urlscan.io logo urlscan.io
SecurityTrails logo

nitrobox.jobs.personio.de Open in urlscan Pro
2600:9000:20eb:6200:6:9821:c840:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://jobs.nitrobox.com/
Effective URL: https://nitrobox.jobs.personio.de/
Submission Tags: phishingrod
Submission: On April 21 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 2600:9000:20eb:6200:6:9821:c840:93a1, located in United States and belongs to AMAZON-02, US. The main domain is nitrobox.jobs.personio.de.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 6th 2023. Valid for: a year.
This is the only time nitrobox.jobs.personio.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 20.71.8.37 8075 (MICROSOFT...)
2 2600:9000:20e... 16509 (AMAZON-02)
11 2600:9000:205... 16509 (AMAZON-02)
3 2600:9000:205... 16509 (AMAZON-02)
16 4
Apex Domain
Subdomains		 Transfer
16 personio.de
nitrobox.jobs.personio.de
assets.cdn.personio.de — Cisco Umbrella Rank: 351181
we-are-hiring.cdn.personio.de — Cisco Umbrella Rank: 514127
596 KB
1 nitrobox.com
jobs.nitrobox.com
125 B
16 2
Domain Requested by
11 assets.cdn.personio.de nitrobox.jobs.personio.de
assets.cdn.personio.de
3 we-are-hiring.cdn.personio.de assets.cdn.personio.de
2 nitrobox.jobs.personio.de assets.cdn.personio.de
1 jobs.nitrobox.com 1 redirects
16 4

This site contains links to these domains. Also see Links.

Domain
www.personio.com
www.nitrobox.de
Subject Issuer Validity Valid
jobs.personio.de
Amazon RSA 2048 M02		 2023-04-06 -
2024-05-04		 a year crt.sh
we-are-hiring.cdn.personio.de
Amazon RSA 2048 M02		 2023-02-28 -
2024-03-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://nitrobox.jobs.personio.de/
Frame ID: 09833FDDEBC14C4C0D53CF609AB37342
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jobs at Nitrobox GmbH - Subscription Management and Order-to-Cash Platform

Page URL History Show full URLs

  1. https://jobs.nitrobox.com/ HTTP 301
    https://nitrobox.jobs.personio.de/ Page URL

Page Statistics

16
Requests

100 %
HTTPS

75 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

596 kB
Transfer

1195 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jobs.nitrobox.com/ HTTP 301
    https://nitrobox.jobs.personio.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nitrobox.jobs.personio.de/
Redirect Chain
  • https://jobs.nitrobox.com/
  • https://nitrobox.jobs.personio.de/
46 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nitrobox.jobs.personio.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6200:6:9821:c840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e631485399bde12524bb14f95b14e6e8235a1d951f0a692ab8aa562c870145c0
Security Headers
Name Value
Content-Security-Policy report-uri https://nitrobox.personio.de/csp-reports; report-to csp-endpoint; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://*.personio.de https://*.personio-internal.de https://fonts.gstatic.com https://*.googleapis.com https://*.userlane.com https://cdn.pendo.io https://js-agent.newrelic.com https://bam.nr-data.net https://data.pendo.io https://player.vimeo.com https://*.cdn.pendo.io https://*.stripe.com https://api.gohiring.com https://tracking.gohiring.com https://stackpath.bootstrapcdn.com https://personio.zendesk.com https://app.pendo.io https://www.youtube.com https://www.youtube-nocookie.com; img-src * data:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-encoding
UTF-8
content-length
47082
content-security-policy
report-uri https://nitrobox.personio.de/csp-reports; report-to csp-endpoint; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://*.personio.de https://*.personio-internal.de https://fonts.gstatic.com https://*.googleapis.com https://*.userlane.com https://cdn.pendo.io https://js-agent.newrelic.com https://bam.nr-data.net https://data.pendo.io https://player.vimeo.com https://*.cdn.pendo.io https://*.stripe.com https://api.gohiring.com https://tracking.gohiring.com https://stackpath.bootstrapcdn.com https://personio.zendesk.com https://app.pendo.io https://www.youtube.com https://www.youtube-nocookie.com; img-src * data:;
content-type
text/html
date
Fri, 21 Apr 2023 04:33:42 GMT
report-to
{"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://nitrobox.personio.de/csp-reports"}],"include_subdomains":true}
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-amz-cf-id
GllvfdCbOTW8VERtiXYwmn-_81YiwjKKtyh2GbqGDkqS1UfjX2doXA==
x-amz-cf-pop
FRA2-C1
x-amz-id-2
ZyDCrPTKwI9hH+/h+LoOAmiUtZJ6gWJtdyLhnKQJ1rBaSFor/PJk/AD2Xxk3Pg1EQQ6y+ICFrEL1nJFaUOFThQ==
x-amz-request-id
8TNHVER7CJ858J72
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

