www.bonus-1wiin.online Open in urlscan Pro
13.215.123.39  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.bonus-1wiin.online/	62 KB 16 KB	1629ms 276ms	Document text/html	13.215.123.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.bonus-1wiin.online/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.215.123.39 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-215-123-39.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash eed4aa1b47be53fe3b1a3ad2bd2244747e92fbb3cb448affdc48c6e417e68a94 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Fri, 06 Oct 2023 14:40:40 GMT server openresty statuscode 200 vary Accept-Encoding
GET H2	200	css2 fonts.googleapis.com/	15 KB 1 KB	290ms 108ms	Stylesheet text/css	2607:f8b0:4020:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@400;700&display=swap Requested by Host: www.bonus-1wiin.online URL: https://www.bonus-1wiin.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d7f2e54c2449567b8a6626818635e4f2436f40258755a90c44116e351d5fb5c4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus-1wiin.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 06 Oct 2023 14:40:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 06 Oct 2023 14:40:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 06 Oct 2023 14:40:40 GMT
GET H2	200	ladipagev3.min.js Show response w.ladicdn.com/v2/source/	379 KB 94 KB	244ms 64ms	Script text/javascript	2400:52e0:1a00::845:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1696588216407 Requested by Host: www.bonus-1wiin.online URL: https://www.bonus-1wiin.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-IL1-845 / Resource Hash c95c26bbc6d826fa44442c107682ee47ed6c2d4d349d27a3ded699f2ad4a119a Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus-1wiin.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 14:40:40 GMT content-encoding br cdn-edgestorageid 1070 perma-cache HIT cdn-storageserver NY-267 cdn-cachedat 10/06/2023 10:36:27 cdn-pullzone 575124 last-modified Fri, 06 Oct 2023 10:34:23 GMT server BunnyCDN-IL1-845 cdn-fileserver 673 cdn-requestpullcode 200 cdn-proxyver 1.04 etag W/"651fe2af-5ed33" vary Accept-Encoding, Accept-Encoding content-type text/javascript cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cache-control public, max-age=31919000 cdn-requestid 4fb4f2887c1b0c40cf387172b92c577f cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	sl13-3-1200x800.jpg w.ladicdn.com/s1440x672/57b167c9ca57d39c18a1c57c/	154 KB 155 KB	89ms 88ms	Image image/jpeg	2400:52e0:1a00::845:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s1440x672/57b167c9ca57d39c18a1c57c/sl13-3-1200x800.jpg Requested by Host: www.bonus-1wiin.online URL: https://www.bonus-1wiin.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-IL1-845 / Resource Hash 7a16469b4621ea6bf42c83e361f7bde40c70582b32ffcc65d95172a4841fdbe2 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus-1wiin.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers cdn-storagebalancer NY-427 date Fri, 06 Oct 2023 14:40:40 GMT cdn-edgestorageid 1070 perma-cache MISS cdn-cachedat 10/06/2023 13:26:50 cdn-pullzone 575124 server BunnyCDN-IL1-845 cdn-proxyver 1.04 cdn-requestpullcode 200 access-control-max-age 2592000 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-allow-credentials true cache-control public, max-age=31919000 cdn-requestid db16fb4106e8e636f0cf1fde94161d75 cdn-requestcountrycode US access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	rmohlu3n20200311074122.jpg w.ladicdn.com/s2000x850/57b167c9ca57d39c18a1c57c/	331 KB 332 KB	128ms 128ms	Image image/jpeg	2400:52e0:1a00::845:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s2000x850/57b167c9ca57d39c18a1c57c/rmohlu3n20200311074122.jpg Requested by Host: www.bonus-1wiin.online URL: https://www.bonus-1wiin.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-IL1-845 / Resource Hash 89f717bb9ffc8c0b034b3e276692b3275f050972cb9342884bca1ea734f0f8b1 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus-1wiin.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers cdn-storagebalancer NY-268 date Fri, 06 Oct 2023 14:40:40 GMT cdn-edgestorageid 1029 perma-cache MISS cdn-cachedat 10/06/2023 13:26:49 cdn-pullzone 575124 server BunnyCDN-IL1-845 cdn-proxyver 1.04 cdn-requestpullcode 200 access-control-max-age 2592000 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-allow-credentials true cache-control public, max-age=31919000 cdn-requestid efa957c0040056832ef3554c861f2c45 cdn-requestcountrycode US access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 fonts.gstatic.com/s/robotoslab/v33/	34 KB 34 KB	359ms 168ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/robotoslab/v33/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.bonus-1wiin.online accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 30 Sep 2023 12:48:52 GMT x-content-type-options nosniff age 525108 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:02:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 29 Sep 2024 12:48:52 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	