doktorgulzar.com/
93.180.134.229301 Moved Permanently 162 B IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Dec 2022 02:41:21 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://doktorgulzar.com/
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d6a971d765338f107fe9d2c67fa4bbdf
a72bdf191446a37fa0420cc9d7c087aaff757cd6
dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10566
Expires: Fri, 23 Dec 2022 05:37:27 GMT
Date: Fri, 23 Dec 2022 02:41:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7e300ca7d2d586dd1ca0c185ef6b0da5
3914cfd3b7aa6e1d1117bf509319479e489ed2a4
91c8810ad137faf4393f7d15f9c619c06d124a7aaebfa21290dca614db2c7757
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91C8810AD137FAF4393F7D15F9C619C06D124A7AAEBFA21290DCA614DB2C7757"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5499
Expires: Fri, 23 Dec 2022 04:13:00 GMT
Date: Fri, 23 Dec 2022 02:41:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 02:34:41 GMT
content-type: application/json
age: 400
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7463
Expires: Fri, 23 Dec 2022 04:45:44 GMT
Date: Fri, 23 Dec 2022 02:41:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PgfGLbwbBmZsOAkWuJk1L/PNWWdL8jyBFx7VN4k6gVtuTSSvN7eAqN912XCgdWZ2yNak40TyxxM=
x-amz-request-id: FRMAWWMHB58FW762
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 01:53:53 GMT
age: 2848
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b25d401436f4406b6880fbe51eef497b
f6d0caf5228b5a52e71628838d2cf9a80d24543f
be0675c10d62936413d825d02700b5fbcc0d82219733109af899816f16d25f21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE0675C10D62936413D825D02700B5FBCC0D82219733109AF899816F16D25F21"
Last-Modified: Thu, 22 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 23 Dec 2022 08:41:21 GMT
Date: Fri, 23 Dec 2022 02:41:21 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 02:41:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 02:41:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 02:33:25 GMT
age: 476
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
doktorgulzar.com/images/logo_g%C3%BClzar-1.png
93.180.134.229200 OK 29 kB URL HTTP/2 doktorgulzar.com/images/logo_g%C3%BClzar-1.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 272 x 236, 8-bit/color RGBA, non-interlaced\012- data
Hash eee5f4d8d6339ee21cc1c220c8518e4d
1cab5e049896d8d4b2c09e7cba38f736bc4795c9
f698443ddd41e11b13b8446c2fee21704d6a4a7c1c0cc10c39eb8faa70d460d0
GET /images/logo_g%C3%BClzar-1.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/png
content-length: 29185
last-modified: Tue, 18 Oct 2022 22:20:11 GMT
etag: "634f269b-7201"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 70a7b165f99b2b8fa0dc98318a7158d7
4d924f7febab9c8fe3fe9199e8879fd6ad892575
c5e0e414c34f2f328b487ae72b21a12a1b50d952aa1a31fb6314b4e700d27e05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1085
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 02:41:21 GMT
Etag: "63a41e2a-1d7"
Last-Modified: Fri, 23 Dec 2022 02:23:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
maps.googleapis.com/maps/api/js?key=AIzaSyAPN4OzkHNIs7dcf94xIqfqVNHWWut05dA&callback=initMap
142.250.74.106200 OK 54 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyAPN4OzkHNIs7dcf94xIqfqVNHWWut05dA&callback=initMap
IP 142.250.74.106:0
File type ASCII text, with very long lines (2460)
Hash d0dbb8a25e8621ff6d9dba707e4ea59e
50e620875daf30c8ba9fa0741a8788980bda5535
d430dd318a12feff9aedfd39c7fe48c8efc77e6f47c0244cf13131b6c1919d97
GET /maps/api/js?key=AIzaSyAPN4OzkHNIs7dcf94xIqfqVNHWWut05dA&callback=initMap HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Fri, 23 Dec 2022 02:41:21 GMT
expires: Fri, 23 Dec 2022 03:11:21 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53504
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doktorgulzar.com/css/style.css
93.180.134.229200 OK 30 kB URL HTTP/2 doktorgulzar.com/css/style.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Hash 50219e600875ff071a29fbffd90a55b2
92b220c654f7f30813a10b121c3bd0e799ad174d
2b1f1ecd80b1ce54841ea0fda8d15beaafbf3116e0fe90c4912e17b82c86c171
GET /css/style.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 18:17:50 GMT
etag: W/"63406d4e-3ea46"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 02:41:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doktorgulzar.com/images/Dolgu-Enjeksiyonu-1.jpg
93.180.134.229200 OK 47 kB URL HTTP/2 doktorgulzar.com/images/Dolgu-Enjeksiyonu-1.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2500x1516, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b05e7ea6c16df811d4a31fcb68a346bc
fc80d3550a5cd67359aef65a79d2542993aacde3
