eighbooks.xyz Open in urlscan Pro
2606:4700:3036::6818:71b3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ead.laboro.edu.br/tennessee-absentee-ballots-vote-org.pdf
Effective URL:
https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Submission: On August 13 via api (August 13th 2020, 4:33:25 pm UTC) from US

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 15 domains to perform 45 HTTP transactions. The main IP is 2606:4700:3036::6818:71b3, located in United States and belongs to CLOUDFLARENET, US. The main domain is eighbooks.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2020. Valid for: a year.

This is the only time eighbooks.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	45.56.82.41 45.56.82.41	63949 (LINODE-AP...) (LINODE-AP Linode)
17	2606:4700:303... 2606:4700:3036::6818:71b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:eb:... 2a02:26f0:eb::214:bd19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 8	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6811:4e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
45	15

3 45.56.82.41 (Fremont, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li884-41.members.linode.com

ead.laboro.edu.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3036::6818:71b3 (United States)

ASN13335 (CLOUDFLARENET, US)

eighbooks.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:eb::214:bd19 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

fbcdn-profile-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland) 8 redirects

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	eighbooks.xyz eighbooks.xyz	813 KB
8	fbcdn.net scontent-frx5-1.xx.fbcdn.net scontent-frt3-2.xx.fbcdn.net static.xx.fbcdn.net scontent-frt3-1.xx.fbcdn.net	14 KB
8	facebook.com 8 redirects graph.facebook.com	3 KB
3	googleapis.com translate.googleapis.com	90 KB
3	akamaihd.net fbcdn-profile-a.akamaihd.net
3	laboro.edu.br 1 redirects ead.laboro.edu.br	10 KB
2	doubleclick.net googleads.g.doubleclick.net
2	google.com translate.google.com adservice.google.com	2 KB
2	googlesyndication.com pagead2.googlesyndication.com	128 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	829 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	cloudflare.com cdnjs.cloudflare.com	806 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	10 KB
0	jquery.com Failed code.jquery.com Failed
45	15

	Domain	Requested by
17	eighbooks.xyz	ead.laboro.edu.br eighbooks.xyz
8	graph.facebook.com	8 redirects
4	scontent-frx5-1.xx.fbcdn.net	eighbooks.xyz
3	translate.googleapis.com	translate.google.com translate.googleapis.com
3	fbcdn-profile-a.akamaihd.net	eighbooks.xyz
3	ead.laboro.edu.br	1 redirects ead.laboro.edu.br
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	scontent-frt3-1.xx.fbcdn.net	eighbooks.xyz
2	pagead2.googlesyndication.com	eighbooks.xyz pagead2.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	eighbooks.xyz
1	cdnjs.cloudflare.com	eighbooks.xyz
1	maxcdn.bootstrapcdn.com	eighbooks.xyz
1	static.xx.fbcdn.net	eighbooks.xyz
1	scontent-frt3-2.xx.fbcdn.net	eighbooks.xyz
1	translate.google.com	eighbooks.xyz
0	code.jquery.com Failed	eighbooks.xyz
45	19

This site contains links to these domains. Also see Links.

Domain
see.kmisln.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Frame ID: E29D4C5B5D5B295476D10543667A1D2D
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200810/r20190131/zrt_lookup.html
Frame ID: 2ECB24D37830086659538278912DDE46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5014329951030966&output=html&adk=1812271804&adf=3025194257&lmt=1597336391&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Feighbooks.xyz%2Fdl.php%3Fq%3Dtennessee_absentee_ballots_vote_org&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1597336391213&bpp=71&bdt=398&idt=193&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6184356509791&frm=20&pv=2&ga_vid=1167682956.1597336391&ga_sid=1597336391&ga_hid=1039159066&ga_fc=0&iag=0&icsg=189056&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559&oid=3&pvsid=1415921718040608&pem=603&ref=http%3A%2F%2Fead.laboro.edu.br%2Freading.php%3Fq%3Dtennessee-absentee-ballots-vote-org&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=255
Frame ID: ADD5421AA23C91F3DB67E0233928D0A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ead.laboro.edu.br/tennessee-absentee-ballots-vote-org.pdf HTTP 302
http://ead.laboro.edu.br/reading.php?q=tennessee-absentee-ballots-vote-org Page URL
https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

45
Requests

93 %
HTTPS

87 %
IPv6

15
Domains

19
Subdomains

15
IPs

4
Countries

1130 kB
Transfer

1800 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://see.kmisln.com/offer?prod=2&ref=5215130&sub_id=tennessee+absentee+ballots+vote+org

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ead.laboro.edu.br/tennessee-absentee-ballots-vote-org.pdf HTTP 302
http://ead.laboro.edu.br/reading.php?q=tennessee-absentee-ballots-vote-org Page URL
https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ead.laboro.edu.br/tennessee-absentee-ballots-vote-org.pdf HTTP 302
http://ead.laboro.edu.br/reading.php?q=tennessee-absentee-ballots-vote-org

Request Chain 16

https://graph.facebook.com/100002361385815/picture HTTP 302
https://scontent-frx5-1.xx.fbcdn.net/v/t31.0-1/cp0/p50x50/21994120_1487502401338458_7896534861152812145_o.jpg?_nc_cat=110&_nc_sid=dbb9e7&_nc_ohc=2WiHTtISUkwAX9nT_Q_&_nc_ht=scontent-frx5-1.xx&oh=ef30d267dcd59bc3c19352fd535ab3e4&oe=5F5C356A

