{"report_id":"6e502b54-9421-4b6b-9b7d-a1cda6e44aaf","version":6,"status":"done","tags":[],"date":"2026-04-09T09:00:25Z","url":{"schema":"http","addr":"mailing.smeg.mc","fqdn":"mailing.smeg.mc","domain":"smeg.mc","tld":"mc"},"ip":{"addr":"217.74.111.248","port":0,"asn":8399,"as":"SEWAN SAS","country":"France","country_code":"FR"},"final":{"url":{"schema":"https","addr":"postmaster.sarbacane.com/","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"title":"Report Email Abuse | Sarbacane Postmaster","dom":{"size":9908,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (374)","md5":"09c68659be9497c94f1c4c8daf1bfbab","sha1":"885f7425d97c151b6fba4d6e5376a9cd5865d8d9","sha256":"cb0c1e259fe7d6763308093808a4e58894def4f102c8e181292dc2d9cbf722ca","sha512":"10455e9dfbc4700150ec844dc591524e2e0c099fbef7e91f4ad5d532a5c2c8f4b90f5b954a742a74594b29bb2c0aece26f5cac627dc8166c1d5dc3fc682cda91","ssdeep":"96:n4ASA1xci8IyNnSQCxhWbJedUNCN3Q+QNa9XAuIngW9eZzFPXmLR9JzumIR1:6A1xRbyVFCTWQN3KWXLqgW0ZzA99dg1","tlshash":"b412533546f8512b2281d1c4fa62ba7ded82d117dba39845b9fc43c86f83d6bc8a710d","dom_hash":"domhashe6ef0be7b1254f23ca65f406174695b1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"mailing.smeg.mc","fqdn":"mailing.smeg.mc","domain":"smeg.mc","tld":"mc"},"ip":{"addr":"217.74.111.248","port":0,"asn":8399,"as":"SEWAN SAS","country":"France","country_code":"FR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-14T09:00:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-05T22:20:18.514512Z","alert_count":0,"request_count":2,"received_data":27918,"sent_data":1095,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"postmaster.sarbacane.com","ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"domain_registered":"2007-07-15","domain_rank":0,"first_seen":"2012-10-28T17:08:42Z","last_seen":"2026-04-05T01:49:51.508489Z","alert_count":18,"request_count":18,"received_data":136046,"sent_data":8344,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-05T22:16:34.770209Z","alert_count":0,"request_count":4,"received_data":171360,"sent_data":2193,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mailing.smeg.mc","ip":{"addr":"217.74.111.248","port":443,"asn":8399,"as":"SEWAN SAS","country":"France","country_code":"FR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-09T09:00:25.932852Z","last_seen":"2026-04-09T09:00:25.932852Z","alert_count":0,"request_count":1,"received_data":14325,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"www.sarbacane-cdn.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-08-22","domain_rank":0,"first_seen":"2018-05-06T11:09:38Z","last_seen":"2026-04-05T01:49:51.481868Z","alert_count":0,"request_count":1,"received_data":1724,"sent_data":469,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"postmaster.sarbacane.com/script.js","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"a21f38f15bcccb23105255adbdb2114f","sha1":"4c44c7c5e32715f3568886511d4aa8ae02b8b9c7","sha256":"b69ff895590930f30757ab8131733ad4cb4204e713a3b53a9f2b6d2f222c5e97","sha512":"573056da393733021234fff5b91216ebc07a7ed35c3660c105b0a6bce657033638415d22430231abc9ab5eee5f9c36c6689be8aeb770c267db988112b648871e","ssdeep":"192:F5NrSvifCwbnWb2QECfWSN3xQRrsbiySc13dbVF0uItXuWhbCubambu+xex:TN2viqwbnWb2QEA3dORre","tlshash":"f80243d63fe1523406dba3b76acd729af874d5047ae2e8049e54d11909a5faec32f3c0","size":8567,"data":"","first_seen":"2025-07-03T11:03:43.290939Z","last_seen":"2026-04-09T09:00:30.382677Z","times_seen":64,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 09 Apr 2026 09:00:03 GMT\r\ndate: Thu, 09 Apr 2026 09:00:03 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4887,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"3fd96ba77783845730c343cf00ac7a93","sha1":"bc4f7f4f71aeae387232155c55c4f031c5f3f769","sha256":"27b95b2fcbc857ba25f7e5a707c5c4c06c5cf93415519b7669c19f4045edca37","sha512":"20b137cf9c61842c7bad62dd6c36125833022552379ad97324dbee2c2e9cb0303b17a9aee813ea2bcdbb68541c8c6edbfecfcfb2858cf27c2cff480d756d80cd","ssdeep":"96:aYg4aMzqYg4aybFZHYg4agkYg4aUJ3vYg4aERYg4aYGJc+uTYg4aR6NDO4a3qO4L:vywfydyGy63gy/yFVyR73xpmj3U8fHN","tlshash":"37a1ed91006f9104ea431dd627cf7e32ad8e51956082e27d6ffd2dca6cdbd23122874c","first_seen":"2025-09-10T21:50:06.177565Z","last_seen":"2026-04-09T11:16:58.235697Z","times_seen":11589,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":78,"dns":1,"connect":7,"send":0,"wait":19,"receive":0,"ssl":80},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:41 