doktorgulzar.com/
93.180.134.229301 Moved Permanently 162 B IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 13 Dec 2022 02:41:08 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://doktorgulzar.com/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16723
Expires: Tue, 13 Dec 2022 07:19:51 GMT
Date: Tue, 13 Dec 2022 02:41:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 555d8608594803d49eeb9581c6b70702
d01e0201e0ba0cf751ef97226620338a853bc635
2885cdac311a30161a8ac9ef8e54c788afafd4f86ed197a651fc6d8bda077908
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2885CDAC311A30161A8AC9EF8E54C788AFAFD4F86ED197A651FC6D8BDA077908"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18890
Expires: Tue, 13 Dec 2022 07:55:58 GMT
Date: Tue, 13 Dec 2022 02:41:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 13 Dec 2022 02:33:44 GMT
content-type: application/json
age: 444
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d29881eeb0456eff8cf415ad2ce64ba0
e3cfdd5f56ff88066257ec8f4726f53e3a733bd3
2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Tue, 13 Dec 2022 03:43:35 GMT
Date: Tue, 13 Dec 2022 02:41:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UcrBGTNWUas2GViXuIsshMN2Iw9y3O7iKI4+0FT8vwyagXOPOwFKZgNOxvA3FUMlRrWbw1agxl0=
x-amz-request-id: A4PT3EJSF1CZM1QK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 13 Dec 2022 01:49:51 GMT
age: 3077
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 79cc742aa40c8ef71364d2f4f714adc8
ef17a0485ba2483b574cc65f9e59a53d6b862e97
14b014a609057e3d124f12afc608745ce766ca9f98014d23695451d5f06ebe94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14B014A609057E3D124F12AFC608745CE766CA9F98014D23695451D5F06EBE94"
Last-Modified: Tue, 13 Dec 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Dec 2022 08:41:09 GMT
Date: Tue, 13 Dec 2022 02:41:09 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0f3dad0d025c4b6b8abd5d698f00cfbd
3a82ecac8709c7acd620316502a0e774ac3b1170
8d98454c05e1bfb1e534913e69fe76f4b0cb619c02626bcdc163f7be48b1621f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 02:41:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0f3dad0d025c4b6b8abd5d698f00cfbd
3a82ecac8709c7acd620316502a0e774ac3b1170
8d98454c05e1bfb1e534913e69fe76f4b0cb619c02626bcdc163f7be48b1621f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 02:41:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doktorgulzar.com/images/logo_g%C3%BClzar-1.png
93.180.134.229200 OK 29 kB URL HTTP/2 doktorgulzar.com/images/logo_g%C3%BClzar-1.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 272 x 236, 8-bit/color RGBA, non-interlaced\012- data
Hash eee5f4d8d6339ee21cc1c220c8518e4d
1cab5e049896d8d4b2c09e7cba38f736bc4795c9
f698443ddd41e11b13b8446c2fee21704d6a4a7c1c0cc10c39eb8faa70d460d0
GET /images/logo_g%C3%BClzar-1.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/png
content-length: 29185
last-modified: Tue, 18 Oct 2022 22:20:11 GMT
etag: "634f269b-7201"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?key=AIzaSyAPN4OzkHNIs7dcf94xIqfqVNHWWut05dA&callback=initMap
216.58.207.234200 OK 54 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyAPN4OzkHNIs7dcf94xIqfqVNHWWut05dA&callback=initMap
IP 216.58.207.234:0
File type ASCII text, with very long lines (2460)
Hash a9a3297e148c14ac387ae260566a7e4a
c58a02b7fee8339e8cf892206f002751cecab26e
ce5838ef023ee770a2ac702cf779e351bcdc21303a1a6c23271f5042ceeb57cb
GET /maps/api/js?key=AIzaSyAPN4OzkHNIs7dcf94xIqfqVNHWWut05dA&callback=initMap HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Tue, 13 Dec 2022 02:41:09 GMT
expires: Tue, 13 Dec 2022 03:11:09 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53500
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 13 Dec 2022 02:33:17 GMT
age: 472
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0f3dad0d025c4b6b8abd5d698f00cfbd
3a82ecac8709c7acd620316502a0e774ac3b1170
8d98454c05e1bfb1e534913e69fe76f4b0cb619c02626bcdc163f7be48b1621f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 02:41:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doktorgulzar.com/images/Kalici-Dudak-Dolgusu-1170x700.jpg
93.180.134.229200 OK 64 kB URL HTTP/2 doktorgulzar.com/images/Kalici-Dudak-Dolgusu-1170x700.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1170x700, components 3\012- data
Hash 29a08e82d733e54d6de6e334be31fafa
b09dcbd0ff0b7827e3ec5bd1585db9125b76a3a8
172d57626614fbae7656d2ae3b9abc892dc6458067ef39b211eb8093e3053d0c
GET /images/Kalici-Dudak-Dolgusu-1170x700.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 63574