418ms 229ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.bonus-1wiin.online accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 30 Sep 2023 07:10:36 GMT x-content-type-options nosniff age 545404 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 29 Sep 2024 07:10:36 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	267ms 80ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.bonus-1wiin.online accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 03 Oct 2023 21:10:47 GMT x-content-type-options nosniff age 235793 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 02 Oct 2024 21:10:47 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	286ms 105ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.bonus-1wiin.online accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 01:19:33 GMT x-content-type-options nosniff age 48067 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 01:19:33 GMT
POST H2	200	event Show response a.ladipage.com/	106 B 632 B	273ms 273ms	XHR text/plain	18.142.154.132 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1696588216407 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.142.154.132 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-142-154-132.ap-southeast-1.compute.amazonaws.com Software / Resource Hash 4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers LADI_CLIENT_ID 743f0205-eaaf-485a-71aa-df6d27ae486d LADI_CAMP_ORIGIN_URL LADI_FORM_SUBMIT 0 LADI_CAMP_ID LADI_CAMP_FORM_SUBMIT 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 LADI_CAMP_NAME Content-Type application/json accept-language en-US,en;q=0.9 LADI_CAMP_TARGET_URL LADI_CAMP_PAGE_VIEW 0 Referer https://www.bonus-1wiin.online/ LADI_PAGE_VIEW 1 LADI_CAMP_TYPE Response headers date Fri, 06 Oct 2023 14:40:41 GMT x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-max-age 2592000 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily x-xss-protection 0
OPTIONS H2	200	event a.ladipage.com/	0 0	869ms 294ms	Preflight application/json	18.142.154.132 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.142.154.132 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-142-154-132.ap-southeast-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view Access-Control-Request-Method POST Origin https://www.bonus-1wiin.online Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily access-control-allow-methods POST, OPTIONS access-control-allow-origin * access-control-max-age 2592000 content-encoding gzip content-type application/json; charset=utf-8 date Fri, 06 Oct 2023 14:40:41 GMT vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 0

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ladi_viewport boolean| ladi_is_desktop function| ladi_fbq function| ladi_ttq function| lazyload_run function| LadiPageScriptV2 object| Base64 function| equalsLadiPage function| isObjectLadiPage function| isArrayLadiPage function| isFunctionLadiPage function| isBooleanLadiPage function| isStringLadiPage function| isEmptyLadiPage function| isNullLadiPage function| parseFloatLadiPage function| decodeURIComponentLadiPage object| LadiPageScript object| LadiFormulaData object| LadiFormApi object| LadiPageCommand object| LadiPageLocation object| LadiPageShopping object| LadiPageFormData object| LadiPageQueueCommandList object| LadiPageQueueCommand function| formatNumber function| textToNumber function| formatNumberComma function| textToNumberComma function| formatNumberDot function| textToNumberDot function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| language_set function| LadiPageLibraryV2 function| ladi function| LadiPageAppV2 function| sha256 function| sha224 object| LadiPageApp

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.bonus-1wiin.online/	1970-01-21 00:52:43	Name: LADI_DNS_CHECK Value: "2023-10-06 14:40:40.10232379 +0000 UTC m=+1337197.321898938"
			www.bonus-1wiin.online/	1970-01-21 00:52:43	Name: LADI_CLIENT_ID Value: 743f0205-eaaf-485a-71aa-df6d27ae486d
			www.bonus-1wiin.online/	1970-01-21 00:52:43	Name: LADI_FORM_SUBMIT Value: 0
			www.bonus-1wiin.online/	1970-01-21 00:52:43	Name: LADI_PAGE_VIEW Value: 1
			www.bonus-1wiin.online/	1970-01-20 15:18:09	Name: _timenow Value: 1696603240666
			www.bonus-1wiin.online/	1970-01-21 00:02:19	Name: LADI_UNIQUE_ID Value: f13e5191-c349-4966-ac36-df83cb84fa5d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
fonts.googleapis.com
fonts.gstatic.com
w.ladicdn.com
www.bonus-1wiin.online
13.215.123.39
18.142.154.132
2400:52e0:1a00::845:1
2607:f8b0:4020:804::2003
2607:f8b0:4020:807::200a
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
7a16469b4621ea6bf42c83e361f7bde40c70582b32ffcc65d95172a4841fdbe2
89f717bb9ffc8c0b034b3e276692b3275f050972cb9342884bca1ea734f0f8b1
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
c95c26bbc6d826fa44442c107682ee47ed6c2d4d349d27a3ded699f2ad4a119a
d7f2e54c2449567b8a6626818635e4f2436f40258755a90c44116e351d5fb5c4
eed4aa1b47be53fe3b1a3ad2bd2244747e92fbb3cb448affdc48c6e417e68a94
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615