www.overthejob.com Open in urlscan Pro
93.90.146.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.overthejob.com/privacy-otj.php
Submission: On November 02 via manual (November 2nd 2023, 11:29:13 am UTC) from IN — Scanned from SE

Summary HTTP 37 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 37 HTTP transactions. The main IP is 93.90.146.105, located in Sweden and belongs to NET-BINERO-STHLM1, SE. The main domain is www.overthejob.com.

This is the only time www.overthejob.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	93.90.146.105 93.90.146.105	35041 (NET-BINER...) (NET-BINERO-STHLM1)
4	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2 4	162.159.130.67 162.159.130.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	46.28.2.29 46.28.2.29	52030 (SERVERPLA...) (SERVERPLAN-AS)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
2	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	172.217.16.193 172.217.16.193	15169 (GOOGLE) (GOOGLE)
37	14

8 93.90.146.105 (Sweden)

ASN35041 (NET-BINERO-STHLM1, SE)
PTR: ser-apache-05.servage.net

www.overthejob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.iperjob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.159.130.67 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gdc.indeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.28.2.29 (Rome, Italy)

ASN52030 (SERVERPLAN-AS, IT)
PTR: d00ic6-lenuslab1.sphostserver.com

nibirumail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	228 KB
7	overthejob.com www.overthejob.com	184 KB
4	indeed.com 2 redirects gdc.indeed.com — Cisco Umbrella Rank: 34020	6 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137	100 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	126 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	5 KB
2	nibirumail.com nibirumail.com	13 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 fonts.googleapis.com — Cisco Umbrella Rank: 31	31 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181	603 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	iperjob.com www.iperjob.com	6 KB
37	12

	Domain	Requested by
8	pagead2.googlesyndication.com	www.overthejob.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	www.overthejob.com	www.overthejob.com
4	gdc.indeed.com	2 redirects www.overthejob.com
4	maxcdn.bootstrapcdn.com	www.overthejob.com maxcdn.bootstrapcdn.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	nibirumail.com	www.overthejob.com
2	www.google.com	1 redirects tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.overthejob.com
1	fonts.googleapis.com	www.overthejob.com
1	www.iperjob.com	www.overthejob.com
1	www.gstatic.com	www.overthejob.com
1	ajax.googleapis.com	www.overthejob.com
37	15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
plus.google.com
nibirumail.com
www.vitadaimprenditore.it
www.digitalworkout.club

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
nibirumail.com R3	`2023-09-09` - `2023-12-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://www.overthejob.com/privacy-otj.php
Frame ID: 1DB66810CFAB560B47C3ADDECD139A94
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html
Frame ID: BE8366B56CC13AFBF0DD4DD01FE52E1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3083466205193280&output=html&adk=1812271804&adf=3025194257&lmt=1698924548&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=http%3A%2F%2Fwww.overthejob.com%2Fprivacy-otj.php&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1698924548043&bpp=3&bdt=711&idt=422&shv=r20231031&mjsv=m202310300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7667690628925&frm=20&pv=2&ga_vid=1236334644.1698924548&ga_sid=1698924548&ga_hid=1653691537&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079192%2C44805934%2C44807047%2C44807463%2C31078301%2C44806140&oid=2&pvsid=2198639546762473&tmod=1238531650&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=441
Frame ID: E60AD5E903B9128C3CC6F7A7F67A2C7F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 235B20EE2E096B7AC301AA62C3E34E34
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61EB9870044A0BCCD52970A24BE392C0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offerte di lavoro - Overthejob - Italiano

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

65 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

719 kB
Transfer

1332 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/sharer/sharer.php?s=100&p[url]=http://www.overthejob.com/&p[images][0]=http://www.overthejob.com&p[title]=Jobs&p[summary]=Overthejob%20is%20an%20automatic%20job%20search%20engine%20and%20aggregator%20thats%20find%20all%20the%20latest%20jobs%20on%20all%20major%20job%20sites.%20Job%20search%20made%20simple%20with%20Overthejob

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=Overthejob%20is%20an%20automatic%20job%20search%20engine%20and%20aggregator%20thats%20find%20all%20the%20late...%20%3Ca%20href=%27www.overthejob.com%27%20title=%27Jobs%27%3EJobs%3C/a%3E

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=http://www.overthejob.com/&title=Jobs&summary=Overthejob%20is%20an%20automatic%20job%20search%20engine%20and%20aggregator%20thats%20find%20all%20the%20latest%20jobs%20on%20all%20major%20job%20sites.%20Job%20search%20made%20simple%20with%20Overthejob