last-modified: Wed, 26 Oct 2022 16:26:41 GMT
etag: "63595fc1-f856"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/Dolgu-Enjeksiyonu-1.jpg
93.180.134.229200 OK 47 kB URL HTTP/2 doktorgulzar.com/images/Dolgu-Enjeksiyonu-1.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2500x1516, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b05e7ea6c16df811d4a31fcb68a346bc
fc80d3550a5cd67359aef65a79d2542993aacde3
4958089dc0dabfbfc88a35fdfef1a185421be9d2510caf1f4cdfe54904b16a24
GET /images/Dolgu-Enjeksiyonu-1.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 46716
last-modified: Tue, 18 Oct 2022 22:19:50 GMT
etag: "634f2686-b67c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/prp-tedavisi.jpg
93.180.134.229200 OK 48 kB URL HTTP/2 doktorgulzar.com/images/prp-tedavisi.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 500x500, components 3\012- data
Hash 798b1aa7aa5dbc9d1278b75ee44ced2f
a28f60822b0a0cce27400bacb5da85d30602a8ee
adfdf3767540d30876a4fc777d6afa00039036b7ba62bcea5ae09617dae6da3c
GET /images/prp-tedavisi.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 47730
last-modified: Tue, 18 Oct 2022 22:20:13 GMT
etag: "634f269d-ba72"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/2.jpeg
93.180.134.229200 OK 19 kB URL HTTP/2 doktorgulzar.com/images/2.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash 5f7321c73816340f19a198d1a68bf07b
2de2dc5f9df14087a6b2a996ca261b26b115d05f
7e1663ad2a67736b70e3fd77d2d46b9f4d8667ed6324985f192abf00c1858f9b
Analyzer Verdict Alert fortinet Phishing
GET /images/2.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 18843
last-modified: Tue, 18 Oct 2022 22:19:33 GMT
etag: "634f2675-499b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 02:41:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 02:41:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doktorgulzar.com/js/jquery.min.js
93.180.134.229200 OK 75 kB URL HTTP/2 doktorgulzar.com/js/jquery.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Hash d3b98bc7c137543bfadac23882e863a3
21e0615f0a5cbec9fdf425d8eed576f54df7bc4a
92015def41bccd4bb687142e5f9698d82727c8481c2da70502b9e476f870178c
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:31 GMT
etag: W/"63406d3b-41706"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/scrollax.min.js
93.180.134.229200 OK 3.5 kB URL HTTP/2 doktorgulzar.com/js/scrollax.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (567)
Hash ea8f10d51407917495871a4e91efb6a5
cb26c4804b13b7601dc16a8f068e6321147fb1eb
0af75122668e067eb312a6b2407a65ac255b63885f6c999bc722cf6cabb8eaa8
Analyzer Verdict Alert fortinet Phishing
GET /js/scrollax.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:33 GMT
etag: W/"63406d3d-1d17"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doktorgulzar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:13 GMT
expires: Sat, 09 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
age: 306476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doktorgulzar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:52:41 GMT
expires: Tue, 12 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 28108
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doktorgulzar.com/images/11.jpeg
93.180.134.229200 OK 4.6 kB URL HTTP/2 doktorgulzar.com/images/11.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 184x96, components 3\012- data
Hash 108b43b3dd8d0e642e2468949ab1808c
23b5d1a1a06615649d6557d543a4ce598d3f8b00
ef5cefd24bec6b95edc41b2a34c985ff9812bb50c7d0c5395295964c45a95f6a
Analyzer Verdict Alert fortinet Phishing
GET /images/11.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 4586
last-modified: Tue, 18 Oct 2022 22:19:25 GMT
etag: "634f266d-11ea"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/4.jpeg
93.180.134.229200 OK 14 kB URL HTTP/2 doktorgulzar.com/images/4.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash c1d27e7c8a493721ee893c8acea0bdf4
28b989f60061748e3dca1ef55def80f64439c188
36a568a602898b67b95885eb4e648b65fa2a2bcef8e81da68d27089638354663
Analyzer Verdict Alert fortinet Phishing
GET /images/4.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 13974
last-modified: Tue, 18 Oct 2022 22:19:33 GMT
etag: "634f2675-3696"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/6.jpeg
93.180.134.229200 OK 9.6 kB URL HTTP/2 doktorgulzar.com/images/6.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash 3ee5ba28f41d31b30bd7b70f730ba19f
c31b74a3dee734d090c24461078ef59296819f3f
6a43d646680585ec9611a1ad4356b2c6aa6daf52c87a31a7a856a79b085f9bba