4958089dc0dabfbfc88a35fdfef1a185421be9d2510caf1f4cdfe54904b16a24
GET /images/Dolgu-Enjeksiyonu-1.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 46716
last-modified: Tue, 18 Oct 2022 22:19:50 GMT
etag: "634f2686-b67c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/peeling.jpeg
93.180.134.229200 OK 5.8 kB URL HTTP/2 doktorgulzar.com/images/peeling.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 284x177, components 3\012- data
Hash 8497faa05ee08e4999ae6600d552df74
3e59db92617141e31851696f4882b803b8763e27
2b9a0be782b5124914eb516aa8e2d8edc76502d28d67822b76642e10ddea98b3
Analyzer Verdict Alert fortinet Phishing
GET /images/peeling.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 5791
last-modified: Tue, 18 Oct 2022 22:20:12 GMT
etag: "634f269c-169f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/migren-quad-menu.jpg
93.180.134.229200 OK 47 kB URL HTTP/2 doktorgulzar.com/images/migren-quad-menu.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1500x1000, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ef4ff2c0f56899fefdedf27424bd4193
0ccb60a57a8f8b466ca4adfc9ad1a5d3ff3537f6
3a7da42bdcc2677da3e7277e570e97c1146165831d639c2bdd496fc46e2bad8e
GET /images/migren-quad-menu.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 47360
last-modified: Tue, 18 Oct 2022 22:20:12 GMT
etag: "634f269c-b900"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/prp-tedavisi.jpg
93.180.134.229200 OK 48 kB URL HTTP/2 doktorgulzar.com/images/prp-tedavisi.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 500x500, components 3\012- data
Hash 798b1aa7aa5dbc9d1278b75ee44ced2f
a28f60822b0a0cce27400bacb5da85d30602a8ee
adfdf3767540d30876a4fc777d6afa00039036b7ba62bcea5ae09617dae6da3c
GET /images/prp-tedavisi.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 47730
last-modified: Tue, 18 Oct 2022 22:20:13 GMT
etag: "634f269d-ba72"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/js/jquery.stellar.min.js
93.180.134.229200 OK 3.7 kB URL HTTP/2 doktorgulzar.com/js/jquery.stellar.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (12453)
Hash 20fdb9048787642dfcc6522458584cf8
c491cfd1aa6288b400d704383fc59ce80c465631
e9b81d4b5635bf551524f7372a499a2ca98ccf623b5901dbb13e4b471e810558
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.stellar.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:31 GMT
etag: W/"63406d3b-3135"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/aos.js
93.180.134.229200 OK 4.8 kB URL HTTP/2 doktorgulzar.com/js/aos.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (14212)
Hash 715a91dc059b791a5f21012dedc06be2
ea3504ffeb08de535be1bcab49b569fe472041d9
3a796f573d239f9dd8628abb6bf2a564ae4d3f7e8c79551c207529f0801a9a3e
Analyzer Verdict Alert fortinet Phishing
GET /js/aos.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:25 GMT
etag: W/"63406d35-37a4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doktorgulzar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Dec 2022 18:52:41 GMT
expires: Tue, 19 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 287321
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://doktorgulzar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:13 GMT
expires: Sat, 16 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 565689
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doktorgulzar.com/images/3.jpeg
93.180.134.229200 OK 8.8 kB URL HTTP/2 doktorgulzar.com/images/3.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash a93ebd9fc51fc0dfda4a8f0f55124c10
c2b1172845c88aa4b35a2ec2ecf1ce8083dea8c5
f94d594b1f0b5443e76c4ccd63ff515a990a450bf78c57d9238d42af7d8a50e2
Analyzer Verdict Alert fortinet Phishing
GET /images/3.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 8751
last-modified: Tue, 18 Oct 2022 22:19:33 GMT
etag: "634f2675-222f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/5.jpeg
93.180.134.229200 OK 12 kB URL HTTP/2 doktorgulzar.com/images/5.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash a2e88dd453054a0d39dc2cc021785a18
37d37f6cc5a9ea9c614ea3448fbecbef2fa8ff4c
16726d9da813ecac5c0ba5a5fbc4dd88bdccce643427fc90cf7c9a631a1df079
Analyzer Verdict Alert fortinet Phishing
GET /images/5.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 12249
last-modified: Tue, 18 Oct 2022 22:19:34 GMT
etag: "634f2676-2fd9"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/4.jpeg
93.180.134.229200 OK 14 kB URL HTTP/2 doktorgulzar.com/images/4.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash c1d27e7c8a493721ee893c8acea0bdf4
28b989f60061748e3dca1ef55def80f64439c188
36a568a602898b67b95885eb4e648b65fa2a2bcef8e81da68d27089638354663
