Report - readberserk.com/

Report Overview

Visited public
2023-12-03 19:50:52
Tags
URL
readberserk.com/
Finishing URL
readberserk.com/
IP / ASN
104.21.235.132
#13335 CLOUDFLARENET
Title
Read Berserk Manga Online

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
assets.vlitag.com	20086	2019-10-24	2019-11-27 09:54:18	2023-12-02 18:45:31	882 B	669 kB	104.22.58.199
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-03 05:48:43	1.1 kB	33 kB	216.58.207.227
services.vlitag.com	17877	2019-10-24	2019-12-18 21:05:29	2023-12-03 09:14:21	2.0 kB	608 kB	104.22.58.199
pixel.wp.com	2545	1997-03-28	2017-01-30 06:31:40	2023-12-03 05:09:44	554 B	241 B	192.0.76.3
id.a-mx.com	7152	2021-07-01	2021-07-16 10:20:05	2023-12-02 17:59:32	623 B	267 B	131.153.158.209
ad.a-ads.com	26970	2012-07-07	2013-04-19 23:54:57	2023-12-03 13:08:57	534 B	13 kB	213.239.205.245
stats.wp.com	2711	1997-03-28	2017-01-30 06:06:59	2023-12-03 05:09:43	412 B	7.3 kB	192.0.76.3
cdnpf.com	unknown	2023-11-28	2023-11-28 08:03:46	2023-12-03 18:18:00	456 B	1.2 kB	104.21.36.54
i0.wp.com	3021	1997-03-28	2013-09-17 08:14:42	2023-12-03 05:25:53	496 B	8.7 kB	192.0.77.2
c0.wp.com	6988	1997-03-28	2018-09-24 17:59:05	2023-12-03 18:48:17	1.9 kB	241 kB	192.0.77.37
imasdk.googleapis.com	11661	2005-01-25	2014-10-30 18:42:18	2023-12-03 07:47:40	442 B	129 kB	142.250.74.74
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-12-03 05:09:21	509 B	1.5 kB	151.101.65.229
px.vliplatform.com	15711	2019-08-09	2021-06-28 09:40:15	2023-12-01 06:25:21	3.1 kB	3.0 kB	172.67.158.59
platform.bidgear.com	30367	2011-08-30	2016-07-27 13:51:48	2023-12-03 05:13:06	1.9 kB	9.4 kB	172.67.74.36
glaultoa.com	unknown	2023-12-02	2023-12-02 17:41:25	2023-12-03 15:44:06	1.9 kB	39 kB	139.45.197.245
static.a-ads.com	34827	2012-07-07	2013-06-01 18:47:05	2023-12-02 05:54:55	482 B	420 kB	213.239.205.245
maibaume.com	unknown	2022-04-07	2022-07-05 15:27:48	2023-11-25 15:19:21	463 B	13 kB	139.45.197.151
prebid.a-mo.net	1148	2017-09-08	2020-07-14 19:45:55	2023-12-02 19:13:51	1.1 kB	635 B	145.40.97.66
useast.quantumdex.io	9493	2020-03-31	2020-04-19 07:32:37	2023-12-03 05:55:22	1.0 kB	874 B	104.22.37.96
readberserk.com	238961	2017-05-16	2017-05-20 20:07:02	2023-11-14 23:37:43	6.1 kB	531 kB	104.21.235.132
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-03 07:59:58	443 B	35 kB	142.250.74.74
1.bp.blogspot.com	8403	2000-07-31	2012-05-21 15:44:19	2023-12-02 22:28:07	1.0 kB	34 kB	142.250.74.161
imp9.bidgear.com	34078	2011-08-30	2021-03-15 12:09:09	2023-12-03 16:04:11	1.6 kB	3.3 kB	172.67.74.36
cdn.pubfuture-ad.com	unknown	2022-09-30	2022-11-16 00:28:02	2023-12-03 18:17:09	971 B	45 kB	172.67.70.21
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-03 06:08:10	446 B	1.3 kB	142.250.74.106
ip2geo.pubfuture-ad.com	unknown	2022-09-30	2023-03-27 18:50:37	2023-12-02 06:23:15	445 B	1.2 kB	104.26.0.97
mp.4dex.io	2629	2018-04-02	2019-01-03 14:51:11	2023-12-02 17:40:06	481 B	673 B	172.64.153.78
bedodrioer.com	unknown	2022-11-22	2022-12-12 18:41:09	2023-11-24 20:23:01	414 B	6.5 kB	188.114.96.1
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-12-02 20:02:45	475 B	744 B	139.45.195.8
script.4dex.io	2135	2018-04-02	2018-07-23 12:04:27	2023-12-03 05:13:19	853 B	25 kB	104.26.8.169
ardslediana.com	unknown	2022-08-02	2022-08-02 22:38:47	2023-12-02 21:24:04	2.9 kB	153 kB	139.45.197.236
vooodkabelochkaa.com	unknown	2022-08-17	2022-09-02 13:26:22	2023-11-23 14:02:10	424 B	6.5 kB	172.67.173.172

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	maibaume.com	Sinkholed
2023-12-03	medium	ardslediana.com	Sinkholed
2023-12-03	medium	ardslediana.com	Sinkholed
2023-12-03	medium	ardslediana.com	Sinkholed
2023-12-03	medium	ardslediana.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (44)

	URL	From	Size	First Seen	Last Seen
	readberserk.com/	ScriptElement	3.3 kB	2023-11-15	2024-08-20
Pretty URL readberserk.com/ IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 21:47 Last Seen2024-08-20 19:24 Times Seen3 Hash 862aed3c2cffcad480f53ef9b765aa73 8710a120e672fa574b360c28682d6f1e15d94c1b 1bdc660aa79bf8e1fb1057d5e0e0836c890b45ac912d3a2b69daaa363cc0acf2 Loading...

	platform.bidgear.com/html?domainid=5576&sizeid=2&zoneid=6165&wu=https%3A%2F%2Freadberserk.com%2F	ScriptElement	3.6 kB	2024-08-20	2024-08-20
Pretty URL platform.bidgear.com/html?domainid=5576&sizeid=2&zoneid=6165&wu=https%3A%2F%2Freadberserk.com%2F IP 172.67.74.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:54 Last Seen2024-08-20 16:54 Times Seen1 Hash ee01be08c7ef41da4d0d2bc8329f7857 e130a31fdf59ff9a4da824a9ff2c8103f9c9e4ae 1819d11a16b7399623eb5552a9b1b9cfdb338eea02ec9f5927887c8fccd99430 Loading...

	ardslediana.com/5/6231372	ScriptElement	72 kB	2023-12-03	2023-12-03
Pretty URL ardslediana.com/5/6231372 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 20:50 Last Seen2023-12-03 20:50 Times Seen1 Hash 2be693ede5cdc41344eb7d55eeabc5e3 70230960616dd877ca002e2d0dc4de21d8d82335 d71a2b01bfa070464ecb81c6b5521a6efc525151e2dd8c97fe96769911a6c207 Loading...

	unknown	Function	77 kB	2023-11-27	2024-08-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-11-27 08:24 Last Seen2024-08-20 17:45 Times Seen809 Hash 1fbacaed557cae41d339673299918817 8ec809b7fd6820c30f1e3a17698d652cd8e61556 eaea77d8486a7872cf80fe58ef07b6017462ebc18cb729b763540994a27acb26 Loading...

	readberserk.com/	ScriptElement	674 B	2023-03-13	2024-08-20
Pretty URL readberserk.com/ IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 15:56 Last Seen2024-08-20 19:24 Times Seen3 Hash f1f4dbc3466a875cf822cd97bcaf806c 1fea371a0ce442047bd8f16f4afdab9357e21678 8acfe0b2e8b76d98acc4aa090363ed0b11ddd1d12378fc62fe8a3722150cea3b Loading...

	readberserk.com/	ScriptElement	25 B	2023-03-07	2025-05-09
Pretty URL readberserk.com/ IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-05-09 04:05 Times Seen1048 Hash c8177c617c994af787819019e5a3f9ba ed88d7c466cf3a256800486313a937ef9e3c1d4a 30ff6ba697d971232e1ab90dba3bb78f962234692df47af956498ceb9f90a1c2 Loading...

	platform.bidgear.com/ads.php?domainid=5576&sizeid=16&zoneid=6481	ScriptElement	752 B	2024-08-20	2024-08-20
Pretty URL platform.bidgear.com/ads.php?domainid=5576&sizeid=16&zoneid=6481 IP 172.67.74.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:54 Last Seen2024-08-20 16:54 Times Seen1 Hash f0bdd9c111fb2a1ae4460ac6faaf806a 67f5b392554edf680384be85c1def077c352f110 7ce953c319729c5f53870dd0cae3d21c8767ee98bd0bad79ec020e9892bde23a Loading...

	readberserk.com/	ScriptElement	132 B	2023-11-15	2025-04-26
Pretty URL readberserk.com/ IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 21:47 Last Seen2025-04-26 01:35 Times Seen39 Hash 772b7014c3252d4276d44fc2c54bcac8 1f0a551292189524948ee85b0963e0f3e3ad0d4c 039b6e14d660ea3bf9e118471d5e903caae784734de1f0747a99d41cdb68b088 Loading...

	readberserk.com/wp-content/themes/mangapill-v1.1.0/js/showads.js?ver=2	ScriptElement	19 B	2023-03-07	2025-03-03
Pretty URL readberserk.com/wp-content/themes/mangapill-v1.1.0/js/showads.js?ver=2 IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24 Last Seen2025-03-03 12:18 Times Seen2284 Hash 14380b81da6c1f82d54ddad07bdca87c a72b216e23ce2fd0c275f0c66381255e2b34c1be 6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a Loading...

	ardslediana.com/5/5984847	ScriptElement	72 kB	2023-12-03	2023-12-03
Pretty URL ardslediana.com/5/5984847 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 20:50 Last Seen2023-12-03 20:50 Times Seen1 Hash cc0b63bc2130130780fe120ef7d593b7 32f789034c596a0abae118b59112f6cd49064881 b7af90c6e583ffa74d868f1ee501977afe8a30cbf2236268a3584b25b7b2189b Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	ScriptElement	13 kB	2023-04-05	2025-05-09
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46 Last Seen2025-05-09 07:38 Times Seen39311 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	bedodrioer.com/btag.min.js	ScriptElement	5.4 kB	2023-03-10	2024-12-29
Pretty URL bedodrioer.com/btag.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:32 Last Seen2024-12-29 02:11 Times Seen146 Hash 4c10c15760be2c91a304486738ef7ad7 4e86dd6b350283c719bf2a7a98925ce0c88e5af7 753a421588d7e7e7beec7b6354712a7f9ed6e03a54c1c88d777979f9d736a268 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	ScriptElement	97 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 07:02 Times Seen28949 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	readberserk.com/	ScriptElement	139 B	2023-11-15	2025-04-26
Pretty URL readberserk.com/ IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 21:47 Last Seen2025-04-26 01:35 Times Seen38 Hash b26717e65a54fa697c77dc7ced2729a8 3c806ae5809b8e6764e5f48d840529dcee08c691 c3919c1672b547bc53daade1f3d24fbb6419b8cf8576be52a6f1d004821eeff6 Loading...

	readberserk.com/wp-content/plugins/wp-dark-mode/assets/js/frontend.min.js?ver=4.2.6	ScriptElement	5.0 kB	2023-04-05	2025-03-13
Pretty URL readberserk.com/wp-content/plugins/wp-dark-mode/assets/js/frontend.min.js?ver=4.2.6 IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 01:45 Last Seen2025-03-13 18:53 Times Seen137 Hash e6eb9d830e59ea5d2ccf630d80e748c4 fd402372efb9adeb232049f9115529e33f7dbf57 95c212910ebf54b89de652fda2a870facc0e7c9b0b9bc0975fe399df1d1087de Loading...

	glaultoa.com/apu.php?zoneid=6231395&var=6231372	ScriptElement	85 kB	2023-12-03	2023-12-03
Pretty URL glaultoa.com/apu.php?zoneid=6231395&var=6231372 IP 139.45.197.245 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 20:50 Last Seen2023-12-03 20:50 Times Seen1 Hash 82f3fd3de5bad2cb14fa6b45aba21ae8 a3ad74b646f7825ca3946955144fbb8f2f1c807b 666b62975060f8008dd89dd7806998fd6e6481fa62ef2c815a1f49120c07f0dc Loading...

	stats.wp.com/e-202348.js	ScriptElement	6.9 kB	2023-07-02	2025-03-25
Pretty URL stats.wp.com/e-202348.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-02 20:30 Last Seen2025-03-25 21:47 Times Seen6898 Hash 2567b82fc5b4900c78be291e6a957e99 114ec9e929313111ec06f33e342205c52cce5b11 ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258 Loading...

	script.4dex.io/localstore.js	ScriptElement	483 B	2023-03-07	2024-08-21
Pretty URL script.4dex.io/localstore.js IP 104.26.8.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2024-08-21 09:43 Times Seen1128 Hash 922cffdd75f7192f75231d92684885aa 48ae21017844de388e0a32206a2691fa4c109669 e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389 Loading...