GMT","end":"Mon, 08 Jun 2026 08:38:40 GMT"},"fingerprint":{"sha1":"03:81:A0:0E:E1:9B:80:A3:BC:CD:F9:25:A5:7B:8A:43:07:22:C6:00","sha256":"73:8D:9A:B1:F0:C3:6E:8F:EE:C0:2F:99:C8:89:24:16:9A:DB:D1:9C:27:5D:8A:7A:A8:2B:0E:10:42:28:53:7F"}}},"request":{"raw":"GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 09 Apr 2026 09:00:03 GMT\r\ndate: Thu, 09 Apr 2026 09:00:03 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21659,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"17ded04af7b0636d4f8c934291f09ac8","sha1":"d7766b8a83cf1d92c52f7a94654999e4b033365e","sha256":"54985fb48cc0470e63eaaf30034b348ed6bd73cac3f6a759bc1a1c19387af7e7","sha512":"ce25e5ca2afca5d262b17c8d5c5667cccaebce41eacc6afb16f5cd89a838bfd3192564f9a28b450646f2a2fd76414c462f095065c3a45ca72ce31df9c257748d","ssdeep":"384:H3w3s3VR9xqWSUq+DnLami0A0BNBOi/mkX:XEA3mkX","tlshash":"5fa27ad1087be114ab871cc122cf6d36ee0ea254b850e9786bfd1cd8ad97c654371b2d","first_seen":"2025-09-17T03:38:53.893526Z","last_seen":"2026-04-09T11:28:36.490954Z","times_seen":35750,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":78,"dns":2,"connect":7,"send":0,"wait":18,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/logo-signal-spam.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/logo-signal-spam.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"4148-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 16712\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16712,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"34cb363219dd93ccbf76900155f9c3f8","sha1":"215f366c05859b5000a8e7c60c5da1f73ca5bbec","sha256":"e6e909a1061be0e02875e415df17db1652d8420b151f15edfdb5481448ab6c44","sha512":"51a087209e3767879f5ed56b73493390b0066b8b18cccd7027868a18e6a179788c7b3b6f25af4e08ea93187d55069d365115d6ccaf3db9fb7e8b3a9dc2d02b33","ssdeep":"384:8O7LwkqpSF+dFCf44NcoqwVy12hS1Gt6GlL/Q2d9spjam7OHCl:Ex2hSclzrYWmL","tlshash":"ae72adda929473e4f1b1b7f88e2762e136db78fe7a73db5083429ab1b91104c4c4c859","first_seen":"2025-07-03T11:03:43.298645Z","last_seen":"2026-04-09T09:00:30.358104Z","times_seen":65,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":98,"dns":0,"connect":0,"send":0,"wait":36,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/logo-positive.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/logo-positive.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"5c5-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1477\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1477,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"26b2ebe45bb10bb97dabb67b1a189b07","sha1":"2e81cb42343c72badc8d5fc345fc845a63bc1aba","sha256":"775456adfea86ca342a6f6fe55e021c644b192e63b7be98a3498035d1112ede2","sha512":"f4a3d2c58c36be3c1d772c9dbdc22b1d4f34a3cc04e8ecb8238a8483ab983f1176c1ebeea127b32ffbe4a134ad33cb09dc46fd87bf288725803b934ba9c63405","ssdeep":"","tlshash":"81313568225eba25ee08d3ddc652e434099711d38fa1c0b803a92eabd810c4e55ebad8","first_seen":"2025-07-03T11:03:43.281561Z","last_seen":"2026-04-09T09:00:30.35891Z","times_seen":65,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":141,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://postmaster.sarbacane.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7816\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 02:12:26 GMT\r\nexpires: Sun, 04 Apr 2027 02:12:26 GMT\r\ncache-control: public, max-age=31536000\r\nage: 456458\r\nlast-modified: Mon, 15 Sep 2025 16:35:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7816,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7816, version 