urlscan.io logo urlscan.io
SecurityTrails logo

portal2.apps.stihlusa.com Open in urlscan Pro
20.190.213.236  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://portal2.apps.stihlusa.com/
Effective URL: https://portal2.apps.stihlusa.com/
Submission: On April 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 20 HTTP transactions. The main IP is 20.190.213.236, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is portal2.apps.stihlusa.com. The Cisco Umbrella rank of the primary domain is 321829.
TLS certificate: Issued by R3 on April 18th 2024. Valid for: 3 months.
This is the only time portal2.apps.stihlusa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 20.190.213.236 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 18.66.102.106 16509 (AMAZON-02)
1 13.32.27.107 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.196 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 20.50.88.234 8075 (MICROSOFT...)
20 11
8    20.190.213.236 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
portal2.apps.stihlusa.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net
static.hotjar.com
1    13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    20.50.88.234 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
8 stihlusa.com
portal2.apps.stihlusa.com — Cisco Umbrella Rank: 321829
auth.apps.stihlusa.com Failed
4 MB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 730
200 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 737
script.hotjar.com — Cisco Umbrella Rank: 933
59 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
260 B
1 gstatic.com
www.gstatic.com
204 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
91 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 767
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
885 B
20 9
Domain Requested by
8 portal2.apps.stihlusa.com portal2.apps.stihlusa.com
2 dc.services.visualstudio.com portal2.apps.stihlusa.com
2 www.google.com portal2.apps.stihlusa.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 www.googletagmanager.com portal2.apps.stihlusa.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com portal2.apps.stihlusa.com
1 code.jquery.com portal2.apps.stihlusa.com
1 fonts.googleapis.com portal2.apps.stihlusa.com
0 auth.apps.stihlusa.com Failed portal2.apps.stihlusa.com
20 11

This site contains no links.

Subject Issuer Validity Valid
portal2.apps.stihlusa.com
R3		 2024-04-18 -
2024-07-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-04-10 -
2025-04-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://portal2.apps.stihlusa.com/
Frame ID: F57690AE3559CAEE39E2050183B91F46
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

STIHL Dealer Portal

Page URL History Show full URLs

  1. http://portal2.apps.stihlusa.com/ HTTP 307
    https://portal2.apps.stihlusa.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

20
Requests

95 %
HTTPS

50 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

4899 kB
Transfer

5581 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://portal2.apps.stihlusa.com/ HTTP 307
    https://portal2.apps.stihlusa.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
portal2.apps.stihlusa.com/
Redirect Chain
  • http://portal2.apps.stihlusa.com/
  • https://portal2.apps.stihlusa.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal2.apps.stihlusa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.213.236 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6cd7286a5101e8057faf86699d0509213c41142e47c20d396f98f816d8d2d7c9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
1536
content-type
text/html
date
Mon, 22 Apr 2024 21:24:55 GMT
etag
"66229737-600"
last-modified
Fri, 19 Apr 2024 16:09:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

