A bizarre impossibility

So I opened a disp vm. I was browsing a site, Orange mobile to be precise. I clicked on a link which lead to a sign in page. I wasn’t going to sign in (I have no account with them), but there was a account already registered there?! It was saved, like what happens with some sites, and all one needs to do to access would be re-type a password.

But my question is… HOW did this occur in the first place?! I don’t know the email address, I havent ever even browsed to this site, that I can remember. Certainly not on Qubes, and certainly not on this fresh disp. Opening a new disp does the same thing, with the same email address.

if it’s Firefox, could you open the menu and click on password in the list, and see your firefox has registered passwords in it?

It’s mullvad browser. But I have a disp set up with Firefox too, and that’s the same. They are both exactly as default. Navigating to the same site on a different device with different a different os doesn’t yield the same results.

Can you share the website url?

Could be that the site does this automatically based on IP and maybe someone with your current IP logged in there with that IP at some earlier point; if you’re using TOR then the exit node IP would be relevant and make it far more likely that someone with the same exit node logged in there.

Yep, it’s just orange.fr

It’s not tor. And the same result happens with a vpn or not.

That site either blocks Tor traffic or doesn’t even support HTTPS.

It’s not tor, as I said. Plus I just typed it, it’s an auto link. The site is https://orange.fr. It’s orange mobile, not some weird site,

On this website it says this in French (I translated it into English):

Connect by wifi or Ethernet to orange.fr, then click on “Identify yourself”.
Your e-mail address will be displayed automatically.

So they keep this info based on IP it seems.

Maybe, but what info? It’s a random email address and it’s a disposable aube. Where does the info come from?

They keep email addresses based on IP from what I understand. If you are using an orange IP, they may have registered that mail from someone else before and are serving it to you somehow.

If you are using a VPN, could you try without the VPN?

I considered that. But it’s not an Orange connection, it’s the same result with a vpn too. I also have no idea what the email address is. It’s my home wifi, nothing random

It’s the same

Can you confirm that you can reproduce this with a new disp with vpn enabled? Make sure it actually works, it might be leaking. Use something like https://ipleak.net/

I have checked it, and it occurs with new disp vpn or not. And I checked with ipleak already - there is no leak when on the vpn

If it’s not IP based then it could be based on user agent or other identifiers…maybe try with a disposable based on a different base template and a different browser.

It is strange that they serve you the same mail with and without vpn on 2 different qube. They should at least be different since the IP is not the same.

Tried with different browsers (same result), ill just try with a deb template…