	readberserk.com/wp-content/themes/mangapill-v1.1.0/js/navigation.js?ver=20151215	ScriptElement	1.9 kB	2023-03-07	2025-05-07
Pretty URL readberserk.com/wp-content/themes/mangapill-v1.1.0/js/navigation.js?ver=20151215 IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:34 Last Seen2025-05-07 05:48 Times Seen183 Hash ca8be8217c5bbac54f54093e8d9da898 720e18ede101a6ef6c6d73333f540e8894f01715 adf46afe54d4cb970499b51ac81d525883d35794006360d30e4bd0c40543be68 Loading...

	cdn.pubfuture-ad.com/v2/unit/pt.js	ScriptElement	43 kB	2023-12-01	2023-12-06
Pretty URL cdn.pubfuture-ad.com/v2/unit/pt.js IP 172.67.70.21 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 21:58 Last Seen2023-12-06 02:55 Times Seen12 Hash 05e0ba496abadc5be6077260f8e0f601 8f08f1bc10cd841b997c56deb8c79e4c466c8fc9 3c8d36be9468ac339b37465c78dadeecbec15dc2eda5586d2d2508c499f3294f Loading...

	platform.bidgear.com/async.php?domainid=5576&sizeid=2&zoneid=6165&k=1701633038669	ScriptElement	704 B	2023-12-03	2024-08-20
Pretty URL platform.bidgear.com/async.php?domainid=5576&sizeid=2&zoneid=6165&k=1701633038669 IP 172.67.74.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 20:50 Last Seen2024-08-20 16:54 Times Seen2 Hash e184b2b3584fc226020bd5169bc182ed 3759f2d9d7aba101e72177a0c7c949f52397bc89 aebf59ca1903c96f986a3181cf9757cdf379edcc4c661505a5775212bff3df93 Loading...

	imasdk.googleapis.com/js/sdkloader/ima3.js	ScriptElement	373 kB	2023-11-15	2023-12-04
Pretty URL imasdk.googleapis.com/js/sdkloader/ima3.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-15 21:47 Last Seen2023-12-04 16:14 Times Seen636 Hash 865fefbe42a3df73ca64198c337b20e6 cd1304165333f9fc26d2aa716a4c50c8ce99fbae 4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087 Loading...

	services.vlitag.com/adv1/?q=fc4781ea2ad8acfcb2fa60ac41f99bc1	ScriptElement	591 kB	2024-08-20	2024-08-20
Pretty URL services.vlitag.com/adv1/?q=fc4781ea2ad8acfcb2fa60ac41f99bc1 IP 104.22.58.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:54 Last Seen2024-08-20 16:54 Times Seen1 Hash cffccd34663db55749a242d97ae3b120 062fc05a2f21776324cc23137c4e482909a4b850 64ac2a582b8c2f707092652d4a769ea0174e30428bdb5ab6cb69d11f789aa57e Loading...

	platform.bidgear.com/ads.php?domainid=5576&sizeid=29&zoneid=6182	ScriptElement	719 B	2024-08-20	2024-08-20
Pretty URL platform.bidgear.com/ads.php?domainid=5576&sizeid=29&zoneid=6182 IP 172.67.74.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:54 Last Seen2024-08-20 16:54 Times Seen1 Hash e080bc1e73cea8bc0a234622aa5b8287 8f0c3cc3443da5fc4b2c722c6626cba84cf200f2 2fdcebefc5bbca61af992843538b16822343a910d43619b406d590c08e5212a5 Loading...

	readberserk.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188	ScriptElement	701 B	2023-05-10	2025-05-06
Pretty URL readberserk.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188 IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 12:45 Last Seen2025-05-06 09:54 Times Seen3090 Hash 328b8123661abdd5f4a0c695e7aa9dcc 4164f78bb52e9f2bfbb7ae5fd519b4638063c1f0 27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2 Loading...

	unknown	ScriptElement	2.1 kB	2023-03-08	2025-03-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:50 Last Seen2025-03-07 04:26 Times Seen80 Hash 2b9872b1c66bf923efcfa18f0f69eca1 17efef6e8b78ed400d1636696e7a586c0837fc5f 418ee759dc1ffc4c55215dc9311ceb0d8aaf80b0daecf16e8addf8c880d265c5 Loading...

	assets.vlitag.com/prebid/default/prebid-8.21.0.js	ScriptElement	630 kB	2023-11-04	2024-08-20
Pretty URL assets.vlitag.com/prebid/default/prebid-8.21.0.js IP 104.22.58.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 04:53 Last Seen2024-08-20 21:00 Times Seen44 Hash f881b752a7507e7a91f98545372f6027 70b81b71265236388b8d4ba83d7138989792f40a a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90 Loading...

	unknown	Function	26 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:13 Last Seen2025-05-09 07:44 Times Seen127370 Hash 1c862db5f2555377c2dc1e62ed7b3981 c29e6dc25c08a70995127ec13ded6f80d9a36174 27d373a6961f797edf69a80f7f24877ef85c2fc4f9f770b2540b1bf5e66823ac Loading...

	readberserk.com/	ScriptElement	304 B	2023-03-10	2024-08-20
Pretty URL readberserk.com/ IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 17:16 Last Seen2024-08-20 19:24 Times Seen3 Hash 0bd9688aac89bbc75530b91f5b4b8f7d 14abc3e918dda451fda99f132b2f7c61a896997a 639311fd52a72881cad5b6ce67e8c84dbcc3b9767be77c118606dbf128db2831 Loading...

	readberserk.com/	ScriptElement	125 B	2023-11-15	2024-08-20
Pretty URL readberserk.com/ IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 21:47 Last Seen2024-08-20 19:24 Times Seen4 Hash 6e6c84444ad2f9740f850cf1715bcde9 fa733cba9a344d8527a6fbc003c4513dd6f4d33d 57dac38838b8e66c9a819a64aa2eea2e1af75c0ca8d3b106af05a0ced1109acc Loading...

	readberserk.com/	ScriptElement	1.7 kB	2023-03-13	2024-08-20
Pretty URL readberserk.com/ IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 15:56 Last Seen2024-08-20 19:24 Times Seen3 Hash 79bdd8028f6799e8d8dfd1af2914c456 393941444a1d6c6ac4a971cd13d6e036f19f5416 4e76dc11652dab2843e72026916cb6a2749923538512b0655648fc8a9779a256 Loading...

	readberserk.com/sandbox%20eval%20code		136 B	2023-04-11	2025-05-09
Pretty URL readberserk.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-09 07:38 Times Seen41474 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js	ScriptElement	39 kB	2023-03-07	2025-05-09
Pretty URL assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js IP 104.22.58.199 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23 Last Seen2025-05-09 04:05 Times Seen1265 Hash 70e454e451af63d76af1fc5b9b2ce1e4 99d6761df09b3efbbb7d233d031260f406397fd2 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0 Loading...

	readberserk.com/	ScriptElement	208 B	2023-11-15	2024-08-20
Pretty URL readberserk.com/ IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 21:47 Last Seen2024-08-20 19:24 Times Seen3 Hash f8a8a0ca30db37fcccfd5ee87cc42815 27c7f4e5d2048a60b084769ed1aa30041ba9f9dd 3c76275c451601ca1df17381040f4aa3bfc908e4e649e5aaf5bf1564804a2914 Loading...

	readberserk.com/wp-content/themes/mangapill-v1.1.0/js/skip-link-focus-fix.js?ver=20151215	ScriptElement	426 B	2023-03-07	2025-05-07
Pretty URL readberserk.com/wp-content/themes/mangapill-v1.1.0/js/skip-link-focus-fix.js?ver=20151215 IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-07 05:48 Times Seen701 Hash fa2ce987f8db7686a86e81d3407acb43 2c0e064be7f6d1d273749ddaa289d09a0f7470c1 405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819 Loading...

	readberserk.com/	ScriptElement	1.6 kB	2023-03-10	2024-12-10
Pretty URL readberserk.com/ IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 17:16 Last Seen2024-12-10 16:52 Times Seen5 Hash 24c4429c9d98114b9e0d8925e9c890ad 94f006812bbfb944b6c4faa27006213eb1f50014 0e4f6a277283cb0c8d931d8ff96737fee1c2dac0c59fdf699f67efe756eb87fe Loading...

	unknown	ScriptElement	707 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:54 Last Seen2024-08-20 16:54 Times Seen1 Hash 297b54010042630c3d46e485a836d406 87e48ed85af2741447352196078840c08cd2ef1e c1aacd8748b42c911d2a4c043be567a512edd533c678788dc35e89ceef07a0e4 Loading...

	readberserk.com/wp-content/plugins/wp-dark-mode/assets/js/dark-mode.min.js?ver=4.2.6	ScriptElement	61 kB	2023-03-07	2025-03-13
Pretty URL readberserk.com/wp-content/plugins/wp-dark-mode/assets/js/dark-mode.min.js?ver=4.2.6 IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:24 Last Seen2025-03-13 18:53 Times Seen169 Hash e35012a903a999d437749f5de8539b2c 5e543d99ebdb1f8ee0c5cba4f599dbdc93026aa4 d230fa6c14bf1f2df177f38c46f0d091f90ea57753e36e035616a381bd43a2db Loading...

	readberserk.com/wp-content/themes/mangapill-v1.1.0/js/bundle.js?ver=1.0.0	ScriptElement	51 kB	2023-03-10	2024-08-20
Pretty URL readberserk.com/wp-content/themes/mangapill-v1.1.0/js/bundle.js?ver=1.0.0 IP 104.21.235.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:16 Last Seen2024-08-20 19:24 Times Seen5 Hash 1b403147d309ff5f81b4d1b85f01a866 26f9898342c864ca306395970837f72f6d612df6 6fc32e79d1a29039f4e977555fbb384d4a8ad998437a3baa3d8d788a01c73206 Loading...

	glaultoa.com/apu.php?zoneid=5985136&var=5984847	ScriptElement	968 B	2023-12-03	2023-12-03
Pretty URL glaultoa.com/apu.php?zoneid=5985136&var=5984847 IP 139.45.197.245 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 20:50 Last Seen2023-12-03 20:50 Times Seen1 Hash 08fbd2ee628b40e4d10a83c58637ed73 0b78c47a3dbc247746529647923cdbeaaa720b4d 5fbc23480d771cab64d71b256a8253eb9901417e038ca4ec6ddfad2c84809916 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07 01:03	2025-05-08 19:45
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-08 19:45 Times Seen3168 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

		Size	First Seen	Last Seen
	#1 Write - 83ba2b60b37c3dd2858ea402ca15377d	693 B	2024-08-20 16:54	2024-08-20 16:54
Pretty Observations First Seen2024-08-20 16:54 Last Seen2024-08-20 16:54 Times Seen1 Hash 83ba2b60b37c3dd2858ea402ca15377d 7417d1430ffc770ec44864ad40f5201edfab16f0 bab3ddc37ee52da21c62ddeb0897520149fd27af5d662ee7a5331f9170d2dcda Loading...

	#2 Write - 911952aef891ab8253b60a206a57eecd	719 B	2024-08-20 16:54	2024-08-20 16:54
Pretty Observations First Seen2024-08-20 16:54 Last Seen2024-08-20 16:54 Times Seen1 Hash 911952aef891ab8253b60a206a57eecd cf84a524afb785c52e5267f8d26511dd7905c9f6 fa3cabe9223c87bb69e3955acfdee9096814bd49b735c20ef7b0bf8d6c676d24 Loading...

	#3 Write - 51449f709f0ca3ff88e4608d2cec3314	472 B	2024-08-20 16:54	2024-08-20 16:54
Pretty Observations First Seen2024-08-20 16:54 Last Seen2024-08-20 16:54 Times Seen1 Hash 51449f709f0ca3ff88e4608d2cec3314 695d8aed0922f999f0faf43bafb7c3ac83dcabe9 fc0470db9ac12c706b676670fd11c1c1992ce2eedc50b4aba18ae8aa04a5714b Loading...