Analyzer Verdict Alert fortinet Phishing
GET /images/6.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 9623
last-modified: Tue, 18 Oct 2022 22:19:34 GMT
etag: "634f2676-2597"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/5.jpeg
93.180.134.229200 OK 12 kB URL HTTP/2 doktorgulzar.com/images/5.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash a2e88dd453054a0d39dc2cc021785a18
37d37f6cc5a9ea9c614ea3448fbecbef2fa8ff4c
16726d9da813ecac5c0ba5a5fbc4dd88bdccce643427fc90cf7c9a631a1df079
Analyzer Verdict Alert fortinet Phishing
GET /images/5.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 12249
last-modified: Tue, 18 Oct 2022 22:19:34 GMT
etag: "634f2676-2fd9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/10.jpeg
93.180.134.229200 OK 3.4 kB URL HTTP/2 doktorgulzar.com/images/10.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 1\012- data
Hash 7e8347bba44b2e9ea369a61a2cb9b1d7
2cc8fb17c9c216b05ad88d269b784125e093203d
71e4393c5ad46c104366a10d0d34dfb96ebf9a72d60dc973e71b9cb19eecd5a2
Analyzer Verdict Alert fortinet Phishing
GET /images/10.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 3358
last-modified: Tue, 18 Oct 2022 22:19:23 GMT
etag: "634f266b-d1e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/8.jpeg
93.180.134.229200 OK 14 kB URL HTTP/2 doktorgulzar.com/images/8.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash 494e6371d155d36bf4335593cf49df40
69bc7416c839eb73fcd7ffc698a5bccab846bad9
fc0056c4b4944087241ed232351b83b07bfff55733d2ed9d78d41ea3c65a0d92
Analyzer Verdict Alert fortinet Phishing
GET /images/8.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 14198
last-modified: Tue, 18 Oct 2022 22:19:34 GMT
etag: "634f2676-3776"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/peeling.jpeg
93.180.134.229200 OK 5.8 kB URL HTTP/2 doktorgulzar.com/images/peeling.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 284x177, components 3\012- data
Hash 8497faa05ee08e4999ae6600d552df74
3e59db92617141e31851696f4882b803b8763e27
2b9a0be782b5124914eb516aa8e2d8edc76502d28d67822b76642e10ddea98b3
Analyzer Verdict Alert fortinet Phishing
GET /images/peeling.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 5791
last-modified: Tue, 18 Oct 2022 22:20:12 GMT
etag: "634f269c-169f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/3.jpeg
93.180.134.229200 OK 8.8 kB URL HTTP/2 doktorgulzar.com/images/3.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash a93ebd9fc51fc0dfda4a8f0f55124c10
c2b1172845c88aa4b35a2ec2ecf1ce8083dea8c5
f94d594b1f0b5443e76c4ccd63ff515a990a450bf78c57d9238d42af7d8a50e2
Analyzer Verdict Alert fortinet Phishing
GET /images/3.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 8751
last-modified: Tue, 18 Oct 2022 22:19:33 GMT
etag: "634f2675-222f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/9.jpeg
93.180.134.229200 OK 13 kB URL HTTP/2 doktorgulzar.com/images/9.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash c07ce4f3a489b43e9eda748dde4e8372
e6ab61a211f6c3bda6e690fabd9b0675adeb308d
b5171ee27e159dfd7bc0b501f21e2891865c7a8d5101e0d855867b896df98f8e
Analyzer Verdict Alert fortinet Phishing
GET /images/9.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 12621
last-modified: Tue, 18 Oct 2022 22:19:34 GMT
etag: "634f2676-314d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/Non-Surgical-Treatment-for-Nasolabial-Folds-and-Marionette-Lines.jpg
93.180.134.229200 OK 113 kB URL HTTP/2 doktorgulzar.com/images/Non-Surgical-Treatment-for-Nasolabial-Folds-and-Marionette-Lines.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x700, components 3\012- data
Size 113 kB (112790 bytes)
Hash f9a75e081fa9cd2c9259a9e214e1ba41
62e5025f91bf3ce0baa0d30733b93f162af5625a
2bb283467682ca8922a20c564e04cc9773f431ad67333703a99fdc786f869b9f
GET /images/Non-Surgical-Treatment-for-Nasolabial-Folds-and-Marionette-Lines.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 112790
last-modified: Tue, 18 Oct 2022 22:20:12 GMT
etag: "634f269c-1b896"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/yuz-dolgusu-eritme.png
93.180.134.229200 OK 75 kB URL HTTP/2 doktorgulzar.com/images/yuz-dolgusu-eritme.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 900 x 400, 8-bit colormap, non-interlaced\012- data
Hash 8a123ceb0e32df4bbc9794d4991a2beb
09d85f8038f4b9287a5d9ae52010c491b58d955c
89e5e8de520d0c43a22db751c9f0efbf129cef63661ec9735a77238a5b477b12
GET /images/yuz-dolgusu-eritme.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/png
content-length: 74751