content-length
162
content-type
text/html
date
Fri, 21 Apr 2023 04:33:42 GMT
location
https://nitrobox.jobs.personio.de
strict-transport-security
max-age=15724800; includeSubDomains
styles.ed32b982ea9facd93534.css
assets.cdn.personio.de/jobs/v2/min/css/ 		256 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.personio.de/jobs/v2/min/css/styles.ed32b982ea9facd93534.css
Requested by
Host: nitrobox.jobs.personio.de
URL: https://nitrobox.jobs.personio.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5a00:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
541f2620fc991e024ff87125954492ecd21fa1a51dc2e9a8850a4480bd9d53d8
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitrobox.jobs.personio.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src *.personio.de
strict-transport-security
max-age=3600
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 04:29:56 GMT
content-encoding
gzip
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
age
43577
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Wed, 19 Apr 2023 14:35:23 GMT
server
AmazonS3
etag
W/"1fafcc41eae423212314fe94a1bbff9e"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000,public,must-revalidate
x-amz-cf-id
9lzg4UoG2TMnXQDpe1MxTyfbTkYvSu1Ya1eiPViDTTQjb3PV51c8lQ==
roboto.css
assets.cdn.personio.de/fonts/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.personio.de/fonts/roboto.css
Requested by
Host: nitrobox.jobs.personio.de
URL: https://nitrobox.jobs.personio.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5a00:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f0304205fbe14f86aebe40a20a0b08f7833e81d919af44af61c1f9106a7f21a
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitrobox.jobs.personio.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src *.personio.de
strict-transport-security
max-age=3600
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 01:08:28 GMT
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
age
12316
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Mon, 05 Dec 2022 12:43:32 GMT
server
AmazonS3
etag
W/"311aa83b14b6987cebd148ba8ed47d88"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
x-amz-cf-id
apnzzWKy_93_sejMdwwmc6WPAyIHaDeapE9h_ACv-rD1z5OtFVvj4g==
387703d3f10a8142dce9f39f9b8524c3.png
assets.cdn.personio.de/logos/389/social/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.cdn.personio.de/logos/389/social/387703d3f10a8142dce9f39f9b8524c3.png
Requested by
Host: nitrobox.jobs.personio.de
URL: https://nitrobox.jobs.personio.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5a00:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e84f56873aaffcfc31a81110dcf02c202d1011cc099d2aa0a2ca08af0eb80a1d
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src *.personio.de
strict-transport-security
max-age=3600
x-content-type-options
nosniff
date
Thu, 20 Apr 2023 06:47:26 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
78378
x-cache
Hit from cloudfront
content-length
5648
x-xss-protection
1
last-modified
Wed, 30 Nov 2022 02:45:07 GMT
server
AmazonS3
etag
"36a4d825ce0ad94266acdc4a46f5d7b6"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000,public,must-revalidate
accept-ranges
bytes
x-amz-cf-id
qpjTnwSI3VrfWZ5rzEu7TDQPCjlMBeo8p_zYxT3hrK5krh9NLFJx_w==
logo-personio-square-small.png
assets.cdn.personio.de/build/client/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.cdn.personio.de/build/client/img/logo-personio-square-small.png
Requested by
Host: nitrobox.jobs.personio.de
URL: https://nitrobox.jobs.personio.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5a00:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc833c90072cc6c05cd6f3dc195ef443b0974b0b822a5edb6854bd3327dc30a3
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src *.personio.de
strict-transport-security
max-age=3600
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 04:03:37 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1807
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1735
x-xss-protection
1
last-modified
Tue, 18 Apr 2023 03:47:56 GMT
server
AmazonS3
etag
"451b9aaf8bfaa0095a2cb5f2f5801b06"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000,public,must-revalidate
accept-ranges
bytes
x-amz-cf-id
rE72jzjqhaqZFSxJBY16Pz-rzEOZ84CVn3Rq3YktW9kkOiHg8D-t8Q==
load_assets.886f886c7fa367610546.js
assets.cdn.personio.de/jobs/v2/min/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.personio.de/jobs/v2/min/js/load_assets.886f886c7fa367610546.js
Requested by
Host: nitrobox.jobs.personio.de
URL: https://nitrobox.jobs.personio.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5a00:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3668ff3e88b6607f95dec89b87537aed4b4529a4640b50bce828347b4ce2e18a
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src *.personio.de
strict-transport-security
max-age=3600
x-content-type-options
nosniff
date
Thu, 20 Apr 2023 14:01:55 GMT
content-encoding
gzip
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
age
52309
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Mon, 17 Apr 2023 12:33:42 GMT
server
AmazonS3
etag
W/"2a258b585fe822761775d654ba3931da"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000,public,must-revalidate
x-amz-cf-id
U2S6kpN8b0ezWJb-cBO4WBVrv3e9gl9GAbW7dx1qA7XfOE0Y2UtINg==
322334e6c99f202601f0970cf112240dpng
assets.cdn.personio.de/career-site/header/389/ 		257 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.cdn.personio.de/career-site/header/389/322334e6c99f202601f0970cf112240dpng
Requested by
Host: nitrobox.jobs.personio.de
URL: https://nitrobox.jobs.personio.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5a00:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45460e0639ed50fbe5c3b574c411eb154485c924c0cd5b1fc96f9fc3373738e4
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nitrobox.jobs.personio.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src *.personio.de
strict-transport-security
max-age=3600
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 04:33:43 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
25928
x-cache
Hit from cloudfront
content-length
262884
x-xss-protection
1
last-modified
Wed, 30 Nov 2022 01:31:28 GMT
server
AmazonS3
etag
"322334e6c99f202601f0970cf112240d"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
HCbXsRp1gYytw4yqSdvcgeF_gc3KpzpA-PNDh0cm4B-8hruKIB8HCA==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e406047e2f128fd8409dac120713e9618d97cfdbc1b1bbb82d7fc2277495628

