urlscan.io logo urlscan.io
SecurityTrails logo

bfsaccount.americas.bentleymotors.com Open in urlscan Pro
192.131.64.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bfsmyaccount.com/
Effective URL: https://bfsaccount.americas.bentleymotors.com/
Submission: On May 30 via api from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 192.131.64.155, located in United States and belongs to CHECKFREE, US. The main domain is bfsaccount.americas.bentleymotors.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on May 31st 2019. Valid for: 2 years.
This is the only time bfsaccount.americas.bentleymotors.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.0.1.123 14618 (AMAZON-AES)
18 192.131.64.155 6318 (CHECKFREE)
18 1
Apex Domain
Subdomains		 Transfer
18 bentleymotors.com
bfsaccount.americas.bentleymotors.com
7 MB
1 bfsmyaccount.com
bfsmyaccount.com
366 B
18 2
Domain Requested by
18 bfsaccount.americas.bentleymotors.com bfsaccount.americas.bentleymotors.com
1 bfsmyaccount.com 1 redirects
18 2

This site contains links to these domains. Also see Links.

Domain
myidlogin.com
Subject Issuer Validity Valid
bfsaccount.americas.bentleymotors.com
GeoTrust RSA CA 2018		 2019-05-31 -
2021-07-29		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://bfsaccount.americas.bentleymotors.com/
Frame ID: 07E7EFF579CA571CB4DF0545CD8B233E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bfsmyaccount.com/ HTTP 301
    https://bfsaccount.americas.bentleymotors.com/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

6786 kB
Transfer

7618 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bfsmyaccount.com/ HTTP 301
    https://bfsaccount.americas.bentleymotors.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
bfsaccount.americas.bentleymotors.com/
Redirect Chain
  • http://bfsmyaccount.com/
  • https://bfsaccount.americas.bentleymotors.com/
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
/
Resource Hash
8f22b2655abddc644f4860a72b0aa17f25480488488898681cf1dc9447fc4bc2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' billerdirectui.onefiserv.com av-billerdirectui-uat.onefiserv.com ci-mpsnare.iovation.com mpsnare.iesnare.com googletagmanager.com *.doubleclick.net https://www.google-analytics.com 'unsafe-inline' gstatic.com www.gstatic.com www.google.com maps.googleapis.com googletagmanager.com *.doubleclick.net https://www.google-analytics.com; connect-src 'self' https://picserv.porsche.com; img-src 'self' pics.porsche.com www.google.com picserv.porsche.com googletagmanager.com *.gstatic.com *.doubleclick.net https://www.google-analytics.com *.googleapis.com data: https://etimeqa15.bankofthewest.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; object-src 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com; frame-src billerdirectui.onefiserv.com av-billerdirectui-uat.onefiserv.com www.google.com https://www.youtube.com https://vimeo.com chat-lending.fiservapps.com googletagmanager.com *.doubleclick.net https://www.google-analytics.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
bfsaccount.americas.bentleymotors.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=tggkhuh2c1iks3edqlhuyjq1; path=/; secure; HttpOnly; SameSite=Lax
X-Frame-Options
DENY
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-eval' billerdirectui.onefiserv.com av-billerdirectui-uat.onefiserv.com ci-mpsnare.iovation.com mpsnare.iesnare.com googletagmanager.com *.doubleclick.net https://www.google-analytics.com 'unsafe-inline' gstatic.com www.gstatic.com www.google.com maps.googleapis.com googletagmanager.com *.doubleclick.net https://www.google-analytics.com; connect-src 'self' https://picserv.porsche.com; img-src 'self' pics.porsche.com www.google.com picserv.porsche.com googletagmanager.com *.gstatic.com *.doubleclick.net https://www.google-analytics.com *.googleapis.com data: https://etimeqa15.bankofthewest.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; object-src 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com; frame-src billerdirectui.onefiserv.com av-billerdirectui-uat.onefiserv.com www.google.com https://www.youtube.com https://vimeo.com chat-lending.fiservapps.com googletagmanager.com *.doubleclick.net https://www.google-analytics.com;
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
X-Download-Options
noopen
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
SERVER
02
Date
Sat, 30 May 2020 23:28:25 GMT
Content-Length
2643