last-modified: Tue, 18 Oct 2022 22:20:32 GMT
etag: "634f26b0-123ff"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/buz-lazer-epilasyon-nedir.jpg
93.180.134.229200 OK 72 kB URL HTTP/2 doktorgulzar.com/images/buz-lazer-epilasyon-nedir.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2019:05:14 13:03:46], baseline, precision 8, 640x430, components 3\012- data
Hash 2b1c2f43679454e167bd309fcb2b21c7
b02505a717fe0a8bb56d43f2760d649aa6f9739a
0feb06f7ab1ba32974f6f84f6632b674cde13b4fd88408533501f2564be3cb89
GET /images/buz-lazer-epilasyon-nedir.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 72269
last-modified: Tue, 18 Oct 2022 22:19:46 GMT
etag: "634f2682-11a4d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/burun_dolgusu.jpg
93.180.134.229200 OK 70 kB URL HTTP/2 doktorgulzar.com/images/burun_dolgusu.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 1200x778, components 3\012- data
Hash e861c9427f0664fb03fd8d64687b3683
d2400dc58f68d1942bc890888047e07f441242ad
00b1b23b7fbdcb9c49b53a945d160fb6a27bd2999fb4207aa006f2b25f051dcc
GET /images/burun_dolgusu.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 69803
last-modified: Wed, 26 Oct 2022 18:34:56 GMT
etag: "63597dd0-110ab"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/fonts/icomoon/icomoon.ttf?6tt51o
93.180.134.229200 OK 307 kB URL HTTP/2 doktorgulzar.com/fonts/icomoon/icomoon.ttf?6tt51o
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size 307 kB (307168 bytes)
Hash b774c581ad4d77651ba7e18b16bd248b
a52649ef6c3af5a626e778c501f82ecb79da41ba
ef32dd19b8c1199d54ec6e516c20cddde149424bee616901733c253ec0219719
Analyzer Verdict Alert fortinet Phishing
GET /fonts/icomoon/icomoon.ttf?6tt51o HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/css/icomoon.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: application/font-sfnt
content-length: 307168
last-modified: Fri, 07 Oct 2022 18:17:55 GMT
etag: "63406d53-4afe0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/asiri-terleme-tedavisi-768x507.png
93.180.134.229200 OK 140 kB URL HTTP/2 doktorgulzar.com/images/asiri-terleme-tedavisi-768x507.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 768 x 507, 8-bit colormap, non-interlaced\012- data
Size 140 kB (139657 bytes)
Hash ee9e1116574625c4bcc9992cc69afa7c
f7a4740889d7a4d325cb73cf64571d9c9f56f308
b6a3d941db3ac0c8f59ae65af35c0a2da5876111a24f846158521eaee606c419
GET /images/asiri-terleme-tedavisi-768x507.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/png
content-length: 139657
last-modified: Tue, 18 Oct 2022 22:19:38 GMT
etag: "634f267a-22189"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/mezoterapi-nedir.png
93.180.134.229200 OK 233 kB URL HTTP/2 doktorgulzar.com/images/mezoterapi-nedir.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 700 x 300, 8-bit/color RGB, non-interlaced\012- data
Size 233 kB (233404 bytes)
Hash 1d0c6f83cdd9452b323a0bb1635225c6
78a51e49cb38472a70ae90dee185158b28a5a8fc
bd8b82aa1167714afb17b0360eb4eae32314fc190b473047dc4efc26d46cc5a1
GET /images/mezoterapi-nedir.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/png
content-length: 233404
last-modified: Tue, 18 Oct 2022 22:20:11 GMT
etag: "634f269b-38fbc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/female-patient-receiving-botox-injection-forehead.jpg
93.180.134.229200 OK 513 kB URL HTTP/2 doktorgulzar.com/images/female-patient-receiving-botox-injection-forehead.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x667, components 3\012- data
Size 513 kB (512965 bytes)
Hash f25e3869904da01cc6d74d060e2c2956
5391112d2bde5f353cf74975e3c368995ae4ee21
32f545aacb11a54093b66114e57883e8cd8efda5e317ad52a1ca942ab6279dab
GET /images/female-patient-receiving-botox-injection-forehead.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 512965
last-modified: Tue, 18 Oct 2022 22:19:53 GMT
etag: "634f2689-7d3c5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/istockphoto-1154642632-612x612.jpg
93.180.134.229200 OK 25 kB URL HTTP/2 doktorgulzar.com/images/istockphoto-1154642632-612x612.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Close up portrait of brunette woman on brown studio background\377\341\005]http://ns.adobe.com/xap/1.0/], progressive, precision 8, 474x612, components 3\012- data
Hash aa1be66fc4d39627364b24d1f0d75bcb
1e00a059c07a9eeddd1212d941e717c506d1609d
810c52d893908dfdd53093cbbedabd17939f7465ae89640f899d2cafe71ed61c
GET /images/istockphoto-1154642632-612x612.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:10 GMT
content-type: image/jpeg
