webdefence.global.blackspider.com

Summary

This website contacted 3 IPs in 3 countries across 6 domains to perform 7 HTTP transactions. The main IP is 208.87.234.180, located in Ashburn, United States and belongs to FORCEPOINT-CLOUD-AS, GB. The main domain is webdefence.global.blackspider.com. The Cisco Umbrella rank of the primary domain is 32558.

This is the only time webdefence.global.blackspider.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	208.87.234.180 208.87.234.180	44444 (FORCEPOIN...) (FORCEPOINT-CLOUD-AS)
5	85.115.52.220 85.115.52.220	44444 (FORCEPOIN...) (FORCEPOINT-CLOUD-AS)
2 2	194.51.35.190 194.51.35.190	206713 (ASFTV) (ASFTV)
3 3	13.107.138.9 13.107.138.9	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	20.190.151.70 20.190.151.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.190.151.67 20.190.151.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	3

1 208.87.234.180 (Ashburn, United States)

ASN44444 (FORCEPOINT-CLOUD-AS, GB)
PTR: webdefence.cluster-h.forcepoint.net

webdefence.global.blackspider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 85.115.52.220 (London, United Kingdom)

ASN44444 (FORCEPOINT-CLOUD-AS, GB)
PTR: 85-115-52-220.mailcontrol.com

www.mailcontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.51.35.190 (Paris, France) 2 redirects

ASN206713 (ASFTV, FR)

monespace.francetv.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.138.9 (Redmond, United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

groupefrancetv.sharepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.151.70 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.151.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	mailcontrol.com www.mailcontrol.com — Cisco Umbrella Rank: 93429	33 KB
3	sharepoint.com 3 redirects groupefrancetv.sharepoint.com	3 KB
2	francetv.fr 2 redirects monespace.francetv.fr	400 B
1	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 28
1	windows.net 1 redirects login.windows.net — Cisco Umbrella Rank: 242	1 KB
1	blackspider.com webdefence.global.blackspider.com — Cisco Umbrella Rank: 32558	5 KB
7	6

	Domain	Requested by
5	www.mailcontrol.com	webdefence.global.blackspider.com
3	groupefrancetv.sharepoint.com	3 redirects
2	monespace.francetv.fr	2 redirects
1	login.microsoftonline.com	webdefence.global.blackspider.com
1	login.windows.net	1 redirects
1	webdefence.global.blackspider.com
7	6

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://webdefence.global.blackspider.com/urlwrap/?q=AXicfY5BTsMwEEXnAixYskZlF9txkpoiVSBVYkE5ANuJM06t2rFljyK4KcehVKxZ_vekp397A6oDuDsClPDVm0nUsoqIPti0cElB2BRBa3N4_zi-qVa1nQFXcLG-2iRCwIj15QqIV-EKnJhzfZLS-UIjVqqcCs4k5pTmQJh9_U3KVclRsp_bTumZlksLc6458dUmuRkOf3ajX_0y0ae-bHHiGJ4x8D7S5PGB05mW_aTN1owdNcOwVU3fOtM89k43VrdIkxt2aLr7f08DfCuAH9LuV2M&Z
Frame ID: 909E5B610BE185F0074F9F8DBDA36E98
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Suspicious Link

