urlscan.io logo urlscan.io
SecurityTrails logo

onecredit.my Open in urlscan Pro
35.71.142.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.onecredit.my/
Effective URL: https://onecredit.my/
Submission: On April 15 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 35.71.142.77, located in United States and belongs to AMAZON-02, US. The main domain is onecredit.my.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on April 15th 2024. Valid for: 3 months.
This is the only time onecredit.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 35.71.142.77 16509 (AMAZON-02)
11 2600:9000:20a... 16509 (AMAZON-02)
3 18.173.187.68 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:237... 16509 (AMAZON-02)
22 5
2    35.71.142.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com
www.onecredit.my
onecredit.my
11    2600:9000:20ae:fe00:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)
framerusercontent.com
3    18.173.187.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-68.muc50.r.cloudfront.net
events.framer.com
4    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2600:9000:237d:8600:d:6b42:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.framerstatic.com
Apex Domain
Subdomains		 Transfer
11 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 47580
615 KB
4 gstatic.com
fonts.gstatic.com
72 KB
3 framerstatic.com
app.framerstatic.com — Cisco Umbrella Rank: 82488
60 KB
3 framer.com
events.framer.com — Cisco Umbrella Rank: 55613
16 KB
2 onecredit.my
www.onecredit.my
onecredit.my
26 KB
22 5
Domain Requested by
11 framerusercontent.com onecredit.my
4 fonts.gstatic.com onecredit.my
3 app.framerstatic.com onecredit.my
3 events.framer.com onecredit.my
events.framer.com
1 onecredit.my
1 www.onecredit.my 1 redirects
22 6

This site contains no links.

Subject Issuer Validity Valid
onecredit.my
ZeroSSL ECC Domain Secure Site CA		 2024-04-15 -
2024-07-14		 3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02		 2023-12-18 -
2025-01-14		 a year crt.sh
events.framer.com
Amazon RSA 2048 M03		 2024-04-09 -
2025-05-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
framerstatic.com
Amazon RSA 2048 M02		 2023-10-23 -
2024-11-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://onecredit.my/
Frame ID: AB6F466071FC77166F9F9BE3AF7C64F7
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