content-length: 25064
last-modified: Tue, 18 Oct 2022 22:20:08 GMT
etag: "634f2698-61e8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/images.jpg
93.180.134.229200 OK 7.8 kB URL HTTP/2 doktorgulzar.com/images/images.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Hash 1cea1de81e7ba972890fb8e54eff5061
5c7b0ca4f6586278d8a250a5f742580de851c701
f1bf63b0ef25454322fa4ed18ae758791840b87c4e09481f60257d92329235b9
GET /images/images.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:10 GMT
content-type: image/jpeg
content-length: 7825
last-modified: Tue, 18 Oct 2022 22:20:06 GMT
etag: "634f2696-1e91"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/beautiful-young-woman-getting-botox-cosmetic-injection-her-face.jpg
93.180.134.229200 OK 967 kB URL HTTP/2 doktorgulzar.com/images/beautiful-young-woman-getting-botox-cosmetic-injection-her-face.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, description=Portrait of beautiful young woman getting botox cosmetic injection in her face over white background., manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, xresolution=141, yresolution=149, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2017:10:23 19:07:29], baseline, precision 8, 5361x3574, components 3\012- data
Size 967 kB (966989 bytes)
Hash 466a9e01b25d5aa568a91706b45506f2
9f01ce05f04524ac13619b5aff0a60e50e39379d
50ca98648b58d5be9cdfcada1c95fa720aba31095d9a2d79628d04aec6241851
GET /images/beautiful-young-woman-getting-botox-cosmetic-injection-her-face.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:10 GMT
content-type: image/jpeg
content-length: 966989
last-modified: Tue, 18 Oct 2022 22:19:43 GMT
etag: "634f267f-ec14d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/main-qimg-7fb93146f5e4e470f5a590d2fc38be3b-lq.jpg
93.180.134.229200 OK 64 kB URL HTTP/2 doktorgulzar.com/images/main-qimg-7fb93146f5e4e470f5a590d2fc38be3b-lq.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 602x752, components 3\012- data
Hash e9651bc321e3499ae4330cf7c9e78852
c817aad702b253d66e7a2325115f93aa9b5fd987
994eb118cc599065cc5777f6a557ca23d4589f654434e7a336cb37d290bfa24d
GET /images/main-qimg-7fb93146f5e4e470f5a590d2fc38be3b-lq.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:10 GMT
content-type: image/jpeg
content-length: 63700
last-modified: Tue, 18 Oct 2022 22:20:11 GMT
etag: "634f269b-f8d4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e5ee531cc0386adab9fe3d62f530231
16ec934be53e9ce97d40aedf906430551ad1b58a
0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 02:41:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doktorgulzar.com/images/apple-touch-icon.png
93.180.134.229200 OK 31 kB URL HTTP/2 doktorgulzar.com/images/apple-touch-icon.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 8260b867ec3a4c75e8f3e185903b1df1
c96f6a8d7724f80cdb5091895e5954001094738c
c545a04bf7407d092819bf28907e1c2a94fa4da6023c92b7b467c22f526f5361
GET /images/apple-touch-icon.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:10 GMT
content-type: image/png
content-length: 30867
last-modified: Sat, 15 Oct 2022 05:19:58 GMT
etag: "634a42fe-7893"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/favicon-16x16.png
93.180.134.229200 OK 737 B URL HTTP/2 doktorgulzar.com/images/favicon-16x16.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash bbd16ed90dee2116b7b935cdef3bbd32
f01ddd1c1274d3fc3a86b55af39fb84426d901f4
5b5e145164fc5c347a460726edefdf83c4d15cad9a3e462b9d85127412489f43
GET /images/favicon-16x16.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:10 GMT
content-type: image/png
content-length: 737
x-accel-version: 0.01
last-modified: Sat, 15 Oct 2022 05:20:27 GMT
etag: "2e1-5eb0be676afd4"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Guor9kgYMEogeg16BuFtig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I6wkF0+e77ssvHy0aZV5SWCdheY=
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.3200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.3:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Tue, 13 Dec 2022 02:41:10 GMT
expires: Tue, 13 Dec 2022 02:41:10 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
216.58.211.3200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 216.58.211.3:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:47:19 GMT
expires: Tue, 12 Dec 2023 18:47:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 28431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
216.58.211.3200 OK 910 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 216.58.211.3:0