Analyzer Verdict Alert fortinet Phishing
GET /images/4.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 13974
last-modified: Tue, 18 Oct 2022 22:19:33 GMT
etag: "634f2675-3696"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/8.jpeg
93.180.134.229200 OK 14 kB URL HTTP/2 doktorgulzar.com/images/8.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash 494e6371d155d36bf4335593cf49df40
69bc7416c839eb73fcd7ffc698a5bccab846bad9
fc0056c4b4944087241ed232351b83b07bfff55733d2ed9d78d41ea3c65a0d92
Analyzer Verdict Alert fortinet Phishing
GET /images/8.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 14198
last-modified: Tue, 18 Oct 2022 22:19:34 GMT
etag: "634f2676-3776"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/9.jpeg
93.180.134.229200 OK 13 kB URL HTTP/2 doktorgulzar.com/images/9.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash c07ce4f3a489b43e9eda748dde4e8372
e6ab61a211f6c3bda6e690fabd9b0675adeb308d
b5171ee27e159dfd7bc0b501f21e2891865c7a8d5101e0d855867b896df98f8e
Analyzer Verdict Alert fortinet Phishing
GET /images/9.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 12621
last-modified: Tue, 18 Oct 2022 22:19:34 GMT
etag: "634f2676-314d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/10.jpeg
93.180.134.229200 OK 3.4 kB URL HTTP/2 doktorgulzar.com/images/10.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 1\012- data
Hash 7e8347bba44b2e9ea369a61a2cb9b1d7
2cc8fb17c9c216b05ad88d269b784125e093203d
71e4393c5ad46c104366a10d0d34dfb96ebf9a72d60dc973e71b9cb19eecd5a2
Analyzer Verdict Alert fortinet Phishing
GET /images/10.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 3358
last-modified: Tue, 18 Oct 2022 22:19:23 GMT
etag: "634f266b-d1e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/6.jpeg
93.180.134.229200 OK 9.6 kB URL HTTP/2 doktorgulzar.com/images/6.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash 3ee5ba28f41d31b30bd7b70f730ba19f
c31b74a3dee734d090c24461078ef59296819f3f
6a43d646680585ec9611a1ad4356b2c6aa6daf52c87a31a7a856a79b085f9bba
Analyzer Verdict Alert fortinet Phishing
GET /images/6.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 9623
last-modified: Tue, 18 Oct 2022 22:19:34 GMT
etag: "634f2676-2597"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/2.jpeg
93.180.134.229200 OK 19 kB URL HTTP/2 doktorgulzar.com/images/2.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x138, components 3\012- data
Hash 5f7321c73816340f19a198d1a68bf07b
2de2dc5f9df14087a6b2a996ca261b26b115d05f
7e1663ad2a67736b70e3fd77d2d46b9f4d8667ed6324985f192abf00c1858f9b
Analyzer Verdict Alert fortinet Phishing
GET /images/2.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 18843
last-modified: Tue, 18 Oct 2022 22:19:33 GMT
etag: "634f2675-499b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/11.jpeg
93.180.134.229200 OK 4.6 kB URL HTTP/2 doktorgulzar.com/images/11.jpeg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 184x96, components 3\012- data
Hash 108b43b3dd8d0e642e2468949ab1808c
23b5d1a1a06615649d6557d543a4ce598d3f8b00
ef5cefd24bec6b95edc41b2a34c985ff9812bb50c7d0c5395295964c45a95f6a
Analyzer Verdict Alert fortinet Phishing
GET /images/11.jpeg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 4586
last-modified: Tue, 18 Oct 2022 22:19:25 GMT
etag: "634f266d-11ea"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/Non-Surgical-Treatment-for-Nasolabial-Folds-and-Marionette-Lines.jpg
93.180.134.229200 OK 113 kB URL HTTP/2 doktorgulzar.com/images/Non-Surgical-Treatment-for-Nasolabial-Folds-and-Marionette-Lines.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x700, components 3\012- data
Size 113 kB (112790 bytes)
Hash f9a75e081fa9cd2c9259a9e214e1ba41
62e5025f91bf3ce0baa0d30733b93f162af5625a
2bb283467682ca8922a20c564e04cc9773f431ad67333703a99fdc786f869b9f
GET /images/Non-Surgical-Treatment-for-Nasolabial-Folds-and-Marionette-Lines.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 112790
last-modified: Tue, 18 Oct 2022 22:20:12 GMT
etag: "634f269c-1b896"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/burun_dolgusu.jpg
93.180.134.229200 OK 70 kB URL HTTP/2 doktorgulzar.com/images/burun_dolgusu.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 1200x778, components 3\012- data
Hash e861c9427f0664fb03fd8d64687b3683
d2400dc58f68d1942bc890888047e07f441242ad
00b1b23b7fbdcb9c49b53a945d160fb6a27bd2999fb4207aa006f2b25f051dcc
GET /images/burun_dolgusu.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 69803
last-modified: Wed, 26 Oct 2022 18:34:56 GMT
etag: "63597dd0-110ab"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/buz-lazer-epilasyon-nedir.jpg