One Credit

Page URL History Show full URLs

  1. https://www.onecredit.my/ HTTP 308
    https://onecredit.my/ Page URL

Page Statistics

22
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

788 kB
Transfer

1558 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.onecredit.my/ HTTP 308
    https://onecredit.my/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
onecredit.my/
Redirect Chain
  • https://www.onecredit.my/
  • https://onecredit.my/
257 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.142.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0b1d980e1f2226c6.awsglobalaccelerator.com
Software
Caddy/b2c91a2 /
Resource Hash
7ff927432cee0cd45252ac6d0c0c1426d4772d80ed4144fbc9d83626e38b9b4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
26123
content-type
text/html
date
Mon, 15 Apr 2024 11:44:55 GMT
etag
"418e925a6cbcee9df298b55db80d29ee"
last-modified
Mon, 15 Apr 2024 11:33:08 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server
Caddy/b2c91a2
server-timing
region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="b2c91a2"
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=0, must-revalidate
content-length
57
content-type
text/html; charset=utf-8
date
Mon, 15 Apr 2024 11:44:54 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
location
https://onecredit.my/
server
Caddy/eb5b039
strict-transport-security
max-age=31536000
chunk-TVZCUR6O.mjs
framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/ 		540 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/chunk-TVZCUR6O.mjs
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fe00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f2e10e55fc7d6dbc43d9e1153e61f3f449e9095ac9dfb022926595bf1459080b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:34:36 GMT
x-amz-version-id
n68jocjlyrZ.YWalZBWifrl8nz0JGxXK
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
age
620
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="mbL5zvxXDglVpD9YiR50jzwUy8GOk7P9LjVjlOTmFozPtwv5Y_yJnQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 Apr 2024 11:33:07 GMT
server
CloudFront
etag
W/"23369a13fcc4b853feff263cf81e5281"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
mbL5zvxXDglVpD9YiR50jzwUy8GOk7P9LjVjlOTmFozPtwv5Y_yJnQ==
chunk-ELYU6EKT.mjs
framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/ 		447 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/chunk-ELYU6EKT.mjs
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fe00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 09:30:03 GMT
x-amz-version-id
4gtX7alU45eZnQ9cASqyPbxnOxg_uLun
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
8093
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="hV7vSlMiwIdmtyiS5R0MiY3bZWnPd6YCjtCpu1BKhTS92gaV6bfsDQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
content-length
447
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 Apr 2024 09:17:55 GMT
server
CloudFront
etag
"bac0d5b5f6a61029b51079932ccda746"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hV7vSlMiwIdmtyiS5R0MiY3bZWnPd6YCjtCpu1BKhTS92gaV6bfsDQ==
JPSTKklTJQ1fdUKapartZJam2lOmV455yWOjR1uWHas.GEWIZUS3.mjs
framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/ 		192 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/JPSTKklTJQ1fdUKapartZJam2lOmV455yWOjR1uWHas.GEWIZUS3.mjs
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fe00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8262b344bed72d70e488753efc1b855a6929715288977598a275c6e03b75f080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:34:36 GMT
x-amz-version-id
8zC65PrJa_jK7fTfk7mvdRbVfTHd6VZd
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
age
620
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="LmI327mU48ywOhkYSXt6LOt9ChRNdfxofOwBx96kYnMtEnip9NBhQw==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 Apr 2024 11:33:07 GMT
server
CloudFront
etag
W/"f2a04883517e9497cb8d9b584b67426d"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
LmI327mU48ywOhkYSXt6LOt9ChRNdfxofOwBx96kYnMtEnip9NBhQw==
chunk-JKTNN5JB.mjs
framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/ 		731 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/chunk-JKTNN5JB.mjs
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fe00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4385ab6af58f6ecd0c1062bf17387d792661547cecef00e70fc97653e681a708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 09:30:03 GMT
x-amz-version-id
_R5uerVObfDXofnxUphyTHAW2NaOnN9h
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
8093
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="9VtJsOCxdcJ_1rizhUdfJ05EewmcNqiiEp8B4Nkkiq2R8Y8CxNCzFw==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc
h3=":443"; ma=86400
content-length
731
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 Apr 2024 09:17:55 GMT
server
CloudFront
etag
"9ccb30082667e3e532a5fbc5b5d48297"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
9VtJsOCxdcJ_1rizhUdfJ05EewmcNqiiEp8B4Nkkiq2R8Y8CxNCzFw==
chunk-42U43NKG.mjs
framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/ 		44 B
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/chunk-42U43NKG.mjs
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fe00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 09:30:03 GMT
x-amz-version-id
xE.DJRJSvCGg9Um67GaaUN2q51Wn3b_5
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
8093
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="l_xK_KTvpya7EDD47SIPm0zZO1b8tF7iitQCtUO2u6R1zDbBFcNWzQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=28
alt-svc
h3=":443"; ma=86400
content-length
44
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 Apr 2024 09:17:55 GMT
server
CloudFront
etag
"f5fe0cab78140e0e5aa29f68ce8c2888"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
l_xK_KTvpya7EDD47SIPm0zZO1b8tF7iitQCtUO2u6R1zDbBFcNWzQ==
script
events.framer.com/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-68.muc50.r.cloudfront.net
Software
/
Resource Hash
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:44:55 GMT
via
1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