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

3
IPs

3
Countries

38 kB
Transfer

144 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://monespace.francetv.fr/quotidien/outils_et_services/logos_et_modeles/PublishingImages/Logos_resizes/FTVchaines_fondblanc_preview.jpg HTTP 302
https://monespace.francetv.fr/quotidien/outils_et_services/logos_et_modeles/PublishingImages/Logos_resizes/FTVchaines_fondblanc_preview.jpg HTTP 302
https://groupefrancetv.sharepoint.com/sites/monespace HTTP 302
https://groupefrancetv.sharepoint.com/sites/monespace/_layouts/15/Authenticate.aspx?Source=%2Fsites%2Fmonespace HTTP 302
https://groupefrancetv.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fsites%2fmonespace%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252Fmonespace&Source=cookie HTTP 302
https://login.windows.net/aed0e243-afb5-4e96-af34-ea4e5df4979e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=1B7F2D2B6132BE982215602B7CC9D8835CCA4E86C18671CA%2D8589E36F427983383DB7E8060BD657ABDD819363ADE0A4F027A237BD1C3E7117&redirect%5Furi=https%3A%2F%2Fgroupefrancetv%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=086b27a0%2D407c%2D3000%2Db426%2D524168c52a46 HTTP 302
https://login.microsoftonline.com/aed0e243-afb5-4e96-af34-ea4e5df4979e/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=1B7F2D2B6132BE982215602B7CC9D8835CCA4E86C18671CA-8589E36F427983383DB7E8060BD657ABDD819363ADE0A4F027A237BD1C3E7117&redirect_uri=https%3A%2F%2Fgroupefrancetv.sharepoint.com%2F_forms%2Fdefault.aspx&state=OD0w&claims=%7B%22id_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=086b27a0-407c-3000-b426-524168c52a46

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 403
User Confirmation Primary Request / Show response
webdefence.global.blackspider.com/urlwrap/ 5 KB
5 KB 1437ms
1407ms Document
text/html 208.87.234.180
FORCEPOINT-CLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://webdefence.global.blackspider.com/urlwrap/?q=AXicfY5BTsMwEEXnAixYskZlF9txkpoiVSBVYkE5ANuJM06t2rFljyK4KcehVKxZ_vekp397A6oDuDsClPDVm0nUsoqIPti0cElB2BRBa3N4_zi-qVa1nQFXcLG-2iRCwIj15QqIV-EKnJhzfZLS-UIjVqqcCs4k5pTmQJh9_U3KVclRsp_bTumZlksLc6458dUmuRkOf3ajX_0y0ae-bHHiGJ4x8D7S5PGB05mW_aTN1owdNcOwVU3fOtM89k43VrdIkxt2aLr7f08DfCuAH9LuV2M&Z
Protocol: HTTP/1.1
Server: 208.87.234.180 Ashburn, United States, ASN44444 (FORCEPOINT-CLOUD-AS, GB),
Reverse DNS: webdefence.cluster-h.forcepoint.net
Software: /
Resource Hash: 98d30d8d865c516dbe0db62f1f20d42b5a5ff44edae00645afa6757fee263a79

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

X-Bst-Request-Id: SfFmDj:jCR:14434
Content-Type: text/html; charset=utf-8
Pragma: No-cache
Cache-Control: No-cache
Content-Length: 5320

GET
H/1.1 200
OK bootstrap.css
www.mailcontrol.com/http-resources/bootstrap/css/ 97 KB
15 KB 241ms
89ms Stylesheet
text/css 85.115.52.220
FORCEPOINT-CLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.mailcontrol.com/http-resources/bootstrap/css/bootstrap.css

Requested by

Host: webdefence.global.blackspider.com
URL: http://webdefence.global.blackspider.com/urlwrap/?q=AXicfY5BTsMwEEXnAixYskZlF9txkpoiVSBVYkE5ANuJM06t2rFljyK4KcehVKxZ_vekp397A6oDuDsClPDVm0nUsoqIPti0cElB2BRBa3N4_zi-qVa1nQFXcLG-2iRCwIj15QqIV-EKnJhzfZLS-UIjVqqcCs4k5pTmQJh9_U3KVclRsp_bTumZlksLc6458dUmuRkOf3ajX_0y0ae-bHHiGJ4x8D7S5PGB05mW_aTN1owdNcOwVU3fOtM89k43VrdIkxt2aLr7f08DfCuAH9LuV2M&Z