93.180.134.229200 OK 72 kB URL HTTP/2 doktorgulzar.com/images/buz-lazer-epilasyon-nedir.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2019:05:14 13:03:46], baseline, precision 8, 640x430, components 3\012- data
Hash 2b1c2f43679454e167bd309fcb2b21c7
b02505a717fe0a8bb56d43f2760d649aa6f9739a
0feb06f7ab1ba32974f6f84f6632b674cde13b4fd88408533501f2564be3cb89
GET /images/buz-lazer-epilasyon-nedir.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 72269
last-modified: Tue, 18 Oct 2022 22:19:46 GMT
etag: "634f2682-11a4d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/yuz-dolgusu-eritme.png
93.180.134.229200 OK 75 kB URL HTTP/2 doktorgulzar.com/images/yuz-dolgusu-eritme.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 900 x 400, 8-bit colormap, non-interlaced\012- data
Hash 8a123ceb0e32df4bbc9794d4991a2beb
09d85f8038f4b9287a5d9ae52010c491b58d955c
89e5e8de520d0c43a22db751c9f0efbf129cef63661ec9735a77238a5b477b12
GET /images/yuz-dolgusu-eritme.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/png
content-length: 74751
last-modified: Tue, 18 Oct 2022 22:20:32 GMT
etag: "634f26b0-123ff"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/asiri-terleme-tedavisi-768x507.png
93.180.134.229200 OK 140 kB URL HTTP/2 doktorgulzar.com/images/asiri-terleme-tedavisi-768x507.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 768 x 507, 8-bit colormap, non-interlaced\012- data
Size 140 kB (139657 bytes)
Hash ee9e1116574625c4bcc9992cc69afa7c
f7a4740889d7a4d325cb73cf64571d9c9f56f308
b6a3d941db3ac0c8f59ae65af35c0a2da5876111a24f846158521eaee606c419
GET /images/asiri-terleme-tedavisi-768x507.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/png
content-length: 139657
last-modified: Tue, 18 Oct 2022 22:19:38 GMT
etag: "634f267a-22189"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9WPvWboYEjynD9Y5OHO81g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K9R/ZMqoML1aiAEd9TeIDZ4DRYA=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 02:41:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doktorgulzar.com/images/female-patient-receiving-botox-injection-forehead.jpg
93.180.134.229200 OK 513 kB URL HTTP/2 doktorgulzar.com/images/female-patient-receiving-botox-injection-forehead.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x667, components 3\012- data
Size 513 kB (512965 bytes)
Hash f25e3869904da01cc6d74d060e2c2956
5391112d2bde5f353cf74975e3c368995ae4ee21
32f545aacb11a54093b66114e57883e8cd8efda5e317ad52a1ca942ab6279dab
GET /images/female-patient-receiving-botox-injection-forehead.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 512965
last-modified: Tue, 18 Oct 2022 22:19:53 GMT
etag: "634f2689-7d3c5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/fonts/icomoon/icomoon.ttf?6tt51o
93.180.134.229200 OK 307 kB URL HTTP/2 doktorgulzar.com/fonts/icomoon/icomoon.ttf?6tt51o
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size 307 kB (307168 bytes)
Hash b774c581ad4d77651ba7e18b16bd248b
a52649ef6c3af5a626e778c501f82ecb79da41ba
ef32dd19b8c1199d54ec6e516c20cddde149424bee616901733c253ec0219719
Analyzer Verdict Alert fortinet Phishing
GET /fonts/icomoon/icomoon.ttf?6tt51o HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/css/icomoon.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:22 GMT
content-type: application/font-sfnt
content-length: 307168
last-modified: Fri, 07 Oct 2022 18:17:55 GMT
etag: "63406d53-4afe0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/beautiful-young-woman-getting-botox-cosmetic-injection-her-face.jpg
93.180.134.229200 OK 967 kB URL HTTP/2 doktorgulzar.com/images/beautiful-young-woman-getting-botox-cosmetic-injection-her-face.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=11, description=Portrait of beautiful young woman getting botox cosmetic injection in her face over white background., manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, xresolution=141, yresolution=149, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2017:10:23 19:07:29], baseline, precision 8, 5361x3574, components 3\012- data
Size 967 kB (966989 bytes)
Hash 466a9e01b25d5aa568a91706b45506f2
9f01ce05f04524ac13619b5aff0a60e50e39379d
50ca98648b58d5be9cdfcada1c95fa720aba31095d9a2d79628d04aec6241851
GET /images/beautiful-young-woman-getting-botox-cosmetic-injection-her-face.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:22 GMT
content-type: image/jpeg
content-length: 966989
last-modified: Tue, 18 Oct 2022 22:19:43 GMT
etag: "634f267f-ec14d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/images.jpg
93.180.134.229200 OK 7.8 kB URL HTTP/2 doktorgulzar.com/images/images.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Hash 1cea1de81e7ba972890fb8e54eff5061