HTTP Transactions (70)

URL IP Response Size

readberserk.com/wp-content/themes/mangapill-v1.1.0/js/showads.js?ver=2

104.21.235.132

200 OK

19 B

URL GET HTTP/3
readberserk.com/wp-content/themes/mangapill-v1.1.0/js/showads.js?ver=2
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type
ASCII text, with no line terminators
Size
19 B (19 bytes)
Hash
14380b81da6c1f82d54ddad07bdca87c
a72b216e23ce2fd0c275f0c66381255e2b34c1be
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a

HTTP Headers

GET /wp-content/themes/mangapill-v1.1.0/js/showads.js?ver=2 HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/javascript
content-length: 19
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=22
expires: Sun, 31 Dec 2023 02:21:56 GMT
last-modified: Wed, 15 Nov 2023 06:12:49 GMT
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 235716
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Hl2rkDy1eLoFj72d2zrIQTWtNV8CBXiZltoyepwWHd9idFZ%2BHNzCLWGBwQ4bThMYFXgozTtIpt8FZJe8z5%2BkmempRq97in0nL4MqEukUoHjgSgkiZQgz9JfMsrXk7GaMuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe56d6bd4356a4-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

142.250.74.74

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:14:46 GMT
expires: Fri, 29 Nov 2024 05:14:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 311746
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i0.wp.com/readberserk.com/wp-content/uploads/2017/06/berserk-1.jpg?resize=150%2C150&ssl=1

192.0.77.2

200 OK

8.1 kB

URL GET HTTP/2
i0.wp.com/readberserk.com/wp-content/uploads/2017/06/berserk-1.jpg?resize=150%2C150&ssl=1
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://readberserk.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.1 kB (8138 bytes)
Hash
879399217b913247a3697d01dc228c1f
27ca02e014c6f4f1b1819ec0b48c03e660a7dbf4
2da0cb976a8eab9963972976c787f44e021ea71b212687ffb128a299f2eefdb2

HTTP Headers

GET /readberserk.com/wp-content/uploads/2017/06/berserk-1.jpg?resize=150%2C150&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:33 GMT
content-type: image/webp
content-length: 8138
last-modified: Wed, 15 Nov 2023 06:26:46 GMT
expires: Fri, 14 Nov 2025 18:26:46 GMT
cache-control: public, max-age=63115200
link: <https://readberserk.com/wp-content/uploads/2017/06/berserk-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "0ec7ca6ae6f034da"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

1.bp.blogspot.com/-sf1Dx4uJOg4/X9XMlPxC5CI/AAAAAAAAFJs/yGZtaMpL4nESgozMkOv5MmFUgTy1M-SwQCLcBGAsYHQ/s0/IWdMiG9.png

142.250.74.161

200 OK

13 kB

URL GET HTTP/2
1.bp.blogspot.com/-sf1Dx4uJOg4/X9XMlPxC5CI/AAAAAAAAFJs/yGZtaMpL4nESgozMkOv5MmFUgTy1M-SwQCLcBGAsYHQ/s0/IWdMiG9.png
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT

File type
PNG image data, 663 x 213, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (13211 bytes)
Hash
0e99b4b5d94e1d347880f25a55ece1a0
a22b2c7576317a842ce288c7d40d395cdaddb462
9133443006383b421603902f189e0f93404c90cea94d13f39d36c351068a869c

HTTP Headers

GET /-sf1Dx4uJOg4/X9XMlPxC5CI/AAAAAAAAFJs/yGZtaMpL4nESgozMkOv5MmFUgTy1M-SwQCLcBGAsYHQ/s0/IWdMiG9.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="IWdMiG9.png"
x-content-type-options: nosniff
server: fife
content-length: 13211
x-xss-protection: 0
date: Sun, 03 Dec 2023 18:40:29 GMT
expires: Mon, 04 Dec 2023 18:40:29 GMT
cache-control: public, max-age=86400, no-transform
age: 4204
etag: "v149d"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1.bp.blogspot.com/-3qAw4snh1OA/X9XMlNNCyxI/AAAAAAAAFJo/1-dQvhbZdicxog1LaX4PfX4QC0ZF0qTnwCLcBGAsYHQ/s0/kIVlOWS.png

142.250.74.161

200 OK

20 kB

URL GET HTTP/2
1.bp.blogspot.com/-3qAw4snh1OA/X9XMlNNCyxI/AAAAAAAAFJo/1-dQvhbZdicxog1LaX4PfX4QC0ZF0qTnwCLcBGAsYHQ/s0/kIVlOWS.png
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT

File type
PNG image data, 663 x 213, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19695 bytes)
Hash
2631bb49f0f0a51d110f87ff85d28629
f8bd2b60b659c05f6be1998f3c58a7342a4275fb
800b42489bf5a56f3eed06f0ec095a9af653366b4534053d6fea448011fb9e5f

HTTP Headers

GET /-3qAw4snh1OA/X9XMlNNCyxI/AAAAAAAAFJo/1-dQvhbZdicxog1LaX4PfX4QC0ZF0qTnwCLcBGAsYHQ/s0/kIVlOWS.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="kIVlOWS.png"
x-content-type-options: nosniff
server: fife
content-length: 19695
x-xss-protection: 0
date: Sun, 03 Dec 2023 18:40:29 GMT
expires: Mon, 04 Dec 2023 18:40:29 GMT
cache-control: public, max-age=86400, no-transform
age: 4204
etag: "v149c"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,500

142.250.74.106

200 OK

677 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400,500
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
677 B (677 bytes)
Hash
35e5c0a4199438680755761adb2f2760
ab8a742f9eec59229bac28d1aa062d769fa69c5a
0f68d801aace4c3767eb1562230312f270a0983721a62c43b2a058db68f2d1d2

HTTP Headers

GET /css?family=Roboto:400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 03 Dec 2023 19:50:32 GMT
date: Sun, 03 Dec 2023 19:50:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

imp9.bidgear.com/rec?t=1&z=6182&uuid=85c7b8f1813d494081146574a58586a0&p=80&g=NO&token=4a44335432&tbg=1701633032

172.67.74.36

200 OK

599 B

URL GET HTTP/2
imp9.bidgear.com/rec?t=1&z=6182&uuid=85c7b8f1813d494081146574a58586a0&p=80&g=NO&token=4a44335432&tbg=1701633032
IP
172.67.74.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=6182&uuid=85c7b8f1813d494081146574a58586a0&p=80&g=NO&token=4a44335432&tbg=1701633032 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:33 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEjbhpaJ6LBXPACqlyRBD74pAdugO91ScZaKsZagwtbNVWaCPMOooVM5AIOduRVzzw7072bkJDiFMb2H1U83TamQ5zyw91kWKGqkhHmpl2dXQUlS9vdH70UfQxSHR24zFJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56db3913b50b-OSL
X-Firefox-Spdy: h2

imp9.bidgear.com/rec?t=1&z=6481&uuid=92a8defbd3d14810874a913c8520622f&p=58&g=NO&token=4a44335432&tbg=1701633032

172.67.74.36

200 OK

599 B

URL GET HTTP/2
imp9.bidgear.com/rec?t=1&z=6481&uuid=92a8defbd3d14810874a913c8520622f&p=58&g=NO&token=4a44335432&tbg=1701633032
IP
172.67.74.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=6481&uuid=92a8defbd3d14810874a913c8520622f&p=58&g=NO&token=4a44335432&tbg=1701633032 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:33 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDZo2dAc%2BteG%2F7U8y3Mpl8DjMKxtCzyJlG9v2EEcWWny9lgF24miR3gk7ClK4RBrJ1xTDFJJv%2F3tg7NQhC0gBaJN7mw982%2FkoDf1cu6TG45ri9UJqt0BIfJT5C4wa3jWNiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56db3914b50b-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 312779
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

192.0.77.37

200 OK

17 kB

URL GET HTTP/2
c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://readberserk.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4186), with no line terminators
Size
17 kB (16903 bytes)
Hash
ea958276b7de454bd3c2873f0dc47e5f
b143f6e8e8f79d8f104c26b0057ef5514d763219
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

HTTP Headers

GET /c/6.4.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Mon, 02 Dec 2024 19:50:32 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

services.vlitag.com/cli/fc4781ea2ad8acfcb2fa60ac41f99bc1.json?hn=https://readberserk.com

104.22.58.199

200 OK

42 B

URL GET HTTP/3
services.vlitag.com/cli/fc4781ea2ad8acfcb2fa60ac41f99bc1.json?hn=https://readberserk.com
IP
104.22.58.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectvlitag.com
Fingerprint2F:60:54:B2:DE:0E:90:0F:7C:66:64:70:60:DF:16:BA:A7:55:FD:4C
ValiditySun, 26 Nov 2023 07:28:34 GMT - Sat, 24 Feb 2024 07:28:33 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
42 B (42 bytes)
Hash
d8fddc9d3ceaf617e9584960e7d3f681
ca32416212de126a81beec99e03ffc748fa6974c
1149a77482fdc465a6781663c4c07c62b5926d4d6efe1d7a3d60cc1ca83273c4

HTTP Headers

GET /cli/fc4781ea2ad8acfcb2fa60ac41f99bc1.json?hn=https://readberserk.com HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:33 GMT
content-type: application/json; charset=utf-8
content-length: 42
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://readberserk.com
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: BYPASS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe56dbaf87712b-OSL
alt-svc: h3=":443"; ma=86400

ip2geo.pubfuture-ad.com/detail

104.26.0.97

200 OK

33 B

URL GET HTTP/2
ip2geo.pubfuture-ad.com/detail
IP
104.26.0.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
33 B (33 bytes)
Hash
007af5ffed017e37943df31888ef8666
2877ed4c460ba9164b3625e32502a9d83a2a1d4a
bfb9d45766b6f87ee2c5f55862cdffe168aa7df0ff6ed0917b0fbcb035fdcdd2

HTTP Headers

GET /detail HTTP/1.1
Host: ip2geo.pubfuture-ad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/json; charset=utf-8
content-length: 33
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
etag: W/"21-KHftTEYLqRZLNiXjJQKp2DoqHUo"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFcGA0rUD4VJ0yqjPa31f311Vu67k90pc%2BDuV6rUJaVTdgPT2L9yK9bBiKCm8lLkR6b%2BR0%2FtokmFmHY%2Bd7vGx42vmf56XVjN6o5W4oGFKZkATGdaDlDi9cSVBoebow9GZh8MCOKtNlvx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56de6f2d56c3-OSL
X-Firefox-Spdy: h2

services.vlitag.com/vld/1701579784/vl.json?page_url=https%3A%2F%2Freadberserk.com%2F

104.22.58.199

200 OK

13 B

URL GET HTTP/3
services.vlitag.com/vld/1701579784/vl.json?page_url=https%3A%2F%2Freadberserk.com%2F
IP
104.22.58.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectvlitag.com
Fingerprint2F:60:54:B2:DE:0E:90:0F:7C:66:64:70:60:DF:16:BA:A7:55:FD:4C
ValiditySun, 26 Nov 2023 07:28:34 GMT - Sat, 24 Feb 2024 07:28:33 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
13 B (13 bytes)
Hash
c7babbbdeca820a7e691913c68428f1c
873007e1c38b8fbea1d265afa40bb15ad6cc4fb5
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

HTTP Headers

GET /vld/1701579784/vl.json?page_url=https%3A%2F%2Freadberserk.com%2F HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/json; charset=utf-8
content-length: 13
cache-control: public, immutable, max-age=31536000
access-control-allow-origin: https://readberserk.com
x-robots-tag: noindex, nofollow, noarchive, nosnippet
last-modified: Sun, 03 Dec 2023 05:03:11 GMT
cf-cache-status: HIT
age: 45099
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe56df7cfa712b-OSL
alt-svc: h3=":443"; ma=86400

readberserk.com/apple-touch-icon-152x152-precomposed.png

104.21.235.132

301 Moved Permanently

12 kB

URL GET HTTP/3
readberserk.com/apple-touch-icon-152x152-precomposed.png
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type
PNG image data, 300 x 250, 8-bit colormap, non-interlaced\012- data
Size
12 kB (12329 bytes)
Hash
5dcde62b114a6dcbf72713c623e453fd
94486b5d893f4531c139326f2bd601db76438dab
664a6bd86517161735dc294decff6c6bd1a2745453985cfa4136153ea01eb446

HTTP Headers

GET /apple-touch-icon-152x152-precomposed.png HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sun, 03 Dec 2023 19:50:33 GMT
content-type: text/html; charset=UTF-8
location: https://readberserk.com
expires: Thu, 25 Jan 2024 08:45:57 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 644676
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgT0WNAhCDMZZny%2BQzAb9Q%2F8wJl83brV%2BjuYuDkEQCBti%2FJmQ1uKvTO0G6Eu0tH2KtsCl%2FajQs6ctKKyt0A8Xc4c8nopdPIFtM%2BzQuWjXHDxWFqE27f%2BisSsgiVctc515zs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe56dcc82a56a4-OSL
alt-svc: h3=":443"; ma=86400

imp9.bidgear.com/rec?t=1&z=6165&uuid=37dc5c89f58a49fcafe3f5d51d367a67&p=21&g=NO&token=4a44335432&tbg=1701633034

172.67.74.36

200 OK

599 B

URL GET HTTP/2
imp9.bidgear.com/rec?t=1&z=6165&uuid=37dc5c89f58a49fcafe3f5d51d367a67&p=21&g=NO&token=4a44335432&tbg=1701633034
IP
172.67.74.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=6165&uuid=37dc5c89f58a49fcafe3f5d51d367a67&p=21&g=NO&token=4a44335432&tbg=1701633034 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjYai1nq2m5NVuQuXTBvyyZePun99YqqrFmuM4hLWmvt4hUe1HiYO3pB3EE8JP3SZltFKQg00V7yxA%2FDgBmkk0JG4spdNZiv2vC9Qmy6dIVb4GPrYucQVjKlvEEFaikPDoA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56dfdec7b50b-OSL
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=9862c82944bc4d958206bd391f43dc68