1.0","md5":"25b0e113ca7cce3770d542736db26368","sha1":"cb726212d5d525021752a1d8470a0fb593e0c49e","sha256":"9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526","sha512":"a0d331e62ab4727f49ca286a1ee7fb81cddc5bb9edf71ef84f4bd4fa1552069af1a82752011ba88fae80862d034135926b7e99d70e59d626d66d4ede90e94c30","ssdeep":"192:Agw5ksLwlyK8F2BXU96Fc575OI3+ga534SlEFwTG4ovej9be:Al5y8FSUMS5VOq1KISlvS4ov+4","tlshash":"a3f1af19d5de5a73f80032b45b6911ba7e42fa83bc68bbedf8046a10ad542cb467cc91","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-04-09T11:28:36.512536Z","times_seen":207103,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":89,"dns":0,"connect":9,"send":0,"wait":25,"receive":0,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcCm3FwrK3iLTcvnUwQT9mIzF59cKw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/inter/v20/UcCm3FwrK3iLTcvnUwQT9mIzF59cKw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://postmaster.sarbacane.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 79496\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Apr 2026 08:40:42 GMT\r\nexpires: Fri, 09 Apr 2027 08:40:42 GMT\r\ncache-control: public, max-age=31536000\r\nage: 1162\r\nlast-modified: Tue, 09 Sep 2025 18:37:29 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":79496,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 79496, version 1.0","md5":"ab98228b3e92ae3e3f241e7a9b7ca630","sha1":"ebe06739d95b60454d7b38a440ffe8db64df00c1","sha256":"041ef627fbae99b122618fe3914efbabe716463067148fc551b77e2f6182904b","sha512":"464a8d440bddd2b41072d14c1f5d9085d44e50050f1c7c0ef95da36cb595ba7598381f1568499c211a7f016c6c89b2adbc98d9684a330bc28bb7960637e5b040","ssdeep":"1536:c9KU3q+E7Djj11CR9bwL7KzFXE4yJwwoFrELz/6aJoC+T+pF2B7KU+lVDVtW/:c9t3lELOR9bOSZnwoFrQz/6autapFbU/","tlshash":"dd7302887d3e54bc5f9311b0d069399bee6a2f433d3a7d00ce9faa1c4511b5920396c7","first_seen":"2025-05-29T18:51:29.056319Z","last_seen":"2026-04-09T11:16:58.237416Z","times_seen":2526,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":82,"dns":1,"connect":7,"send":0,"wait":10,"receive":16,"ssl":85},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-09T09:00:03.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"36f7-636056f0bb2d2-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nContent-Length: 3267\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14071,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"9796585d67d3ef1c2c50b0be4f062212","sha1":"6d4ba0728f62a7737d80d352c56107489befdecc","sha256":"0e2129dda9abce2ea33fdbef65f9bb68a78dac74566578e459c5de1f1e303bf9","sha512":"5624cb3bade052ba81b9d1720711aa34d06d242dd587c61d99843870e6eb606434f12e070907a12ca9f73512428c692d2a941d8e9b8a4faf4c1a98b662e43388","ssdeep":"384:0TIIPfO3ina23V8NASMbzxCzUz01hdsPER:C58V2vVxu1T","tlshash":"96522f3419c8501713b6c1d9ee22ba6dec818147ab43a449b9fc63872fb3e6bc5d314d","first_seen":"2025-07-03T11:03:43.286183Z","last_seen":"2026-04-09T09:00:30.361066Z","times_seen":64,"resource_available":true,"data":null}},"time_used":443,"timings":{"blocked":197,"dns":28,"connect":48,"send":0,"wait":48,"receive":0,"ssl":119},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/logo-sarbacane.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/logo-sarbacane.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"3b39-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 15161\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":15161,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"10605177dd7c84d8fd90c83f0e9fbd14","sha1":"46579abfe70b1267e46907d008d829741b6cdad8","sha256":"0453e766c676184dad9586363e74c103958011e7e85cc99745856c8051c44b55","sha512":"b6bea42c87a271c6a003982dd9767e5451949c1ea5a06dd87a91572bcfc6afcfd12b7c963b5d9ced6e6bd4079ae92d28ed74cb04abba52826075dba93f381c93","ssdeep":"192:vMcaFmqAzUi3HSTVXaUvjoC+YJM3NuY9VLqRrWUng1vUtVmVIjVRWVmVKCX2eViS:593HSxX5vsCH6N39ERnvwKrWwMewS","tlshash":"496231b713a4dec5964087585be4920c3b3ce6e6b0fad0c0b74e18a55f14afba23de51","first_seen":"2025-07-03T11:03:43.296634Z","last_seen":"2026-04-09T09:00:30.361645Z","times_seen":65,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":97,"dns":1,"connect":50,"send":0,"wait":50,"receive":49,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/antoine-delecourt.png","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/antoine-delecourt.png HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"120b-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 