Request Chain 17

https://graph.facebook.com/627682868/picture HTTP 302
https://scontent-frt3-2.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/70489352_10156838097507869_1317269922836905984_n.jpg?_nc_cat=103&_nc_sid=dbb9e7&_nc_ohc=wgN_i3-Hx_sAX_dRaYA&_nc_ht=scontent-frt3-2.xx&oh=d36035cdd2656894c35dc9327ec6ca92&oe=5F592D63

Request Chain 18

https://graph.facebook.com/500063172/picture HTTP 302
https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/99282835_10157713253623173_7898955486005821440_n.jpg?_nc_cat=100&_nc_sid=dbb9e7&_nc_ohc=gD5K7cq295UAX_K_N6R&_nc_ht=scontent-frx5-1.xx&oh=fb405ddb2b3cecd6fa454610a315341c&oe=5F5BB1B1

Request Chain 19

https://graph.facebook.com/276175/picture HTTP 302
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

Request Chain 20

https://graph.facebook.com/123448/picture HTTP 302
https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/13697107_10102534747692102_3393089078766434422_n.jpg?_nc_cat=105&_nc_sid=dbb9e7&_nc_ohc=Lw7c8Jme7eQAX8T7BbC&_nc_ht=scontent-frx5-1.xx&oh=da5e618b3d0f48b4e5462b31dcb8ed34&oe=5F59DF74

Request Chain 21

https://graph.facebook.com/123451/picture HTTP 302
https://scontent-frx5-1.xx.fbcdn.net/v/t31.0-1/cp0/p50x50/10704331_10101503858327652_4442453387330571838_o.jpg?_nc_cat=1&_nc_sid=dbb9e7&_nc_ohc=CAxK237kabsAX_DfPmX&_nc_ht=scontent-frx5-1.xx&oh=64cd4faad2a3b91bde5ad47f34645ad0&oe=5F5C59D3

Request Chain 22

https://graph.facebook.com/123450/picture HTTP 302
https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/12717630_10102266450636552_6985909798755080276_n.jpg?_nc_cat=108&_nc_sid=dbb9e7&_nc_ohc=vbBKGK4RejcAX9anike&_nc_ht=scontent-frt3-1.xx&oh=ff8dc509dd13cfd09df96c894f8d79e5&oe=5F5B7115

Request Chain 24

https://graph.facebook.com/123454/picture HTTP 302
https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/108631346_10105331623625312_3758534823152927577_n.jpg?_nc_cat=108&_nc_sid=dbb9e7&_nc_ohc=jBSpB5ieeREAX_UcxLz&_nc_ht=scontent-frt3-1.xx&oh=c71dc144074f989fc281f5fbeb49d205&oe=5F5A1E2F

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

reading.php Show response
ead.laboro.edu.br/
Redirect Chain

http://ead.laboro.edu.br/tennessee-absentee-ballots-vote-org.pdf
http://ead.laboro.edu.br/reading.php?q=tennessee-absentee-ballots-vote-org

1 KB
1 KB

1432ms
1431ms

Document
text/html

45.56.82.41
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://ead.laboro.edu.br/reading.php?q=tennessee-absentee-ballots-vote-org
Protocol: HTTP/1.1
Server: 45.56.82.41 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li884-41.members.linode.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 83a884c4a02dd31378fa96654f867bf318392c66dceef8b52ed21acda9c9e4c9

Request headers

Host: ead.laboro.edu.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 16:33:06 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 807
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 13 Aug 2020 16:33:05 GMT
Server: Apache/2.4.18 (Ubuntu)
Location: http://ead.laboro.edu.br/reading.php?q=tennessee-absentee-ballots-vote-org
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK loading.gif
ead.laboro.edu.br/ 8 KB
8 KB 1002ms
1001ms Image
image/gif 45.56.82.41
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ead.laboro.edu.br/loading.gif
Requested by: Host: ead.laboro.edu.br
URL: http://ead.laboro.edu.br/reading.php?q=tennessee-absentee-ballots-vote-org
Protocol: HTTP/1.1
Server: 45.56.82.41 Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li884-41.members.linode.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: effb443ee42b757cf81b4e40d4533827e61ac3268303ad8765a6b6948765746d

Request headers

Referer: http://ead.laboro.edu.br/reading.php?q=tennessee-absentee-ballots-vote-org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 13 Aug 2020 16:33:07 GMT
Last-Modified: Sat, 11 Nov 2017 03:56:20 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "1fc2-55dad051c0100"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8130

GET
H2 200 Primary Request dl.php Show response
eighbooks.xyz/ 12 KB
4 KB 300ms
281ms Document
text/html 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Requested by: Host: ead.laboro.edu.br
URL: http://ead.laboro.edu.br/reading.php?q=tennessee-absentee-ballots-vote-org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554f50a76c232cb7c8e640358973533ef2bb1696c111b70852e24d01442110ca

Request headers

:method: GET
:authority: eighbooks.xyz
:scheme: https
:path: /dl.php?q=tennessee_absentee_ballots_vote_org
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://ead.laboro.edu.br/reading.php?q=tennessee-absentee-ballots-vote-org
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://ead.laboro.edu.br/reading.php?q=tennessee-absentee-ballots-vote-org

Response headers

status: 200
date: Thu, 13 Aug 2020 16:33:10 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0b45b20eadea9139d5ecab3918cb60bb1597336390; expires=Sat, 12-Sep-20 16:33:10 GMT; path=/; domain=.eighbooks.xyz; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 048a4423800000176ae99ac200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c23d618c8a1176a-FRA
content-encoding: br