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=9862c82944bc4d958206bd391f43dc68
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
3c0ef7820d87c31c134a794ff0fac121
67e4fd4e4a01b9f856ffb23121b53575c4c76b66
cb8d62ee719c674aad269254b4d90dbf4270f7d8567239323281230daa0d01b9

HTTP Headers

GET /gid.js?userId=9862c82944bc4d958206bd391f43dc68 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://readberserk.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9862c82944bc4d958206bd391f43dc68; expires=Mon, 02 Dec 2024 19:50:34 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

glaultoa.com/apu.php?zoneid=5985136&var=5984847

139.45.197.245

200 OK

968 B

URL GET HTTP/2
glaultoa.com/apu.php?zoneid=5985136&var=5984847
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectglaultoa.com
Fingerprint76:62:43:3F:4B:5F:3A:A9:C6:00:2D:6B:18:2F:1C:90:5D:34:A8:A0
ValiditySat, 02 Dec 2023 14:50:24 GMT - Fri, 01 Mar 2024 14:50:23 GMT

File type
ASCII text, with very long lines (801)
Size
968 B (968 bytes)
Hash
08fbd2ee628b40e4d10a83c58637ed73
0b78c47a3dbc247746529647923cdbeaaa720b4d
5fbc23480d771cab64d71b256a8253eb9901417e038ca4ec6ddfad2c84809916

HTTP Headers

GET /apu.php?zoneid=5985136&var=5984847 HTTP/1.1
Host: glaultoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/javascript
content-length: 968
x-trace-id: 5c8aad27cbe6c7153ac5b44654f551ac
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ace8849b969c44ba9ca821c3ebc88f3f; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
oaidts=1701633034; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

imasdk.googleapis.com/js/sdkloader/ima3.js

142.250.74.74

200 OK

128 kB

URL GET HTTP/3
imasdk.googleapis.com/js/sdkloader/ima3.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2725)
Size
128 kB (128094 bytes)
Hash
865fefbe42a3df73ca64198c337b20e6
cd1304165333f9fc26d2aa716a4c50c8ce99fbae
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087

HTTP Headers

GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 128094
date: Sun, 03 Dec 2023 19:50:34 GMT
expires: Sun, 03 Dec 2023 19:50:34 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.a-ads.com/a-ads-banners/482514/300x250?region=eu-central-1

213.239.205.245

200 OK

419 kB

URL GET HTTP/2
static.a-ads.com/a-ads-banners/482514/300x250?region=eu-central-1
IP
213.239.205.245:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ad.a-ads.com/2272808?size=300x250
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 300 x 250\012- data
Size
419 kB (419447 bytes)
Hash
415d72cd769d66307391298d960a6e6b
347005d60c95df0e6fbc6c04f19439b0202dcdad
b11edb7f06e794d1e71008ed040f2021012500d4242d6b2b0a07e327b7f36f1a

HTTP Headers

GET /a-ads-banners/482514/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: image/gif
content-length: 419447
x-amz-id-2: v+f6nJT4PcTRpAlvcWpMKAB/NuZf+foOFFR0jyvcmuZX2FEafNQ2SFcaHzhZXx5M440pGjMuFns=
x-amz-request-id: V1YFA2S0J4S4J7M9
x-amz-replication-status: COMPLETED
last-modified: Thu, 05 Oct 2023 18:02:07 GMT
etag: "415d72cd769d66307391298d960a6e6b"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: mL_lf9pni6EoNVnI2IDY06rBeR24vV7Y
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

maibaume.com/contents/s/5d/cd/e6/2b114a6dcbf72713c623e453fd/0863583724870.png

139.45.197.151

12 kB

URL GET
maibaume.com/contents/s/5d/cd/e6/2b114a6dcbf72713c623e453fd/0863583724870.png
IP
139.45.197.151:0
ASN
#9002 RETN Limited

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectmaibaume.com
Fingerprint52:D5:54:D7:FA:CE:64:04:BA:9A:BE:BA:CF:F7:AD:6F:DD:0D:70:AB
ValidityThu, 19 Oct 2023 05:49:11 GMT - Wed, 17 Jan 2024 05:49:10 GMT

File type
PNG image data, 300 x 250, 8-bit colormap, non-interlaced\012- data
Size
12 kB (12329 bytes)
Hash
5dcde62b114a6dcbf72713c623e453fd
94486b5d893f4531c139326f2bd601db76438dab
664a6bd86517161735dc294decff6c6bd1a2745453985cfa4136153ea01eb446

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /contents/s/5d/cd/e6/2b114a6dcbf72713c623e453fd/0863583724870.png HTTP/1.1
Host: maibaume.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: image/png
content-length: 12329
last-modified: Tue, 20 Sep 2022 15:57:57 GMT
vary: Accept-Encoding
etag: "6329e305-3029"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231203

151.101.65.229

200 OK

784 B

URL GET HTTP/2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231203
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://readberserk.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JSON data\012- , ASCII text, with very long lines (1602), with no line terminators
Size
784 B (784 bytes)
Hash
c2697de51d41ce770931c3b3b408a829
1ac5ce782b4c18f20c4cb286735e84ad533d7bbf
f1304e0567cc62d691ee57b01b9e837d8274a61016e7dbaff7074c29346b7c0f

HTTP Headers

GET /gh/prebid/currency-file@1/latest.json?date=20231203 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
content-type: text/plain
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1893
x-jsd-version-type: version
etag: W/"642-GsXOeCtMGPIMTLKGc16ErVM9e78"
content-encoding: br
accept-ranges: bytes
date: Sun, 03 Dec 2023 19:50:34 GMT
age: 13786
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1666-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 784
X-Firefox-Spdy: h2

script.4dex.io/localstore.js

104.26.8.169

200 OK

268 B

URL GET HTTP/1.1
script.4dex.io/localstore.js
IP
104.26.8.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectscript.4dex.io
FingerprintAB:9B:A2:70:ED:27:23:EF:84:14:22:FF:67:9F:5D:50:06:2D:04:28
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (482)
Size
268 B (268 bytes)
Hash
922cffdd75f7192f75231d92684885aa
48ae21017844de388e0a32206a2691fa4c109669
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

HTTP Headers

GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 19:50:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 560060
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48SfaD7Eekv3Y0jSi46qZ0LhLWYF9qhj5IyoDlYgCKhO9ZUioTxcH9ZOOm578buiDWgCCFcCZ3IUzrMpc7Jbqz0VsWMFFun5gY3Ks1cS4%2FddcxzoFpkywjcpEGPiEG%2Be"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 82fe57165ec0b527-OSL
Content-Encoding: br

prebid.a-mo.net/a/c

145.40.97.66

204 No Content

0 B

URL POST HTTP/2
prebid.a-mo.net/a/c
IP
145.40.97.66:443
ASN
#54825 PACKET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint5C:1B:DB:42:AD:A4:54:7C:87:D6:3F:1A:B6:29:AF:0C:7F:A6:14:FE
ValidityTue, 07 Nov 2023 13:48:39 GMT - Mon, 05 Feb 2024 13:48:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
content-type: text/plain
Content-Length: 3134
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://readberserk.com
cache-control: max-age=0, private, must-revalidate
date: Sun, 03 Dec 2023 19:50:42 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2

services.vlitag.com/obj/1701579784/fc4781ea2ad8acfcb2fa60ac41f99bc1.json?cc=NO&hn=https://readberserk.com

104.22.58.199

200 OK

15 kB

URL GET HTTP/3
services.vlitag.com/obj/1701579784/fc4781ea2ad8acfcb2fa60ac41f99bc1.json?cc=NO&hn=https://readberserk.com
IP
104.22.58.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectvlitag.com
Fingerprint2F:60:54:B2:DE:0E:90:0F:7C:66:64:70:60:DF:16:BA:A7:55:FD:4C
ValiditySun, 26 Nov 2023 07:28:34 GMT - Sat, 24 Feb 2024 07:28:33 GMT

File type
JSON data\012- , ASCII text, with very long lines (29115), with no line terminators
Size
15 kB (14853 bytes)
Hash
819c06b54de0d0abc8aabd7309f965e6
eaecbe7a8cbe23f9b5f6d0ac6d50a089bf5815a3
214e3e36a740ce97a26fb412cd241a5d1df066f334da5144a504213580e0b276

HTTP Headers

GET /obj/1701579784/fc4781ea2ad8acfcb2fa60ac41f99bc1.json?cc=NO&hn=https://readberserk.com HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
access-control-allow-origin: https://readberserk.com
x-robots-tag: noindex, nofollow, noarchive, nosnippet
last-modified: Sun, 03 Dec 2023 06:15:19 GMT
cf-cache-status: HIT
age: 48915
server: cloudflare
cf-ray: 82fe56df7cfb712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

script.4dex.io/adagio.js

104.26.8.169

200 OK

24 kB

URL GET HTTP/1.1
script.4dex.io/adagio.js
IP
104.26.8.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectscript.4dex.io
FingerprintAB:9B:A2:70:ED:27:23:EF:84:14:22:FF:67:9F:5D:50:06:2D:04:28
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65354)
Size
24 kB (23478 bytes)
Hash
6faf3acfde3bb82adada71be4fc1deb0
20f08498f821936592273d8f755d94f31c9b9c7a
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

HTTP Headers

GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 19:50:43 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers: 
CF-Cache-Status: HIT
Age: 562997
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQP%2BOMY8%2FehjG%2BrM8vuOEo1QCNSCwTYZcpSCerhGNOJpDxMuBNix2zU1L2vwh0DpI0vfw%2BdvTEw%2F8E9IijmTXFVFz2lJ9LAKCo2swVZS6venwUboVAZG2pbPYtZzo9f%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 82fe571728d8b51e-OSL
Content-Encoding: br

px.vliplatform.com/bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKZRzdNaaBrAUMA-PeZa-PAUe-qaya-eUettrPrTPqMRlmNBBUbPMARdzNwqfftkRqxeNco_UPMPTTYTKZ_wqfftkRwkjNAR_yszuNyqsltRkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNthsqffofu,qdb,kzwigxlt,ekoztg,qrquog,jxqfzxdrtbRleNpl

172.67.158.59

200 OK

0 B

URL GET HTTP/2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKZRzdNaaBrAUMA-PeZa-PAUe-qaya-eUettrPrTPqMRlmNBBUbPMARdzNwqfftkRqxeNco_UPMPTTYTKZ_wqfftkRwkjNAR_yszuNyqsltRkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNthsqffofu,qdb,kzwigxlt,ekoztg,qrquog,jxqfzxdrtbRleNpl
IP
172.67.158.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint50:2F:B7:D3:29:C4:2B:D0:2F:FE:73:1F:99:86:7C:1F:F5:B7:F5:4B
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKZRzdNaaBrAUMA-PeZa-PAUe-qaya-eUettrPrTPqMRlmNBBUbPMARdzNwqfftkRqxeNco_UPMPTTYTKZ_wqfftkRwkjNAR_yszuNyqsltRkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNthsqffofu,qdb,kzwigxlt,ekoztg,qrquog,jxqfzxdrtbRleNpl HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:43 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Sun, 03 Dec 2023 19:50:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAkSg%2FRn2Hs1jYa7McJnZ7FX8g5ShVfWArezM15jwMO1TkVl9vuEH0dqp%2BS5NE6ypsgbJPeWeG8uGbGvsEt6M4SrwyoSBu%2B9t7UNXnAvrMqOA4w%2FDwwwW7hzCQDzy0VTlw1Tkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe57169b8a0b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

glaultoa.com/apu.php?zoneid=6231395&var=6231372

139.45.197.245

200 OK

32 kB

URL GET HTTP/2
glaultoa.com/apu.php?zoneid=6231395&var=6231372
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectglaultoa.com
Fingerprint76:62:43:3F:4B:5F:3A:A9:C6:00:2D:6B:18:2F:1C:90:5D:34:A8:A0
ValiditySat, 02 Dec 2023 14:50:24 GMT - Fri, 01 Mar 2024 14:50:23 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
32 kB (32183 bytes)
Hash
82f3fd3de5bad2cb14fa6b45aba21ae8
a3ad74b646f7825ca3946955144fbb8f2f1c807b
666b62975060f8008dd89dd7806998fd6e6481fa62ef2c815a1f49120c07f0dc

HTTP Headers

GET /apu.php?zoneid=6231395&var=6231372 HTTP/1.1
Host: glaultoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=ace8849b969c44ba9ca821c3ebc88f3f; oaidts=1701633034
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/javascript
x-trace-id: befa7591b854100f367c99f57b50e92d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ace8849b969c44ba9ca821c3ebc88f3f; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
oaidts=1701633034; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

platform.bidgear.com/async.php?domainid=5576&sizeid=2&zoneid=6165&k=1701633038669

172.67.74.36

1.9 kB

URL GET
platform.bidgear.com/async.php?domainid=5576&sizeid=2&zoneid=6165&k=1701633038669
IP
172.67.74.36:0
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (704), with no line terminators
Size
1.9 kB (1866 bytes)
Hash
e184b2b3584fc226020bd5169bc182ed
3759f2d9d7aba101e72177a0c7c949f52397bc89
aebf59ca1903c96f986a3181cf9757cdf379edcc4c661505a5775212bff3df93