Protocol

HTTP/1.1

Server

85.115.52.220 London, United Kingdom, ASN44444 (FORCEPOINT-CLOUD-AS, GB),

Reverse DNS

85-115-52-220.mailcontrol.com

Software

Forcepoint /

Resource Hash

0a879254a8059ffca5f46c30da040f603b9a08ec9cf769b923294da9e6669943

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' www.datadoghq-browser-agent.com browser-http-intake.logs.datadoghq.com .odd.blackspider.com: .dev-rd.websense.net: .websense.net: .mailcontrol.com: .forcepoint.net:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .walkme.com; style-src 'self' 'unsafe-inline' .walkme.com; frame-src 'self' .walkme.com s3.walkmeusercontent.com; font-src 'self' data: .walkme.com; img-src 'self' data: .walkme.com s3.walkmeusercontent.com d2qhvajt3imc89.cloudfront.net media-exp1.licdn.com .forcepoint.com; connect-src 'self' .walkme.com; worker-src 'self' blob: .walkme.com; object-src 'self' *.walkme.com;
Strict-Transport-Security	max-age=2678400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://webdefence.global.blackspider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 13:13:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: close
Content-Length: 14581
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Thu, 10 Feb 2022 10:28:34 GMT
Server: Forcepoint
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2678400
Content-Language: en
Cache-Control: public, max-age=288000, must-revalidate
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' www.datadoghq-browser-agent.com browser-http-intake.logs.datadoghq.com *.odd.blackspider.com:* *.dev-rd.websense.net:* *.websense.net:* *.mailcontrol.com:* *.forcepoint.net:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.walkme.com; style-src 'self' 'unsafe-inline' *.walkme.com; frame-src 'self' *.walkme.com s3.walkmeusercontent.com; font-src 'self' data: *.walkme.com; img-src 'self' data: *.walkme.com s3.walkmeusercontent.com d2qhvajt3imc89.cloudfront.net media-exp1.licdn.com *.forcepoint.com; connect-src 'self' *.walkme.com; worker-src 'self' blob: *.walkme.com; object-src 'self' *.walkme.com;
Accept-Ranges: bytes
Content-Type: text/css

GET
H/1.1 200
OK bootstrap-responsive.css
www.mailcontrol.com/http-resources/bootstrap/css/ 14 KB
4 KB 239ms
87ms Stylesheet
text/css 85.115.52.220
FORCEPOINT-CLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.mailcontrol.com/http-resources/bootstrap/css/bootstrap-responsive.css

Requested by

Host: webdefence.global.blackspider.com
URL: http://webdefence.global.blackspider.com/urlwrap/?q=AXicfY5BTsMwEEXnAixYskZlF9txkpoiVSBVYkE5ANuJM06t2rFljyK4KcehVKxZ_vekp397A6oDuDsClPDVm0nUsoqIPti0cElB2BRBa3N4_zi-qVa1nQFXcLG-2iRCwIj15QqIV-EKnJhzfZLS-UIjVqqcCs4k5pTmQJh9_U3KVclRsp_bTumZlksLc6458dUmuRkOf3ajX_0y0ae-bHHiGJ4x8D7S5PGB05mW_aTN1owdNcOwVU3fOtM89k43VrdIkxt2aLr7f08DfCuAH9LuV2M&Z