GET
H2 200 bootstrap.min.css
eighbooks.xyz/source1/ 120 KB
18 KB 25ms
23ms Stylesheet
text/css 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eighbooks.xyz/source1/bootstrap.min.css
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Feb 2020 08:24:57 GMT
server: cloudflare
age: 5800
etag: W/"6292c-1deb0-59ed5683b644e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5c23d61aaccf176a-FRA
cf-request-id: 048a4424ab0000176ae99be200000001

GET
H2 404 bootstrap.css
eighbooks.xyz/source1/ 0
0 20ms
17ms Stylesheet
text/html 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eighbooks.xyz/source1/bootstrap.css
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 31
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5c23d61aacd1176a-FRA
cf-request-id: 048a4424ac0000176ae99bf200000001

GET
H2 200 flag-icon.min.css
eighbooks.xyz/source1/ 32 KB
2 KB 13ms
11ms Stylesheet
text/css 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eighbooks.xyz/source1/flag-icon.min.css
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0c9bf7a40b606390f947277201557a4e6deb8a6ac5270ad52a1bc2a972d8ec3

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Feb 2020 08:24:57 GMT
server: cloudflare
age: 5800
etag: W/"6292e-7f7d-59ed5683b644e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5c23d61aacd2176a-FRA
cf-request-id: 048a4424ac0000176ae99c0200000001

GET
H2 200 font-awesome.min.css
eighbooks.xyz/source1/ 21 KB
5 KB 14ms
12ms Stylesheet
text/css 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eighbooks.xyz/source1/font-awesome.min.css
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Feb 2020 08:24:57 GMT
server: cloudflare
age: 5800
etag: W/"6292f-55e3-59ed5683b6836"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5c23d61aacd4176a-FRA
cf-request-id: 048a4424ac0000176ae99c1200000001

GET
H2 200 style.css
eighbooks.xyz/source1/ 3 KB
1 KB 17ms
15ms Stylesheet
text/css 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eighbooks.xyz/source1/style.css
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ea135b421a2ddbe31b8509229a13ed00a2b31b53e84ef5f630de0224515502

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 5800
cf-polished: origSize=4485
status: 200
cf-request-id: 048a4424ac0000176ae99c2200000001
last-modified: Tue, 18 Feb 2020 08:24:57 GMT
server: cloudflare
etag: W/"62933-1185-59ed5683b77d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5c23d61aacd6176a-FRA
cf-bgj: minify

GET
H2 200 fbfeed.css
eighbooks.xyz/source1/ 1 KB
570 B 14ms
12ms Stylesheet
text/css 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eighbooks.xyz/source1/fbfeed.css
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c4ae45bd5a649613d3cab5545435a8417a0f0dba715c6b86e4534295e6ad0e

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 5800
cf-polished: origSize=1707
status: 200
cf-request-id: 048a4424ac0000176ae99c3200000001
last-modified: Tue, 18 Feb 2020 08:24:57 GMT
server: cloudflare
etag: W/"6292d-6ab-59ed5683b644e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5c23d61aacd8176a-FRA
cf-bgj: minify

GET
H2 404 sg1a.js
eighbooks.xyz/js/ 0
0 16ms
14ms Script
text/html 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eighbooks.xyz/js/sg1a.js
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 31
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5c23d61aacd9176a-FRA
cf-request-id: 048a4424ac0000176ae99c4200000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 124 KB
44 KB 63ms
20ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed5c18e2394b3286e76e164790a16fcb0b752462f91798de334b935dc8704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 44507
x-xss-protection: 0
server: cafe
etag: 3737877303038312285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 13 Aug 2020 16:33:10 GMT

GET
H2 200 pdf.png
eighbooks.xyz/ 59 KB
59 KB 21ms
14ms Image
image/png 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eighbooks.xyz/pdf.png
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0071e54113b9d32ba57694b97022854bd19e597a36e50e00b51e3b705a9a616

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Feb 2020 08:24:57 GMT
server: cloudflare
age: 5799
etag: "62999-ec0c-59ed5683c75bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c23d61b0dac176a-FRA
content-length: 60428
cf-request-id: 048a4424e00000176ae99c9200000001

GET
H2 200 pdf.png
eighbooks.xyz/sip/ 59 KB
59 KB 26ms
20ms Image
image/png 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eighbooks.xyz/sip/pdf.png
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0071e54113b9d32ba57694b97022854bd19e597a36e50e00b51e3b705a9a616

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Feb 2020 08:24:57 GMT
server: cloudflare
age: 5799
etag: "62926-ec0c-59ed5683b4cde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c23d61b0dad176a-FRA
content-length: 60428
cf-request-id: 048a4424e00000176ae99ca200000001

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 2 KB
862 B 16ms
15ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

5ca6556034834c57d37d0bb181925c892fd188808b1f004ea54274ca79be4fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Aug 2020 16:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 797
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 reward.png
eighbooks.xyz/source1/ 95 KB
95 KB 24ms
18ms Image
image/png 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eighbooks.xyz/source1/reward.png
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9931390c46d53d856aedf3d4663fe37bf81ae11e97e871c4da311f283a6dc61

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Feb 2020 08:24:57 GMT
server: cloudflare
age: 5799
etag: "62932-17a86-59ed5683b77d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c23d61b0dae176a-FRA
content-length: 96902
cf-request-id: 048a4424e00000176ae99cb200000001