4619\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":4619,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 73 x 74, 8-bit colormap, non-interlaced","md5":"3a8a28f1052298e438053e4fdbc14c28","sha1":"1bee948b46d5a7a94e2e6e3308a5141689be7a38","sha256":"be77cd1e967d163bec2e13f27e86a8cd6b8f847945e2a5c81240a8efa06687c4","sha512":"fa1d8a176bcc02e481f77a2f92ea85871038c32b767ca07b08c0335c52ac665c440378dd269fc150246e465346d3b90341c38da798c92b03b1f9324f748a248c","ssdeep":"96:5KYwpe7hpYIeLekgCvi0yfMa6ibs9th4Z:5LwpknYIeLekgb0yEa6xtyZ","tlshash":"8e916cf5bbbce4c9badc8a1100cfa76915c3d4b0a75c9aea208c8fdae5590419d14b0e","first_seen":"2023-07-14T16:35:55Z","last_seen":"2026-04-09T09:00:30.362144Z","times_seen":75,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":96,"dns":1,"connect":49,"send":0,"wait":49,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/logo-ft120.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/logo-ft120.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"3bab-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 15275\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15275,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"09a53c7e2f846820d6d0e6ce0930f99b","sha1":"9dff0c79616c31fc330e9f4308336189b4e12505","sha256":"643dbf0c32c8070070a02b75429a2db251e8de4264e60a43a99dec4e8f773c8b","sha512":"7e9f212aca3ae91910f2d0dc70782d6d3152c6c312daf0066bccde535354a6819bd76606616d5025b75af1c31ed4796aa6f9f9e621fc21a43850278a0e495f58","ssdeep":"192:UWFCSXgkPA2iT6H444d4aIAIx2+CyvyS+SKu4vmjxjBXQqcT/:DGkP66SIAIxFD99xZcz","tlshash":"c76265d1239cd071ea160389fb5ab0b1905638f97a8941585a992d7fbc0c38e6d7fec3","first_seen":"2025-07-03T11:03:43.282581Z","last_seen":"2026-04-09T09:00:30.362747Z","times_seen":65,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":140,"dns":0,"connect":0,"send":0,"wait":49,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/logo-facebook.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.744Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/logo-facebook.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"2b0-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 688\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":688,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a7262a641ab2542d7ac7fc102633e6c5","sha1":"da6ba8174b100826809e9fe53d765b198618b79d","sha256":"3a0f0abfa8160d26533161b8c6ce6d9dd63d66941df6406154cfb967e4e9b24a","sha512":"83b955d6b725d2097ddc121d3a501413212576ec02dd0b4115c573210fd19daea75523a2c37be4352fa12bfb0e3c3c6a7a8593328ec0473ac73a0421646afc2a","ssdeep":"","tlshash":"30019ef142edb2894b058711e328b47a819373b5a748cd54e0c86b79ec9911b6e8fb98","first_seen":"2025-07-03T11:03:43.288365Z","last_seen":"2026-04-09T09:00:30.363276Z","times_seen":65,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":162,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/logo-x.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/logo-x.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"1f5-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 501\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":501,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2f60d9f46eb89b1e4481f7ca6228e086","sha1":"4e094446fdd47510958997946736bdd233a252b6","sha256":"f9673439e98efda52f4d6e53df959de6188c7f5cbf0a556275567ac7548f1fed","sha512":"3a6cc78e0ea72fec5fd72b91202ba917475b8efe0a896c6dc465ce5a7ff9054944ab3cbb45aa0a48225fb40cb9ba5c7a267fc5dca9c770fc5f5c2c1a3bab1a1c","ssdeep":"","tlshash":"a6f059f9c1fea10186165b25bb6f20f9740b60d297ce11f8d158a43a785064f9d44cc5","first_seen":"2025-07-03T11:03:43.294956Z","last_seen":"2026-04-09T09:00:30.364784Z","times_seen":65,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":186,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/favicon/favicon-16x16.png","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:04.