5c7b0ca4f6586278d8a250a5f742580de851c701
f1bf63b0ef25454322fa4ed18ae758791840b87c4e09481f60257d92329235b9
GET /images/images.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:22 GMT
content-type: image/jpeg
content-length: 7825
last-modified: Tue, 18 Oct 2022 22:20:06 GMT
etag: "634f2696-1e91"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/istockphoto-1154642632-612x612.jpg
93.180.134.229200 OK 25 kB URL HTTP/2 doktorgulzar.com/images/istockphoto-1154642632-612x612.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Close up portrait of brunette woman on brown studio background\377\341\005]http://ns.adobe.com/xap/1.0/], progressive, precision 8, 474x612, components 3\012- data
Hash aa1be66fc4d39627364b24d1f0d75bcb
1e00a059c07a9eeddd1212d941e717c506d1609d
810c52d893908dfdd53093cbbedabd17939f7465ae89640f899d2cafe71ed61c
GET /images/istockphoto-1154642632-612x612.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:22 GMT
content-type: image/jpeg
content-length: 25064
last-modified: Tue, 18 Oct 2022 22:20:08 GMT
etag: "634f2698-61e8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/main-qimg-7fb93146f5e4e470f5a590d2fc38be3b-lq.jpg
93.180.134.229200 OK 64 kB URL HTTP/2 doktorgulzar.com/images/main-qimg-7fb93146f5e4e470f5a590d2fc38be3b-lq.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 602x752, components 3\012- data
Hash e9651bc321e3499ae4330cf7c9e78852
c817aad702b253d66e7a2325115f93aa9b5fd987
994eb118cc599065cc5777f6a557ca23d4589f654434e7a336cb37d290bfa24d
GET /images/main-qimg-7fb93146f5e4e470f5a590d2fc38be3b-lq.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:22 GMT
content-type: image/jpeg
content-length: 63700
last-modified: Tue, 18 Oct 2022 22:20:11 GMT
etag: "634f269b-f8d4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/photo-1494790108377-be9c29b29330.jpg
93.180.134.229200 OK 105 kB URL HTTP/2 doktorgulzar.com/images/photo-1494790108377-be9c29b29330.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1000x1500, components 3\012- data
Size 105 kB (104860 bytes)
Hash 1bfa2288a849de76482192038cc98c18
1a3eec54f0f46a205025d2777c301c3bbf4f43bd
09a4e808274c3fd720d187044380927a5e983c91e44d642a318808519f2fefbc
GET /images/photo-1494790108377-be9c29b29330.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:22 GMT
content-type: image/jpeg
content-length: 104860
last-modified: Tue, 18 Oct 2022 22:20:13 GMT
etag: "634f269d-1999c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/js/main.js
93.180.134.229200 OK 2.0 kB URL HTTP/2 doktorgulzar.com/js/main.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Hash 2ead7417cb57624b7988761c2ad259d5
428e6263b45077c0b2f6343346aed5d2642ea12c
b1d00550d99bc72700d26fc673fb17e17fb781a04deb83286cbcb17127af4981
Analyzer Verdict Alert fortinet Phishing
GET /js/main.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:32 GMT
etag: W/"63406d3c-1823"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.3200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.3:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Fri, 23 Dec 2022 02:41:22 GMT
expires: Fri, 23 Dec 2022 02:41:22 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doktorgulzar.com/images/apple-touch-icon.png
93.180.134.229200 OK 31 kB URL HTTP/2 doktorgulzar.com/images/apple-touch-icon.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 8260b867ec3a4c75e8f3e185903b1df1
c96f6a8d7724f80cdb5091895e5954001094738c
c545a04bf7407d092819bf28907e1c2a94fa4da6023c92b7b467c22f526f5361
GET /images/apple-touch-icon.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:22 GMT
content-type: image/png
content-length: 30867
last-modified: Sat, 15 Oct 2022 05:19:58 GMT
etag: "634a42fe-7893"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/images/favicon-16x16.png
93.180.134.229200 OK 737 B URL HTTP/2 doktorgulzar.com/images/favicon-16x16.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash bbd16ed90dee2116b7b935cdef3bbd32
f01ddd1c1274d3fc3a86b55af39fb84426d901f4
5b5e145164fc5c347a460726edefdf83c4d15cad9a3e462b9d85127412489f43
GET /images/favicon-16x16.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:22 GMT
content-type: image/png
content-length: 737
x-accel-version: 0.01
last-modified: Sat, 15 Oct 2022 05:20:27 GMT
etag: "2e1-5eb0be676afd4"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Dec 2022 21:26:31 GMT
expires: Fri, 22 Dec 2023 21:26:31 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 18891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.35200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Dec 2022 14:55:12 GMT