Redirect headers

Server
Apache/2.4.27 (Amazon) OpenSSL/1.0.2k-fips
Location
https://bfsaccount.americas.bentleymotors.com/
Content-Type
text/html; charset=iso-8859-1
X-Backend
dsweb3
Content-Length
254
Accept-Ranges
bytes
Date
Sat, 30 May 2020 23:28:25 GMT
X-Varnish
1198139580 1197697898
Age
18379
Via
1.1 varnish
X-Cache
HIT
client.css
bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/ 		136 B
554 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/client.css?v=1.0.7415.24343
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
8f83a0c26a301b785bed12e867b6abafe59c47a4a0cbd4a911b55e4646a4e409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"75d1f3794e19d61:0"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/css
Date
Sat, 30 May 2020 23:28:25 GMT
Accept-Ranges
bytes
Content-Length
134
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
client.js
bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/ 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/client.js?v=1.0.7415.24343
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
b5b5013fe0d2b0447b6061bc1e975c63a230ce19dd6591617fd1690c531a9b15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"75d1f3794e19d61:0"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Sat, 30 May 2020 23:28:25 GMT
Accept-Ranges
bytes
Content-Length
468
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
material-icons.css
bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/ 		1 KB
884 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/material-icons.css
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
b32d216efa6fbb9fb8b7cb797e795836becd3318347a1c2e2b35e4e22c92be82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"ee5afd794e19d61:0"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/css
Date
Sat, 30 May 2020 23:28:25 GMT
Accept-Ranges
bytes
Content-Length
464
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
icon-fonts.css
bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/icon-fonts.css
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
b7ad2ab1ed046020551b504b7d4e535c3506ed9ed2c7eea06685fd65d0bb7aae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"82fcfa794e19d61:0"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/css
Date
Sat, 30 May 2020 23:28:25 GMT
Accept-Ranges
bytes
Content-Length
1980
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
app.min.css
bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/ 		484 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/app.min.css?v=1.0.7415.24343
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
6dc5e4214d7341f35f567c526b2eb6b20b63531edf1c50dd133222ed0cd518b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 10:09:44 GMT
Server
02
ETag
"ef63b44f5719d61:0"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/css
Date
Sat, 30 May 2020 23:28:25 GMT
Accept-Ranges
bytes
Content-Length
65794
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
angular.min.js
bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/ 		155 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/angular.min.js?v=1.0.7415.24343
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
81e452718cdf5563b520957cf6fcef7cbb612da5d11014dc34117a086b201e48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"7b3df6794e19d61:0"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Sat, 30 May 2020 23:28:25 GMT
Accept-Ranges
bytes
Content-Length
55842
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
angular-animate.min.js
bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/angular-animate.min.js?v=1.0.7415.24343
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
a6fe938d0f83ec9573790ccaff14e7ec3e52b5ac23858ee0ddd96629e08f125a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"75d1f3794e19d61:0"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Sat, 30 May 2020 23:28:25 GMT
Accept-Ranges
bytes
Content-Length
9309
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
angular-aria.min.js
bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/angular-aria.min.js?v=1.0.7415.24343
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
c7700ff5fc67507c42f56ba9e0452e43832a73a9ad26891b73db436553117392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"75d1f3794e19d61:0"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Sat, 30 May 2020 23:28:25 GMT
Accept-Ranges
bytes
Content-Length
1490
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
angular-messages.min.js
bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/angular-messages.min.js?v=1.0.7415.24343
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
21e82f98d39b339011ec9838ac008433d7f9d00dacac966e568d9064a1f60d1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"7b3df6794e19d61:0"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Sat, 30 May 2020 23:28:25 GMT
Accept-Ranges
bytes
Content-Length
1399
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
angular-material.min.js
bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/ 		358 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/angular-material.min.js?v=1.0.7415.24343
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
5fddbf4e7a284e59f018d099f61fe533f5fe6716aaf557a6f3895990b6348585
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"7b3df6794e19d61:0"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Sat, 30 May 2020 23:28:25 GMT
X-UA-Compatible
IE=edge
app.js
bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/ 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/scripts/Consumer/app.js?v=1.0.7415.24343
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
1745c315981fef157f1b1198818e77600465cf996b852581f33f22971cb4281c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 10:09:44 GMT
Server
02
ETag
"ef63b44f5719d61:0"
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Sat, 30 May 2020 23:28:25 GMT
Accept-Ranges
bytes
Content-Length
4720
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
logo@2x.png
bfsaccount.americas.bentleymotors.com/Content/Env/133/image/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/image/logo@2x.png
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
603134baf9a9580b550d511b5f79b624fea73a0990c8a55bebc919c6344eacc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"ee5afd794e19d61:0"
X-Download-Options
noopen
Content-Type
image/png
Date
Sat, 30 May 2020 23:28:26 GMT
Accept-Ranges
bytes
Content-Length
9217
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
home-banner.jpg
bfsaccount.americas.bentleymotors.com/Content/Env/133/image/hero-content/ 		6 MB
6 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/image/hero-content/home-banner.jpg
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
4097eeecb57f6cbcbafd02780226f3164cc9b11a267fa6790e75dd50d0021cfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/app.min.css?v=1.0.7415.24343
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"82fcfa794e19d61:0"
X-Download-Options
noopen
Content-Type
image/jpeg
Date
Sat, 30 May 2020 23:28:26 GMT
Accept-Ranges
bytes
Content-Length
6555610
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Bentley-Light.woff
bfsaccount.americas.bentleymotors.com/Content/Env/133/font/Bentley-Light/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/font/Bentley-Light/Bentley-Light.woff
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
e447f25955df099258860131eaef6c5328b84347acfcf4168a878744c97d55b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Referer
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/app.min.css?v=1.0.7415.24343
Origin
https://bfsaccount.americas.bentleymotors.com