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=http://www.overthejob.com/

Search URL Search Domain Scan URL

URL: https://nibirumail.com/cookies/policy/?url=www.overthejob.com
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://www.vitadaimprenditore.it/
Title: Vita da Imprenditore

Search URL Search Domain Scan URL

URL: https://www.digitalworkout.club/it/quanto-sei-digitale/
Title: quanto sei digitale

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 6

http://gdc.indeed.com/ads/apiresults.js HTTP 301
https://gdc.indeed.com/ads/apiresults.js

Request Chain 17

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 27

http://gdc.indeed.com/rpc/apilog?a=apiresults HTTP 301
https://gdc.indeed.com/rpc/apilog?a=apiresults

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request privacy-otj.php Show response
www.overthejob.com/ 30 KB
30 KB 161ms
66ms Document
text/html 93.90.146.105
NET-BINERO-STHLM1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.overthejob.com/privacy-otj.php
Protocol: HTTP/1.1
Server: 93.90.146.105 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE),
Reverse DNS: ser-apache-05.servage.net
Software: Apache / PHP/5.6.40
Resource Hash: 04754f4af52b3df0c7438d5ce81dab28ce56b9f1cfbd6476d1d69dead2c12327

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Nov 2023 11:29:07 GMT
Keep-Alive: timeout=5, max=200
Server: Apache
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.2/css/ 93 KB
18 KB 108ms
43ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.2/css/bootstrap.min.css

Requested by

Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c567912a3cf283a6dea7d0f502c1f350f1161db58cce545cf38674686fadca6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.overthejob.com/
Origin: http://www.overthejob.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:29:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1053
age: 1166654
cdn-cachedat: 11/15/2022 10:31:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"b00faad199b5b881d17b2cd7fac04a56"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ca9d3f987ce58dfd7498754b86ebc8bf
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 81fc09b55ba22d7a-ARN
cdn-requestpullsuccess: True

GET
H/1.1 200
OK bootstrap.min.css
www.overthejob.com/assets/themes/spacelab/ 128 KB
128 KB 63ms
35ms Stylesheet
text/css 93.90.146.105
NET-BINERO-STHLM1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.overthejob.com/assets/themes/spacelab/bootstrap.min.css
Requested by: Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php
Protocol: HTTP/1.1
Server: 93.90.146.105 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE),
Reverse DNS: ser-apache-05.servage.net
Software: Apache /
Resource Hash: 32cf83fcb998bb6d81968bcd011ccf784fa7d0f48eade3a38f7682b281ea8bda

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/privacy-otj.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 11:29:07 GMT
Last-Modified: Wed, 20 Jul 2016 03:47:24 GMT
Server: Apache
ETag: "896e96017-200d6-538090f319e18"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 131286

GET
H/1.1 200
OK app.css
www.overthejob.com/assets/css/ 8 KB
8 KB 64ms
36ms Stylesheet
text/css 93.90.146.105
NET-BINERO-STHLM1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.overthejob.com/assets/css/app.css
Requested by: Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php
Protocol: HTTP/1.1
Server: 93.90.146.105 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE),
Reverse DNS: ser-apache-05.servage.net
Software: Apache /
Resource Hash: 76d67ecb63fddbb70909a8fe8b81b8af1a0d35ad347d044e5011db567c9d4512

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/privacy-otj.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 11:29:07 GMT
Last-Modified: Thu, 25 Oct 2018 11:53:46 GMT
Server: Apache
ETag: "80d980041-1fc1-5790c41607fd1"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 8129

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 106ms
42ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:29:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 565, 617, 617
age: 35592
cdn-cachedat: 2021-06-08 19:04:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 81fc09b55aa898fa-ARN
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 181ms
58ms Script
text/javascript 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 00:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 00:21:58 GMT

GET
H2

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

http://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

61 KB
62 KB

176ms
56ms

Script
text/javascript

142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php

Protocol

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:05:38 GMT
x-content-type-options: nosniff
age: 1409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62428
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 17:52:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:05:38 GMT

Redirect headers

Date: Thu, 02 Nov 2023 11:16:01 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 786
Content-Type: text/html; charset=UTF-8
Location: https://www.gstatic.com/charts/loader.js
Cache-Control: public, max-age=1800
Content-Length: 237
X-XSS-Protection: 0
Expires: Thu, 02 Nov 2023 11:46:01 GMT

GET
H2

200

apiresults.js Show response
gdc.indeed.com/ads/
Redirect Chain

http://gdc.indeed.com/ads/apiresults.js
https://gdc.indeed.com/ads/apiresults.js

515 B
3 KB

227ms
164ms

Script
application/javascript

162.159.130.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdc.indeed.com/ads/apiresults.js