GET
H2 400 27383_100001191353904_1534_q.jpg
fbcdn-profile-a.akamaihd.net/hprofile-ak-prn1/ 0
0 48ms
5ms Image
text/html 2a02:26f0:eb::214:bd19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbcdn-profile-a.akamaihd.net/hprofile-ak-prn1/27383_100001191353904_1534_q.jpg
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:eb::214:bd19 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 400 371865_100003492652950_2083523518_q.jpg
fbcdn-profile-a.akamaihd.net/hprofile-ak-snc7/ 0
0 49ms
7ms Image
text/html 2a02:26f0:eb::214:bd19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbcdn-profile-a.akamaihd.net/hprofile-ak-snc7/371865_100003492652950_2083523518_q.jpg
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:eb::214:bd19 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

21994120_1487502401338458_7896534861152812145_o.jpg
scontent-frx5-1.xx.fbcdn.net/v/t31.0-1/cp0/p50x50/
Redirect Chain

https://graph.facebook.com/100002361385815/picture
https://scontent-frx5-1.xx.fbcdn.net/v/t31.0-1/cp0/p50x50/21994120_1487502401338458_7896534861152812145_o.jpg?_nc_cat=110&_nc_sid=dbb9e7&_nc_ohc=2WiHTtISUkwAX9nT_Q_&_nc_ht=scontent-frx5-1.xx&oh=ef3...

2 KB
2 KB

25ms
8ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t31.0-1/cp0/p50x50/21994120_1487502401338458_7896534861152812145_o.jpg?_nc_cat=110&_nc_sid=dbb9e7&_nc_ohc=2WiHTtISUkwAX9nT_Q_&_nc_ht=scontent-frx5-1.xx&oh=ef30d267dcd59bc3c19352fd535ab3e4&oe=5F5C356A
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9b101edc2b87a284aa206315bf127bef5bc69e2c94ff3566f1a3159c9ae7b1d4

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 81020975
date: Thu, 13 Aug 2020 16:33:11 GMT
x-fb-trip-id: 1460883810
last-modified: Sun, 24 Sep 2017 06:52:55 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-needle-checksum: 4208394046
x-fb-config-version-olb-prod: 879
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1962

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
status: 302
x-fb-rev: 1002509759
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: S3Nqq0Q85sufsDgCd5pOJ7723CwX4dvZuVKKidX/g7Q3a5NAj9oBlr9DQ8jJGBnWQCtvA0M7yw0yLtraqsjK9g==
x-fb-trace-id: DhBUHfl8JWy
date: Thu, 13 Aug 2020 16:33:10 GMT
content-type: image/jpeg
location: https://scontent-frx5-1.xx.fbcdn.net/v/t31.0-1/cp0/p50x50/21994120_1487502401338458_7896534861152812145_o.jpg?_nc_cat=110&_nc_sid=dbb9e7&_nc_ohc=2WiHTtISUkwAX9nT_Q_&_nc_ht=scontent-frx5-1.xx&oh=ef30d267dcd59bc3c19352fd535ab3e4&oe=5F5C356A
x-fb-request-id: AD-wxn9c7YMB3c7glhyMY7O
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

70489352_10156838097507869_1317269922836905984_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/
Redirect Chain

https://graph.facebook.com/627682868/picture
https://scontent-frt3-2.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/70489352_10156838097507869_1317269922836905984_n.jpg?_nc_cat=103&_nc_sid=dbb9e7&_nc_ohc=wgN_i3-Hx_sAX_dRaYA&_nc_ht=scontent-frt3-2.xx&oh=d36...

2 KB
2 KB

8ms
6ms

Image
image/jpeg

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/70489352_10156838097507869_1317269922836905984_n.jpg?_nc_cat=103&_nc_sid=dbb9e7&_nc_ohc=wgN_i3-Hx_sAX_dRaYA&_nc_ht=scontent-frt3-2.xx&oh=d36035cdd2656894c35dc9327ec6ca92&oe=5F592D63
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: eb7e9298aec8d2d315597eb669aeb50e262920a8a1ca56ef33e9b8da39c05511

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 3792147113
date: Thu, 13 Aug 2020 16:33:11 GMT
x-fb-trip-id: 664085054
last-modified: Tue, 24 Sep 2019 15:03:54 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3494614275
x-fb-config-version-olb-prod: 881
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1814

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
status: 302
x-fb-rev: 1002509759
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: NIQLlS6u+eepT/j14rUrJfg+HbegHYzEWLveOytIXQSvrA5IkuxKujUOh3TeIVTK39cTN1QyLcctt6aBV6v1+g==
x-fb-trace-id: GfTAEc5mGkz
date: Thu, 13 Aug 2020 16:33:10 GMT
content-type: image/jpeg
location: https://scontent-frt3-2.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/70489352_10156838097507869_1317269922836905984_n.jpg?_nc_cat=103&_nc_sid=dbb9e7&_nc_ohc=wgN_i3-Hx_sAX_dRaYA&_nc_ht=scontent-frt3-2.xx&oh=d36035cdd2656894c35dc9327ec6ca92&oe=5F592D63
x-fb-request-id: ARt4c4GRpW6-xxHz2GKqIcB
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

99282835_10157713253623173_7898955486005821440_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/
Redirect Chain

https://graph.facebook.com/500063172/picture
https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/99282835_10157713253623173_7898955486005821440_n.jpg?_nc_cat=100&_nc_sid=dbb9e7&_nc_ohc=gD5K7cq295UAX_K_N6R&_nc_ht=scontent-frx5-1.xx&oh=fb4...