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:11 GMT
expires: Sat, 09 Dec 2023 13:33:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 306479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doktorgulzar.com/images/photo-1494790108377-be9c29b29330.jpg
93.180.134.229200 OK 1.8 kB URL HTTP/2 doktorgulzar.com/images/photo-1494790108377-be9c29b29330.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/photo-1494790108377-be9c29b29330.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:10 GMT
content-type: image/jpeg
content-length: 104860
last-modified: Tue, 18 Oct 2022 22:20:13 GMT
etag: "634f269d-1999c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/js/google-map.js
93.180.134.229200 OK 858 B URL HTTP/2 doktorgulzar.com/js/google-map.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Hash 5d157600b3cd6f8f597524a183bee5ac
d7428f8302793f36fb422b6a89086e451b8d10f7
22584b321086da3b175b13cd68c239c4f4a4db0e7d07c9d62d6eb193fe8aadc2
Analyzer Verdict Alert fortinet Phishing
GET /js/google-map.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 14:06:13 GMT
etag: W/"638b57d5-798"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a41c1c2a6aad29835a33369555bbe359
4e104748d3d8c3237d58e03b6f7493fcc9182142
a0495e2ab6ed55134a4bf56eb85252977c6978eb965b14724d47e3c979f25ab4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 02:41:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b14162cab0131ca3a7e7c1c6d72c77f3
87a1ae365bc2a459c323770eb9632d28649b2b1b
759526e8274b5fa52e1a46496e286cc04466a27c41a8f20de6aee1b756feb87c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 02:41:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.google.com/gen204?sl=tr&nca=te_ap&client=te&logld=vTE_20221004
142.250.74.174204 No Content 0 B URL HTTP/2 translate.google.com/gen204?sl=tr&nca=te_ap&client=te&logld=vTE_20221004
IP 142.250.74.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=tr&nca=te_ap&client=te&logld=vTE_20221004 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: image/gif; charset=us-ascii
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 13 Dec 2022 02:41:10 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-103JTlcyqjGyrq-Alvj9Wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=8.SE=EruodRz6dGGx7nRJcp14T9H4HNZcav8kG1Y94gy322SR33nqBNftMsdouVd3o35YIXmCn3JFhQaTVYgD-y80cND91LLK07rW_Y7RpZtqf4bhosxKcCHD6f-siL251ZozzQpmXDxod0jJ8ohP6w_UAnFFfpzbP5FL2AHtICXX89k; expires=Fri, 12-Jan-2024 18:59:28 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/images/cleardot.gif
142.250.74.132200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Tue, 13 Dec 2022 02:41:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a41c1c2a6aad29835a33369555bbe359
4e104748d3d8c3237d58e03b6f7493fcc9182142
a0495e2ab6ed55134a4bf56eb85252977c6978eb965b14724d47e3c979f25ab4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 02:41:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a41c1c2a6aad29835a33369555bbe359
4e104748d3d8c3237d58e03b6f7493fcc9182142
a0495e2ab6ed55134a4bf56eb85252977c6978eb965b14724d47e3c979f25ab4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 02:41:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doktorgulzar.com/js/jquery.stellar.min.js
93.180.134.229200 OK 20 kB URL HTTP/2 doktorgulzar.com/js/jquery.stellar.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (12453)
Hash a89f98f5435f98b2edebc0d7ce79dfe1
32354611b34d6cedb73753d1943553d9a040b45e
92bee081018ef8ccecce09de036285a1d9aabfc9dfd04c63279e493b96ea5cae
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.stellar.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:31 GMT
etag: W/"63406d3b-3135"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/bootstrap.min.js
93.180.134.229200 OK 29 kB URL HTTP/2 doktorgulzar.com/js/bootstrap.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (50395)
Hash 1c682316ea51a390213db5d340f67231
8f406907eeff9fc13f8136ed9bb5f1987a13665c
fb3ee7dbf1d6188e5c376d2dca4cd320e89c6057d05e17bdb8ccf0a3a37595f3
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:26 GMT
etag: W/"63406d36-c5f4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doktorgulzar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 457637
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doktorgulzar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 457635
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2237
Expires: Tue, 13 Dec 2022 03:18:28 GMT
Date: Tue, 13 Dec 2022 02:41:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2237