Protocol

HTTP/1.1

Server

85.115.52.220 London, United Kingdom, ASN44444 (FORCEPOINT-CLOUD-AS, GB),

Reverse DNS

85-115-52-220.mailcontrol.com

Software

Forcepoint /

Resource Hash

e738183a60e8cf19e763729b96c19d0ccee30f225e75ad61b8648a3cc7bfa969

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' www.datadoghq-browser-agent.com browser-http-intake.logs.datadoghq.com .odd.blackspider.com: .dev-rd.websense.net: .websense.net: .mailcontrol.com: .forcepoint.net:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .walkme.com; style-src 'self' 'unsafe-inline' .walkme.com; frame-src 'self' .walkme.com s3.walkmeusercontent.com; font-src 'self' data: .walkme.com; img-src 'self' data: .walkme.com s3.walkmeusercontent.com d2qhvajt3imc89.cloudfront.net media-exp1.licdn.com .forcepoint.com; connect-src 'self' .walkme.com; worker-src 'self' blob: .walkme.com; object-src 'self' *.walkme.com;
Strict-Transport-Security	max-age=2678400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://webdefence.global.blackspider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 13:13:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: close
Content-Length: 2809
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Thu, 10 Feb 2022 10:28:34 GMT
Server: Forcepoint
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2678400
Content-Language: en
Cache-Control: public, max-age=288000, must-revalidate
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' www.datadoghq-browser-agent.com browser-http-intake.logs.datadoghq.com *.odd.blackspider.com:* *.dev-rd.websense.net:* *.websense.net:* *.mailcontrol.com:* *.forcepoint.net:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.walkme.com; style-src 'self' 'unsafe-inline' *.walkme.com; frame-src 'self' *.walkme.com s3.walkmeusercontent.com; font-src 'self' data: *.walkme.com; img-src 'self' data: *.walkme.com s3.walkmeusercontent.com d2qhvajt3imc89.cloudfront.net media-exp1.licdn.com *.forcepoint.com; connect-src 'self' *.walkme.com; worker-src 'self' blob: *.walkme.com; object-src 'self' *.walkme.com;
Accept-Ranges: bytes
Content-Type: text/css

GET
H/1.1 200
OK notification.css
www.mailcontrol.com/http-resources/notification-pages/ 23 KB
6 KB 245ms
90ms Stylesheet
text/css 85.115.52.220
FORCEPOINT-CLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.mailcontrol.com/http-resources/notification-pages/notification.css

Requested by

Host: webdefence.global.blackspider.com
URL: http://webdefence.global.blackspider.com/urlwrap/?q=AXicfY5BTsMwEEXnAixYskZlF9txkpoiVSBVYkE5ANuJM06t2rFljyK4KcehVKxZ_vekp397A6oDuDsClPDVm0nUsoqIPti0cElB2BRBa3N4_zi-qVa1nQFXcLG-2iRCwIj15QqIV-EKnJhzfZLS-UIjVqqcCs4k5pTmQJh9_U3KVclRsp_bTumZlksLc6458dUmuRkOf3ajX_0y0ae-bHHiGJ4x8D7S5PGB05mW_aTN1owdNcOwVU3fOtM89k43VrdIkxt2aLr7f08DfCuAH9LuV2M&Z

Protocol

HTTP/1.1

Server

85.115.52.220 London, United Kingdom, ASN44444 (FORCEPOINT-CLOUD-AS, GB),

Reverse DNS

85-115-52-220.mailcontrol.com

Software

Forcepoint /

Resource Hash

2811d0858f7fd1bfe56b09e48364f36aeef4783bd2a47e17b9f6bbc54d3f0f37

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' www.datadoghq-browser-agent.com browser-http-intake.logs.datadoghq.com .odd.blackspider.com: .dev-rd.websense.net: .websense.net: .mailcontrol.com: .forcepoint.net:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .walkme.com; style-src 'self' 'unsafe-inline' .walkme.com; frame-src 'self' .walkme.com s3.walkmeusercontent.com; font-src 'self' data: .walkme.com; img-src 'self' data: .walkme.com s3.walkmeusercontent.com d2qhvajt3imc89.cloudfront.net media-exp1.licdn.com .forcepoint.com; connect-src 'self' .walkme.com; worker-src 'self' blob: .walkme.com; object-src 'self' *.walkme.com;
Strict-Transport-Security	max-age=2678400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://webdefence.global.blackspider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 13:13:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: close
Content-Length: 5183
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Thu, 10 Feb 2022 10:28:34 GMT
Server: Forcepoint
X-FRAME-OPTIONS: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=2678400
Content-Language: en
Cache-Control: public, max-age=288000, must-revalidate
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' www.datadoghq-browser-agent.com browser-http-intake.logs.datadoghq.com *.odd.blackspider.com:* *.dev-rd.websense.net:* *.websense.net:* *.mailcontrol.com:* *.forcepoint.net:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.walkme.com; style-src 'self' 'unsafe-inline' *.walkme.com; frame-src 'self' *.walkme.com s3.walkmeusercontent.com; font-src 'self' data: *.walkme.com; img-src 'self' data: *.walkme.com s3.walkmeusercontent.com d2qhvajt3imc89.cloudfront.net media-exp1.licdn.com *.forcepoint.com; connect-src 'self' *.walkme.com; worker-src 'self' blob: *.walkme.com; object-src 'self' *.walkme.com;
Accept-Ranges: bytes
Content-Type: text/css