2 KB
2 KB

25ms
8ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/99282835_10157713253623173_7898955486005821440_n.jpg?_nc_cat=100&_nc_sid=dbb9e7&_nc_ohc=gD5K7cq295UAX_K_N6R&_nc_ht=scontent-frx5-1.xx&oh=fb405ddb2b3cecd6fa454610a315341c&oe=5F5BB1B1
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b26a79eaf5e6f6b91d2d6f3b18a905a63f0aee014fc98f80144076799bb912c2

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 3025571545
date: Thu, 13 Aug 2020 16:33:11 GMT
x-fb-trip-id: 1460883810
last-modified: Sun, 24 May 2020 19:49:57 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1428606759
x-fb-config-version-olb-prod: 883
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1797

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
status: 302
x-fb-rev: 1002509759
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: Yv8LeXUq28yV2LEcMbVoAQzzUTZv+LQqFKreShk7Cx73ot8vwna2d1F/EzJI920deiwbDkexby9nZyQOMaCS2g==
x-fb-trace-id: DgxmrweZVh1
date: Thu, 13 Aug 2020 16:33:10 GMT
content-type: image/jpeg
location: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/99282835_10157713253623173_7898955486005821440_n.jpg?_nc_cat=100&_nc_sid=dbb9e7&_nc_ohc=gD5K7cq295UAX_K_N6R&_nc_ht=scontent-frx5-1.xx&oh=fb405ddb2b3cecd6fa454610a315341c&oe=5F5BB1B1
x-fb-request-id: Apha4Z2-gadvFC2us2GViV-
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

UlIqmHJn-SK.gif
static.xx.fbcdn.net/rsrc.php/v3/yo/r/
Redirect Chain

https://graph.facebook.com/276175/picture
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

390 B
691 B

8ms
5ms

Image
image/gif

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif

Requested by

Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28fb9862b8622b1ea4c76a959cc234425db61082ca0d89251429d214772bfa87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: Oq6/dYH2JEf055t2fF7fCOdtlLAN58MSwopuAChIlPDYMFoxdDeeYTJ6VV1rwjMxVrzvfnWcbh5m7jsoszgJwg==
x-fb-trip-id: 664085054
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: rxDNxBROChawl6KTsNlUIg==
date: Thu, 13 Aug 2020 16:33:11 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 390
expires: Wed, 11 Aug 2021 12:24:33 GMT

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
status: 302
x-fb-rev: 1002509759
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: p9jpQjyQZrWyRNCb3jB+wxf2E271YkYjWqicKXG9ylDPGwDMO/TuK3qMA7rQ/47+JI89oN+wCykkKx5Xqv3ijw==
x-fb-trace-id: CUqY/VaZyqX
date: Thu, 13 Aug 2020 16:33:10 GMT
content-type: image/jpeg
location: https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/UlIqmHJn-SK.gif
x-fb-request-id: Ahsn4bZ0P_k3WPpjaW9GWB7
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

13697107_10102534747692102_3393089078766434422_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/
Redirect Chain

https://graph.facebook.com/123448/picture
https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/13697107_10102534747692102_3393089078766434422_n.jpg?_nc_cat=105&_nc_sid=dbb9e7&_nc_ohc=Lw7c8Jme7eQAX8T7BbC&_nc_ht=scontent-frx5-1.xx&oh=da5...

2 KB
2 KB

26ms
8ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/13697107_10102534747692102_3393089078766434422_n.jpg?_nc_cat=105&_nc_sid=dbb9e7&_nc_ohc=Lw7c8Jme7eQAX8T7BbC&_nc_ht=scontent-frx5-1.xx&oh=da5e618b3d0f48b4e5462b31dcb8ed34&oe=5F59DF74
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f0786815445905706b069bb1994819d9366977e34a9d00fae0dd2b9d8b2b3685

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 368590095
date: Thu, 13 Aug 2020 16:33:11 GMT
x-fb-trip-id: 1460883810
last-modified: Wed, 20 Jul 2016 15:44:05 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-needle-checksum: 814791306
x-fb-config-version-olb-prod: 63612fb3edb54580a5077901332ace19
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1810

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
status: 302
x-fb-rev: 1002509759
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: g8SgZY/RtR9XwTZyYySdrQ0vOFQpkcWfU92Ho2pVeTRL+XlQ75Qpcvjh5gJoiuoxqbqxV2GIds5aAEvyl45mYg==
x-fb-trace-id: A5dZfmyFILY
date: Thu, 13 Aug 2020 16:33:10 GMT
content-type: image/jpeg
location: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/13697107_10102534747692102_3393089078766434422_n.jpg?_nc_cat=105&_nc_sid=dbb9e7&_nc_ohc=Lw7c8Jme7eQAX8T7BbC&_nc_ht=scontent-frx5-1.xx&oh=da5e618b3d0f48b4e5462b31dcb8ed34&oe=5F59DF74
x-fb-request-id: ASu8OY4XUX_hkNZw8v3iLpv
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

10704331_10101503858327652_4442453387330571838_o.jpg
scontent-frx5-1.xx.fbcdn.net/v/t31.0-1/cp0/p50x50/
Redirect Chain

https://graph.facebook.com/123451/picture
https://scontent-frx5-1.xx.fbcdn.net/v/t31.0-1/cp0/p50x50/10704331_10101503858327652_4442453387330571838_o.jpg?_nc_cat=1&_nc_sid=dbb9e7&_nc_ohc=CAxK237kabsAX_DfPmX&_nc_ht=scontent-frx5-1.xx&oh=64cd...

