![](/screenshots/4ff97ea0-a9b8-4b56-8863-98879fdb1d79.png)
wfcloudfi.service.tietoevry.com
Open in
urlscan Pro
192.49.154.26
Public Scan
Effective URL: https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/redirectAuth.aspx?domain=lcturku&uiculture=fi-FI&idpmethod=...
Submission Tags: falconsandbox
Submission: On February 16 via api from US — Scanned from FI
Summary
TLS certificate: Issued by Thawte RSA CA 2018 on April 18th 2022. Valid for: a year.
This is the only time wfcloudfi.service.tietoevry.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 4 | 192.49.154.26 192.49.154.26 | 375 (TIETOTIE-...) (TIETOTIE-AS Keilalahdentie 2-4 02150 Espoo Finland) | |
2 | 1 |
ASN375 (TIETOTIE-AS Keilalahdentie 2-4 02150 Espoo Finland, FI)
wfcloudfi.service.tietoevry.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
tietoevry.com
2 redirects
wfcloudfi.service.tietoevry.com |
43 KB |
2 | 1 |
Domain | Requested by | |
---|---|---|
4 | wfcloudfi.service.tietoevry.com |
2 redirects
wfcloudfi.service.tietoevry.com
|
2 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.service.tietoevry.com Thawte RSA CA 2018 |
2022-04-18 - 2023-05-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/redirectAuth.aspx?domain=lcturku&uiculture=fi-FI&idpmethod=SAML&actor=Actor%3dclient&idptarget=https%3a%2f%2fwfcloudfi.service.tietoevry.com%2fwe.fcmypage%2f
Frame ID: 560528C3A0033A84241AFA9A9B9EED04
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/4ff97ea0-a9b8-4b56-8863-98879fdb1d79.png)
Page Title
ErrorPage URL History Show full URLs
-
https://wfcloudfi.service.tietoevry.com/we.fcmypage/?domain=lcturku&uiculture=fi-FI&idpmethod=SAML&actor=Actor%3Dclient
HTTP 302
https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/Start.aspx?domain=lcturku&uiculture=fi-... HTTP 302
https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/redirectAuth.aspx?domain=lcturku&uicult... Page URL
Detected technologies
![](/vendor/wappa/icons/Microsoft ASP.NET.png)
Detected patterns
- \.aspx?(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://wfcloudfi.service.tietoevry.com/we.fcmypage/?domain=lcturku&uiculture=fi-FI&idpmethod=SAML&actor=Actor%3Dclient
HTTP 302
https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/Start.aspx?domain=lcturku&uiculture=fi-FI&idpmethod=SAML&actor=Actor%3dclient&idptarget=https%3a%2f%2fwfcloudfi.service.tietoevry.com%2fwe.fcmypage%2f HTTP 302
https://wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/redirectAuth.aspx?domain=lcturku&uiculture=fi-FI&idpmethod=SAML&actor=Actor%3dclient&idptarget=https%3a%2f%2fwfcloudfi.service.tietoevry.com%2fwe.fcmypage%2f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
redirectAuth.aspx
wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/ Redirect Chain
|
798 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HCW.Welfare.Common.Web.Controls.Resource.aspx
wfcloudfi.service.tietoevry.com/HCW.Welfare.Common.IdentityPortalWeb/ |
39 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wfcloudfi.service.tietoevry.com/ | Name: IDP Value: 77955aa0-eb6d-415b-b01d-45c02619e77c |
|
wfcloudfi.service.tietoevry.com/ | Name: UICulture Value: fi-FI |
|
wfcloudfi.service.tietoevry.com/ | Name: ASP.NET_SessionId Value: 0z1kfiwyvwzr0fjehdnivt3n |
|
wfcloudfi.service.tietoevry.com/ | Name: metadomain Value: lcturku |
|
wfcloudfi.service.tietoevry.com/ | Name: idpmethod Value: SAML |
|
.wfcloudfi.service.tietoevry.com/ | Name: TS010a15bb Value: 0128a988680b3cf4b85f5e0d007db001a77e5c8878ddc1310b836f2b68666ba1245ff55f3b3af61c6b6176d916ec3a873ec695c23b640422107e51535dfc740a63be33edd67a9fbf0aa8fedf3767df62fce246a5e52c1b426145f165ce0020b068b769880218daf4cd1c48aae77a18bb6bf7aad3e6e4634f4c0ca1a387fda7dd1602dcb725 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
wfcloudfi.service.tietoevry.com
192.49.154.26
64638b385ad1098901450bb5740dcf64babc9b7b0d97127c314ca9d87455fab1
cd07e84893fb6cb9452174bd176199a6a64fae278857ee2fe100a1fc3eaf45b2