Requested by

Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php

Protocol

Server

162.159.130.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95aa4a182b681198b4057f9dfea67d034ad6947348dda4664a5377dc35337693

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; object-src 'none'; form-action 'self' *.indeed.com https://indeedapply.indeedusercontent.com/callback/ https://6927552.fls.doubleclick.net/ https://8232301.fls.doubleclick.net/; frame-src 'self' *.indeed.com https://www.google.com/recaptcha/ https://hcaptcha.com https://*.hcaptcha.com https://indeedapply.indeedusercontent.com/callback/ https://6927552.fls.doubleclick.net/ https://8232301.fls.doubleclick.net/ https://siteintercept.qualtrics.com/ https://indeed.az1.qualtrics.com/ https://d2vgyo9p2so9ux.cloudfront.net https://*.google.com https://*.doubleclick.net https://*.googlesyndication.com https://www.youtube.com/embed/; frame-ancestors 'self' *.indeed.com ; default-src 'self' 'unsafe-inline' data: *.indeed.com d3fw5vlhllyvee.cloudfront.net d1ewxbznfa539k.cloudfront.net d3hbwax96mbv6t.cloudfront.net d2q79iu7y748jz.cloudfront.net d3s4xzh46vzktb.cloudfront.net d1ymdoy4af119w.cloudfront.net d10nwdj6ww0w8.cloudfront.net d3fw5vlhllyvee.cloudfront.net https://www.google-analytics.com/ https://www.facebook.com/tr/ https://sb.scorecardresearch.com https://connect.facebook.net *.serving-sys.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://hcaptcha.com https://*.hcaptcha.com chart.apis.google.com https://pp.d2-apps.net/v1/impressions/log https://ad.doubleclick.net https://www.googletagmanager.com/gtag/js https://adservice.google.com https://stats.g.doubleclick.net https://zn9nl8ranrrddpdlx-indeed.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://privacyportal.onetrust.com https://jas.indeednps.com https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://*.googlesyndication.com https://*.google.com https://*.googletagservices.com https://*.googleadservices.com https://pt.ispot.tv https://staging-pt.ispot.tv https://rs.fullstory.com/rec/ https://pxl.indeed.com/usersync https://match.prod.bidr.io/cookie-sync/indeed https://i.ytimg.com/ https://static.cloudflareinsights.com https://browser-intake-* https://logs.browser-intake-* https://session-replay.browser-intake-* https://rum.browser-intake-* https://www.datadoghq-browser-agent.com;

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:29:07 GMT
content-security-policy: upgrade-insecure-requests; object-src 'none'; form-action 'self' *.indeed.com https://indeedapply.indeedusercontent.com/callback/ https://6927552.fls.doubleclick.net/ https://8232301.fls.doubleclick.net/; frame-src 'self' *.indeed.com https://www.google.com/recaptcha/ https://hcaptcha.com https://*.hcaptcha.com https://indeedapply.indeedusercontent.com/callback/ https://6927552.fls.doubleclick.net/ https://8232301.fls.doubleclick.net/ https://siteintercept.qualtrics.com/ https://indeed.az1.qualtrics.com/ https://d2vgyo9p2so9ux.cloudfront.net https://*.google.com https://*.doubleclick.net https://*.googlesyndication.com https://www.youtube.com/embed/; frame-ancestors 'self' *.indeed.com ; default-src 'self' 'unsafe-inline' data: *.indeed.com d3fw5vlhllyvee.cloudfront.net d1ewxbznfa539k.cloudfront.net d3hbwax96mbv6t.cloudfront.net d2q79iu7y748jz.cloudfront.net d3s4xzh46vzktb.cloudfront.net d1ymdoy4af119w.cloudfront.net d10nwdj6ww0w8.cloudfront.net d3fw5vlhllyvee.cloudfront.net https://www.google-analytics.com/ https://www.facebook.com/tr/ https://sb.scorecardresearch.com https://connect.facebook.net *.serving-sys.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://hcaptcha.com https://*.hcaptcha.com chart.apis.google.com https://pp.d2-apps.net/v1/impressions/log https://ad.doubleclick.net https://www.googletagmanager.com/gtag/js https://adservice.google.com https://stats.g.doubleclick.net https://zn9nl8ranrrddpdlx-indeed.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://privacyportal.onetrust.com https://jas.indeednps.com https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://*.googlesyndication.com https://*.google.com https://*.googletagservices.com https://*.googleadservices.com https://pt.ispot.tv https://staging-pt.ispot.tv https://rs.fullstory.com/rec/ https://pxl.indeed.com/usersync https://match.prod.bidr.io/cookie-sync/indeed https://i.ytimg.com/ https://static.cloudflareinsights.com https://browser-intake-* https://logs.browser-intake-* https://session-replay.browser-intake-* https://rum.browser-intake-* https://www.datadoghq-browser-agent.com;
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 01 Nov 2023 07:08:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
deployment_group: yul
x-indeed-dp: yulprod1/yul
cf-ray: 81fc09b5cf2c95fc-ARN
alt-svc: h3=":443"; ma=86400