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /favicon/favicon-16x16.png HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:04 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"274-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 628\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":628,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"dc6cb2b7f4943eb364dd2d0932344083","sha1":"1ea5659bce23f6d52614e9e6f16e3e329a6cd7dd","sha256":"3251ba027d6acf2189a9b43a19e4d23e4e5e01f4e6b0aa2b9211fa4e0def51c3","sha512":"670d97a4a55d1d6cace0d14a2df5150a4f6af99a8e2f59e39b02668a8b0c1b4d25ae57199dd631fe369b2a0335722f50e011fa6988adeab009466dc00b28bd30","ssdeep":"","tlshash":"87f023423722fdf2b7aad93e9661482cac30520601e074f87a89d80c8a5400844b1a52","first_seen":"2024-04-24T08:19:40Z","last_seen":"2026-04-09T09:00:30.365459Z","times_seen":70,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mailing.smeg.mc/","fqdn":"mailing.smeg.mc","domain":"smeg.mc","tld":"mc"},"ip":{"addr":"217.74.111.248","port":443,"asn":8399,"as":"SEWAN SAS","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-09T09:00:03.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mailing.smeg.mc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 14:25:46 GMT","end":"Sun, 14 Jun 2026 14:25:45 GMT"},"fingerprint":{"sha1":"1E:0A:BA:EB:DA:94:67:E8:7C:C2:B3:4C:FA:8F:9B:4D:D4:80:4F:B0","sha256":"E8:45:89:B2:2D:B1:8A:60:70:F3:7A:3B:03:9D:DB:D8:2A:13:4F:EA:42:37:AE:A4:69:5B:DE:7E:B2:4A:06:C2"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: mailing.smeg.mc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLocation: https://postmaster.sarbacane.com/\r\nContent-Length: 307\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":14071,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-09T11:28:36.478556Z","times_seen":13537782,"resource_available":true,"data":null}},"time_used":334,"timings":{"blocked":150,"dns":73,"connect":34,"send":0,"wait":34,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/styles.css","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /styles.css HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"2796-636056f0bb2d2-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nContent-Length: 1873\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10134,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (10134), with no line terminators","md5":"8d5d9a525b6e7b6f51992d1b5b309cd5","sha1":"161bea68403974dbf2a09d999abcfd14653ea073","sha256":"1c1f2a32bcd3d1ffcbc61f66008ffa6887d208f681f9ef7e26461de613aa7758","sha512":"0e64a4f21fb4994dc65d300e193f8c88ca5c80c20e99979e453811f2e60a8c6837d11534caec15c92d6b7fbbed1582990113f8ce1f60a4bff510b51ff87ff04f","ssdeep":"192:Qi8747qv/MFnwtLP3pGj3zMxVmaK/FOBEjE:QiTC/MFnwtL3cjjwVBK/F2EjE","tlshash":"fa224021ef1b0a3cb667a44db06b969c8b14da36c1aa35e6f855d328cdc73c506b374c","first_seen":"2025-07-03T11:03:43.295781Z","last_seen":"2026-04-09T09:00:30.367701Z","times_seen":64,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/logo-youtube.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/logo-youtube.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"3bc-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 956\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":956,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1b78da783251b4fd65765616c17b2bb6","sha1":"f3a116a0501bb0da9124c9615253bc7530a021da","sha256":"c08f20d2db9e26a914ac0719a9234d660d341878906a34b1ab524fc3d503cd3e","sha512":"10d9909fa818d6bd4a97a1a8ae3d7e6da3bda038ccb05d85a20d1c18f6e9faa8e57cb12664dd843e8afe682ade686862e4af447b2ef51f45f55d873a6220a8d6","ssdeep":"","tlshash":"0011b1bcf288c150e716eff1d77f90f4455e66b68d13f3450898e1b054a206fe40ca46","first_seen":"2025-07-03T11:03:43.286836Z","last_seen":"2026-04-09T09:00:30.36839Z","times_seen":65,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":187,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/logo-linkedin.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/logo-linkedin.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"3ee-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 1006\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1006,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1bd88555dbe08a7080c90c1bd30fd566","sha1":"ba25095446b649f8058714dd48359c451ef30b29","sha256":"769e1d6819b0ecb5f798f84b0740a727460c38cc48efeb9ffd0d03779328c907","sha512":"cf0952bde34fa16b4210ad177fa19c40e4bcfb9fe98522ec43ef364bb815c099add8078c277d3819267047b772325579ce593a1523094034616350a5f96e2954","ssdeep":"","tlshash":"3211256cf2d8c4289b05cb50872532b850553b7e57259209e0e9f3f07118b9e5535cd4","first_seen":"2025-07-03T11:03:43.29029Z","last_seen":"2026-04-09T09:00:30.369539Z","times_seen":65,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":81,"dns":0,"connect":48,"send":0,"wait":50,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://postmaster.sarbacane.