Expires: Tue, 13 Dec 2022 03:18:28 GMT
Date: Tue, 13 Dec 2022 02:41:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2237
Expires: Tue, 13 Dec 2022 03:18:28 GMT
Date: Tue, 13 Dec 2022 02:41:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2237
Expires: Tue, 13 Dec 2022 03:18:28 GMT
Date: Tue, 13 Dec 2022 02:41:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ff36d-720a-4773-9efc-7923e26a498a.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ff36d-720a-4773-9efc-7923e26a498a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 924ebd73c6a82ba87b3c7140d6cf4968
3fc604e081023ba1d50e57678a9a546b556835c4
d77661e2c8f4d1c86aa152a228ae633c475b97ecd49f39c8a9380214dbd2d664
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ff36d-720a-4773-9efc-7923e26a498a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6038
x-amzn-requestid: 78cfe5e5-1298-4df4-bd36-a6f634280f83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw5BgGq4IAMFSWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903ba3-40c9be7134129b4c249e559c;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:07:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _-pBQeI6EbP8F6fYvUN9ML-zszIBU6AD_CXD7nuGTEdwWWHX43pIcw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 13:20:39 GMT
age: 48032
etag: "3fc604e081023ba1d50e57678a9a546b556835c4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8b0477fb90d103e2155bbf7ab47d877
ab668e755bd742b165fa3ba46a4c486c616a7ff6
40e2282cf64da6034f73a2ff0c0d060550caa364244d5bdf282d2f54719d48ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4703
x-amzn-requestid: 975cb427-5feb-4c36-bcfe-bed0cc9bd3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czpW4Hh4IAMFeRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639155c5-63d6d97371f11d6012edae68;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:11:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BouIqIrg_vfxBH0weDXiqoEBcSV8_d4qDVB3Er5PeIrZz249iHdqGQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 06:13:00 GMT
age: 73691
etag: "ab668e755bd742b165fa3ba46a4c486c616a7ff6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 690133687ca909986a7ac4e919193bbb
9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4
d4913048b7f2b341c77a345420a855e6385e00c64ef30f6cf136ad16f6bda771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6711
x-amzn-requestid: ac93518c-b2e1-4995-9152-11c30c05cc9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c9h4oHmiIAMFXQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639549d0-5180e10e467c4c4c5e7fd1f4;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 03:09:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YHHaFWjmRFuBvcFQ6orltY_4JuQEcHhfyjxHO3-XZduh_hEGfPcPoA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 03:38:02 GMT
age: 82989
etag: "9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F011f2c78-7785-4bfa-a0cc-3f1da3373cb7.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F011f2c78-7785-4bfa-a0cc-3f1da3373cb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 148429983fce0e20f4de08c2f048471f
f97353ee4ae4ed1475f2095e3bc0f93d24ad848f
10ab479c83787195a0b85caa6335914da01b67ed9bd576f7d6a90278e2698763
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F011f2c78-7785-4bfa-a0cc-3f1da3373cb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5035
x-amzn-requestid: a0a4ef66-8d0c-4be6-867d-be98f4ea65ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cqTXdER6oAMFf-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d98fc-4d6af6b802321b75422f358d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 07:08:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Neh3ldqYhkn9NKCPWPvw57ghrN6OqiJk60lxnfGfCI-4Y7PXF-ezOA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 16:20:03 GMT
age: 37268
etag: "f97353ee4ae4ed1475f2095e3bc0f93d24ad848f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3bd4c12-e778-472e-ac9c-d2cd99425501.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3bd4c12-e778-472e-ac9c-d2cd99425501.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f885add3e7cb373da8fbb0e773b169d0
b5d9aea1fcf2c7139710dd8b1cf06f595f59e3a2
8e527efa846977908cbf1b9b82f6a09fc84a512f62286c5ef4410b6ffd76d3cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3bd4c12-e778-472e-ac9c-d2cd99425501.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6619
x-amzn-requestid: 3f7210b8-b010-4d13-9ea2-ab331dfb6700