HTTP Headers

GET /async.php?domainid=5576&sizeid=2&zoneid=6165&k=1701633038669 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:33 GMT
content-type: text/plain; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5IeE%2BZMg%2FZ6tXs5bej7xTdj5uTcR6bz61HEre3zZuUgb2a22RTpEQThCH%2FD8H9JbSPZsOYMCeHom%2B0y6ZOLjwQIPcjVHetYDVw%2BEHZMJFGu8VHrP1B8ZYn9spLtMkBLHYgW9sIt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56db2910b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2

px.vliplatform.com/bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKURzdNUTaZTYtP-PaAK-PZwZ-qaMw-aMrTyUMAZMwaRlmNKYMbaARdzNwqfftkRqxeNco_UPMPTTYTKURwkjNAR_yszuNyqsltRkjmNKYMbaARwlNkzwigxlt,qdb,thsqffofu,jxqfzxdrtbRleNpl

172.67.158.59

200 OK

0 B

URL GET HTTP/2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKURzdNUTaZTYtP-PaAK-PZwZ-qaMw-aMrTyUMAZMwaRlmNKYMbaARdzNwqfftkRqxeNco_UPMPTTYTKURwkjNAR_yszuNyqsltRkjmNKYMbaARwlNkzwigxlt,qdb,thsqffofu,jxqfzxdrtbRleNpl
IP
172.67.158.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint50:2F:B7:D3:29:C4:2B:D0:2F:FE:73:1F:99:86:7C:1F:F5:B7:F5:4B
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKURzdNUTaZTYtP-PaAK-PZwZ-qaMw-aMrTyUMAZMwaRlmNKYMbaARdzNwqfftkRqxeNco_UPMPTTYTKURwkjNAR_yszuNyqsltRkjmNKYMbaARwlNkzwigxlt,qdb,thsqffofu,jxqfzxdrtbRleNpl HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:43 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Sun, 03 Dec 2023 19:50:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZhcRa3NsPwF6zBT02vML%2BosMG784SXKxciv4YzBanxQq5nY1K5kbRdVaXC8iMqEFui6Ii3BH5GE6fJvNKMURm7IiTcAf%2BT7kHdvVkce%2FDdJAvqv7GiHdXLPmMnIDaHP4HaiHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe5716ebcd0b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

useast.quantumdex.io/auction/pbjs

104.22.37.96

204 No Content

0 B

URL POST HTTP/2
useast.quantumdex.io/auction/pbjs
IP
104.22.37.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFC:4A:6F:8A:77:50:A9:D3:98:D0:7F:D0:04:97:8F:8D:1C:D0:8D:3E
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /auction/pbjs HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
content-type: text/plain
Content-Length: 896
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 19:50:43 GMT
access-control-allow-origin: https://readberserk.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
set-cookie: uid=fdff8833-f66e-4f85-890c-863c814bac14; expires=Tue, 02 Jan 2024 19:50:43 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82fe5716ea0d2d77-ARN
X-Firefox-Spdy: h2

useast.quantumdex.io/auction/pbjs

104.22.37.96

204 No Content

0 B

URL POST HTTP/2
useast.quantumdex.io/auction/pbjs
IP
104.22.37.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFC:4A:6F:8A:77:50:A9:D3:98:D0:7F:D0:04:97:8F:8D:1C:D0:8D:3E
ValidityThu, 04 May 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /auction/pbjs HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
content-type: text/plain
Content-Length: 848
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 03 Dec 2023 19:50:43 GMT
access-control-allow-origin: https://readberserk.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
set-cookie: uid=e028544b-e01f-46fa-b1b4-3177c85eceb1; expires=Tue, 02 Jan 2024 19:50:43 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82fe57171a562d77-ARN
X-Firefox-Spdy: h2

prebid.a-mo.net/isyn?gdpr_consent=&gdpr=1&us_privacy=&gpp=&gpp_sid=

145.40.97.66

204 No Content

0 B

URL GET HTTP/2
prebid.a-mo.net/isyn?gdpr_consent=&gdpr=1&us_privacy=&gpp=&gpp_sid=
IP
145.40.97.66:443
ASN
#54825 PACKET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
Fingerprint5C:1B:DB:42:AD:A4:54:7C:87:D6:3F:1A:B6:29:AF:0C:7F:A6:14:FE
ValidityTue, 07 Nov 2023 13:48:39 GMT - Mon, 05 Feb 2024 13:48:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /isyn?gdpr_consent=&gdpr=1&us_privacy=&gpp=&gpp_sid= HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: max-age=0, private, must-revalidate
date: Sun, 03 Dec 2023 19:50:45 GMT
server: envoy
set-cookie: _Amc_b=0; path=/; expires=Sun, 03 Dec 2023 19:55:46 GMT; max-age=300; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 0
vary: Accept-Encoding
X-Firefox-Spdy: h2

mp.4dex.io/prebid

172.64.153.78

200 OK

144 B

URL POST HTTP/2
mp.4dex.io/prebid
IP
172.64.153.78:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint02:E1:92:C5:72:6D:E0:64:4A:46:05:69:81:98:7C:43:13:E7:15:7A
ValidityTue, 01 Aug 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
144 B (144 bytes)
Hash
dd23d7236e84bb431e539fb7acbe486e
c6cd602c2b80e656abf111df64482bd055be4ff8
19137f2bbd6e243ef76061dffa249d2d4841ea4a91a97661778b66787783e7c4

HTTP Headers

POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
content-type: text/plain
Content-Length: 2039
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:43 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://readberserk.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82fe5716db445685-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

px.vliplatform.com/bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKZRzdNrqaBtwBM-UKwT-Pqtt-wrBU-qBawqAeBrYYqRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_UPMPTTYTKZ_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPTAbYBTRwlNqdb,ekoztgRleNpl

172.67.158.59

200 OK

0 B

URL GET HTTP/2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKZRzdNrqaBtwBM-UKwT-Pqtt-wrBU-qBawqAeBrYYqRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_UPMPTTYTKZ_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPTAbYBTRwlNqdb,ekoztgRleNpl
IP
172.67.158.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint50:2F:B7:D3:29:C4:2B:D0:2F:FE:73:1F:99:86:7C:1F:F5:B7:F5:4B
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKZRzdNrqaBtwBM-UKwT-Pqtt-wrBU-qBawqAeBrYYqRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_UPMPTTYTKZ_gxzlzktqdRwkjNAR_yszuNyqsltRkjmNPTAbYBTRwlNqdb,ekoztgRleNpl HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:43 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Sun, 03 Dec 2023 19:50:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COlYg%2FnQbnqvSYv9Su%2BnDUKMInwxTh83A1ZrXf7kllGM6as3SdF7wwQnZkxq2TtVfFfZXjIKMFnxodzZRN0O8qnAHfjEMEEGaIu4JjmONWWiRsW65ZiFRbaf5xlrxY7Jg6fl9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe57169b8c0b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

assets.vlitag.com/prebid/default/prebid-8.21.0.js

104.22.58.199

200 OK

630 kB

URL GET HTTP/3
assets.vlitag.com/prebid/default/prebid-8.21.0.js
IP
104.22.58.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectvlitag.com
Fingerprint2F:60:54:B2:DE:0E:90:0F:7C:66:64:70:60:DF:16:BA:A7:55:FD:4C
ValiditySun, 26 Nov 2023 07:28:34 GMT - Sat, 24 Feb 2024 07:28:33 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
630 kB (629454 bytes)
Hash
f881b752a7507e7a91f98545372f6027
70b81b71265236388b8d4ba83d7138989792f40a
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90

HTTP Headers

GET /prebid/default/prebid-8.21.0.js HTTP/1.1
Host: assets.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/javascript
cache-control: max-age=16070400
cf-bgj: minify
cf-polished: origSize=630565
etag: W/"6544ae5e-99f25"
expires: Sat, 11 Nov 2023 09:19:28 GMT
last-modified: Fri, 03 Nov 2023 08:25:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 747622
server: cloudflare
cf-ray: 82fe56e18a805695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ardslediana.com/?rb=KQ2ShQfnvJLy6tNdW0SGQeW33x4BNA3ibNeFIMfX4PjCJlIglg9Db6TeTTTuwOx8fZQzkPN7W99AUeZsKDdaItzY59sbWsoVhnB8HBGXbcHdtjs8H-eQKU4Tb31EquC7BsNnbi6AerPGVb2BfEZx5Ul3QkCyY6PKcp5QJHg7TuHINGBvyjupWS3js-b4zNw1JaEL7Q%3D%3D&request_ab2=0&zoneid=6231372&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wih=150&wiw=300&wfc=4&pl=about%3Ablank&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=23411a08-cde1-458e-8af2-51f215acd8e2&userId=9862c82944bc4d958206bd391f43dc68&m=link

139.45.197.236

200 OK

2.4 kB

URL GET HTTP/2
ardslediana.com/?rb=KQ2ShQfnvJLy6tNdW0SGQeW33x4BNA3ibNeFIMfX4PjCJlIglg9Db6TeTTTuwOx8fZQzkPN7W99AUeZsKDdaItzY59sbWsoVhnB8HBGXbcHdtjs8H-eQKU4Tb31EquC7BsNnbi6AerPGVb2BfEZx5Ul3QkCyY6PKcp5QJHg7TuHINGBvyjupWS3js-b4zNw1JaEL7Q%3D%3D&request_ab2=0&zoneid=6231372&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wih=150&wiw=300&wfc=4&pl=about%3Ablank&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=23411a08-cde1-458e-8af2-51f215acd8e2&userId=9862c82944bc4d958206bd391f43dc68&m=link
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectardslediana.com
FingerprintC9:E5:3F:F8:AB:88:64:53:D9:1A:AC:D2:47:4F:60:76:83:68:40:65
ValiditySat, 25 Nov 2023 05:06:38 GMT - Fri, 23 Feb 2024 05:06:37 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2456), with no line terminators
Size
2.4 kB (2427 bytes)
Hash
911f6ebe0d3819953761faa6cad19675
25154786801e21dd956541a279ba77a80019d9cf
cdcfccd6cfeee7b1235e6a1ae35160e6eafb9574b7b76d4bf1c4ebcf070874c0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=KQ2ShQfnvJLy6tNdW0SGQeW33x4BNA3ibNeFIMfX4PjCJlIglg9Db6TeTTTuwOx8fZQzkPN7W99AUeZsKDdaItzY59sbWsoVhnB8HBGXbcHdtjs8H-eQKU4Tb31EquC7BsNnbi6AerPGVb2BfEZx5Ul3QkCyY6PKcp5QJHg7TuHINGBvyjupWS3js-b4zNw1JaEL7Q%3D%3D&request_ab2=0&zoneid=6231372&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wih=150&wiw=300&wfc=4&pl=about%3Ablank&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=23411a08-cde1-458e-8af2-51f215acd8e2&userId=9862c82944bc4d958206bd391f43dc68&m=link HTTP/1.1
Host: ardslediana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Cookie: OAID=9862c82944bc4d958206bd391f43dc68; oaidts=1701633034; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:35 GMT
content-type: application/json
x-trace-id: 1b59bf3d02da699b7ff119585c827574
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://readberserk.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9862c82944bc4d958206bd391f43dc68; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
oaidts=1701633034; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 10 Dec 2023 19:50:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

services.vlitag.com/adv1/?q=fc4781ea2ad8acfcb2fa60ac41f99bc1

104.22.58.199

200 OK

591 kB

URL GET HTTP/2
services.vlitag.com/adv1/?q=fc4781ea2ad8acfcb2fa60ac41f99bc1
IP
104.22.58.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectvlitag.com
Fingerprint2F:60:54:B2:DE:0E:90:0F:7C:66:64:70:60:DF:16:BA:A7:55:FD:4C
ValiditySun, 26 Nov 2023 07:28:34 GMT - Sat, 24 Feb 2024 07:28:33 GMT

File type

Size
591 kB (590915 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adv1/?q=fc4781ea2ad8acfcb2fa60ac41f99bc1 HTTP/1.1
Host: services.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:33 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-bgj: minify
cf-polished: origSize=590927
etag: W/"fc4781ea2ad8acfcb2fa60ac41f99bc1 2023-11-30T22:56:08 v1 default"
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: HIT
server: cloudflare
cf-ray: 82fe56d75c2b568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 07:29:35 GMT
expires: Fri, 29 Nov 2024 07:29:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 303658
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pixel.wp.com/g.gif?v=ext&blog=225852231&post=0&tz=0&srv=readberserk.com&j=1%3A12.8.1&host=readberserk.com&ref=&fcp=1016&rand=0.009543083848123635

192.0.76.3

200 OK

50 B

URL GET HTTP/2
pixel.wp.com/g.gif?v=ext&blog=225852231&post=0&tz=0&srv=readberserk.com&j=1%3A12.8.1&host=readberserk.com&ref=&fcp=1016&rand=0.009543083848123635
IP
192.0.76.3:443
ASN
#2635 AUTOMATTIC