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 72964\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 04 Apr 2026 01:56:53 GMT\r\nexpires: Sun, 04 Apr 2027 01:56:53 GMT\r\ncache-control: public, max-age=31536000\r\nage: 457391\r\nlast-modified: Tue, 09 Sep 2025 18:33:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":72964,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 72964, version 1.0","md5":"91247c94dcda6ff52b445d71d6bbfb81","sha1":"ad2f62363ed047b430b91f32afa31df51fcd7c5e","sha256":"6a3c3e024b31eeacbf1f19c3c7be78612d91c623186f64035a50038241dad4f9","sha512":"a12dcac84e9f9ae02df3aabe29d76994281cd1005edca471194605cfcd6a0456eec872fd28c63c72ae124804d0b47d8377048caae49c40b0a18b5d6be4d6213f","ssdeep":"768:zbw+rLBkMxbCkupj4Y69/Yr71+j9pWiKahMM6+AWEqXB0oGuNGku+QCcIKE205C7:zbw+iwuS/iZWeaO1zP1/9Esvf8fXnm1","tlshash":"8f6302244e3c50c2a54d33aa286940f6f6e79c75b2b79ba4a69c589cd410f329cdfdc4","first_seen":"2025-05-29T18:51:13.223047Z","last_seen":"2026-04-09T11:16:58.223765Z","times_seen":19120,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":120,"dns":0,"connect":20,"send":0,"wait":9,"receive":4,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 08:38:40 GMT","end":"Mon, 08 Jun 2026 08:38:39 GMT"},"fingerprint":{"sha1":"93:71:51:4C:A3:35:66:7B:96:98:73:5F:8A:D5:61:38:29:33:E3:58","sha256":"A7:C2:55:50:7A:01:61:98:C7:16:8F:8D:72:97:DD:77:B2:9D:D8:18:29:80:41:DE:61:95:42:E5:0F:79:FE:EF"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://postmaster.sarbacane.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7748\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 03 Apr 2026 18:54:17 GMT\r\nexpires: Sat, 03 Apr 2027 18:54:17 GMT\r\ncache-control: public, max-age=31536000\r\nage: 482747\r\nlast-modified: Mon, 15 Sep 2025 16:36:26 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7748,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7748, version 1.0","md5":"a09f2fccfee35b7247b08a1a266f0328","sha1":"0da2d17e738f46d2a09e6fb7969da451719a9820","sha256":"cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446","sha512":"5e3f9a298003b84250ec6801e08ad2a4ff8845d4c3e13ea61bec37da24d26ede13b436257882124cc0c27e9a323ba92e7d23c6ad3f48a7b75535f5ed98813a0e","ssdeep":"96:0g6vAF/FXh6MmoI56TEwosGU/DbVF/QBT1gaHEYT6u/w3hXLbJPAS772+6haAftj:zp6x6TYpoDYBJg8TRkbJPAS/2+CzQa7","tlshash":"f3f19de65d1e5e8980f0102f6f6efce767950d88141dadf9a9e72f884c6ba1b04c90cd","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-04-09T11:28:36.518603Z","times_seen":195700,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":137,"dns":1,"connect":22,"send":0,"wait":11,"receive":1,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/logo-dma.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/logo-dma.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"e7d-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3709\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3709,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e77ec24c62831a65842c4d5c3bacc0db","sha1":"dbca3bfbed6b34213a80a63ce7391d8c11f577a9","sha256":"39bc7708ea887b1f3815661aa722938ad099b48ae3b1580e2761fd285bdf8db3","sha512":"8760ab7a5fa3df24d5351bcf4498feb98f6f564cfdf89f3122a598879ff4541892400dfe2af14fdb011b9b078af936eb73a5726ca5aefc88c67380c73bf3c19e","ssdeep":"","tlshash":"61716bd9a5a2abd4958d33fc5d3576c0378b3cba2b73a3e9824ac7317c1109cc858895","first_seen":"2025-07-03T11:03:43.293655Z","last_seen":"2026-04-09T09:00:30.371361Z","times_seen":65,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":100,"dns":1,"connect":49,"send":0,"wait":49,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/logo-afcdp.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/logo-afcdp.