expires: Fri, 22 Dec 2023 14:55:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 42370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
142.250.74.35200 OK 910 B URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP 142.250.74.35:0
File type PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash efa6bb2bfe459bc6f4bdafa3db0383f6
52d15ce52fe50643e542c17812de43f4ed1b6ee0
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 11:39:21 GMT
expires: Sat, 16 Dec 2023 11:39:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 572521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doktorgulzar.com/css/aos.css
93.180.134.229200 OK 5.9 kB URL HTTP/2 doktorgulzar.com/css/aos.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (25948)
Hash 93c1f879df97ac2c0f7e06e18f3c4cbd
3cd1c29afffc647d0b70183161f37cbe5f9847bc
397837af190b5d0184805de9aa5a82b743ae2aa43443df9047261bb8193821b6
GET /css/aos.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 18:17:48 GMT
etag: W/"63406d4c-657f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ecc130cabc8432a4c29a8ee3c411345f
ec68a99dcefeae0499da898b048d5a1a850d6256
71a24b7303015b50931d655a2761bd377379b2d8a1fba34d90311bdc1462e5d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 02:41:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.google.com/gen204?sl=tr&nca=te_ap&client=te&logld=vTE_20221004
142.250.74.110204 No Content 0 B URL HTTP/2 translate.google.com/gen204?sl=tr&nca=te_ap&client=te&logld=vTE_20221004
IP 142.250.74.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=tr&nca=te_ap&client=te&logld=vTE_20221004 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: image/gif; charset=us-ascii
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Dec 2022 02:41:22 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-MghUT-LZW4VRRtNpIHpoQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=9.SE=iPTQoFK_mxsEejCJJ3pGU9pi0nNARsfXwB_GyfMKejtQS6cvuzQC1HbWRgdcI4BNUpzoDr64KJhajHyAilsPVGvbltclWJH17e22ASTEjQoXA9YSTu4PzsPcvOApmBvKpurFfcvJqF0W00ANHzxmW6JLLqDWxJYGHv1o_Ur5fN4; expires=Mon, 22-Jan-2024 18:59:40 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 29d3696d17220dcd271363e420d6d592
16fb6e6352605346ddca3f28e69ed5e3b3980057
3a5946f894fc0ec400905c1a88a943fb60b5170dc0fc6946c13f800964af79d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 02:41:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/images/cleardot.gif
142.250.74.132200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Fri, 23 Dec 2022 02:41:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ecc130cabc8432a4c29a8ee3c411345f
ec68a99dcefeae0499da898b048d5a1a850d6256
71a24b7303015b50931d655a2761bd377379b2d8a1fba34d90311bdc1462e5d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 02:41:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700
142.250.74.106200 OK 14 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700
IP 142.250.74.106:0
Hash 4274010ea377d9c8e0c9b1cbe413239f
575410dcd36659bad61c77d984ebe17dc637e24c
8f07746a8216719d6c63fbfe173966c4e02c9729bc31d3e3863a618bb311ea4f
GET /css?family=Open+Sans:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Dec 2022 02:41:21 GMT
date: Fri, 23 Dec 2022 02:41:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doktorgulzar.com/css/open-iconic-bootstrap.min.css
93.180.134.229200 OK 19 kB URL HTTP/2 doktorgulzar.com/css/open-iconic-bootstrap.min.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
File type ASCII text, with very long lines (9467), with no line terminators
Hash a88e2e337135b8cdba36f79ee5d2fd1f
32c53e8868cbfa24197d70f757f6cdba79632f70
6f795039e07c95a84daa6db96439617bb15d09508cbd0ac27da16ec07783cc05
GET /css/open-iconic-bootstrap.min.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 18:17:49 GMT
etag: W/"63406d4d-24fb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/css/owl.theme.default.min.css
93.180.134.229200 OK 16 kB URL HTTP/2 doktorgulzar.com/css/owl.theme.default.min.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Hash 068d46752e9788ec701700fedf4ac384
f58ef1eac214cd622a29810812b0378e05f3ffdb
55de3cf48d60e75b3bb855a3d97de5a601a2a0463ef0252fdc239b29a4950abb
GET /css/owl.theme.default.min.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Fri, 07 Oct 2022 18:17:49 GMT
etag: W/"3c5-5ea75d3db5b18"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4402
Expires: Fri, 23 Dec 2022 03:54:45 GMT
Date: Fri, 23 Dec 2022 02:41:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4402
Expires: Fri, 23 Dec 2022 03:54:45 GMT
Date: Fri, 23 Dec 2022 02:41:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4402
Expires: Fri, 23 Dec 2022 03:54:45 GMT