Redirect headers

Date: Thu, 02 Nov 2023 11:29:07 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://gdc.indeed.com/ads/apiresults.js
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 81fc09b52cde0d2e-ARN
alt-svc: h3=":443"; ma=86400
Expires: Thu, 02 Nov 2023 12:29:07 GMT

GET
H/1.1 200
OK spin.min.js Show response
www.overthejob.com/assets/js/ 4 KB
4 KB 63ms
35ms Script
text/javascript 93.90.146.105
NET-BINERO-STHLM1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.overthejob.com/assets/js/spin.min.js
Requested by: Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php
Protocol: HTTP/1.1
Server: 93.90.146.105 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE),
Reverse DNS: ser-apache-05.servage.net
Software: Apache /
Resource Hash: d2536c1704972cdd16c279fa6205a8f6138eacabfcc5202b5f94bfd974b1a9ee

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/privacy-otj.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 11:29:07 GMT
Last-Modified: Wed, 20 Jul 2016 03:45:12 GMT
Server: Apache
ETag: "e12a140aa-1071-538090757b2fe"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 4209

GET
H/1.1 200
OK iosOverlay.js Show response
www.overthejob.com/assets/js/ 4 KB
4 KB 66ms
38ms Script
text/javascript 93.90.146.105
NET-BINERO-STHLM1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.overthejob.com/assets/js/iosOverlay.js
Requested by: Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php
Protocol: HTTP/1.1
Server: 93.90.146.105 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE),
Reverse DNS: ser-apache-05.servage.net
Software: Apache /
Resource Hash: 6de5ee19c5399ae04845a7d213bf0eacbddf9fdaf865f216a44b3b4055d421b8

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/privacy-otj.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 11:29:07 GMT
Last-Modified: Wed, 20 Jul 2016 03:45:17 GMT
Server: Apache
ETag: "e12f5e074-e08-5380907a686ae"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 3592

GET
H/1.1 200
OK jquery.tinysort.min.js Show response
www.overthejob.com/assets/js/ 3 KB
4 KB 65ms
37ms Script
text/javascript 93.90.146.105
NET-BINERO-STHLM1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.overthejob.com/assets/js/jquery.tinysort.min.js
Requested by: Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php
Protocol: HTTP/1.1
Server: 93.90.146.105 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE),
Reverse DNS: ser-apache-05.servage.net
Software: Apache /
Resource Hash: e954a59c0c3c71b22a0d894f38fa5702b99c0ead23f9c5e9a925d72a14460710

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/privacy-otj.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 11:29:07 GMT
Last-Modified: Wed, 20 Jul 2016 03:45:10 GMT
Server: Apache
ETag: "e12a1408b-cf2-5380907325496"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 3314

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
54 KB 170ms
102ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php

Protocol

HTTP/1.1

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

464e063dd100bb935252d0c59563de7d62b0a92a9a0396e4ab3864b8be28ab94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 11:29:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54782
X-XSS-Protection: 0
Server: cafe
ETag: 9377982094687962420
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 02 Nov 2023 11:29:07 GMT

GET
H/1.1 200
OK overthejob.png
www.iperjob.com/assets/img/ 6 KB
6 KB 147ms
34ms Image
image/png 93.90.146.105
NET-BINERO-STHLM1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.iperjob.com/assets/img/overthejob.png
Requested by: Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php
Protocol: HTTP/1.1
Server: 93.90.146.105 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE),
Reverse DNS: ser-apache-05.servage.net
Software: Apache /
Resource Hash: 6ffb3321661240f15fab5a52a9be71238346369d8f16be4129b3c4b657f0df9a

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 11:29:07 GMT
Last-Modified: Wed, 14 Nov 2018 15:58:04 GMT
Server: Apache
ETag: "c12f8e03f-184a-57aa1ffd70a4e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 6218