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
we-are-hiring.cdn.personio.de/fonts/roboto/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://we-are-hiring.cdn.personio.de/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: assets.cdn.personio.de
URL: https://assets.cdn.personio.de/fonts/roboto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4600:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Referer
https://assets.cdn.personio.de/
Origin
https://nitrobox.jobs.personio.de
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 06:47:27 GMT
content-security-policy
default-src *.personio.de
x-content-type-options
nosniff
strict-transport-security
max-age=3600
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
78377
x-cache
Hit from cloudfront
content-length
11040
x-xss-protection
1
last-modified
Mon, 05 Dec 2022 12:43:32 GMT
server
AmazonS3
etag
"5e22a46c04d947a36ea0cad07afcc9e1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://nitrobox.jobs.personio.de
x-frame-options
DENY
access-control-allow-credentials
true
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
J1oIjDGMxdXZuUFfsJth-f63pbMXG-o1EPwR0XWtXN4QB3dfaCWoLQ==
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
we-are-hiring.cdn.personio.de/fonts/roboto/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://we-are-hiring.cdn.personio.de/fonts/roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: assets.cdn.personio.de
URL: https://assets.cdn.personio.de/fonts/roboto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4600:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Referer
https://assets.cdn.personio.de/
Origin
https://nitrobox.jobs.personio.de
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src *.personio.de
strict-transport-security
max-age=3600
x-content-type-options
nosniff
date
Thu, 20 Apr 2023 15:00:15 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
48809
x-cache
Hit from cloudfront
content-length
11072
x-xss-protection
1
last-modified
Mon, 05 Dec 2022 12:43:32 GMT
server
AmazonS3
etag
"e7df3d0942815909add8f9d0c40d00d9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://nitrobox.jobs.personio.de
x-frame-options
DENY
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
keFG5q9JorIQFearBZlp9DprWX7GbgIgZ-3aFdhgIE0iTic82tgR8g==
fa-solid-900.woff2
assets.cdn.personio.de/jobs/v2/min/css/fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.personio.de/jobs/v2/min/css/fonts/fa-solid-900.woff2
Requested by
Host: assets.cdn.personio.de
URL: https://assets.cdn.personio.de/jobs/v2/min/css/styles.ed32b982ea9facd93534.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5a00:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Referer
https://assets.cdn.personio.de/jobs/v2/min/css/styles.ed32b982ea9facd93534.css
Origin
https://nitrobox.jobs.personio.de
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src *.personio.de
strict-transport-security
max-age=3600
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 04:33:43 GMT
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
56917
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
50372
x-xss-protection
1
last-modified
Wed, 19 Apr 2023 14:35:23 GMT
server
AmazonS3
etag
"8a8c0474283e0d9ef41743e5e486bf05"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://nitrobox.jobs.personio.de
x-frame-options
DENY
access-control-allow-credentials
true
cache-control
max-age=2592000,public,must-revalidate
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
BDdzopV67qS5Wi8ypZNNN3B9a80ACD-NXzsLa9dPV9FRGraFLtQvHA==
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
we-are-hiring.cdn.personio.de/fonts/roboto/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://we-are-hiring.cdn.personio.de/fonts/roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: assets.cdn.personio.de
