![](/screenshots/8a036b64-e0f6-4007-bba2-d3d65e405011.png)
wfcloudfi.service.tietoevry.com
Open in
urlscan Pro
192.49.154.26
Public Scan
Effective URL: https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/redirectAuth.aspx?domain=lcturku&uiculture=fi-FI&idpmethod=...
Submission Tags: falconsandbox
Submission: On January 04 via api from US — Scanned from FI
Summary
TLS certificate: Issued by Thawte RSA CA 2018 on April 18th 2022. Valid for: a year.
This is the only time wfcloudfi.service.tietoevry.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 4 | 192.49.154.26 192.49.154.26 | 375 (TIETOTIE-...) (TIETOTIE-AS Keilalahdentie 2-4 02150 Espoo Finland) | |
2 | 1 |
ASN375 (TIETOTIE-AS Keilalahdentie 2-4 02150 Espoo Finland, FI)
wfcloudfi.service.tietoevry.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
tietoevry.com
2 redirects
wfcloudfi.service.tietoevry.com |
43 KB |
2 | 1 |
Domain | Requested by | |
---|---|---|
4 | wfcloudfi.service.tietoevry.com |
2 redirects
wfcloudfi.service.tietoevry.com
|
2 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.service.tietoevry.com Thawte RSA CA 2018 |
2022-04-18 - 2023-05-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/redirectAuth.aspx?domain=lcturku&uiculture=fi-FI&idpmethod=SAML&actor=Actor%3dclient&idptarget=https%3a%2f%2fwfcloudfi.service.tietoevry.com%2fwe.fcmypage%2f
Frame ID: C4BE2C16D5DA691AEE60D8D5AA2D3490
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/8a036b64-e0f6-4007-bba2-d3d65e405011.png)
Page Title
ErrorPage URL History Show full URLs
-
https://wfcloudfi.service.tietoevry.com/we.fcmypage/?domain=lcturku&uiculture=fi-FI&idpmethod=SAML&actor=Actor%3Dclient
HTTP 302
https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/Start.aspx?domain=lcturku&uiculture=fi-... HTTP 302
https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/redirectAuth.aspx?domain=lcturku&uicult... Page URL
Detected technologies
![](/vendor/wappa/icons/Microsoft ASP.NET.png)
Detected patterns
- \.aspx?(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://wfcloudfi.service.tietoevry.com/we.fcmypage/?domain=lcturku&uiculture=fi-FI&idpmethod=SAML&actor=Actor%3Dclient
HTTP 302
https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/Start.aspx?domain=lcturku&uiculture=fi-FI&idpmethod=SAML&actor=Actor%3dclient&idptarget=https%3a%2f%2fwfcloudfi.service.tietoevry.com%2fwe.fcmypage%2f HTTP 302
https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/redirectAuth.aspx?domain=lcturku&uiculture=fi-FI&idpmethod=SAML&actor=Actor%3dclient&idptarget=https%3a%2f%2fwfcloudfi.service.tietoevry.com%2fwe.fcmypage%2f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
redirectAuth.aspx
wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/ Redirect Chain
|
798 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HCW.Welfare.Common.Web.Controls.Resource.aspx
wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/ |
39 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wfcloudfi.service.tietoevry.com/ | Name: IDP Value: 97551bff-af86-482c-83f3-fa94df88f60e |
|
wfcloudfi.service.tietoevry.com/ | Name: UICulture Value: fi-FI |
|
wfcloudfi.service.tietoevry.com/ | Name: ASP.NET_SessionId Value: p1acgdaykzaqxmb1kzb20l3k |
|
wfcloudfi.service.tietoevry.com/ | Name: metadomain Value: lcturku |
|
wfcloudfi.service.tietoevry.com/ | Name: idpmethod Value: SAML |
|
.wfcloudfi.service.tietoevry.com/ | Name: TS010a15bb Value: 0128a9886812467da5ee262fed469b069202115bf00eb2b3ed052d7df77b5c797e960e613dc93d98b019924981b884cc0bfc69b12ca81dbaad6ece00fd6365d87832dbf358873e15d88836956528f4850bce01b46c04802dc25288013b0e55e2cb63c9befd728b42f5662677fa13b93b29994ffa1618cbb9ace67d852742ad05944ef39e13 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
wfcloudfi.service.tietoevry.com
192.49.154.26
cd07e84893fb6cb9452174bd176199a6a64fae278857ee2fe100a1fc3eaf45b2
d07d372a7b83d3f822720952b357d6aa428fb9a370a72ad9895f42005d48b241