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 41ms
40ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.overthejob.com/
Origin: http://www.overthejob.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:29:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 874
age: 1166653
cdn-cachedat: 08/20/2022 02:30:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"c5b5b2fa19bd66ff23211d9f844e0131"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: dff0cb4963e62cd41f00f44692b907ac
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 81fc09b57bb92d7a-ARN
cdn-requestpullsuccess: True

GET
H/1.1 200
OK app.js Show response
www.overthejob.com/assets/js/ 4 KB
5 KB 32ms
32ms Script
text/javascript 93.90.146.105
NET-BINERO-STHLM1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.overthejob.com/assets/js/app.js
Requested by: Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php
Protocol: HTTP/1.1
Server: 93.90.146.105 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE),
Reverse DNS: ser-apache-05.servage.net
Software: Apache /
Resource Hash: aed4c8311423cd4e0ac01c8e1bd267a99efdb57e0aa928c2fbbee600ffcf472f

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/privacy-otj.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 11:29:07 GMT
Last-Modified: Wed, 20 Jul 2016 03:45:17 GMT
Server: Apache
ETag: "e12f5e05d-118a-53809079b14fe"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 4490

GET
H/1.1 200
OK nibirumail.cookie.min.js Show response
nibirumail.com/docs/scripts/ 4 KB
4 KB 307ms
76ms Script
application/javascript 46.28.2.29
SERVERPLAN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nibirumail.com/docs/scripts/nibirumail.cookie.min.js
Requested by: Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.28.2.29 Rome, Italy, ASN52030 (SERVERPLAN-AS, IT),
Reverse DNS: d00ic6-lenuslab1.sphostserver.com
Software: Apache / PleskLin
Resource Hash: 95569cad38481d1ec07c52a96dc28bb7a5655a9e8f67060448837cfe7165b05c

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 11:29:07 GMT
Last-Modified: Sun, 29 May 2022 11:12:51 GMT
Server: Apache
ETag: "f00-5e0249ece16ae"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 3840

GET
H/1.1 200
OK nibirumail.widget.js Show response
nibirumail.com/docs/scripts/ 8 KB
9 KB 299ms
76ms Script
application/javascript 46.28.2.29
SERVERPLAN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nibirumail.com/docs/scripts/nibirumail.widget.js
Requested by: Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.28.2.29 Rome, Italy, ASN52030 (SERVERPLAN-AS, IT),
Reverse DNS: d00ic6-lenuslab1.sphostserver.com
Software: Apache / PleskLin
Resource Hash: d72009ff6980a1021ed8016eba37a0de107c5876e6302eb342267ef2da2a4bba

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Thu, 02 Nov 2023 11:29:07 GMT
Last-Modified: Tue, 21 Feb 2023 11:02:06 GMT
Server: Apache
ETag: "20f7-5f533b5dca6fb"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=1, max=100
Content-Length: 8439

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 183ms
65ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700

Requested by

Host: www.overthejob.com
URL: http://www.overthejob.com/assets/themes/spacelab/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

795a4ab4ef2ac13848a83e5b36477caf20c05f4314bbc003bbaadab6d4985c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Nov 2023 11:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 10:20:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Nov 2023 11:29:07 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

171ms
54ms

Script
text/javascript

142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php

Protocol

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Nov 2023 09:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5965
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 02 Nov 2023 11:49:42 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
65 KB 37ms
36ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: http://www.overthejob.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:29:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 197538
cdn-cachedat: 08/15/2022 13:52:58
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66624
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 53e59fc39051d84c5afb12797f5c314c
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 81fc09b77dd62d7a-ARN
cdn-requestpullsuccess: True

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 165ms
53ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.overthejob.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 580274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:17:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 16 KB
16 KB 216ms
111ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

db5d7bb36691306bda51b903c84fbdef4206d3c166b8080100915d16a617f5ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://www.overthejob.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:28:25 GMT
x-content-type-options: nosniff
age: 579642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16424
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:41:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:28:25 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/ 399 KB
135 KB 262ms
138ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3083466205193280&plah=www.overthejob.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0dbedacbdc0e649bddce0fe664c5d85e9a149095756f3fdb5861ccc5558c32f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138229
x-xss-protection: 0
server: cafe
etag: 14828830012399561408
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 11:29:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/ Frame BE83 10 KB
5 KB 188ms
57ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231031/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.overthejob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 77800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 13:52:28 GMT
etag: 251720774729838433
expires: Wed, 15 Nov 2023 13:52:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
603 B 211ms
64ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.overthejob.com&callback=_gfp_s_&client=ca-pub-3083466205193280