URL: https://assets.cdn.personio.de/fonts/roboto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4600:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Referer
https://assets.cdn.personio.de/
Origin
https://nitrobox.jobs.personio.de
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src *.personio.de
strict-transport-security
max-age=3600
x-content-type-options
nosniff
date
Thu, 20 Apr 2023 18:27:45 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
36359
x-cache
Hit from cloudfront
content-length
11028
x-xss-protection
1
last-modified
Mon, 05 Dec 2022 12:43:33 GMT
server
AmazonS3
etag
"1f6d3cf6d38f25d83d95f5a800b8cac3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://nitrobox.jobs.personio.de
x-frame-options
DENY
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
-q7z5pf_d5fhbSmFwuLG6GS95IsMan4OWKaUvBIhsBkGS7Dfj63BPg==
rev-manifest.json
assets.cdn.personio.de/jobs/v2/ 		464 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.personio.de/jobs/v2/rev-manifest.json
Requested by
Host: assets.cdn.personio.de
URL: https://assets.cdn.personio.de/jobs/v2/min/js/load_assets.886f886c7fa367610546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5a00:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a32da17a82ee102fad4746a72fa93b5fc203685fe2afbbf4397e1f250cd903a1
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:33:44 GMT
content-security-policy
default-src *.personio.de
x-content-type-options
nosniff
strict-transport-security
max-age=3600
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
464
x-xss-protection
1
last-modified
Fri, 21 Apr 2023 03:21:27 GMT
server
AmazonS3
etag
"c624f6cc2df6c9c5bd9ddf81f98529ae"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://nitrobox.jobs.personio.de
cache-control
no-store, max-age=0
access-control-allow-credentials
true
x-frame-options
DENY
accept-ranges
bytes
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
esdI5RuyB-fuewPJD_OZr3JCaOGxDUoR-GFIjrz_ZDibVNPxGuEwow==
vendor.BkQyEnTk2.js
assets.cdn.personio.de/jobs/v2/min/js/ 		431 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.personio.de/jobs/v2/min/js/vendor.BkQyEnTk2.js
Requested by
Host: assets.cdn.personio.de
URL: https://assets.cdn.personio.de/jobs/v2/min/js/load_assets.886f886c7fa367610546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5a00:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efad9cf420cc859ae171aa66a1f6a87f7f34766018838a24a12502c5e662664b
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 01:43:42 GMT
content-security-policy
default-src *.personio.de
x-content-type-options
nosniff
strict-transport-security
max-age=3600
content-encoding
gzip
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
age
10202
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Thu, 20 Apr 2023 20:23:12 GMT
server
AmazonS3
etag
W/"92f5fbc7aee608e46f4f339ae50d6599"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000,public,must-revalidate
x-amz-cf-id
zvsrT6K2djnH8ruu9L0r0iG7fSrU_UopDHu3_4RKCLO_R5rphWyrNw==
scripts.df5bb1715c2407eb1bf3.js
assets.cdn.personio.de/jobs/v2/min/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.personio.de/jobs/v2/min/js/scripts.df5bb1715c2407eb1bf3.js
Requested by
Host: assets.cdn.personio.de
URL: https://assets.cdn.personio.de/jobs/v2/min/js/load_assets.886f886c7fa367610546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5a00:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b3628ccfb81508e562a340602e330617f4642ac5ec631fd9f110e855af5014
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src *.personio.de
strict-transport-security
max-age=3600
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 01:03:07 GMT
content-encoding
gzip
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
age
12637
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Mon, 17 Apr 2023 14:36:50 GMT
server
AmazonS3
etag