15882
x-amz-cf-pop
MUC50-P4
x-amzn-trace-id
Root=1-661d1337-1239083031e353497f977ff0
x-amzn-requestid
c30116de-18d7-47fd-b2d2-2035bbf53243
x-cache
Miss from cloudfront
content-type
text/javascript
timestamp
Mon, 15 Apr 2024 11:42:09 GMT
x-amz-apigw-id
WQ_wuGsJIAMEV8Q=
content-length
15882
x-amz-cf-id
tIF7p6qbgZ6qeTqVqtjMGLKC400v-PwZbdrGw-qUzKb_4fgLwI6Dkg==
LPJnwPr4dYLnODxYwGiNpaxXsE.svg
framerusercontent.com/images/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/LPJnwPr4dYLnODxYwGiNpaxXsE.svg
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fe00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
66b7ee21cd8d022dc3e1db2db368fe5b90db5540eb98f69d348f3ecfea976cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:13:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 1bb53b906296a648bd25a4c81fe43650.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
27106
x-amzn-requestid
890df25b-6d64-4530-b602-e66d582ce11e
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="smIAyuHkaN1Gu9RBSaOX2znMmVRZHh351AIXtPLUl9cT7dxLCI1FSg==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=9
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-661ca955-104f2aee669fab8463da9752;parent=163b5f8919a0cfb8;sampled=0;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
smIAyuHkaN1Gu9RBSaOX2znMmVRZHh351AIXtPLUl9cT7dxLCI1FSg==
zun1DPHC1vdcxOFdx5ouICXgfo.png
framerusercontent.com/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/zun1DPHC1vdcxOFdx5ouICXgfo.png?scale-down-to=1024
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fe00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9a991fe5615725646217f033e5dc966c24dc6bf702fa848af745ad744763957e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 07:07:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 1bb53b906296a648bd25a4c81fe43650.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
16666
x-amzn-requestid
cd628cb0-28f5-4792-8c49-acc454f1307b
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="ElKTeqXH7VGALZ7ShqN4yoHFbq-_imgJdqMSyjAoANLr6xsLpXBb9A==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-661cd21d-1b1c68ac4a22da3513d4d75f;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ElKTeqXH7VGALZ7ShqN4yoHFbq-_imgJdqMSyjAoANLr6xsLpXBb9A==
bOqzOkgVMNqlwZiGUD8niD2x4Cs.png
framerusercontent.com/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/bOqzOkgVMNqlwZiGUD8niD2x4Cs.png
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fe00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cebf4585d2af58e1df7ce14f1b320f26b61fee6f5153687db0a5eb483b80bc98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:26:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 1bb53b906296a648bd25a4c81fe43650.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
1123
x-amzn-requestid
ac39db6f-1d05-41d0-82c9-6254ac7057a2
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="OYwQp9PQJbiw5A50gzNWaI-Qcangu53_DIKf-lt2SfwOEheA2DbTDw==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-661d0ed4-016d73782e3d12a743ab35c7;sampled=1;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
OYwQp9PQJbiw5A50gzNWaI-Qcangu53_DIKf-lt2SfwOEheA2DbTDw==
LDIbaomQNQcsA88c7O9yZ4KMCoOg4IA6-91aHEjcWuA_m079TR_V.woff2
fonts.gstatic.com/s/plusjakartasans/v8/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/plusjakartasans/v8/LDIbaomQNQcsA88c7O9yZ4KMCoOg4IA6-91aHEjcWuA_m079TR_V.woff2
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
850f653e16ead5c6e918760ee360e4115457ef093eb6cc26e3ef5f8dda79543a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 14:29:40 GMT
x-content-type-options
nosniff
age
335715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12380
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 14:14:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Apr 2025 14:29:40 GMT
Inter-Regular.latin-JLQMKCHE.woff2
app.framerstatic.com/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.framerstatic.com/Inter-Regular.latin-JLQMKCHE.woff2
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:8600:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Wed, 13 Mar 2024 10:21:23 GMT
via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
7599929
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19024
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 Mar 2023 10:19:13 GMT
server
CloudFront
etag
"e8e69f41b1da2a7b6e6fcb959e00e736"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
b085iMT-D3k16k6zomKkz4TpHw1nwvseZSSIz52vIdfMSBZkBdAfrA==
Inter-Medium.latin-Y3IVPL46.woff2
app.framerstatic.com/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.framerstatic.com/Inter-Medium.latin-Y3IVPL46.woff2
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:8600:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
date
Wed, 13 Mar 2024 10:20:59 GMT
via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
5586557
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19904
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 14 Mar 2023 10:19:13 GMT
server
CloudFront
etag
"f366e7b832c6d0e8a2038665895c0762"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
TSe2-rPL7cTANzVHitp6gE1nqsD4i-fu0DM8cX0uhZdy8_j4SX-K1A==
0QI6MX1D_JOuGQbT0gvTJPa787wsuxJBkq0.woff2
fonts.gstatic.com/s/lora/v35/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v35/0QI6MX1D_JOuGQbT0gvTJPa787wsuxJBkq0.woff2
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
800add27cb95a3c2cd75af11c93352a16023aee109c5c979c56bfae3f3f999c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 13:05:18 GMT
x-content-type-options
nosniff
age
167977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21892
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:11:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 13:05:18 GMT
0QI8MX1D_JOuMw_hLdO6T2wV9KnW-PgFoq92nA.woff2
fonts.gstatic.com/s/lora/v35/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v35/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-PgFoq92nA.woff2
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb04ddb44e3183beec98759d8102f67d66229421ecdbcf416e3852a8f1d98153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 23:20:45 GMT