GET
H/1.1 200
OK warning.png
www.mailcontrol.com/http-resources/notification-pages/icons60/ 5 KB
6 KB 272ms
116ms Image
image/png 85.115.52.220
FORCEPOINT-CLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.mailcontrol.com/http-resources/notification-pages/icons60/warning.png

Requested by

Host: webdefence.global.blackspider.com
URL: http://webdefence.global.blackspider.com/urlwrap/?q=AXicfY5BTsMwEEXnAixYskZlF9txkpoiVSBVYkE5ANuJM06t2rFljyK4KcehVKxZ_vekp397A6oDuDsClPDVm0nUsoqIPti0cElB2BRBa3N4_zi-qVa1nQFXcLG-2iRCwIj15QqIV-EKnJhzfZLS-UIjVqqcCs4k5pTmQJh9_U3KVclRsp_bTumZlksLc6458dUmuRkOf3ajX_0y0ae-bHHiGJ4x8D7S5PGB05mW_aTN1owdNcOwVU3fOtM89k43VrdIkxt2aLr7f08DfCuAH9LuV2M&Z

Protocol

HTTP/1.1

Server

85.115.52.220 London, United Kingdom, ASN44444 (FORCEPOINT-CLOUD-AS, GB),

Reverse DNS

85-115-52-220.mailcontrol.com

Software

Forcepoint /

Resource Hash

322f28a6cd99566089b035e83c4f580504fc5142f62b8c758ecd896121d032ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' www.datadoghq-browser-agent.com browser-http-intake.logs.datadoghq.com .odd.blackspider.com: .dev-rd.websense.net: .websense.net: .mailcontrol.com: .forcepoint.net:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .walkme.com; style-src 'self' 'unsafe-inline' .walkme.com; frame-src 'self' .walkme.com s3.walkmeusercontent.com; font-src 'self' data: .walkme.com; img-src 'self' data: .walkme.com s3.walkmeusercontent.com d2qhvajt3imc89.cloudfront.net media-exp1.licdn.com .forcepoint.com; connect-src 'self' .walkme.com; worker-src 'self' blob: .walkme.com; object-src 'self' *.walkme.com;
Strict-Transport-Security	max-age=2678400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://webdefence.global.blackspider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 13:13:45 GMT
Referrer-Policy: no-referrer
Last-Modified: Thu, 10 Feb 2022 10:28:34 GMT
Server: Forcepoint
X-FRAME-OPTIONS: SAMEORIGIN
Connection: close
Content-Language: en
Cache-Control: public, max-age=129600, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' www.datadoghq-browser-agent.com browser-http-intake.logs.datadoghq.com *.odd.blackspider.com:* *.dev-rd.websense.net:* *.websense.net:* *.mailcontrol.com:* *.forcepoint.net:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.walkme.com; style-src 'self' 'unsafe-inline' *.walkme.com; frame-src 'self' *.walkme.com s3.walkmeusercontent.com; font-src 'self' data: *.walkme.com; img-src 'self' data: *.walkme.com s3.walkmeusercontent.com d2qhvajt3imc89.cloudfront.net media-exp1.licdn.com *.forcepoint.com; connect-src 'self' *.walkme.com; worker-src 'self' blob: *.walkme.com; object-src 'self' *.walkme.com;
Strict-Transport-Security: max-age=2678400
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 5139
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