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0rHIHhjoAMFixQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391befa-090c90f7543e16cb678e0524;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 10:39:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p0KPXrm-YBTEDxq6ds7BUJ5IfWQ6psS_mmXZLYV40cm6iX0ASz_4XA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:54:08 GMT
age: 17223
etag: "b5d9aea1fcf2c7139710dd8b1cf06f595f59e3a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: viqtSt0N4FbMvP-u-vlA4Y8SfzIafFu_4XhqXSKrbItp7gkJDp5PKA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:37:58 GMT
age: 14593
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
doktorgulzar.com/js/main.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/main.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/main.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:32 GMT
etag: W/"63406d3c-1823"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/css/owl.theme.default.min.css
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/css/owl.theme.default.min.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /css/owl.theme.default.min.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Fri, 07 Oct 2022 18:17:49 GMT
etag: W/"3c5-5ea75d3db5b18"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/css/animate.css
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/css/animate.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /css/animate.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 18:17:48 GMT
etag: W/"63406d4c-11fa9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/jquery-migrate-3.0.1.min.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/jquery-migrate-3.0.1.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-migrate-3.0.1.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:27 GMT
etag: W/"63406d37-2c9d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/css/owl.carousel.min.css
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/css/owl.carousel.min.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /css/owl.carousel.min.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 18:17:50 GMT
etag: W/"63406d4e-d70"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700
IP 142.250.74.106:0
GET /css?family=Open+Sans:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 02:41:09 GMT
date: Tue, 13 Dec 2022 02:41:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doktorgulzar.com/js/aos.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/aos.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/aos.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:25 GMT
etag: W/"63406d35-37a4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/jquery.waypoints.min.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/jquery.waypoints.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.waypoints.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:32 GMT
etag: W/"63406d3c-2283"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/
93.180.134.229200 OK 0 B IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/css/style.css
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/css/style.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /css/style.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 18:17:50 GMT
etag: W/"63406d4e-3ea46"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/css/aos.css
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/css/aos.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /css/aos.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 18:17:48 GMT
etag: W/"63406d4c-657f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/css/icomoon.css
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/css/icomoon.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /css/icomoon.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 18:17:49 GMT
etag: W/"63406d4d-13803"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/owl.carousel.min.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/owl.carousel.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/owl.carousel.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:33 GMT
etag: W/"63406d3d-a8e5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/images/migren-quad-menu.jpg
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/images/migren-quad-menu.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /images/migren-quad-menu.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 02:41:09 GMT
content-type: image/jpeg
content-length: 47360
last-modified: Tue, 18 Oct 2022 22:20:12 GMT
etag: "634f269c-b900"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2