Requested by
https://readberserk.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&blog=225852231&post=0&tz=0&srv=readberserk.com&j=1%3A12.8.1&host=readberserk.com&ref=&fcp=1016&rand=0.009543083848123635 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:33 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

readberserk.com/wp-content/themes/mangapill-v1.1.0/js/bundle.js?ver=1.0.0

104.21.235.132

200 OK

51 kB

URL GET HTTP/3
readberserk.com/wp-content/themes/mangapill-v1.1.0/js/bundle.js?ver=1.0.0
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type
ASCII text, with very long lines (50452)
Size
51 kB (50680 bytes)
Hash
1b403147d309ff5f81b4d1b85f01a866
26f9898342c864ca306395970837f72f6d612df6
6fc32e79d1a29039f4e977555fbb384d4a8ad998437a3baa3d8d788a01c73206

HTTP Headers

GET /wp-content/themes/mangapill-v1.1.0/js/bundle.js?ver=1.0.0 HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=50732
expires: Sun, 24 Dec 2023 08:08:43 GMT
last-modified: Wed, 15 Nov 2023 06:12:49 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 819709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZfGMKGMtFRxzr%2BSzGtu1GO%2F7yG81EwaFU7ipUYpEMF2r2%2FhMF4xIoVHULEr%2BrIDSiRB5DPaddK0sO%2FMAF7PrqWRiEE2XKhiQ50%2FtMvMTvVrLO5GJVFZLwrIQEB%2BWx9v89o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d69d0c56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ardslediana.com/?rb=xwmhtBf044eXmCgWUjbm7EKCP9kryUoWsgXdKosnr0LFVl2ySgeP41S_0edfJmAyD-Io036kLxx7IxvJ7n1pzJKKy2l4H22T1GphWBqoMtnZMRnTZG5fFW1u6ZIn_S7i0xTYq_89J3d-212F2cipJ2-KhIDuND3ZC8f4T15Q9hzxhANgO_GHF4zA6yp_561ioTRA5I_v1_I%3D&request_ab2=0&zoneid=5984847&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wih=150&wiw=300&wfc=2&pl=about%3Ablank&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=51f615b7-d01a-4a76-8a5b-024510c2a680&userId=9862c82944bc4d958206bd391f43dc68&m=link

139.45.197.236

200 OK

2.4 kB

URL GET HTTP/2
ardslediana.com/?rb=xwmhtBf044eXmCgWUjbm7EKCP9kryUoWsgXdKosnr0LFVl2ySgeP41S_0edfJmAyD-Io036kLxx7IxvJ7n1pzJKKy2l4H22T1GphWBqoMtnZMRnTZG5fFW1u6ZIn_S7i0xTYq_89J3d-212F2cipJ2-KhIDuND3ZC8f4T15Q9hzxhANgO_GHF4zA6yp_561ioTRA5I_v1_I%3D&request_ab2=0&zoneid=5984847&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wih=150&wiw=300&wfc=2&pl=about%3Ablank&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=51f615b7-d01a-4a76-8a5b-024510c2a680&userId=9862c82944bc4d958206bd391f43dc68&m=link
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectardslediana.com
FingerprintC9:E5:3F:F8:AB:88:64:53:D9:1A:AC:D2:47:4F:60:76:83:68:40:65
ValiditySat, 25 Nov 2023 05:06:38 GMT - Fri, 23 Feb 2024 05:06:37 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2460), with no line terminators
Size
2.4 kB (2431 bytes)
Hash
5a62a0c25d66f86329520a4f660ef895
4acde46b74a394469a4562885368976ba53ce04a
f11d5536c292078755851a0d61f497eafeb02b28f5b3140388c61072003588c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=xwmhtBf044eXmCgWUjbm7EKCP9kryUoWsgXdKosnr0LFVl2ySgeP41S_0edfJmAyD-Io036kLxx7IxvJ7n1pzJKKy2l4H22T1GphWBqoMtnZMRnTZG5fFW1u6ZIn_S7i0xTYq_89J3d-212F2cipJ2-KhIDuND3ZC8f4T15Q9hzxhANgO_GHF4zA6yp_561ioTRA5I_v1_I%3D&request_ab2=0&zoneid=5984847&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=300&wih=150&wiw=300&wfc=2&pl=about%3Ablank&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=51f615b7-d01a-4a76-8a5b-024510c2a680&userId=9862c82944bc4d958206bd391f43dc68&m=link HTTP/1.1
Host: ardslediana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Cookie: OAID=9862c82944bc4d958206bd391f43dc68; oaidts=1701633034
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/json
x-trace-id: d7ea61664e40435880e72f83f5269bdc
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://readberserk.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9862c82944bc4d958206bd391f43dc68; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
oaidts=1701633034; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 10 Dec 2023 19:50:34 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

id.a-mx.com/sync/?tagId=&ref=null&u=https://readberserk.com/&tl=https://readberserk.com/&nf=0&rt=true&v=8.21.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=1&gdpr_consent=undefined

131.153.158.209

200 OK

66 B

URL GET HTTP/1.1
id.a-mx.com/sync/?tagId=&ref=null&u=https://readberserk.com/&tl=https://readberserk.com/&nf=0&rt=true&v=8.21.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=1&gdpr_consent=undefined
IP
131.153.158.209:443
ASN
#60558 Phoenix Nap, LLC.

Requested by
https://readberserk.com/
Certificate
IssuerSectigo Limited
Subjectid.a-mx.com
FingerprintE1:1E:89:FE:28:E7:84:69:37:FD:D0:2F:18:B1:BB:F3:45:1E:1C:E9
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
66 B (66 bytes)
Hash
05695b51e49d5b4d7e4840a48e873381
120208cefdeb53692053a5779cc09cfe06102419
27b648aa48320f21726536b984e50f07f0fe37e4c31af9040645897af0f9828c

HTTP Headers

GET /sync/?tagId=&ref=null&u=https://readberserk.com/&tl=https://readberserk.com/&nf=0&rt=true&v=8.21.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=1&gdpr_consent=undefined HTTP/1.1
Host: id.a-mx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
content-type: text/plain
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Sun, 3 Dec 2023 19:50:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://readberserk.com
content-type: application/json
content-length: 66

ardslediana.com/5/5984847

139.45.197.236

200 OK

72 kB

URL GET HTTP/2
ardslediana.com/5/5984847
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectardslediana.com
FingerprintC9:E5:3F:F8:AB:88:64:53:D9:1A:AC:D2:47:4F:60:76:83:68:40:65
ValiditySat, 25 Nov 2023 05:06:38 GMT - Fri, 23 Feb 2024 05:06:37 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (71591 bytes)
Hash
cc0b63bc2130130780fe120ef7d593b7
32f789034c596a0abae118b59112f6cd49064881
b7af90c6e583ffa74d868f1ee501977afe8a30cbf2236268a3584b25b7b2189b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/5984847 HTTP/1.1
Host: ardslediana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/javascript
x-trace-id: d75e92342d52d99c50ecf402162514ba
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=9862c82944bc4d958206bd391f43dc68; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
oaidts=1701633034; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

readberserk.com/wp-content/themes/mangapill-v1.1.0/style.css?ver=1.0.0

104.21.235.132

200 OK

123 kB

URL GET HTTP/3
readberserk.com/wp-content/themes/mangapill-v1.1.0/style.css?ver=1.0.0
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type
ASCII text, with very long lines (65345)
Size
123 kB (122924 bytes)
Hash
1d193ecbfc727a40714ecb10d9232833
21ed8b7bd535d965886cc0ec10017d13a5d81117
55f1a3cb92947f17a61968148d70db4f51da7d05b7aa9a57b809bf3f393e9937

HTTP Headers

GET /wp-content/themes/mangapill-v1.1.0/style.css?ver=1.0.0 HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/css
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=123961
expires: Wed, 27 Dec 2023 08:32:07 GMT
last-modified: Wed, 15 Nov 2023 06:12:49 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 559105
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhAxMweTPwc3v67u9rRj%2BRJWX%2BDQNB3HtldYbKp7hobM2mx5p9QZ01QT3AKTJTN%2FyzpidHYdXtbEe6WCOxerg0eMQwcTe1ogzr%2BzekGNEx0tV89URZbQ3lYjz%2FojpG4d5%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d68cfa56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

readberserk.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188

104.21.235.132

200 OK

701 B

URL GET HTTP/3
readberserk.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type
ASCII text, with very long lines (727), with no line terminators
Size
701 B (701 bytes)
Hash
e8b1dbb3b1a9bc1b59010bd6f7035465
c9d0ec84d9184c72ea6335c67193d25a90e003af
18c991e1cdc15a5c427215cf20569d60a7aa9bc32f1f7a2382640782a6e5bfe7

HTTP Headers

GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188 HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/javascript
cache-control: max-age=2592000
cf-bgj: minify
expires: Wed, 27 Dec 2023 06:42:00 GMT
last-modified: Wed, 15 Nov 2023 06:12:50 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 565712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fq2WggF0Gvf0%2FNTQKjrV8ldSV7ClcAaQCBxXkpMisBlYbs4iF9dEbTuPRq2e2S%2FXJGOAm6kwrJepvPscIwcVtXMntdz6TLkyM9e40B%2F6FQ%2FnmgbmydbFKiJ8iEF44erC2uc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d6ad1e56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

104.22.58.199

200 OK

39 kB

URL GET HTTP/3
assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
IP
104.22.58.199:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectvlitag.com
Fingerprint2F:60:54:B2:DE:0E:90:0F:7C:66:64:70:60:DF:16:BA:A7:55:FD:4C
ValiditySun, 26 Nov 2023 07:28:34 GMT - Sat, 24 Feb 2024 07:28:33 GMT

File type
ASCII text, with very long lines (38918), with no line terminators
Size
39 kB (38918 bytes)
Hash
70e454e451af63d76af1fc5b9b2ce1e4
99d6761df09b3efbbb7d233d031260f406397fd2
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

HTTP Headers

GET /plugins/safeframe/src/js/sf_host.min.js HTTP/1.1
Host: assets.vlitag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/javascript
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
vary: Accept-Encoding
etag: W/"5dbbbcf2-9806"
expires: Thu, 09 Nov 2023 16:40:48 GMT
cache-control: max-age=16070400
cf-cache-status: HIT
age: 911098
server: cloudflare
cf-ray: 82fe56e18a845695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glaultoa.com/?rb=l5aStoPm6Yu05DvvoilCyuFaBbI7eA9HqPDJuiz3Dw6IFKyWR2Qixj2lrl4Fg22cxytVbyKzU3zWmP2j5euf5tlh795aIYEFq5ndtN1iqcn-vfS1mjeNVqJhr-h7MZyY24SBHA0JTFDMSxTRVgwpYLQUxlUS2-Yc6J_PxP7xyofMZhNrVDWSBC_5VFapVmvQJ-nmGYXnMeIg-DAs&request_ab2=0&zoneid=6231395&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Freadberserk.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=9477d623-46ab-49a7-bbf0-7adee6b4dff6&userId=9862c82944bc4d958206bd391f43dc68&m=link

139.45.197.245

200 OK

2.4 kB

URL GET HTTP/2
glaultoa.com/?rb=l5aStoPm6Yu05DvvoilCyuFaBbI7eA9HqPDJuiz3Dw6IFKyWR2Qixj2lrl4Fg22cxytVbyKzU3zWmP2j5euf5tlh795aIYEFq5ndtN1iqcn-vfS1mjeNVqJhr-h7MZyY24SBHA0JTFDMSxTRVgwpYLQUxlUS2-Yc6J_PxP7xyofMZhNrVDWSBC_5VFapVmvQJ-nmGYXnMeIg-DAs&request_ab2=0&zoneid=6231395&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Freadberserk.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=9477d623-46ab-49a7-bbf0-7adee6b4dff6&userId=9862c82944bc4d958206bd391f43dc68&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectglaultoa.com
Fingerprint76:62:43:3F:4B:5F:3A:A9:C6:00:2D:6B:18:2F:1C:90:5D:34:A8:A0
ValiditySat, 02 Dec 2023 14:50:24 GMT - Fri, 01 Mar 2024 14:50:23 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2429), with no line terminators
Size
2.4 kB (2400 bytes)
Hash
b7952c60c9dbd7023cd51f7da5fd30d4
43aa243b4b2d66c118b96beb1ecef0ce52b2f047
05a391a00a12e985c1b8783aee9a12b6202aee9b446a9f059fc4c5f5f82486b7