authorize
login.microsoftonline.com/aed0e243-afb5-4e96-af34-ea4e5df4979e/oauth2/
Redirect Chain

http://monespace.francetv.fr/quotidien/outils_et_services/logos_et_modeles/PublishingImages/Logos_resizes/FTVchaines_fondblanc_preview.jpg
https://monespace.francetv.fr/quotidien/outils_et_services/logos_et_modeles/PublishingImages/Logos_resizes/FTVchaines_fondblanc_preview.jpg
https://groupefrancetv.sharepoint.com/sites/monespace
https://groupefrancetv.sharepoint.com/sites/monespace/_layouts/15/Authenticate.aspx?Source=%2Fsites%2Fmonespace
https://groupefrancetv.sharepoint.com/_forms/default.aspx?ReturnUrl=%2fsites%2fmonespace%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252Fmonespace&Source=cookie
https://login.windows.net/aed0e243-afb5-4e96-af34-ea4e5df4979e/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&protectedtoken=true&response%5Ft...
https://login.microsoftonline.com/aed0e243-afb5-4e96-af34-ea4e5df4979e/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code...

0
0

320ms
127ms

Image
text/html

20.190.151.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.microsoftonline.com/aed0e243-afb5-4e96-af34-ea4e5df4979e/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=1B7F2D2B6132BE982215602B7CC9D8835CCA4E86C18671CA-8589E36F427983383DB7E8060BD657ABDD819363ADE0A4F027A237BD1C3E7117&redirect_uri=https%3A%2F%2Fgroupefrancetv.sharepoint.com%2F_forms%2Fdefault.aspx&state=OD0w&claims=%7B%22id_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=086b27a0-407c-3000-b426-524168c52a46
Requested by: Host: webdefence.global.blackspider.com
URL: http://webdefence.global.blackspider.com/urlwrap/?q=AXicfY5BTsMwEEXnAixYskZlF9txkpoiVSBVYkE5ANuJM06t2rFljyK4KcehVKxZ_vekp397A6oDuDsClPDVm0nUsoqIPti0cElB2BRBa3N4_zi-qVa1nQFXcLG-2iRCwIj15QqIV-EKnJhzfZLS-UIjVqqcCs4k5pTmQJh9_U3KVclRsp_bTumZlksLc6458dUmuRkOf3ajX_0y0ae-bHHiGJ4x8D7S5PGB05mW_aTN1owdNcOwVU3fOtM89k43VrdIkxt2aLr7f08DfCuAH9LuV2M&Z
Protocol: HTTP/1.1
Server: 20.190.151.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://webdefence.global.blackspider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Date: Mon, 07 Mar 2022 13:13:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Location: https://login.microsoftonline.com/aed0e243-afb5-4e96-af34-ea4e5df4979e/oauth2/authorize?client_id=00000003-0000-0ff1-ce00-000000000000&response_mode=form_post&protectedtoken=true&response_type=code%20id_token&resource=00000003-0000-0ff1-ce00-000000000000&scope=openid&nonce=1B7F2D2B6132BE982215602B7CC9D8835CCA4E86C18671CA-8589E36F427983383DB7E8060BD657ABDD819363ADE0A4F027A237BD1C3E7117&redirect_uri=https%3A%2F%2Fgroupefrancetv.sharepoint.com%2F_forms%2Fdefault.aspx&state=OD0w&claims=%7B%22id_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083-87e0-41b5-bb78-0bc43c8a8e8a&client-request-id=086b27a0-407c-3000-b426-524168c52a46
x-ms-request-id: ec310115-07d9-41db-a8ef-ca94bf5c1f00
Cache-Control: private
x-ms-ests-server: 2.1.12529.17 - WEULR1 ProdSlices
Content-Length: 549
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK empty.js Show response
www.mailcontrol.com/http-resources/notification-pages/ 0
1 KB 246ms
91ms Script
application/javascript 85.115.52.220
FORCEPOINT-CLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.mailcontrol.com/http-resources/notification-pages/empty.js