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3083466205193280&plah=www.overthejob.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d371967e4035b3e88ceeff8f9098ae45f77859be7347d4fefe04b1acf9d04fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E60A 603 B
218 B 80ms
80ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3083466205193280&output=html&adk=1812271804&adf=3025194257&lmt=1698924548&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=http%3A%2F%2Fwww.overthejob.com%2Fprivacy-otj.php&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1698924548043&bpp=3&bdt=711&idt=422&shv=r20231031&mjsv=m202310300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7667690628925&frm=20&pv=2&ga_vid=1236334644.1698924548&ga_sid=1698924548&ga_hid=1653691537&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079192%2C44805934%2C44807047%2C44807463%2C31078301%2C44806140&oid=2&pvsid=2198639546762473&tmod=1238531650&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=441

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.overthejob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 11:29:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 92ms
91ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=nibirumail_cookie_advice&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 11:29:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 94ms
93ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&id=topnav&cls=navbar%20navbar-fixed-top%20navbar-default&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.overthejob.com
URL: http://www.overthejob.com/privacy-otj.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Nov 2023 11:29:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apilog
gdc.indeed.com/rpc/
Redirect Chain

http://gdc.indeed.com/rpc/apilog?a=apiresults
https://gdc.indeed.com/rpc/apilog?a=apiresults

0
2 KB

154ms
154ms

Image
image/gif

162.159.130.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdc.indeed.com/rpc/apilog?a=apiresults

Protocol

Server

162.159.130.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:29:08 GMT
content-security-policy: upgrade-insecure-requests; object-src 'none'; form-action 'self' *.indeed.com https://indeedapply.indeedusercontent.com/callback/ https://6927552.fls.doubleclick.net/ https://8232301.fls.doubleclick.net/; frame-src 'self' *.indeed.com https://www.google.com/recaptcha/ https://hcaptcha.com https://*.hcaptcha.com https://indeedapply.indeedusercontent.com/callback/ https://6927552.fls.doubleclick.net/ https://8232301.fls.doubleclick.net/ https://siteintercept.qualtrics.com/ https://indeed.az1.qualtrics.com/ https://d2vgyo9p2so9ux.cloudfront.net https://*.google.com https://*.doubleclick.net https://*.googlesyndication.com https://www.youtube.com/embed/; frame-ancestors 'self' *.indeed.com ; default-src 'self' 'unsafe-inline' data: *.indeed.com d3fw5vlhllyvee.cloudfront.net d1ewxbznfa539k.cloudfront.net d3hbwax96mbv6t.cloudfront.net d2q79iu7y748jz.cloudfront.net d3s4xzh46vzktb.cloudfront.net d1ymdoy4af119w.cloudfront.net d10nwdj6ww0w8.cloudfront.net d3fw5vlhllyvee.cloudfront.net https://www.google-analytics.com/ https://www.facebook.com/tr/ https://sb.scorecardresearch.com https://connect.facebook.net *.serving-sys.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://hcaptcha.com https://*.hcaptcha.com chart.apis.google.com https://pp.d2-apps.net/v1/impressions/log https://ad.doubleclick.net https://www.googletagmanager.com/gtag/js https://adservice.google.com https://stats.g.doubleclick.net https://zn9nl8ranrrddpdlx-indeed.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://privacyportal.onetrust.com https://jas.indeednps.com https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://*.googlesyndication.com https://*.google.com https://*.googletagservices.com https://*.googleadservices.com https://pt.ispot.tv https://staging-pt.ispot.tv https://rs.fullstory.com/rec/ https://pxl.indeed.com/usersync https://match.prod.bidr.io/cookie-sync/indeed https://i.ytimg.com/ https://static.cloudflareinsights.com https://browser-intake-* https://logs.browser-intake-* https://session-replay.browser-intake-* https://rum.browser-intake-* https://www.datadoghq-browser-agent.com;
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/gif
deployment_group: yul
x-indeed-dp: yulprod1/yul
cache-control: private, max-age=7779600
cf-ray: 81fc09bd99aa95fc-ARN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Wed, 31 Jan 2024 12:29:08 GMT

Redirect headers

Date: Thu, 02 Nov 2023 11:29:08 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Location: https://gdc.indeed.com/rpc/apilog?a=apiresults
Cache-Control: max-age=3600
Connection: keep-alive
CF-RAY: 81fc09bd6aa20d2e-ARN
alt-svc: h3=":443"; ma=86400
Expires: Thu, 02 Nov 2023 12:29:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 215ms
104ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231031&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