HTTP Headers

GET /?rb=l5aStoPm6Yu05DvvoilCyuFaBbI7eA9HqPDJuiz3Dw6IFKyWR2Qixj2lrl4Fg22cxytVbyKzU3zWmP2j5euf5tlh795aIYEFq5ndtN1iqcn-vfS1mjeNVqJhr-h7MZyY24SBHA0JTFDMSxTRVgwpYLQUxlUS2-Yc6J_PxP7xyofMZhNrVDWSBC_5VFapVmvQJ-nmGYXnMeIg-DAs&request_ab2=0&zoneid=6231395&js_build=iclick-v1.635.5-auto&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=4&pl=https%3A%2F%2Freadberserk.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.635.5-auto&bs=9477d623-46ab-49a7-bbf0-7adee6b4dff6&userId=9862c82944bc4d958206bd391f43dc68&m=link HTTP/1.1
Host: glaultoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Cookie: OAID=ace8849b969c44ba9ca821c3ebc88f3f; oaidts=1701633034
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:35 GMT
content-type: application/json
x-trace-id: afa717afa215b8218f24006b9cc576f4
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://readberserk.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9862c82944bc4d958206bd391f43dc68; expires=Mon, 02 Dec 2024 19:50:35 GMT; path=/; secure; SameSite=None
oaidts=1701633035; expires=Mon, 02 Dec 2024 19:50:35 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 10 Dec 2023 19:50:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

readberserk.com/

104.21.235.132

200 OK

117 kB

URL User Request GET HTTP/2
readberserk.com/
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type

Size
117 kB (117205 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=3, must-revalidate
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNi3uj5rFWquwEoiMH3TmV2sODe%2BJ%2BkixvECHkarL3hGGuXv2JT6SN5oggeGFfga%2Bcdf%2Bo%2FsN9RYlRXHANO9Rg1vqdI2UQi%2FDVOWnkskJqFDk8kN5WI58NoqeE%2BaqaXEBXE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d44b92b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

192.0.77.37

200 OK

11 kB

URL GET HTTP/2
c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://readberserk.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11256), with no line terminators
Size
11 kB (11256 bytes)
Hash
2b0dd7eecea03b4bdedb94ba622fdb03
703becba85161118dd6fc66af465428ef43f561c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

HTTP Headers

GET /c/6.4.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Mon, 02 Dec 2024 19:50:32 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

readberserk.com/favicon.ico

104.21.235.132

200 OK

1.6 kB

URL GET HTTP/3
readberserk.com/favicon.ico
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Optimized by JPEGmini 3.14.14.72670860 0x89504e13", baseline, precision 8, 50x50, components 3\012- data
Size
1.6 kB (1569 bytes)
Hash
7dadf0934610e95f5b4c26de443ca913
6fea28ac80101a4fa57a9e8b9514dd38198f0afa
e38fd12adde8d5c00186a9e3b105548a1dc5994b3fb60bc0415e7a0ecbe5c97d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:33 GMT
content-type: image/x-icon
vary: Accept-Encoding
last-modified: Wed, 15 Nov 2023 06:12:51 GMT
expires: Mon, 22 Jan 2024 06:05:05 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 913528
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FMp9TfsbZINOsK1FuXtS2MS%2FB9StQVf4%2Ft5Jp4v%2BA34ZxScZIFisSxy6XpzTU2nKydNi23fIxSrWagOlIwM8K4rlCmBRl9TB%2Br%2BZsQIIs1qCW5noU6Ye1WDOmJO0GK1BLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56dcc83256a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

readberserk.com/wp-content/plugins/wp-dark-mode/assets/js/dark-mode.min.js?ver=4.2.6

104.21.235.132

200 OK

61 kB

URL GET HTTP/3
readberserk.com/wp-content/plugins/wp-dark-mode/assets/js/dark-mode.min.js?ver=4.2.6
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type
ASCII text, with very long lines (31976)
Size
61 kB (61024 bytes)
Hash
e35012a903a999d437749f5de8539b2c
5e543d99ebdb1f8ee0c5cba4f599dbdc93026aa4
d230fa6c14bf1f2df177f38c46f0d091f90ea57753e36e035616a381bd43a2db

HTTP Headers

GET /wp-content/plugins/wp-dark-mode/assets/js/dark-mode.min.js?ver=4.2.6 HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 15 Nov 2023 06:12:50 GMT
expires: Fri, 22 Dec 2023 06:15:25 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 999307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BW2r9xVU4WQgGkLHSeQTiLz4JL87apGl%2Fb7u5XaAsgSpF5y8hENazkrF7Jz%2BpOQdE6J9V0zp2bwipEVfpnyUjF6VfUibdPyTxBxBYVSGFu0kilh%2ByJ2MwINxov8lq6RZMW4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d68cfb56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.pubfuture-ad.com/v2/unit/pt.js

172.67.70.21

200 OK

43 kB

URL GET HTTP/2
cdn.pubfuture-ad.com/v2/unit/pt.js
IP
172.67.70.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (42725), with no line terminators
Size
43 kB (42725 bytes)
Hash
05e0ba496abadc5be6077260f8e0f601
8f08f1bc10cd841b997c56deb8c79e4c466c8fc9
3c8d36be9468ac339b37465c78dadeecbec15dc2eda5586d2d2508c499f3294f

HTTP Headers

GET /v2/unit/pt.js HTTP/1.1
Host: cdn.pubfuture-ad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7200
cf-bgj: minify
cf-polished: origSize=42727
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
etag: W/"a6e7-x2SIYkS+fMjctiJZXviPDbwps64"
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
cf-cache-status: HIT
age: 302374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLfKC1bSw2jz2X5aE9rk6%2B1gORGp5NbN6g0dF%2Flzh%2BOs%2FZq3%2FCp8HuapzBp7NqbrrryEfb9CbGJ4HTWF%2FGZY5h2Qo9asNnux4NR8TxBT6wVoEFi%2BOqvVvmyrKjt3hR%2Bc8GQaV2D3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d74a3bb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2

readberserk.com/wp-content/themes/mangapill-v1.1.0/js/skip-link-focus-fix.js?ver=20151215

104.21.235.132

200 OK

426 B

URL GET HTTP/3
readberserk.com/wp-content/themes/mangapill-v1.1.0/js/skip-link-focus-fix.js?ver=20151215
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type
ASCII text, with very long lines (428), with no line terminators
Size
426 B (426 bytes)
Hash
e01bac902517921ed76abe5a3ec230df
c824331eb416223813e6abfe753568dd321b2ced
b821227c719f6f8c59596e23e16e8c6abb38132ce9708cb9ee48635594d85ca8

HTTP Headers

GET /wp-content/themes/mangapill-v1.1.0/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=685
expires: Fri, 22 Dec 2023 06:15:25 GMT
last-modified: Wed, 15 Nov 2023 06:12:49 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 999307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0qxh7kcO3rKkqY8hiG3ycwVhCbkebkmekHpMDckDxB38fVMyG6b%2Bl8a2IhPHgTnvs5ZfEeD6niRTsUYLbgFzgAHBiSY9IRTz8z99mK3F4ma0Xw7syY5phU3gPKP%2FzZ9O9g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d6bd4156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.pubfuture-ad.com/v3/config/adUnit/64cf6b51bd76fa003e37c6c1?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&cc=Tk8=&s=cmVhZGJlcnNlcmsuY29tLw==

104.26.0.97

200 OK

24 B

URL GET HTTP/2
cdn.pubfuture-ad.com/v3/config/adUnit/64cf6b51bd76fa003e37c6c1?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&cc=Tk8=&s=cmVhZGJlcnNlcmsuY29tLw==
IP
104.26.0.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:70:A9:B9:AC:49:1E:53:23:43:41:25:CD:10:7C:01:2E:87:01:01
ValidityTue, 07 Feb 2023 00:00:00 GMT - Tue, 06 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
24 B (24 bytes)
Hash
8dba590f3e9cef11fc67e45de8ca0997
d36b684fd145ff9fbfa80473c1a089718ffd6b6f
751baced4c24d0c677a1bc0d17b2dfba5bbf26825459172a2ac0c91b40e9d270

HTTP Headers

GET /v3/config/adUnit/64cf6b51bd76fa003e37c6c1?v=6&d=b3RoZXJz&ip=OTEuOTAuNDIuMTU0&cc=Tk8=&s=cmVhZGJlcnNlcmsuY29tLw== HTTP/1.1
Host: cdn.pubfuture-ad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqwGnnm3yr2up1t0QeAXgBGrP31pgiuuaZqjcsTRhgawuKPkOeAd9BKf1zLJhJKzgduVauEnk57X1wd9NZIxrCD3MDbnMdR6dfOboAsk63ABaQ1BqPjQBn2JmZB6D5zSAcj1sMVq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56e0099156c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

ad.a-ads.com/2272808?size=300x250

213.239.205.245

200 OK

12 kB

URL GET HTTP/2
ad.a-ads.com/2272808?size=300x250
IP
213.239.205.245:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://readberserk.com/
Certificate
IssuerSectigo Limited
Subject*.a-ads.com
Fingerprint34:68:C2:05:E5:2A:4E:C3:F9:FC:94:69:D3:A6:BE:F2:21:A2:DE:AE
ValidityWed, 21 Dec 2022 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11011)
Size
12 kB (12234 bytes)
Hash
e19f5abf31d070aacdc6faeba1ecb766
655b91b58be035c471ffe26a0e083d0bcecc8522
54d6613b320dc6848e467d4f6fb9abf554b9d0b81fc212c8b1572ea92d96b4e3

HTTP Headers

GET /2272808?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://readberserk.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2

readberserk.com/wp-content/plugins/wp-dark-mode/assets/css/frontend.min.css?ver=4.2.6

104.21.235.132

200 OK

30 kB

URL GET HTTP/3
readberserk.com/wp-content/plugins/wp-dark-mode/assets/css/frontend.min.css?ver=4.2.6
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type
ASCII text, with very long lines (29468)
Size
30 kB (29469 bytes)
Hash
34a754a30d0bce2f99794dd0d892e69c
3a88f7e922509694b9850c164b5e99a5b0ee6c03
316a308f7f072efd9044e2bad379035a4e5f1d27ff9fece18bf829162aea0e50

HTTP Headers

GET /wp-content/plugins/wp-dark-mode/assets/css/frontend.min.css?ver=4.2.6 HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 15 Nov 2023 06:12:50 GMT
expires: Sun, 24 Dec 2023 08:08:43 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 819709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15cOfJU90pHz4C00tnHs9qthgeCGDIxDFWLBMHvsa1WEiDdJPyahOuxpENI0%2F%2FsyNiF6nvcVLCj3Lic3uhU1m5QusLzkf8gUwQbL5W%2BVhDHa%2FQC7jzmdedF3I8LxUVQVaGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d68cec56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ardslediana.com/5/6231372

139.45.197.236

200 OK

72 kB

URL GET HTTP/2
ardslediana.com/5/6231372
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectardslediana.com
FingerprintC9:E5:3F:F8:AB:88:64:53:D9:1A:AC:D2:47:4F:60:76:83:68:40:65
ValiditySat, 25 Nov 2023 05:06:38 GMT - Fri, 23 Feb 2024 05:06:37 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (71591 bytes)
Hash
2be693ede5cdc41344eb7d55eeabc5e3
70230960616dd877ca002e2d0dc4de21d8d82335
d71a2b01bfa070464ecb81c6b5521a6efc525151e2dd8c97fe96769911a6c207

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6231372 HTTP/1.1
Host: ardslediana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=9862c82944bc4d958206bd391f43dc68; oaidts=1701633034
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/javascript
x-trace-id: 145ce014d2f82f7cad0a4d3f44d62c26
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=9862c82944bc4d958206bd391f43dc68; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
oaidts=1701633034; expires=Mon, 02 Dec 2024 19:50:34 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

platform.bidgear.com/ads.php?domainid=5576&sizeid=29&zoneid=6182

172.67.74.36

200 OK

719 B

URL GET HTTP/2
platform.bidgear.com/ads.php?domainid=5576&sizeid=29&zoneid=6182
IP
172.67.74.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (756), with no line terminators
Size
719 B (719 bytes)
Hash
66d3884917d2830236c5308cdf890daa
392fb8319526e61d12ccc94fcf126ee3d52f5226
96da2e262e7d9b756cd2d60b38a5a6cef8c357bd8ade101ff096733d132e53a2

HTTP Headers

GET /ads.php?domainid=5576&sizeid=29&zoneid=6182 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Fli7Gpud5%2BxVN65EcCUa2UB7Yj7WsHOLJ17jcZv3R23d%2BPieS7FbVZfUBtD1srx%2BAPt2ZQ3bAnHGhszQ3qD4Rh9m2fRkk1Lncle9B5HxFHrRZj%2BjYu3k8dc%2FXREe7GXwECbYoHX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d74c43b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2

vooodkabelochkaa.com/btag_poc.min.js

172.67.173.172

200 OK

5.4 kB

URL GET HTTP/2
vooodkabelochkaa.com/btag_poc.min.js
IP
172.67.173.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectvooodkabelochkaa.com
Fingerprint8D:42:98:1F:BD:C2:F2:48:94:CB:5C:0E:AE:86:2F:12:58:12:3D:32
ValidityFri, 06 Oct 2023 04:11:47 GMT - Thu, 04 Jan 2024 04:11:46 GMT

File type
ASCII text, with very long lines (5530), with no line terminators
Size
5.4 kB (5370 bytes)
Hash
f430e348d5b0d1acbb48bddd4dbd98f5
25fe0c8c9ee1fe609c71ad176c5ba068b996d108
08ed3bf110b788f2e83931f36d25b626140e0a69ae33b466c588ffa1c93c5d7a