W/"fb034b63fb9908aa29c8abc8cbf35013"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000,public,must-revalidate
x-amz-cf-id
W87KKnOYdZclB1nbvCk1iQrgvUO6yxjunGpJ1zv-ik6jDbzyy4p_kw==
jobs_list.60aab5465b9c97264205.js
assets.cdn.personio.de/jobs/v2/min/js/ 		50 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.personio.de/jobs/v2/min/js/jobs_list.60aab5465b9c97264205.js
Requested by
Host: assets.cdn.personio.de
URL: https://assets.cdn.personio.de/jobs/v2/min/js/load_assets.886f886c7fa367610546.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5a00:1f:614b:8800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64181ee4e8276690dcd3e5911227da1786dc055bfaec4b4feedb75965686747a
Security Headers
Name Value
Content-Security-Policy default-src *.personio.de
Strict-Transport-Security max-age=3600
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src *.personio.de
strict-transport-security
max-age=3600
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 02:35:35 GMT
content-encoding
gzip
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
age
7089
x-cache
Hit from cloudfront
x-xss-protection
1
last-modified
Tue, 11 Apr 2023 17:39:52 GMT
server
AmazonS3
etag
W/"eb23c96816d039e18a67e16f102d137d"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000,public,must-revalidate
x-amz-cf-id
SSv_NjQ3wsn11NLiIOA5rulV8tm4ISYPF25pkAis51OykrOBFGpQiA==
search.json
nitrobox.jobs.personio.de/ 		18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nitrobox.jobs.personio.de/search.json
Requested by
Host: assets.cdn.personio.de
URL: https://assets.cdn.personio.de/jobs/v2/min/js/jobs_list.60aab5465b9c97264205.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6200:6:9821:c840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba427de47d9487b756ce635c05028d03415af0958919d4f87baa7e9b013879d0
Security Headers
Name Value
Content-Security-Policy report-uri https://nitrobox.personio.de/csp-reports; report-to csp-endpoint; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://*.personio.de https://*.personio-internal.de https://fonts.gstatic.com https://*.googleapis.com https://*.userlane.com https://cdn.pendo.io https://js-agent.newrelic.com https://bam.nr-data.net https://data.pendo.io https://player.vimeo.com https://*.cdn.pendo.io https://*.stripe.com https://api.gohiring.com https://tracking.gohiring.com https://stackpath.bootstrapcdn.com https://personio.zendesk.com https://app.pendo.io https://www.youtube.com https://www.youtube-nocookie.com; img-src * data:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 04:33:44 GMT
content-security-policy
report-uri https://nitrobox.personio.de/csp-reports; report-to csp-endpoint; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://*.personio.de https://*.personio-internal.de https://fonts.gstatic.com https://*.googleapis.com https://*.userlane.com https://cdn.pendo.io https://js-agent.newrelic.com https://bam.nr-data.net https://data.pendo.io https://player.vimeo.com https://*.cdn.pendo.io https://*.stripe.com https://api.gohiring.com https://tracking.gohiring.com https://stackpath.bootstrapcdn.com https://personio.zendesk.com https://app.pendo.io https://www.youtube.com https://www.youtube-nocookie.com; img-src * data:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-request-id
KYPXPZSFDG573YT7
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-id-2
7cOVexal0KzfmwJg2Kci+jSOLRr5LKkQ2nfcTKaQEBFSvwogN7763geZK5U+cZVtvG+YMrMwLnY=
x-xss-protection
1; mode=block
last-modified
Tue, 11 Apr 2023 13:51:31 GMT
server
AmazonS3
etag
W/"c707d04a8656884f76360343bdbbc4d9"
vary
Accept-Encoding
report-to
{"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://nitrobox.personio.de/csp-reports"}],"include_subdomains":true}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
ujVjYYq8I9kzjn4AACngHuqZwNtTESf1A6sH6blVJPcZjuJqONFPJQ==