Requested by

Host: webdefence.global.blackspider.com
URL: http://webdefence.global.blackspider.com/urlwrap/?q=AXicfY5BTsMwEEXnAixYskZlF9txkpoiVSBVYkE5ANuJM06t2rFljyK4KcehVKxZ_vekp397A6oDuDsClPDVm0nUsoqIPti0cElB2BRBa3N4_zi-qVa1nQFXcLG-2iRCwIj15QqIV-EKnJhzfZLS-UIjVqqcCs4k5pTmQJh9_U3KVclRsp_bTumZlksLc6458dUmuRkOf3ajX_0y0ae-bHHiGJ4x8D7S5PGB05mW_aTN1owdNcOwVU3fOtM89k43VrdIkxt2aLr7f08DfCuAH9LuV2M&Z

Protocol

HTTP/1.1

Server

85.115.52.220 London, United Kingdom, ASN44444 (FORCEPOINT-CLOUD-AS, GB),

Reverse DNS

85-115-52-220.mailcontrol.com

Software

Forcepoint /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' www.datadoghq-browser-agent.com browser-http-intake.logs.datadoghq.com .odd.blackspider.com: .dev-rd.websense.net: .websense.net: .mailcontrol.com: .forcepoint.net:; script-src 'self' 'unsafe-inline' 'unsafe-eval' .walkme.com; style-src 'self' 'unsafe-inline' .walkme.com; frame-src 'self' .walkme.com s3.walkmeusercontent.com; font-src 'self' data: .walkme.com; img-src 'self' data: .walkme.com s3.walkmeusercontent.com d2qhvajt3imc89.cloudfront.net media-exp1.licdn.com .forcepoint.com; connect-src 'self' .walkme.com; worker-src 'self' blob: .walkme.com; object-src 'self' *.walkme.com;
Strict-Transport-Security	max-age=2678400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://webdefence.global.blackspider.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 13:13:45 GMT
Referrer-Policy: no-referrer
Last-Modified: Thu, 10 Feb 2022 10:28:34 GMT
Server: Forcepoint
X-FRAME-OPTIONS: SAMEORIGIN
Connection: close
Content-Language: en
Cache-Control: public, max-age=288000, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' www.datadoghq-browser-agent.com browser-http-intake.logs.datadoghq.com *.odd.blackspider.com:* *.dev-rd.websense.net:* *.websense.net:* *.mailcontrol.com:* *.forcepoint.net:*; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.walkme.com; style-src 'self' 'unsafe-inline' *.walkme.com; frame-src 'self' *.walkme.com s3.walkmeusercontent.com; font-src 'self' data: *.walkme.com; img-src 'self' data: *.walkme.com s3.walkmeusercontent.com d2qhvajt3imc89.cloudfront.net media-exp1.licdn.com *.forcepoint.com; connect-src 'self' *.walkme.com; worker-src 'self' blob: *.walkme.com; object-src 'self' *.walkme.com;
Strict-Transport-Security: max-age=2678400
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 0
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