Location
https://portal2.apps.stihlusa.com/
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		1 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
940931f0ba25fcac9201b6265c4b10480f65b5645a845fd90c91e2a38dca20ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Apr 2024 21:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 20:41:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Apr 2024 21:24:55 GMT
runtime~app.6899bb03.js
portal2.apps.stihlusa.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal2.apps.stihlusa.com/js/runtime~app.6899bb03.js
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.213.236 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd876401f498dd270fd2a943744b7ac6adca5c259f22493ada3ad7814bdcf712
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 21:24:55 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 19 Apr 2024 16:09:27 GMT
accept-ranges
bytes
etag
"66229737-19f9"
content-length
6649
content-type
application/javascript
app.c90834d3.js
portal2.apps.stihlusa.com/js/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal2.apps.stihlusa.com/js/app.c90834d3.js
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.213.236 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ff59c558f8efb9ff3fed367757e2b90b9678e08fbe486d3b48dee17f5af5e8e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 21:24:55 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 19 Apr 2024 16:09:27 GMT
accept-ranges
bytes
etag
"66229737-3e600c"
content-length
4087820
content-type
application/javascript
app.ee319e41.css
portal2.apps.stihlusa.com/css/ 		501 KB
502 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal2.apps.stihlusa.com/css/app.ee319e41.css
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.213.236 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
deb63cef2707d6275de13576ac44c034514b875735ed47ad09714dce121dccaa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 21:24:55 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 19 Apr 2024 16:09:27 GMT
accept-ranges
bytes
etag
"66229737-7d3e6"
content-length
512998
content-type
text/css
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Origin
https://portal2.apps.stihlusa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 21:24:55 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1299236
x-cache
HIT, HIT
content-length
23856
x-served-by
cache-lga21963-LGA, cache-fra-eddf8230105-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1713821096.829777,VS0,VE0
etag
W/"28feccc0-10fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1088, 55318
hotjar-3174942.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3174942.js?sv=6
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-106.fra56.r.cloudfront.net
Software
/
Resource Hash
aa76febe56a6132ef2928193cb835e7e8ad9d46acadc04d8f6f1547a0730f67e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 22 Apr 2024 21:24:56 GMT
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/6507a10b29e2fa3b81d11caf5fd84bce
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
d5x3-cXxTXuE7rjr89-AnXdqy6tnrxvpqj1N0QYtGw-KQ_4JFSbCaw==
modules.9c3b50ddbc74247d2ae3.js
script.hotjar.com/ 		221 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9c3b50ddbc74247d2ae3.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3174942.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-107.fra56.r.cloudfront.net
Software
/
Resource Hash
84abbb88240359c728c738ec4acb83fc354afd75d7470279f1fe01f9841e5f4b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 17:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
533630
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55691
last-modified
Tue, 16 Apr 2024 17:10:18 GMT
etag
"cb9e8e6a84fdeebfc271614ce016b88e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
uKCPcU30k6ceRlsrX_lsEo7GkLt_jb5sV-CLpP7h1vacO7xs3uK1-g==
app-config.json
portal2.apps.stihlusa.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://portal2.apps.stihlusa.com/app-config.json
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/js/app.c90834d3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.213.236 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
793a76782273179eef75ff98791a76b185e3fcabe7ea797f7649688cfe0ab093
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 21:24:57 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 19 Apr 2024 18:18:50 GMT
accept-ranges
bytes
etag
"6622b58a-a5c"
content-length
2652
content-type
application/json
favicon.ico
portal2.apps.stihlusa.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal2.apps.stihlusa.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.213.236 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8074e628f3e1eff8bf78cce4898b752a28606a8ea02a146b0f10271f9544a933
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 21:24:57 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 19 Apr 2024 16:09:27 GMT
accept-ranges
bytes
etag
"66229737-47e"
content-length
1150
content-type
image/x-icon
js
www.googletagmanager.com/gtag/ 		263 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YS9TN0Y3XC
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/js/app.c90834d3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f755e48a9af2227579fe0dbad29bdbd4a87fb85b4a96e1c66eafcc2dc9d2d90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 21:24:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93263
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Apr 2024 21:24:57 GMT
ApiConfigurationValues
portal2.apps.stihlusa.com/api/ 		139 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal2.apps.stihlusa.com/api/ApiConfigurationValues
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/js/app.c90834d3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.213.236 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
404e949b9e4ff39e31f350548cfe7ac410790fc10ad688ac74d308bff193685f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
, 00-ca4159b7f2294fb6abbe7210bcde22ae-63977e60f7e44156-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Bearer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json
Referer
https://portal2.apps.stihlusa.com/
Request-Id
|ca4159b7f2294fb6abbe7210bcde22ae.63977e60f7e44156
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 21:24:57 GMT
strict-transport-security
max-age=15724800; includeSubDomains
api-supported-versions
1.0
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,Content-Type,Authorization,x-ms-command-name,x-ms-client-request-id,x-ms-useragent,traceparent,request-context
request-context
appId=cid-v1:e671079d-19c8-4061-9c17-62e6905b42bc
openid-configuration
auth.apps.stihlusa.com/.well-known/ 		0
0
loading-spinner.bb16f10b.svg
portal2.apps.stihlusa.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal2.apps.stihlusa.com/img/loading-spinner.bb16f10b.svg
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/css/app.ee319e41.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.190.213.236 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
51e4efd705bb9d71f8d25eda425800405f416361ad8df6c0ae9283fa3ba568b3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/css/app.ee319e41.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 21:24:57 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 19 Apr 2024 16:09:27 GMT
accept-ranges
bytes
etag
"66229737-721"
content-length
1825
content-type
image/svg+xml
api.js
www.google.com/recaptcha/ 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/js/app.c90834d3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
895c5515e79c18972a7b0fbedc5205d81a26c7042bc3f60b0613ea103a959605
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 21:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 22 Apr 2024 21:24:57 GMT
api.js
www.google.com/recaptcha/ 		1 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=__vueRecaptchaLoaded&render=explicit
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/js/app.c90834d3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
GSE /
Resource Hash
f97f1231e5c021409e2750eb3fce9d614d855943541f4d6a7bb45a14da0ef8b9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 21:24:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 22 Apr 2024 21:24:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/ 		510 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fdca10f4fced6a31a29cc740d2cacf2d897045dba62ec96169ae82f3411fed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Origin
https://portal2.apps.stihlusa.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 12:13:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207948
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 02:01:04 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 22 Apr 2025 12:13:25 GMT
collect
region1.google-analytics.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YS9TN0Y3XC&gtm=45je44h0v883227312za200&_p=1713821095918&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=381690348.1713821097&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1713821097&sct=1&seg=0&dl=https%3A%2F%2Fportal2.apps.stihlusa.com%2F&dt=STIHL%20Dealer%20Portal&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=2053
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YS9TN0Y3XC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://portal2.apps.stihlusa.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 22 Apr 2024 21:24:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal2.apps.stihlusa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://portal2.apps.stihlusa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Mon, 22 Apr 2024 21:24:57 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: portal2.apps.stihlusa.com
URL: https://portal2.apps.stihlusa.com/js/app.c90834d3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
7a531b7e91de238dec718c55e380052e9b32a92379786ab6146697e572f80b8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://portal2.apps.stihlusa.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Mon, 22 Apr 2024 21:24:57 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
auth.apps.stihlusa.com
URL
https://auth.apps.stihlusa.com/.well-known/openid-configuration