Date: Fri, 23 Dec 2022 02:41:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4402
Expires: Fri, 23 Dec 2022 03:54:45 GMT
Date: Fri, 23 Dec 2022 02:41:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d4cf077d410b94f1326e942304f9e9b
98fb13feecfada3cc8b467aa48d7cdf1ed8ab001
ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SsDKCzVoU9imPo79Eg4_JraYGSE82tq3DvQqtDD4611YT_G18AED5w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:44:23 GMT
age: 3420
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef950d0-91b0-49dc-861b-561575fba09f.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef950d0-91b0-49dc-861b-561575fba09f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f041b688028eb1c8dcbee925ec0255fd
f60c30fd1ea1105f9a6fb23d6fd00f30f6deb757
724e5404f4b8ba9abf581972c1474fd1d497e9b16c3e5b42336a7ad48863fae6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef950d0-91b0-49dc-861b-561575fba09f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5505
x-amzn-requestid: 971471d1-6863-4f42-ad7f-6afa0cc651e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUqqFrRIAMFiPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce44-664cbcc82f3949a821ddde85;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bboasDe_R5AnFWTHh3hztzCi1Qgk9AFxNd_VwvFeQ4MUxThDh2OOvw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:38:36 GMT
age: 18167
etag: "f60c30fd1ea1105f9a6fb23d6fd00f30f6deb757"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd657fe5b-a7fc-44bd-b8e2-c5c7ead36566.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd657fe5b-a7fc-44bd-b8e2-c5c7ead36566.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96a126d8ae1c913ce8e756744ccc5436
733507091d3da02e963fa7e3e86e8ccac9dd0201
06e0f305ba90ef771ddb9f9ef0f68b1809df7581d23f80f364dff0197ed76076
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd657fe5b-a7fc-44bd-b8e2-c5c7ead36566.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6480
x-amzn-requestid: db9db216-ecae-44cd-b013-48f6a0b37d5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dOiR6FgKoAMF9JQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639c173f-64e1b6984203f55d4a359cdb;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 06:59:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eFn2M6kZ706R47EKgHnavH9Zq9gEXdB5AbXT86uiULTfn6ttPdu_Pw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 08:57:46 GMT
age: 63817
etag: "733507091d3da02e963fa7e3e86e8ccac9dd0201"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ee73339f3e7eaeb4c1ecab1a24632a8
48ff42e4329102d6a006b8f947bfaf29c0a5de17
ae5787d0df124d7d95ccaaf58148bb46c931610ca908cd58787748da5b75a1c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12794
x-amzn-requestid: 82617475-f461-429b-b38d-0c84eee33754
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk55IGPioAMFi1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a509d3-0dfc997d3853974a08914362;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:52:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kWJ-6NeMz-Hn8fw8hfvoQhdmDKqBDKRauvBY-2O8QxDjt4-pXAvX8g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:57:28 GMT
age: 2635
etag: "48ff42e4329102d6a006b8f947bfaf29c0a5de17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61b1b9ece5581fe0b212144f45243f1a
d161c613f1491ae6ab63b536c50c6630e80d6382
f5a2b23b66a05734b86755986573c07c5f75bc6cbe67d2b769aee9ef402b2c14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7117
x-amzn-requestid: 470b959f-7f5f-4a64-8d8d-bfc91856fad2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dUnBBFhZIAMFhiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e8539-3916bad034c86d5503e456f2;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 03:12:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: n0BaTqs_U_Apyf2luwRS_FHBH-Tkf6NEq59S3IwJxBiiROghmg1yvg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 06:25:06 GMT
age: 72977
etag: "d161c613f1491ae6ab63b536c50c6630e80d6382"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0029f3f-e2c3-472b-b92b-917899b028d4.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0029f3f-e2c3-472b-b92b-917899b028d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6245b142f904aef8824a55847539c0e8
fdcf061d2b42818fb4d4767a6f449755a0b86610
5b593e66cbf266e4d551390774d2d391b9e42e348fb6a8447e5f37c574fc606f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0029f3f-e2c3-472b-b92b-917899b028d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11436
x-amzn-requestid: 03a50026-b390-40c1-87f2-c374611ebe40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk3RrHRQIAMFwtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a505a4-7fad45da7d9afcc118c87170;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hrLGzcFRNgKUbkNfRXjvFgyo3A4jzoBHNNkcZh4jGfzg2XpsVyAJUw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:41:43 GMT