x-content-type-options
nosniff
age
563050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23368
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 23:16:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Apr 2025 23:20:45 GMT
aFTU7PB1QTsUX8KYthqQBA.woff2
fonts.gstatic.com/s/dmmono/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmmono/v14/aFTU7PB1QTsUX8KYthqQBA.woff2
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ded91e001c1ab46e1f029937fe8211e9ab12594a4cdef29db42aa89ac404906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 18:06:56 GMT
x-content-type-options
nosniff
age
236279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:51:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 18:06:56 GMT
Inter-SemiBold.latin-RDYY2AG2.woff2
app.framerstatic.com/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.framerstatic.com/Inter-SemiBold.latin-RDYY2AG2.woff2
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:8600:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 30 Oct 2023 01:18:52 GMT
x-amz-version-id
null
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
14552764
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20072
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Oct 2023 21:09:51 GMT
server
CloudFront
etag
"6a7880ce1bd9abb417faf126dccfd935"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
e4lixVyEhrAM-q8CIpJTywFSF5EBy7qjnQ8CSO6FAqrD42cQYxys1A==
ARxVHFXSDJsW7zh2zwP2n91J0.png
framerusercontent.com/images/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://framerusercontent.com/images/ARxVHFXSDJsW7zh2zwP2n91J0.png?scale-down-to=1024
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fe00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
702c674f155d416186f54ed51fa50cc3c82203613a027e6d22f0d41e6b26b760
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:46:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 1bb53b906296a648bd25a4c81fe43650.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
25086
x-amzn-requestid
05a00d8e-33c0-474d-bf0c-7ee6873b43f1
content-security-policy-report-only
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/reportOnly;
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="5HBo5VxAgm-IDvjaHsqbsTs6hbJDusluTJZimtCCEStzUdyP8Ni49w==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
x-amzn-trace-id
root=1-661cb139-4fa1014f146fdcd54eda34c4;parent=3899a1d3d2352232;sampled=0;lineage=f456f256:0
x-frame-options
deny
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
5HBo5VxAgm-IDvjaHsqbsTs6hbJDusluTJZimtCCEStzUdyP8Ni49w==
default_script0.GZNZ6N72.mjs
framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/jW6H4YzUuPpLdNdsgPseX/default_script0.GZNZ6N72.mjs
Requested by
Host: onecredit.my
URL: https://onecredit.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fe00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e8ffaf7f94795f96f6a4ba4bd5d20c0b72f9aebce34d0d6883ef7a3ba85696a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Origin
https://onecredit.my
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 11:34:36 GMT
x-amz-version-id
biNuVT21bzXFTBGywakPfcpe2Kah34SY
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 cd703a45a77324fb8797a25a15ba227e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
x-amz-server-side-encryption
AES256
age
620
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="G9X2yFIUeifUus9VGMKuHWfbiobHtiKuieglJBnp0GtJjr9k8-H2cA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=11
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 15 Apr 2024 11:33:07 GMT
server
CloudFront
etag
W/"f309ec4e65127b8f588d83ff201a1c4c"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
timing-allow-origin
*
x-amz-cf-id
G9X2yFIUeifUus9VGMKuHWfbiobHtiKuieglJBnp0GtJjr9k8-H2cA==
anonymous
events.framer.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-68.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://onecredit.my/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 Apr 2024 11:44:56 GMT
via
1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
x-amzn-trace-id
Root=1-661d1338-1bbb68666e5f6c3d5e710f89;Sampled=1;lineage=c457ad49:0
x-amzn-requestid
851741b4-3c6e-4c95-b0bc-eaab897edbf1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
WQ_w2HgdoAMEX1Q=
content-length
0
x-amz-cf-id
XkbV6hjz31wIkGhZedvNYYgP87XMDvWHyXZ8eGTM_DmHb1_VIUJPXg==
anonymous
events.framer.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-68.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://onecredit.my
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 15 Apr 2024 11:44:56 GMT
via
1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
x-amz-apigw-id
WQ_wzFlkoAMEe5g=
x-amz-cf-id
9a-mIFo5k8kIoFuQ_xoKUChK5Ktke_jt5oKKm6u4veLJ8kuoSVauSw==
x-amz-cf-pop
MUC50-P4
x-amzn-requestid
dc71084e-993c-4616-94c5-406b8a947853
x-cache
Miss from cloudfront
default-favicon.v3.png
framerusercontent.com/sites/icons/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/icons/default-favicon.v3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:fe00:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
38c521e8936460856a4e57c0a6af661fd9d3ad1c3bc4b3f84545ab784a35dcff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://onecredit.my/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 09:09:26 GMT
x-amz-version-id
B_V6YDs7MnVIlzSq3zAZ2zVkATTcJ56O
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1bb53b906296a648bd25a4c81fe43650.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
5366130
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache-hit,cdn-pop;desc="MUC50-P5",cdn-rid;desc="VRCXLyTPvmvOlgQ36UDB8JaC4ZVjX19OQXRRlYl-kF6OwAdMczfsBg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=1
alt-svc
h3=":443"; ma=86400
content-length
3677
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 08 Feb 2022 14:18:32 GMT
server
CloudFront
etag
"c6bff91066e875fbdf309b664c3e30a7"
x-frame-options
deny
content-type
image/png
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
VRCXLyTPvmvOlgQ36UDB8JaC4ZVjX19OQXRRlYl-kF6OwAdMczfsBg==