2f4874c14ab7a4ae9fed65c24182e4890de11484d1b5699dce786b2fb01a5d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:29:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12157
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 199ms
66ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 11:29:09 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 235B 13 KB
5 KB 56ms
55ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f193.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.overthejob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 54435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 20:21:54 GMT
expires: Thu, 31 Oct 2024 20:21:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 61EB 829 B
1 KB 184ms
65ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

eb5679c396883ec22e131ac010f3fef7a84582ee76ff6e4ec3d4e5359b6e5910

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aojDbLDl06Eya6AdQI4_wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.overthejob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aojDbLDl06Eya6AdQI4_wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Nov 2023 11:29:09 GMT
expires: Thu, 02 Nov 2023 11:29:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js Show response
pagead2.googlesyndication.com/bg/ Frame 235B 38 KB
15 KB 57ms
57ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 09:42:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15010
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 09:42:04 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 235B 0
10 B 55ms
54ms Image
text/plain 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YkTGaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f193.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 11:29:09 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 61EB 0
0 89ms
88ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231031&jk=2198639546762473&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 92ms
92ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231031&jk=2198639546762473&bg=!REelRwjNAAbo5yKYyOc7ADQBe5WfOKuoKpTIT441WKgCoOvyTn_rtlNQpIl7E-3UqwFZFCdwD-GAkGrztfOWkM0gqoqjAgAAAERSAAAABWgBBwoAtciTc0mT1qrrA_bgxVOM8J1o87QlqjC1qUnYKqfGOZsA71zyEzhS6zKSHfaSQCdZ8gvywk3CXtis0lyO5LxWtXOnCJZCoV2zkBMw7K2qPOCJPUcfTYH8DkJSWMOrdlvA9dPIshhDryDNEaIv8gkfaB8Vf6LGMERXz9NVcmKT3KpUnBD0grkZuM0QFejdcuXSUmUd58GU6z9lcap-0qbTJnf1K2KrKxY2hQHtbPp2hUpFxDyCl96ZAsXnSuqk7F_5qm10D6nwjiBjNQ1-4cYQCBS6RETlxpKcFaa0vK5-Saex2h0iXqa4qKvuMBk-Is0uwb6Od4DB4ZqS7ktkTc7U2Apso37uZViLSXFaoahASHU71Qw5u4PhaPZQbUvdmskbhWOIyHe-cpqCtgXt746sULn0YWypGRPXouBajMkY5LNDXs3DAy2DDwGZavhNw67m1eiYdPgPxCIMZMUU47UuNxqokoI7ikxvoVjDBhUN2FPTIjWrRwbcMvhMORcoMLQc6YcguXatfJoN8XimXG1d8Czr2QR2VtlNPgMIL5GQSDfGdXA_aD-zbFXhdLOAPe6R-p1TtG-ZBzjdk0OE46kDttUlDwOR8P2EULlV8NFSoIhBw4vle5Ak-nkN2lIylXZLjzEM781Kn5-KC6_259TAQS20-4DbarOYCMj_SOkm4oK2eAaAnV4g9ZPc70mgAluGEhqoRoA8isptpdXp5rstSAnkA5zKDwAN9EBcluSKA1hbjoThyAlFEMY5jHqIz55trTa_c7JHr8QuzpCFN4YAyeK803a3YDiWXLsaFL2hsvDr4dsP7Or04dUJP7iJ-dhaE99o7CPUtpxebdqHZHV2h8ZF4Lgla4GAaEjMKURmrocLK35zQdGuhIKxylZ2TODbn4lABtZWUA2ta-fxTbM6tcJUwF_3p_8GZLDw_MI-cWkhdkz6bu8-aG36BSIKyDKNM8SlRi7EGkx607CfyyIYBC8TaZ0b8BYRh150JZ5NZ6oBX6ftDjj6686eqYNqCOakOYGcPIa2R7CVHIkA_Z80sEbsbccTRrB3PQr18rPuHJMO_d24Pho3FTi7BFdWshFlV5-wr53YQAjyx2z0Y8YOQMwTLglaDua1rZkEk5solOzQxDB_FypRCFu-WCwaJqt8Os9OKBkM4Zl6d78rDS0D3g6CppR4nzxFZok_dz0e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: http://www.overthejob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.indeed.com/	1970-01-20 15:55:26	Name: __cf_bm Value: pfMCNCVRRnJWJu6oobtMv9kQP5jkho_iyiduSynqy4w-1698924547-0-AaDYqHqC4iVRnCGJgIzMC13OzB+sJ8MBdCKdvMxcEpZmwK5DfaTZh2kZVPnxct40CrFgmOq2b1l+as4V+yDdy2w=
.indeed.com/	1969-12-31 23:59:59	Name: _cfuvid Value: r6DGwgB2htIad2i.dObnsM2CLpAzqTVwI0lVrWGFRGs-1698924547622-0-604800000
www.overthejob.com/	1970-01-20 20:17:32	Name: _nibirumail Value: NBRML