HTTP Headers

GET /btag_poc.min.js HTTP/1.1
Host: vooodkabelochkaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:33 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 15:58:06 GMT
etag: W/"65660e0e-14fa"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
cf-cache-status: HIT
age: 5995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFFrBXZynwnNaOryznQ2WTwO3nrp3CcOVWF%2BuOOSwdbRqkyCt84Z26%2F9WOGO3uZzA05jagvTNzdKLWbwZN8pRhVKABQgkQyegg%2BxSSda9rFvhyQNInQbMeRNURAsME99%2FgUK8P2zxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe56dbcc7cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

platform.bidgear.com/html?domainid=5576&sizeid=2&zoneid=6165&wu=https%3A%2F%2Freadberserk.com%2F

172.67.74.36

200 OK

3.6 kB

URL GET HTTP/2
platform.bidgear.com/html?domainid=5576&sizeid=2&zoneid=6165&wu=https%3A%2F%2Freadberserk.com%2F
IP
172.67.74.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3685), with no line terminators
Size
3.6 kB (3603 bytes)
Hash
fa7856935fc59722d8afe867da13d85b
e4d38ba39b23c70aca75149bf762c714f1e75f7d
f5211668cae8590787c969ba8a9ef7cefbbc7d6eb31fa2aa64d681783dc1526e

HTTP Headers

GET /html?domainid=5576&sizeid=2&zoneid=6165&wu=https%3A%2F%2Freadberserk.com%2F HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLokx3hcPildeq4%2FumWs6PFkcmgHTbZ61GzUSVhHPbB5EQr143wXz2pmOLUF9dKvHqLvZsXD4aFCXQM7sWOCzMHmvXRvuVC2ELwITjLJjtF7fJoUJ9UQlcpJ%2FV1s1gw3LxL9Kn%2B6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56de8d23b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2

c0.wp.com/c/6.4.1/wp-includes/css/dist/block-library/style.min.css

192.0.77.37

200 OK

110 kB

URL GET HTTP/2
c0.wp.com/c/6.4.1/wp-includes/css/dist/block-library/style.min.css
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://readberserk.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type

Size
110 kB (110035 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/6.4.1/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
content-encoding: br
expires: Mon, 02 Dec 2024 19:50:32 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

readberserk.com/wp-content/plugins/wp-dark-mode/assets/js/frontend.min.js?ver=4.2.6

104.21.235.132

200 OK

5.0 kB

URL GET HTTP/3
readberserk.com/wp-content/plugins/wp-dark-mode/assets/js/frontend.min.js?ver=4.2.6
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type
ASCII text, with very long lines (5143), with no line terminators
Size
5.0 kB (4989 bytes)
Hash
046eb074b6096acfeb61549ce163208b
3a7b7d879184c45793654ec587429a36b449a8d8
93a8142ad6376ebe482645d3a895f458ab2a9ee2dd0277f6c243f5496e9d6147

HTTP Headers

GET /wp-content/plugins/wp-dark-mode/assets/js/frontend.min.js?ver=4.2.6 HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 15 Nov 2023 06:12:50 GMT
expires: Thu, 28 Dec 2023 07:21:17 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 476955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZeXu8DDlEANSppbb%2Ba5B0%2FgW2c1bJ72%2FAV1R2JsCGYjEQSf2UVNWUHt5mo9UR9b58oTX3RrZrHRNSUe1DNtFlAZ0XB7cLPzmVLV24mvdg5LYJUpvKGjF1U2Ft4ai1Oh3as%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d69d0856a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bedodrioer.com/btag.min.js

188.114.96.1

200 OK

5.4 kB

URL GET HTTP/2
bedodrioer.com/btag.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbedodrioer.com
Fingerprint4B:B1:7F:9C:06:37:30:BF:0A:A2:20:7A:FF:1C:9A:19:23:72:E7:5A
ValiditySat, 02 Dec 2023 09:13:53 GMT - Fri, 01 Mar 2024 09:13:52 GMT

File type
ASCII text, with very long lines (5530), with no line terminators
Size
5.4 kB (5370 bytes)
Hash
f430e348d5b0d1acbb48bddd4dbd98f5
25fe0c8c9ee1fe609c71ad176c5ba068b996d108
08ed3bf110b788f2e83931f36d25b626140e0a69ae33b466c588ffa1c93c5d7a

HTTP Headers

GET /btag.min.js HTTP/1.1
Host: bedodrioer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 15:58:06 GMT
etag: W/"65660e0e-14fa"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
cf-cache-status: HIT
age: 5965
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jAxh4zk0Sg7lIhq1r2eXMUkRaaS2XTAjkXXuCy94PYdw87s1U7PLesAjCV8hhql%2BT2OkHRc%2FJEGqmRo%2FeHqZbOqt1Lr5BzbJOqcyRJfmt7Rm%2BOwHCG8ZOTroDxearBf1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe56e2dda456ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

platform.bidgear.com/ads.php?domainid=5576&sizeid=16&zoneid=6481

172.67.74.36

200 OK

752 B

URL GET HTTP/2
platform.bidgear.com/ads.php?domainid=5576&sizeid=16&zoneid=6481
IP
172.67.74.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (796), with no line terminators
Size
752 B (752 bytes)
Hash
d9309502affddd79205d07a15ee619b2
cbe87dbc12e5a9abfcb5bcd14ff393aa86ab62f5
46f5cb3f1b7025469af4ca5565ca694c52bd3329f5f61b5b8f42bc0dd2344d3e

HTTP Headers

GET /ads.php?domainid=5576&sizeid=16&zoneid=6481 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f41LkKKL8VMH4%2FZXRoD0Yvg5Vf7DlaVLnMxHNzqnj9H2o9WTvcXImLPu0Z5d9ElLuEhrrnPWlQqu4zCerrg8JjD3tidEbS5c%2Fhms%2FDwFKgZN%2FQ%2FuFRjmgthXyADfi8Rbzwaawkps"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d74c40b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2

readberserk.com/

104.21.235.132

200 OK

117 kB

URL GET HTTP/3
readberserk.com/
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type

Size
117 kB (117205 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=3, must-revalidate
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OH05VsoNP6xkhejw00SXOmP%2FzMqycyb9cTKIZHbjL7%2BJmlQUJovD7kOQSGm%2Fm%2FxRDMqMhfA7PkMeeHBj6LGi2PcVcuhqRZYYSl1yaUs1LPnpW8xNVOyXOAlIEn6fLcK%2BhQM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56dfcdf056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

px.vliplatform.com/bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKZRzdNPYwqKBYq-Uttt-PZBU-aayU-YetPqyKetAqtRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_UPMPTTYTKZ_oflzktqdRwkjNAR_yszuNyqsltRkjmNUPAbPMARwlNqdb,ekoztgRleNpl

172.67.158.59

200 OK

0 B

URL GET HTTP/2
px.vliplatform.com/bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKZRzdNPYwqKBYq-Uttt-PZBU-aayU-YetPqyKetAqtRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_UPMPTTYTKZ_oflzktqdRwkjNAR_yszuNyqsltRkjmNUPAbPMARwlNqdb,ekoztgRleNpl
IP
172.67.158.59:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint50:2F:B7:D3:29:C4:2B:D0:2F:FE:73:1F:99:86:7C:1F:F5:B7:F5:4B
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bi-v4/cc.jpeg?e=rNUPMPRrtNrtl0zghRzodtgxzNTAAAR_qkyNUAAAAR_ksdNqss_qrlR_hgeNgfR_cysNgfR_udgrNofcotvR_qszNsgqr_qss_qrlR_hwkNoykqdtR_wktjNhglzworR_cktjNhglzworR_qdmNgyyRmNTTYTKZRzdNPYwqKBYq-Uttt-PZBU-aayU-YetPqyKetAqtRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_UPMPTTYTKZ_oflzktqdRwkjNAR_yszuNyqsltRkjmNUPAbPMARwlNqdb,ekoztgRleNpl HTTP/1.1
Host: px.vliplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:43 GMT
content-type: image/jpeg
content-length: 0
cache-control: public, max-age=864000, immutable
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-cache-status: MISS
last-modified: Sun, 03 Dec 2023 19:50:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=On9fBhmiHvQbNnBBObWs1TPyFWedYiYOmEWj3KjMRnRGASA1%2F0OId5oCAldtQmjKRn7CHMgaK5PhXygFAqaCH3BgSTD2emUDTyHqdA2dafAmQD7g0tZm7WBTHVCJ0Hpkk4D2qA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe57169b820b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

c0.wp.com/p/jetpack/12.8.1/css/jetpack.css

192.0.77.37

200 OK

101 kB

URL GET HTTP/2
c0.wp.com/p/jetpack/12.8.1/css/jetpack.css
IP
192.0.77.37:443
ASN
#2635 AUTOMATTIC

Requested by
https://readberserk.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type

Size
101 kB (100696 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/jetpack/12.8.1/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 13 Nov 2023 18:14:20 GMT
content-encoding: br
expires: Mon, 02 Dec 2024 19:50:32 GMT
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

readberserk.com/wp-content/themes/mangapill-v1.1.0/js/navigation.js?ver=20151215

104.21.235.132

200 OK

1.9 kB

URL GET HTTP/3
readberserk.com/wp-content/themes/mangapill-v1.1.0/js/navigation.js?ver=20151215
IP
104.21.235.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectreadberserk.com
Fingerprint3F:03:41:7F:74:45:DC:16:59:9B:98:29:6E:69:38:09:89:F8:4C:88
ValidityWed, 18 Oct 2023 12:01:30 GMT - Tue, 16 Jan 2024 12:01:29 GMT

File type
ASCII text, with very long lines (1908), with no line terminators
Size
1.9 kB (1899 bytes)
Hash
34dbadeda56c5eaa71c8afdc4413604b
d0740b4de6247cc7912e6043d2ff7c5f9fc1b1ff
21a413ec1b17d2c0a0c068dd7cf44e8cbb395d0f840e3fe593775fbda2022cb8

HTTP Headers

GET /wp-content/themes/mangapill-v1.1.0/js/navigation.js?ver=20151215 HTTP/1.1
Host: readberserk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: text/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=2967
expires: Sat, 23 Dec 2023 02:04:10 GMT
last-modified: Wed, 15 Nov 2023 06:12:49 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 927982
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDPaZWMs%2Fukw03LWbMHi2VjHuYVWqfDZ%2FY4THV7hgTDaZg9Nf84IpTVtwMjPqqi6OOzHOMi6zerk4zx2073nOBmpp0%2FY9tHZD7aF510Ta0VyXOXZsjQi0ZSgv%2FaKBqGvKNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56d6bd3e56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

stats.wp.com/e-202348.js

192.0.76.3

200 OK

6.9 kB

URL GET HTTP/2
stats.wp.com/e-202348.js
IP
192.0.76.3:443
ASN
#2635 AUTOMATTIC

Requested by
https://readberserk.com/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7100), with no line terminators
Size
6.9 kB (6931 bytes)
Hash
530c085c7457919e6f6a76c67b3419ad
4c4929f20e73b6f41fe3474669bfea17b36fe49d
5db8b724469197930b66337c5a9ff7301c4ad5a52e7fc3134b4a568f45199aed

HTTP Headers

GET /e-202348.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://readberserk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 03 Dec 2023 19:50:32 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/13576-1684464982353.1523
content-encoding: br
expires: Mon, 25 Nov 2024 16:24:36 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

cdnpf.com/64e342d03e486e003ef2f8d5.json

104.21.36.54

200 OK

472 B

URL GET HTTP/2
cdnpf.com/64e342d03e486e003ef2f8d5.json
IP
104.21.36.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://readberserk.com/
Certificate
IssuerLet's Encrypt
Subjectcdnpf.com
Fingerprint96:E4:3F:BD:3A:AD:FE:0D:E4:A1:BD:1B:44:8D:EE:0F:EC:EC:52:BC
ValidityWed, 29 Nov 2023 10:07:43 GMT - Tue, 27 Feb 2024 10:07:42 GMT

File type
HTML document text\012- troff or preprocessor input, ASCII text, with very long lines (542), with no line terminators
Size
472 B (472 bytes)
Hash
a60e342168ca146858d3a04e552aaffc
93686a78cd4a9ffc550731083a992565d74ae0d7
1fd96a9d7a4432f62790ab8f1b0913035d50e2b9cc6f73a9d36fc8f2895274e7

HTTP Headers

GET /64e342d03e486e003ef2f8d5.json HTTP/1.1
Host: cdnpf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://readberserk.com/
Origin: https://readberserk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 19:50:34 GMT
content-type: application/json
access-control-allow-origin: *
etag: W/"0abacf38a01be4bbcea68fd728a55c55"
last-modified: Thu, 30 Nov 2023 03:57:44 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 8213
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwOQyVbxox9xfwqvW7mhHe%2BpovPdbBZsWKLp52buCSKFTFo1WJtyvit6ckaB03L2AxBtyRHe%2Bx7j5gPNf9GLH4HqJibmsiNJ96NhUkvJO20pbrjp1Go5R3FewOs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe56e1eb9956c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash