms
56ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 74e1b46f974fedc11b4cce6c10c7586ec23ccd2844e6eb14f05852e26343d08e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:28 GMT
last-modified: Wed, 21 Apr 2021 06:23:36 GMT
server: Apache
accept-ranges: bytes
content-length: 31695
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:29 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 17:41:46
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/04/IMG-20210420-WA0003.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 4f076aa6e10e1f747c44e1fd81d91e13
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2

200

1-4.jpg
presidence.td/wp-content/uploads/2021/04/
Redirect Chain

https://sp-ao.shortpixel.ai/client/q_glossy,ret_img/https://presidence.td/wp-content/uploads/2021/04/1-4.jpg
https://presidence.td/wp-content/uploads/2021/04/1-4.jpg

71 KB
71 KB

57ms
57ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/04/1-4.jpg
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 574f26b52d5881effb5fd26bdfc1def83a4edcf1b05387ab4871be7b9c4ffdd2

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:28 GMT
last-modified: Tue, 20 Apr 2021 11:17:32 GMT
server: Apache
accept-ranges: bytes
content-length: 72538
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:29 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 21:12:29
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/04/1-4.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: 75a02ab4922d52e22b25550d02d02404
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

GET photo-declaration-CMT-1.jpg
sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_882,h_1083/https://presidence.td/wp-content/uploads/2021/04/ 0
0

GET
H2

200

photo-declaration-CMT-1.jpg
presidence.td/wp-content/uploads/2021/04/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_avif,q_glossy,ret_img,w_882/https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg
https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg

172 KB
173 KB

59ms
59ms

Image
image/jpeg

209.16.158.69
PLANETHOSTER-8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg
Protocol: H2
Server: 209.16.158.69 , Canada, ASN53589 (PLANETHOSTER-8, CA),
Reverse DNS: hybrid3400.ca.ns.planethoster.net
Software: Apache /
Resource Hash: 2a4333e44101fb3233daa16386377880a516ed959967da259d6e76da7d9250ae

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://presidence.td/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 21:12:28 GMT
last-modified: Tue, 27 Apr 2021 21:23:05 GMT
server: Apache
accept-ranges: bytes
content-length: 175980
content-type: image/jpeg

Redirect headers

date: Fri, 12 Nov 2021 21:12:29 GMT
cdn-edgestorageid: 742
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 11/12/2021 17:41:47
cdn-pullzone: 257218
cdn-tag: 0; Domain: presidence.td; 302
content-length: 0
server: BunnyCDN-NY1-742
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.0
cdn-requestpullcode: 302
location: https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: e0bb89ea6ca1a822d9f264790d217fb3
cdn-requestcountrycode: RO
cdn-status: 302
cdn-requestpullsuccess: True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sp-ao.shortpixel.ai
URL: https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_800,h_1200/https://presidence.td/wp-content/uploads/2021/04/Photo-message-nation-4.jpg

Domain: sp-ao.shortpixel.ai
URL: https://sp-ao.shortpixel.ai/client/q_lqip,ret_wait,w_882,h_1083/https://presidence.td/wp-content/uploads/2021/04/photo-declaration-CMT-1.jpg

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 02:58:23	Name: _GRECAPTCHA Value: 09AINsHFdtoM-pUxKsaXx7EZQXND52v4m8vgG1S9CAW_-S6k9M1-FVw0bqPNTVNXtfdqFyG3Fq3BX61v_t5WabnOQ
presidence.td/	1970-01-20 07:24:47	Name: pll_language Value: fr
.presidence.td/	1970-01-20 16:10:23	Name: _ga_1DC86TESKX Value: GS1.1.1636751547.1.0.1636751547.0
.presidence.td/	1970-01-20 16:10:23	Name: _ga Value: GA1.1.563570863.1636751548

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
presidence.td
sp-ao.shortpixel.ai
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
sp-ao.shortpixel.ai
195.181.168.47
209.16.158.69
2607:f8b0:4006:809::2003
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::200e
2607:f8b0:4006:817::200a
2607:f8b0:4006:822::2004
0014e53177158b896d702fb7aaa9d883a9ee6e598c4159a1a515c1bbf9cc1a6b
00f43d946cfb0105b04587d6ee1e06c874850e6e92c251aeb0020e3756448191
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
110b6177459bf3ca00230e5c2688bd19d4bdfa9334b730df325902e5f4ddf1d3
1637530e92980ddb58c9b180689f305bfab176fafa077d9f96fb26711f2b23ad
16f1bb7931163f948713c24ef0228e6e1c32163efcdcd668050a422cacf21630
17d62c3f11fe40749819624c5a237d72bc16704e3b5b5280457440ba8b8bed7a
18d3b2a9faad46ed238013a52708ec46f7812c912e93147e6118230e329a7d80
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbc5797b773dc28b11553a360020240bfdde4023650dba55d29e0ab2e19a5d3
22a04c4fe403c53e5634114efbd0f214d734336b541448dfa3485ab62a34bbe0
2a4333e44101fb3233daa16386377880a516ed959967da259d6e76da7d9250ae
2aca871ba09c94615b90626339a470e5688a89ec790d33cde2613fb002676b45
2f44a148f8cc21a9bf3de6676ad10e4c6a54b40874c29c6a446c509f076fb6a0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce
57135994acd82a57e8341534e7056af792a0b3a82415e67846dc914a1727308b
574f26b52d5881effb5fd26bdfc1def83a4edcf1b05387ab4871be7b9c4ffdd2
586fde10a0b7384631e7687ba4ed6ef0cbfdef4852dd5430f501cb6c6436272e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6442e832fc740d07f05810d8302e7b81cb89f934940eb97d699dfd6e4204fcfe
69374a71fd6b1f6ab8e2a371dadd433ffa778046c6b039b053045167fb59e147
74e1b46f974fedc11b4cce6c10c7586ec23ccd2844e6eb14f05852e26343d08e
90b72d14006f9c61b04831523963bce1b0440b5e5aa9b2c2f7901d36f13f779d
96115e99a8fc812740b2f8c9fd9ae635a8ced71197d99460e9775834965aebb8
9d6ff9ce590e9d6210ffc6a7a282630fea42336748d898de6cb8e1ec68a97437
9e2e7c564512473b147a05280d35eafaefd85b42af616f6eae1bb647889627bb
a57c180d66dab482ed8367bd7204f024563c81fbd97c969ea78be332ad20193c
b374095ce7e6a5696543e9bb147861e12590918bb6633cbf8190e38a8049e94e
b88790f81ce83db123996b0c9ebe07b52321d69b5b3f31efe847be0bc3102768
c9e93b31cfc904d4eb7cbc5b87abd18090158000eaec5a5d8bac2c71aa1d98db
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d5f402978ed1bc3e330048194f7cf37be9573e0c348b60dcc8f65439e659d504
ddf6fdea6eecbb145efbdc4a2f1c02d181a8a8a8c55044a915ba8ee109b6067b
decffec0c83697ed24d8692e1598fb50e0e6dbd19928d9dc0520cc87c4a85ca8
e0bbc3e01ce41e61dbb0e90a80f51a461b9cc9dcb0820bbc4da720c4171b8962
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef93ccc3fc87c9934672d8abffb2849c28a3296587d456d666ad3f6e2ed5bc88
efadd3a169a348f7d6bb32276ba838e7ca4c5c83ad6e504f910f03a986352977

presidence.td Open in urlscan Pro 209.16.158.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

48 Requests

58 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

2876 kBTransfer

4709 kBSize

4 Cookies

4 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

presidence.td Open in urlscan Pro
209.16.158.69 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

58 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

2876 kB
Transfer

4709 kB
Size

4
Cookies

48 HTTP transactions
2 data transactions