2 KB
2 KB

26ms
9ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t31.0-1/cp0/p50x50/10704331_10101503858327652_4442453387330571838_o.jpg?_nc_cat=1&_nc_sid=dbb9e7&_nc_ohc=CAxK237kabsAX_DfPmX&_nc_ht=scontent-frx5-1.xx&oh=64cd4faad2a3b91bde5ad47f34645ad0&oe=5F5C59D3
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7384b19ec470e0e011cb67a2280a97b1ada72ae96281c39347bbbf52c65ca95d

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 838297108
date: Thu, 13 Aug 2020 16:33:11 GMT
x-fb-trip-id: 1460883810
last-modified: Mon, 20 Oct 2014 16:09:33 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-needle-checksum: 503502793
x-fb-config-version-olb-prod: 63612fb3edb54580a5077901332ace19
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1979

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
status: 302
x-fb-rev: 1002509759
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: 6dADsUk913Gc01J1d9tZoyQSqcT6oIxjlzD7v1hHrfsUsJxNmV1F6xA7vOYhjO8odqPQUY/X2arCKOomA5kIFQ==
x-fb-trace-id: ClhAlBtjsC+
date: Thu, 13 Aug 2020 16:33:10 GMT
content-type: image/jpeg
location: https://scontent-frx5-1.xx.fbcdn.net/v/t31.0-1/cp0/p50x50/10704331_10101503858327652_4442453387330571838_o.jpg?_nc_cat=1&_nc_sid=dbb9e7&_nc_ohc=CAxK237kabsAX_DfPmX&_nc_ht=scontent-frx5-1.xx&oh=64cd4faad2a3b91bde5ad47f34645ad0&oe=5F5C59D3
x-fb-request-id: AZQm60m5rHpKXmpmeHgz5Ow
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

12717630_10102266450636552_6985909798755080276_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/
Redirect Chain

https://graph.facebook.com/123450/picture
https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/12717630_10102266450636552_6985909798755080276_n.jpg?_nc_cat=108&_nc_sid=dbb9e7&_nc_ohc=vbBKGK4RejcAX9anike&_nc_ht=scontent-frt3-1.xx&oh=ff8...

2 KB
2 KB

24ms
6ms

Image
image/jpeg

2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/12717630_10102266450636552_6985909798755080276_n.jpg?_nc_cat=108&_nc_sid=dbb9e7&_nc_ohc=vbBKGK4RejcAX9anike&_nc_ht=scontent-frt3-1.xx&oh=ff8dc509dd13cfd09df96c894f8d79e5&oe=5F5B7115
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3514c1e7e1b8c026fd76af2de211cc86322411cfbea4db79e307df0bd4d5a630

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 599006385
date: Thu, 13 Aug 2020 16:33:11 GMT
x-fb-trip-id: 664085054
last-modified: Sun, 14 Feb 2016 21:35:12 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2367639809
x-fb-config-version-olb-prod: 878
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1599

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
status: 302
x-fb-rev: 1002509759
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: fIcjOO2AuWk3eOefP05wmpp9C4rOzgVZkAblrVZzAe0xPm4OUHjamHffIwsfySJ0LnaIZF1B6VSARa036J1MTw==
x-fb-trace-id: DXSYj7iYmvV
date: Thu, 13 Aug 2020 16:33:10 GMT
content-type: image/jpeg
location: https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/12717630_10102266450636552_6985909798755080276_n.jpg?_nc_cat=108&_nc_sid=dbb9e7&_nc_ohc=vbBKGK4RejcAX9anike&_nc_ht=scontent-frt3-1.xx&oh=ff8dc509dd13cfd09df96c894f8d79e5&oe=5F5B7115
x-fb-request-id: A9D3iarGpb41ZjB_8NhohnY
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 400 49852_593864739_9595_q.jpg
fbcdn-profile-a.akamaihd.net/hprofile-ak-ash3/ 0
0 8ms
5ms Image
text/html 2a02:26f0:eb::214:bd19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fbcdn-profile-a.akamaihd.net/hprofile-ak-ash3/49852_593864739_9595_q.jpg
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:eb::214:bd19 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

108631346_10105331623625312_3758534823152927577_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/
Redirect Chain

https://graph.facebook.com/123454/picture
https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/108631346_10105331623625312_3758534823152927577_n.jpg?_nc_cat=108&_nc_sid=dbb9e7&_nc_ohc=jBSpB5ieeREAX_UcxLz&_nc_ht=scontent-frt3-1.xx&oh=c7...

2 KB
2 KB

24ms
7ms

Image
image/jpeg

2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/108631346_10105331623625312_3758534823152927577_n.jpg?_nc_cat=108&_nc_sid=dbb9e7&_nc_ohc=jBSpB5ieeREAX_UcxLz&_nc_ht=scontent-frt3-1.xx&oh=c71dc144074f989fc281f5fbeb49d205&oe=5F5A1E2F
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4e94b806b4d8cb9c5e25dff7a74aa498767a9c97e30b498110c78e2b1e136d35

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-haystack-needlechecksum: 1533801506
date: Thu, 13 Aug 2020 16:33:11 GMT
x-fb-trip-id: 664085054
last-modified: Tue, 14 Jul 2020 21:42:56 GMT
status: 200
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
x-needle-checksum: 714724600
x-fb-config-version-olb-prod: 884
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1836

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
status: 302
x-fb-rev: 1002509759
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: 77XxPlzHt3D/xU2RGsdqM+16hfkpVapGLyTTFUVn3RA+0t11s/PaKuQ18ZGt8ROI9FtXC0sIkq0+OH9WiiT3Pw==
x-fb-trace-id: AZfvGE6lQHw
date: Thu, 13 Aug 2020 16:33:10 GMT
content-type: image/jpeg
location: https://scontent-frt3-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/108631346_10105331623625312_3758534823152927577_n.jpg?_nc_cat=108&_nc_sid=dbb9e7&_nc_ohc=jBSpB5ieeREAX_UcxLz&_nc_ht=scontent-frt3-1.xx&oh=c71dc144074f989fc281f5fbeb49d205&oe=5F5A1E2F
x-fb-request-id: AtgmBirj_HLXI4IVJnSzrLL
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pdf.jpg
eighbooks.xyz/ 17 KB
17 KB 25ms
20ms Image
image/jpeg 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eighbooks.xyz/pdf.jpg
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f285a1c8ef68084ae5b6225443d00983d90eb82773a978083691e6e762f11b51