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"1913-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 6419\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6419,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e89049af49d7f8770c994ebbb50b08ac","sha1":"cc5b3558ecfc3451c751862cc8c7a9628f61f344","sha256":"d1abcd7c29a125f3d11ebb030f1074ee2a4dd9877b11c2544d0b03ae3d35cf71","sha512":"94541e0aefacafbc7bf3b6ebd7ce64f81bf2a4f0fb64d3ff8bd70b369ee221c2e91bd21f2c0bc4205b2084a96602a86df4f0fb642cc4b70b897d4e0ae8019ee0","ssdeep":"192:gDnkeF1v1MlkilPLJvH3fSjLsJ3Cmi+EKbaam:gDnkc1v1MlkilPLJP3KQHi+EKbPm","tlshash":"c0d131d632a661e6e2409bec9e1395a13d9bbcff3f639170c340aa72f92146ccc49951","first_seen":"2025-07-03T11:03:43.289559Z","last_seen":"2026-04-09T09:00:30.372487Z","times_seen":65,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":141,"dns":0,"connect":0,"send":0,"wait":50,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/separator.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/separator.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"98-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 152\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":152,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8b0d1972f988e508a459518d664107e9","sha1":"1dbd6022fcffba7712b8b5b823ad39bbcceac5cc","sha256":"fe120a9d4f49d9461c0ff884f28ab694651d857187b0d729f5929ecd3d248f39","sha512":"c979356fcfd40009a4ff5d1a3ae2d9393a05aac3ffeddeb149881ccbe6e1a96febd74feddfbb7a391f5d4c4d04c9b2b5184b30e5d4ba232cafff14413448cbf5","ssdeep":"","tlshash":"b3c08ca991ec8c00c3098230b768a086559ba1c392cc01a4d980642671506963c162fc","first_seen":"2025-07-03T11:03:43.294365Z","last_seen":"2026-04-09T09:00:30.37872Z","times_seen":65,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":146,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.sarbacane-cdn.com/img/layout/footer/chevron.svg","fqdn":"www.sarbacane-cdn.com","domain":"sarbacane-cdn.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sarbacane-cdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Feb 2026 11:27:49 GMT","end":"Sat, 16 May 2026 12:25:31 GMT"},"fingerprint":{"sha1":"A4:08:6B:04:80:99:57:E2:72:FB:91:9C:29:EA:BC:50:62:2C:B9:F5","sha256":"8D:1D:AD:59:B8:12:B8:90:E5:BF:1C:7A:78:39:DB:32:EC:44:D5:AA:C1:81:9A:EA:70:97:B8:CA:31:F2:FC:7E"}}},"request":{"raw":"GET /img/layout/footer/chevron.svg HTTP/1.1\r\nHost: www.sarbacane-cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 09 Apr 2026 09:00:04 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Thu, 22 May 2025 09:16:37 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UuN2Qfzfjho6xoJ%2F88xLJfLD%2FMVNmjfkJm0qC0q8hD1wbnFZpWI90wLi84y3us%2FjVRt3qGYt%2F8hkp8UzOUSmTsezKLFNhUMjELLuj8YuT7KOB3krG7WAfDIxkDVZsZV%2Fuzn2TU8fH%2FI%3D\"}]}\r\ncache-control: max-age=5356800\r\ncf-cache-status: REVALIDATED\r\netag: W/\"3f5-635b5f04a9a4a\"\r\ncontent-encoding: br\r\ncf-ray: 9e9851bb99a90afa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1013,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2b79dbc51809babb0ef50d12425f1ba6","sha1":"c89db57dc34eef3780275f07ec29af6a5ab50e96","sha256":"2203e49159874f2670a1f65700c3e82bd61808856443e118760a9f7ee4059140","sha512":"95db5261bcc6e2c36a0b9076e48914cf6c753111e426749caa73fec4fa90dd8185760d3926402ca6c52735a9b4bfc4704ce75e6572762d4c99abb34891e5de36","ssdeep":"","tlshash":"8c11cef511ac47e19003f7a8e465a937b38e10b6fffb029640c15d08b16a5ca9d5ed80","first_seen":"2025-07-03T11:03:43.297322Z","last_seen":"2026-04-09T09:00:30.380787Z","times_seen":65,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":27,"dns":19,"connect":1,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/img/logo-instagram.svg","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /img/logo-instagram.svg HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"eec-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 3820\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3820,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"923d4f43ff9465ba119d002995629311","sha1":"9cf5ee43d952409b2c53aca346028c73e95fdc39","sha256":"1608a164ff6145cfd98c03d69418f35a763b36d43de1267c6484034a3dac4fc4","sha512":"4950f9587f78da72ea0b46596b3ee8fb4efff93cdf34d26857ff811aefec7ea149c8d322b660ba1aaa313c6cfba59a85934166034fd65048827cc688f56ef4e5","ssdeep":"","tlshash":"467142e8b7ed62e08107eff4fb5b19a5ba4620f56e52c9f94390a5c0f02149c84c5cc4","first_seen":"2025-07-03T11:03:43.28492Z","last_seen":"2026-04-09T09:00:30.381718Z","times_seen":65,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":83,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/script.js","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:03.