groupefrancetv.sharepoint.com/	1970-01-20 01:24:19	Name: nSGt-1B7F2D2B6132BE982215602B7CC9D8835CCA4E86C18671CA Value: gYEwMTFBRDQ4QjlDOEY0MkI1OTg0Q0IzMjA3MDhCRjQxRDdDMzVFMUU0RTI1RkZBMDQyMDFCN0YyRDJCNjEzMkJFOTgyMjE1NjAyQjdDQzlEODgzNUNDQTRFODZDMTg2NzFDQRIxMzI5MTEzMzAyNjE5NjM0MTAdZ3JvdXBlZnJhbmNldHYuc2hhcmVwb2ludC5jb20yEFg6dbzhX0qLkhTVFQ6emeXsXt9WcHGn9HQxNtUwGA/QEiOv4yV07iHLWlUK5O4tvF+duvwgxZ8BmposYA0e5RdW1P0jfRftWUZ6NFBxzLMvaUOUvWxlipVPQILrkeb0QfXRNgQEcFpYHCLQqF5M0ELishNfmJAd9RPTi7kr6gfIa9ujUAXwjq1KOuc6wsV4Bak00NFto4ZyG9IKh/fCwkg67QVb7N7VAFcxhvvY8JpD1PzTHujXRoBh2IWImw3w76ecgvzyaWSM6wbtvHX51iVLVDeZcw02bcUZ8oX4vurK8/7COCOex09IGHt7Msx9UAN5RxXFCzFRCflbANSTlQAAAA==
groupefrancetv.sharepoint.com/	1970-01-20 01:24:19	Name: RpsContextCookie Value: U291cmNlPSUyRnNpdGVzJTJGbW9uZXNwYWNlJlByZXZpb3VzUmVxdWVzdENvcnJlbGF0aW9uSWQ9MDg2YjI3YTAlMkQ0MDdjJTJEMzAwMCUyRGI0MjYlMkQ1MjQxNjhjNTJhNDYmUmV0dXJuVXJsPSUyRnNpdGVzJTJGbW9uZXNwYWNlJTJGJTVGbGF5b3V0cyUyRjE1JTJGQXV0aGVudGljYXRlJTJFYXNweCUzRlNvdXJjZSUzRCUyNTJGc2l0ZXMlMjUyRm1vbmVzcGFjZQ==
login.windows.net/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.windows.net/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
login.microsoftonline.com/	1970-01-20 02:07:30	Name: fpc Value: AtFTBILxTWNJk9Q_PnBenrM
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://webdefence.global.blackspider.com/urlwrap/?q=AXicfY5BTsMwEEXnAixYskZlF9txkpoiVSBVYkE5ANuJM06t2rFljyK4KcehVKxZ_vekp397A6oDuDsClPDVm0nUsoqIPti0cElB2BRBa3N4_zi-qVa1nQFXcLG-2iRCwIj15QqIV-EKnJhzfZLS-UIjVqqcCs4k5pTmQJh9_U3KVclRsp_bTumZlksLc6458dUmuRkOf3ajX_0y0ae-bHHiGJ4x8D7S5PGB05mW_aTN1owdNcOwVU3fOtM89k43VrdIkxt2aLr7f08DfCuAH9LuV2M&Z Message: Failed to load resource: the server responded with a status of 403 (User Confirmation)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

groupefrancetv.sharepoint.com
login.microsoftonline.com
login.windows.net
monespace.francetv.fr
webdefence.global.blackspider.com
www.mailcontrol.com
13.107.138.9
194.51.35.190
20.190.151.67
20.190.151.70
208.87.234.180
85.115.52.220
0a879254a8059ffca5f46c30da040f603b9a08ec9cf769b923294da9e6669943
2811d0858f7fd1bfe56b09e48364f36aeef4783bd2a47e17b9f6bbc54d3f0f37
322f28a6cd99566089b035e83c4f580504fc5142f62b8c758ecd896121d032ed
98d30d8d865c516dbe0db62f1f20d42b5a5ff44edae00645afa6757fee263a79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e738183a60e8cf19e763729b96c19d0ccee30f225e75ad61b8648a3cc7bfa969

webdefence.global.blackspider.com Open in urlscan Pro 208.87.234.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

3 IPs

3 Countries

38 kBTransfer

144 kBSize

7 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

7 Cookies

1 Console Messages

Indicators

webdefence.global.blackspider.com Open in urlscan Pro
208.87.234.180 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

3
IPs

3
Countries

38 kB
Transfer

144 kB
Size

7
Cookies

7 HTTP transactions
0 data transactions