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Feb 2020 08:24:57 GMT
server: cloudflare
age: 5799
etag: "6296d-428f-59ed5683c1fcd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c23d61b0db0176a-FRA
content-length: 17039
cf-request-id: 048a4424e00000176ae99cc200000001

GET jquery-1.12.0.min.js
code.jquery.com/ 0
0

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 433ms
37ms Script
text/javascript 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9764

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
806 B 24ms
16ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16272914
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 048a4424de000098140eba2200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:12 GMT
server: cloudflare
etag: W/"5afd494c-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5c23d61afbe29814-FRA
expires: Tue, 03 Aug 2021 16:33:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-164785259-1

Requested by

Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dad7bb216eceacfcb9680fef1ef03eaad6c8312b04a7dbae18b062e500a3775b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35692
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Aug 2020 16:33:10 GMT

GET
H2 200 latar.png
eighbooks.xyz/source1/ 552 KB
553 KB 24ms
20ms Image
image/png 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eighbooks.xyz/source1/latar.png
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 244398547d1702202c276b8d7855135cf50c63ccd79941363013c421d85572e9

Request headers

Referer: https://eighbooks.xyz/source1/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:10 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Feb 2020 08:24:57 GMT
server: cloudflare
age: 5799
etag: "62930-8a0c3-59ed5683b6c1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5c23d61b0db2176a-FRA
content-length: 565443
cf-request-id: 048a4424e00000176ae99cd200000001

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 15:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2703
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 13 Aug 2020 16:48:08 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4174af2a69329fd7bfbfb06dd5f2ea7b082b7d47ebb1bd6a36fe9035d2a41e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 15:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3388
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1593
x-xss-protection: 0
last-modified: Thu, 14 May 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 13 Aug 2020 16:36:43 GMT

GET
H2 404 sprite.png
eighbooks.xyz/img/ 331 B
331 B 17ms
17ms Image
text/html 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eighbooks.xyz/img/sprite.png
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e78af3eaa56596a9ac5c5d0821fff07bd03fc2220a7488d0b89f53da9deb2335

Request headers

Referer: https://eighbooks.xyz/source1/fbfeed.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 32
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5c23d61c38b1176a-FRA
cf-request-id: 048a4425a60000176ae99e6200000001

GET
H2 404 glyphicons-halflings-regular.woff2
eighbooks.xyz/fonts/ 0
0 19ms
16ms Font
text/html 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eighbooks.xyz/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eighbooks.xyz/source1/bootstrap.min.css
Origin: https://eighbooks.xyz

Response headers

date: Thu, 13 Aug 2020 16:33:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 32
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5c23d61c48d8176a-FRA
cf-request-id: 048a4425ac0000176ae99f0200000001

GET
H2 404 glyphicons-halflings-regular.woff
eighbooks.xyz/fonts/ 0
0 20ms
18ms Font
text/html 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eighbooks.xyz/fonts/glyphicons-halflings-regular.woff
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eighbooks.xyz/source1/bootstrap.min.css
Origin: https://eighbooks.xyz

Response headers

date: Thu, 13 Aug 2020 16:33:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 32
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5c23d61cea81176a-FRA
cf-request-id: 048a4426150000176ae9a14200000001

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 67ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=eighbooks.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 16:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 68ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eighbooks.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 13 Aug 2020 16:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/ 224 KB
84 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2157177c0f88c0ed5fd3b39d2ea42b21e73bf6e32b597704cb4d46ecf7e8c828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 85957
x-xss-protection: 0
server: cafe
etag: 1127264767404182965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Aug 2020 16:33:11 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200810/r20190131/ Frame 2ECB 0
0 6ms
6ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200810/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200810/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 10 Aug 2020 23:54:36 GMT
expires: Mon, 24 Aug 2020 23:54:36 GMT
content-type: text/html; charset=UTF-8
etag: 1003971328536524430
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 232715
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 404 glyphicons-halflings-regular.ttf
eighbooks.xyz/fonts/ 0
0 15ms
15ms Font
text/html 2606:4700:3036::6818:71b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eighbooks.xyz/fonts/glyphicons-halflings-regular.ttf
Requested by: Host: eighbooks.xyz
URL: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:71b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eighbooks.xyz/source1/bootstrap.min.css
Origin: https://eighbooks.xyz

Response headers

date: Thu, 13 Aug 2020 16:33:11 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 31
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5c23d61dac61176a-FRA
cf-request-id: 048a4426840000176ae9a1b200000001

GET
H2 200 element_main.js Show response
translate.googleapis.com/element/TE_20200506_00/e/js/element/ 238 KB
85 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20200506_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 14:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6304
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87186
x-xss-protection: 0
last-modified: Wed, 06 May 2020 18:47:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Aug 2021 14:48:07 GMT