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| hj object| _hjSettings function| gtag object| dataLayer object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled function| $ function| jQuery object| webpackChunkdealer_portal object| __VUE_INSTANCE_SETTERS__ function| __vueRecaptchaLoaded object| regeneratorRuntime function| saveAs object| __dynProto$Gbl number| uidEvent object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| __VUE__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha

6 Cookies

Domain/Path Name / Value
.stihlusa.com/ Name: _hjSessionUser_3174942
Value: eyJpZCI6ImE5ZDAwOWQzLTc2YzEtNTk1YS05OGFkLTYzOGFlNWU3ZjRlMiIsImNyZWF0ZWQiOjE3MTM4MjEwOTY5NjgsImV4aXN0aW5nIjpmYWxzZX0=
.stihlusa.com/ Name: _hjSession_3174942
Value: eyJpZCI6IjBiMmMxNDdkLWQ1N2QtNDRlOC04ZjNlLWJiYThiNWY2YWQ1NCIsImMiOjE3MTM4MjEwOTY5NjgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
portal2.apps.stihlusa.com/ Name: ai_user
Value: fxU3KvDDw4KP5Jycaxhtrz|2024-04-22T21:24:57.106Z
portal2.apps.stihlusa.com/ Name: ai_session
Value: PUCQuXzwguY4TueASKspSK|1713821097242|1713821097242
.stihlusa.com/ Name: _ga
Value: GA1.1.381690348.1713821097
.stihlusa.com/ Name: _ga_YS9TN0Y3XC
Value: GS1.1.1713821097.1.1.1713821097.0.0.0

2 Console Messages

Source Level URL
Text
javascript error URL: https://portal2.apps.stihlusa.com/
Message:
Access to XMLHttpRequest at 'https://auth.apps.stihlusa.com/.well-known/openid-configuration' from origin 'https://portal2.apps.stihlusa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://auth.apps.stihlusa.com/.well-known/openid-configuration
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.apps.stihlusa.com
code.jquery.com
dc.services.visualstudio.com
fonts.googleapis.com
portal2.apps.stihlusa.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
www.google.com
www.googletagmanager.com
www.gstatic.com
auth.apps.stihlusa.com
13.32.27.107
142.250.185.196
18.66.102.106
20.190.213.236
20.50.88.234
2001:4860:4802:34::36
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:81d::2008
2a04:4e42:400::649
0f755e48a9af2227579fe0dbad29bdbd4a87fb85b4a96e1c66eafcc2dc9d2d90
404e949b9e4ff39e31f350548cfe7ac410790fc10ad688ac74d308bff193685f
51e4efd705bb9d71f8d25eda425800405f416361ad8df6c0ae9283fa3ba568b3
6cd7286a5101e8057faf86699d0509213c41142e47c20d396f98f816d8d2d7c9
793a76782273179eef75ff98791a76b185e3fcabe7ea797f7649688cfe0ab093
7a531b7e91de238dec718c55e380052e9b32a92379786ab6146697e572f80b8b
8074e628f3e1eff8bf78cce4898b752a28606a8ea02a146b0f10271f9544a933
84abbb88240359c728c738ec4acb83fc354afd75d7470279f1fe01f9841e5f4b
895c5515e79c18972a7b0fbedc5205d81a26c7042bc3f60b0613ea103a959605
8ff59c558f8efb9ff3fed367757e2b90b9678e08fbe486d3b48dee17f5af5e8e
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
940931f0ba25fcac9201b6265c4b10480f65b5645a845fd90c91e2a38dca20ef
9fdca10f4fced6a31a29cc740d2cacf2d897045dba62ec96169ae82f3411fed2
aa76febe56a6132ef2928193cb835e7e8ad9d46acadc04d8f6f1547a0730f67e
dd876401f498dd270fd2a943744b7ac6adca5c259f22493ada3ad7814bdcf712
deb63cef2707d6275de13576ac44c034514b875735ed47ad09714dce121dccaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f97f1231e5c021409e2750eb3fce9d614d855943541f4d6a7bb45a14da0ef8b9