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"f36ef1794e19d61:0"
X-Download-Options
noopen
Content-Type
font/x-woff
Date
Sat, 30 May 2020 23:28:26 GMT
Accept-Ranges
bytes
Content-Length
57366
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Bentley-Regular.woff
bfsaccount.americas.bentleymotors.com/Content/Env/133/font/Bentley-Regular/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/font/Bentley-Regular/Bentley-Regular.woff
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
ad6438f44b9f37f5b73e4787d17f696ad6b0a3794ca40ce2da2e955a7063d430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Referer
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/app.min.css?v=1.0.7415.24343
Origin
https://bfsaccount.americas.bentleymotors.com

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"f36ef1794e19d61:0"
X-Download-Options
noopen
Content-Type
font/x-woff
Date
Sat, 30 May 2020 23:28:26 GMT
Accept-Ranges
bytes
Content-Length
52630
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
header_bg_large.png
bfsaccount.americas.bentleymotors.com/Content/Env/133/image/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/image/header_bg_large.png
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
5028a1a58c426a0d40c3e5de9ac166e29eb935c4bbc3dec01600014130014f46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/app.min.css?v=1.0.7415.24343
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"82fcfa794e19d61:0"
X-Download-Options
noopen
Content-Type
image/png
Date
Sat, 30 May 2020 23:28:26 GMT
Accept-Ranges
bytes
Content-Length
25095
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
header_bg_large1_right.png
bfsaccount.americas.bentleymotors.com/Content/Env/133/image/ 		230 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/image/header_bg_large1_right.png
Requested by
Host: bfsaccount.americas.bentleymotors.com
URL: https://bfsaccount.americas.bentleymotors.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
192.131.64.155 , United States, ASN6318 (CHECKFREE, US),
Reverse DNS
lfsc-prod.financingaccountconnect.com
Software
02 /
Resource Hash
1ef345a43c3e30465e42852ed3f68e1ef4350fc35ffcbbb25cf0a8bd18eb350b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bfsaccount.americas.bentleymotors.com/Content/Env/133/styling/app.min.css?v=1.0.7415.24343
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 Apr 2020 09:06:29 GMT
Server
02
ETag
"82fcfa794e19d61:0"
X-Download-Options
noopen
Content-Type
image/png
Date
Sat, 30 May 2020 23:28:26 GMT
Accept-Ranges
bytes
Content-Length
230
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| getClientColors function| getClientAccentColors object| angular number| ng339 object| ngMaterial undefined| scrolledElement function| showTopButton function| ScrollToTopFocusTitle function| scrollBackToTop function| openChat function| navigateToSection function| navigateUserAOAC object| antiClickjack

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-eval' billerdirectui.onefiserv.com av-billerdirectui-uat.onefiserv.com ci-mpsnare.iovation.com mpsnare.iesnare.com googletagmanager.com *.doubleclick.net https://www.google-analytics.com 'unsafe-inline' gstatic.com www.gstatic.com www.google.com maps.googleapis.com googletagmanager.com *.doubleclick.net https://www.google-analytics.com; connect-src 'self' https://picserv.porsche.com; img-src 'self' pics.porsche.com www.google.com picserv.porsche.com googletagmanager.com *.gstatic.com *.doubleclick.net https://www.google-analytics.com *.googleapis.com data: https://etimeqa15.bankofthewest.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; object-src 'self' ci-mpsnare.iovation.com mpsnare.iesnare.com; frame-src billerdirectui.onefiserv.com av-billerdirectui-uat.onefiserv.com www.google.com https://www.youtube.com https://vimeo.com chat-lending.fiservapps.com googletagmanager.com *.doubleclick.net https://www.google-analytics.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block