age: 3580
etag: "fdcf061d2b42818fb4d4767a6f449755a0b86610"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
doktorgulzar.com/js/bootstrap.min.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/bootstrap.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:26 GMT
etag: W/"63406d36-c5f4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/css/icomoon.css
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/css/icomoon.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /css/icomoon.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 18:17:49 GMT
etag: W/"63406d4d-13803"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/jquery.min.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/jquery.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:31 GMT
etag: W/"63406d3b-41706"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/
93.180.134.229200 OK 0 B IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/css/owl.carousel.min.css
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/css/owl.carousel.min.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /css/owl.carousel.min.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 18:17:50 GMT
etag: W/"63406d4e-d70"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/owl.carousel.min.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/owl.carousel.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/owl.carousel.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:33 GMT
etag: W/"63406d3d-a8e5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/scrollax.min.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/scrollax.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/scrollax.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:33 GMT
etag: W/"63406d3d-1d17"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/jquery.waypoints.min.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/jquery.waypoints.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.waypoints.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:32 GMT
etag: W/"63406d3c-2283"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/jquery-migrate-3.0.1.min.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/jquery-migrate-3.0.1.min.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-migrate-3.0.1.min.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:17:27 GMT
etag: W/"63406d37-2c9d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/google-map.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/google-map.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/google-map.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 14:06:13 GMT
etag: W/"638b57d5-798"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/js/element.js
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/js/element.js
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
Analyzer Verdict Alert fortinet Phishing
GET /js/element.js HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: application/javascript
last-modified: Fri, 07 Oct 2022 18:28:26 GMT
etag: W/"63406fca-14e76"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/images/mezoterapi-nedir.png
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/images/mezoterapi-nedir.png
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /images/mezoterapi-nedir.png HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/png
content-length: 233404
last-modified: Tue, 18 Oct 2022 22:20:11 GMT
etag: "634f269b-38fbc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
doktorgulzar.com/css/animate.css
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/css/animate.css
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /css/animate.css HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: text/css
last-modified: Fri, 07 Oct 2022 18:17:48 GMT
etag: W/"63406d4c-11fa9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
doktorgulzar.com/images/Kalici-Dudak-Dolgusu-1170x700.jpg
93.180.134.229200 OK 0 B URL HTTP/2 doktorgulzar.com/images/Kalici-Dudak-Dolgusu-1170x700.jpg
IP 93.180.134.229:0
ASN #213301 SURVIVOR Bilisim Teknolojileri A.S.
GET /images/Kalici-Dudak-Dolgusu-1170x700.jpg HTTP/1.1
Host: doktorgulzar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doktorgulzar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 02:41:21 GMT
content-type: image/jpeg
content-length: 63574
last-modified: Wed, 26 Oct 2022 16:26:41 GMT
etag: "63595fc1-f856"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2