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /script.js HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:03 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"2177-636056f0bb2d2-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nContent-Length: 2698\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/javascript\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":8567,"size_decoded":0,"mime_type":"text/javascript","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8561), with no line terminators","md5":"a21f38f15bcccb23105255adbdb2114f","sha1":"4c44c7c5e32715f3568886511d4aa8ae02b8b9c7","sha256":"b69ff895590930f30757ab8131733ad4cb4204e713a3b53a9f2b6d2f222c5e97","sha512":"573056da393733021234fff5b91216ebc07a7ed35c3660c105b0a6bce657033638415d22430231abc9ab5eee5f9c36c6689be8aeb770c267db988112b648871e","ssdeep":"192:F5NrSvifCwbnWb2QECfWSN3xQRrsbiySc13dbVF0uItXuWhbCubambu+xex:TN2viqwbnWb2QEA3dORre","tlshash":"f80243d63fe1523406dba3b76acd729af874d5047ae2e8049e54d11909a5faec32f3c0","first_seen":"2025-07-03T11:03:43.290939Z","last_seen":"2026-04-09T09:00:30.382677Z","times_seen":64,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":50,"dns":1,"connect":35,"send":0,"wait":35,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"postmaster.sarbacane.com/favicon/apple-touch-icon.png","fqdn":"postmaster.sarbacane.com","domain":"sarbacane.com","tld":"com"},"ip":{"addr":"185.140.223.27","port":443,"asn":0,"as":"","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://postmaster.sarbacane.com/","date":"2026-04-09T09:00:04.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.sarbacane.com","organization":""},"issuer":{"commonName":"GandiCert","organization":"Gandi SAS"},"validity":{"start":"Fri, 20 Jun 2025 00:00:00 GMT","end":"Tue, 21 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"70:0C:28:69:65:49:08:E3:22:E2:AD:64:B2:C5:33:81:A2:E4:DC:C5","sha256":"EC:DA:0D:05:FD:BD:27:68:81:80:6A:0B:5B:F9:7A:7C:1D:AA:A5:7C:2E:F9:75:C2:79:4D:ED:65:A4:C1:17:DA"}}},"request":{"raw":"GET /favicon/apple-touch-icon.png HTTP/1.1\r\nHost: postmaster.sarbacane.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://postmaster.sarbacane.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 09 Apr 2026 09:00:04 GMT\r\nServer: Apache\r\nLast-Modified: Mon, 26 May 2025 08:07:06 GMT\r\nETag: \"52e3-636056f0c5eb3\"\r\nAccept-Ranges: bytes\r\nContent-Length: 21219\r\nStrict-Transport-Security: max-age=15552000\r\nContent-Security-Policy: script-src 'self'; object-src 'self'\r\nX-Frame-Options: sameorigin\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nFeature-Policy: geolocation 'none'; microphone 'none'\r\nPermissions-Policy: geolocation=(), microphone=()\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/png\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":21219,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"88dcd453ae1fa8b1289873a5e539a477","sha1":"c1e3e953504b5db9b2d8aab8d04a2e51bf4df071","sha256":"ef2fdf3b1cd9979d71941ea78e5af3f44390ec9d22c8cedc313f3b6e8217de31","sha512":"655fbbc6750524b5443190b1b3d6a9b62c6994c60c5b3bca4b883ae9a980a6379675a4d090c59b2e5f7fd089070d40c32b29b00038e6dd602f7034d1a4f8c4a1","ssdeep":"384:JwXHpklZsJrQbWa+YyxPwSpXmgVJwGo793HvsIYXoc8vSxjACNmuKWqE:gpkrar8WTjrMgIdd0lXN8vkjDNh7B","tlshash":"4192e1988d0ee83643422b0333fbd31dda6a45e53ff7550cb49f49acd40d6494986b76","first_seen":"2024-04-24T08:19:40Z","last_seen":"2026-04-09T09:00:30.383451Z","times_seen":70,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-09","alert":"Sinkholed","trigger":"postmaster.sarbacane.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}