.overthejob.com/	1970-01-21 01:31:24	Name: _ga Value: GA1.2.1236334644.1698924548
.overthejob.com/	1970-01-20 15:56:50	Name: _gid Value: GA1.2.1646795697.1698924548
.doubleclick.net/	1970-01-20 15:55:25	Name: test_cookie Value: CheckForPermission
.overthejob.com/	1970-01-21 01:17:00	Name: __gads Value: ID=f0211a0e3fa8617d-2212bb4178e30018:T=1698924548:RT=1698924548:S=ALNI_MbWtAf5vAHa4IipE3IDtkDm8vrHFw
.overthejob.com/	1970-01-21 01:17:00	Name: __gpi Value: UID=00000cb12ab8635b:T=1698924548:RT=1698924548:S=ALNI_Mbg2AmBgvKnbYlTkQRTRWeGOZ6UsQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3083466205193280&output=html&adk=1812271804&adf=3025194257&lmt=1698924548&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=http%3A%2F%2Fwww.overthejob.com%2Fprivacy-otj.php&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1698924548043&bpp=3&bdt=711&idt=422&shv=r20231031&mjsv=m202310300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7667690628925&frm=20&pv=2&ga_vid=1236334644.1698924548&ga_sid=1698924548&ga_hid=1653691537&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079080%2C31079192%2C44805934%2C44807047%2C44807463%2C31078301%2C44806140&oid=2&pvsid=2198639546762473&tmod=1238531650&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=441 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
gdc.indeed.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
nibirumail.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.iperjob.com
www.overthejob.com
104.18.11.207
142.250.181.226
142.250.184.194
142.250.184.228
142.250.184.238
142.250.185.138
142.250.185.99
142.250.186.34
142.250.186.42
142.250.186.67
162.159.130.67
172.217.16.193
46.28.2.29
93.90.146.105
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04754f4af52b3df0c7438d5ce81dab28ce56b9f1cfbd6476d1d69dead2c12327
0dbedacbdc0e649bddce0fe664c5d85e9a149095756f3fdb5861ccc5558c32f8
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2f4874c14ab7a4ae9fed65c24182e4890de11484d1b5699dce786b2fb01a5d79
32cf83fcb998bb6d81968bcd011ccf784fa7d0f48eade3a38f7682b281ea8bda
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
464e063dd100bb935252d0c59563de7d62b0a92a9a0396e4ab3864b8be28ab94
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6de5ee19c5399ae04845a7d213bf0eacbddf9fdaf865f216a44b3b4055d421b8
6ffb3321661240f15fab5a52a9be71238346369d8f16be4129b3c4b657f0df9a
76d67ecb63fddbb70909a8fe8b81b8af1a0d35ad347d044e5011db567c9d4512
795a4ab4ef2ac13848a83e5b36477caf20c05f4314bbc003bbaadab6d4985c95
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
95569cad38481d1ec07c52a96dc28bb7a5655a9e8f67060448837cfe7165b05c
95aa4a182b681198b4057f9dfea67d034ad6947348dda4664a5377dc35337693
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
aed4c8311423cd4e0ac01c8e1bd267a99efdb57e0aa928c2fbbee600ffcf472f
c567912a3cf283a6dea7d0f502c1f350f1161db58cce545cf38674686fadca6b
d2536c1704972cdd16c279fa6205a8f6138eacabfcc5202b5f94bfd974b1a9ee
d371967e4035b3e88ceeff8f9098ae45f77859be7347d4fefe04b1acf9d04fac
d72009ff6980a1021ed8016eba37a0de107c5876e6302eb342267ef2da2a4bba
db5d7bb36691306bda51b903c84fbdef4206d3c166b8080100915d16a617f5ea
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e954a59c0c3c71b22a0d894f38fa5702b99c0ead23f9c5e9a925d72a14460710
eb5679c396883ec22e131ac010f3fef7a84582ee76ff6e4ec3d4e5359b6e5910
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.overthejob.com Open in urlscan Pro 93.90.146.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

37 Requests

65 %HTTPS

0 %IPv6

12 Domains

15 Subdomains

14 IPs

4 Countries

719 kBTransfer

1332 kBSize

8 Cookies

7 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.overthejob.com Open in urlscan Pro
93.90.146.105 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

65 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

14
IPs

4
Countries

719 kB
Transfer

1332 kB
Size

8
Cookies

37 HTTP transactions
0 data transactions