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| version function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| __guard__ function| __guardMethod__ function| $ function| jQuery object| Popper number| uidEvent object| bootstrap function| moment function| lunr

2 Cookies

Domain/Path Name / Value
.nitrobox.jobs.personio.de/ Name: locale
Value: default
nitrobox.jobs.personio.de/ Name: locale
Value: en

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy report-uri https://nitrobox.personio.de/csp-reports; report-to csp-endpoint; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://*.personio.de https://*.personio-internal.de https://fonts.gstatic.com https://*.googleapis.com https://*.userlane.com https://cdn.pendo.io https://js-agent.newrelic.com https://bam.nr-data.net https://data.pendo.io https://player.vimeo.com https://*.cdn.pendo.io https://*.stripe.com https://api.gohiring.com https://tracking.gohiring.com https://stackpath.bootstrapcdn.com https://personio.zendesk.com https://app.pendo.io https://www.youtube.com https://www.youtube-nocookie.com; img-src * data:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.cdn.personio.de
jobs.nitrobox.com
nitrobox.jobs.personio.de
we-are-hiring.cdn.personio.de
20.71.8.37
2600:9000:2057:4600:1f:614b:8800:93a1
2600:9000:2057:5a00:1f:614b:8800:93a1
2600:9000:20eb:6200:6:9821:c840:93a1
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
2f0304205fbe14f86aebe40a20a0b08f7833e81d919af44af61c1f9106a7f21a
31b3628ccfb81508e562a340602e330617f4642ac5ec631fd9f110e855af5014
3668ff3e88b6607f95dec89b87537aed4b4529a4640b50bce828347b4ce2e18a
45460e0639ed50fbe5c3b574c411eb154485c924c0cd5b1fc96f9fc3373738e4
541f2620fc991e024ff87125954492ecd21fa1a51dc2e9a8850a4480bd9d53d8
64181ee4e8276690dcd3e5911227da1786dc055bfaec4b4feedb75965686747a
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
9e406047e2f128fd8409dac120713e9618d97cfdbc1b1bbb82d7fc2277495628
a32da17a82ee102fad4746a72fa93b5fc203685fe2afbbf4397e1f250cd903a1
ba427de47d9487b756ce635c05028d03415af0958919d4f87baa7e9b013879d0
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
cc833c90072cc6c05cd6f3dc195ef443b0974b0b822a5edb6854bd3327dc30a3
e631485399bde12524bb14f95b14e6e8235a1d951f0a692ab8aa562c870145c0
e84f56873aaffcfc31a81110dcf02c202d1011cc099d2aa0a2ca08af0eb80a1d
efad9cf420cc859ae171aa66a1f6a87f7f34766018838a24a12502c5e662664b