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame ADD5 0
0 31ms
30ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5014329951030966&output=html&adk=1812271804&adf=3025194257&lmt=1597336391&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Feighbooks.xyz%2Fdl.php%3Fq%3Dtennessee_absentee_ballots_vote_org&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1597336391213&bpp=71&bdt=398&idt=193&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6184356509791&frm=20&pv=2&ga_vid=1167682956.1597336391&ga_sid=1597336391&ga_hid=1039159066&ga_fc=0&iag=0&icsg=189056&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559&oid=3&pvsid=1415921718040608&pem=603&ref=http%3A%2F%2Fead.laboro.edu.br%2Freading.php%3Fq%3Dtennessee-absentee-ballots-vote-org&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=255

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5014329951030966&output=html&adk=1812271804&adf=3025194257&lmt=1597336391&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Feighbooks.xyz%2Fdl.php%3Fq%3Dtennessee_absentee_ballots_vote_org&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1597336391213&bpp=71&bdt=398&idt=193&shv=r20200810&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6184356509791&frm=20&pv=2&ga_vid=1167682956.1597336391&ga_sid=1597336391&ga_hid=1039159066&ga_fc=0&iag=0&icsg=189056&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530557%2C42530559&oid=3&pvsid=1415921718040608&pem=603&ref=http%3A%2F%2Fead.laboro.edu.br%2Freading.php%3Fq%3Dtennessee-absentee-ballots-vote-org&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=255
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 13 Aug 2020 16:33:11 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUn_Uga3L_frAXrYyI_5TlsXEIK4s7GL-9oKY0Z77RYBrOzUMUdeE_37fdVU; expires=Tue, 07-Sep-2021 16:33:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
27 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200810/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394415bedb33f0d07d610f1ac10439e12098d7a747aca0510cddabca81a9092d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eighbooks.xyz/dl.php?q=tennessee_absentee_ballots_vote_org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 13 Aug 2020 16:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597059737948561"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Thu, 13 Aug 2020 16:33:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.0.min.js

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
code.jquery.com
ead.laboro.edu.br
eighbooks.xyz
fbcdn-profile-a.akamaihd.net
googleads.g.doubleclick.net
graph.facebook.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
scontent-frt3-1.xx.fbcdn.net
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
static.xx.fbcdn.net
translate.google.com
translate.googleapis.com
www.googletagmanager.com
www.googletagservices.com
code.jquery.com
209.197.3.15
2606:4700:3036::6818:71b3
2606:4700::6811:4e6b
2a00:1450:4001:808::200a
2a00:1450:4001:814::2002
2a00:1450:4001:816::200e
2a00:1450:4001:818::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:821::2008
2a02:26f0:eb::214:bd19
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
45.56.82.41
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9
2157177c0f88c0ed5fd3b39d2ea42b21e73bf6e32b597704cb4d46ecf7e8c828
244398547d1702202c276b8d7855135cf50c63ccd79941363013c421d85572e9
28fb9862b8622b1ea4c76a959cc234425db61082ca0d89251429d214772bfa87
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
3514c1e7e1b8c026fd76af2de211cc86322411cfbea4db79e307df0bd4d5a630
394415bedb33f0d07d610f1ac10439e12098d7a747aca0510cddabca81a9092d
4174af2a69329fd7bfbfb06dd5f2ea7b082b7d47ebb1bd6a36fe9035d2a41e92
47c4ae45bd5a649613d3cab5545435a8417a0f0dba715c6b86e4534295e6ad0e
4e94b806b4d8cb9c5e25dff7a74aa498767a9c97e30b498110c78e2b1e136d35
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
554f50a76c232cb7c8e640358973533ef2bb1696c111b70852e24d01442110ca
5ca6556034834c57d37d0bb181925c892fd188808b1f004ea54274ca79be4fd0
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
71ea135b421a2ddbe31b8509229a13ed00a2b31b53e84ef5f630de0224515502
7384b19ec470e0e011cb67a2280a97b1ada72ae96281c39347bbbf52c65ca95d
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
83a884c4a02dd31378fa96654f867bf318392c66dceef8b52ed21acda9c9e4c9
9b101edc2b87a284aa206315bf127bef5bc69e2c94ff3566f1a3159c9ae7b1d4
b26a79eaf5e6f6b91d2d6f3b18a905a63f0aee014fc98f80144076799bb912c2
d0071e54113b9d32ba57694b97022854bd19e597a36e50e00b51e3b705a9a616
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d9931390c46d53d856aedf3d4663fe37bf81ae11e97e871c4da311f283a6dc61
dad7bb216eceacfcb9680fef1ef03eaad6c8312b04a7dbae18b062e500a3775b
e0c9bf7a40b606390f947277201557a4e6deb8a6ac5270ad52a1bc2a972d8ec3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ed5c18e2394b3286e76e164790a16fcb0b752462f91798de334b935dc8704
e78af3eaa56596a9ac5c5d0821fff07bd03fc2220a7488d0b89f53da9deb2335
eb7e9298aec8d2d315597eb669aeb50e262920a8a1ca56ef33e9b8da39c05511
effb443ee42b757cf81b4e40d4533827e61ac3268303ad8765a6b6948765746d
f0786815445905706b069bb1994819d9366977e34a9d00fae0dd2b9d8b2b3685
f285a1c8ef68084ae5b6225443d00983d90eb82773a978083691e6e762f11b51

eighbooks.xyz Open in urlscan Pro 2606:4700:3036::6818:71b3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

93 %HTTPS

87 %IPv6

15 Domains

19 Subdomains

15 IPs

4 Countries

1130 kBTransfer

1800 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

eighbooks.xyz Open in urlscan Pro
2606:4700:3036::6818:71b3 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

93 %
HTTPS

87 %
IPv6

15
Domains

19
Subdomains

15
IPs

4
Countries

1130 kB
Transfer

1800 kB
Size

0
Cookies

45 HTTP transactions
0 data transactions