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| c function| __framer_importFromPackage object| process object| __framer_events function| __send_framer_event

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.framerstatic.com
events.framer.com
fonts.gstatic.com
framerusercontent.com
onecredit.my
www.onecredit.my
18.173.187.68
2600:9000:20ae:fe00:d:ada1:a280:93a1
2600:9000:237d:8600:d:6b42:4ec0:93a1
2a00:1450:4001:800::2003
35.71.142.77
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364
2ded91e001c1ab46e1f029937fe8211e9ab12594a4cdef29db42aa89ac404906
38c521e8936460856a4e57c0a6af661fd9d3ad1c3bc4b3f84545ab784a35dcff
4385ab6af58f6ecd0c1062bf17387d792661547cecef00e70fc97653e681a708
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
66b7ee21cd8d022dc3e1db2db368fe5b90db5540eb98f69d348f3ecfea976cad
702c674f155d416186f54ed51fa50cc3c82203613a027e6d22f0d41e6b26b760
7b2faec4335de81abbf1ebf794f91a4f2b870b317093448b84082b5f411c741c
7ff927432cee0cd45252ac6d0c0c1426d4772d80ed4144fbc9d83626e38b9b4a
800add27cb95a3c2cd75af11c93352a16023aee109c5c979c56bfae3f3f999c2
8262b344bed72d70e488753efc1b855a6929715288977598a275c6e03b75f080
850f653e16ead5c6e918760ee360e4115457ef093eb6cc26e3ef5f8dda79543a
9a991fe5615725646217f033e5dc966c24dc6bf702fa848af745ad744763957e
c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5
c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf
cebf4585d2af58e1df7ce14f1b320f26b61fee6f5153687db0a5eb483b80bc98
e8ffaf7f94795f96f6a4ba4bd5d20c0b72f9aebce34d0d6883ef7a3ba85696a0
f2e10e55fc7d6dbc43d9e1153e61f3f449e9095ac9dfb022926595bf1459080b
fb04ddb44e3183beec98759d8102f67d66229421ecdbcf416e3852a8f1d98153
fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157