ticketweb.regione.liguria.it Open in urlscan Pro
81.23.87.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ticket.liguriainformasalute.it/
Effective URL:
https://ticketweb.regione.liguria.it/cuppay/index.do
Submission Tags: phishing malicious Search All
Submission: On October 29 via api (October 29th 2023, 2:15:16 pm UTC) from NL — Scanned from IT

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 81.23.87.93, located in Quiliano, Italy and belongs to DATASIEL_AS, IT. The main domain is ticketweb.regione.liguria.it.
TLS certificate: Issued by Actalis Organization Validated Server... on September 21st 2023. Valid for: a year.

This is the only time ticketweb.regione.liguria.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	81.23.80.94 81.23.80.94	39719 (DATASIEL_AS) (DATASIEL_AS)
1 9	81.23.87.93 81.23.87.93	39719 (DATASIEL_AS) (DATASIEL_AS)
8	1

1 81.23.80.94 (Genoa, Italy) 1 redirects

ASN39719 (DATASIEL_AS, IT)

www.ticket.liguriainformasalute.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 81.23.87.93 (Quiliano, Italy) 1 redirects

ASN39719 (DATASIEL_AS, IT)
PTR: https-rl.regione.liguria.it

ticketweb.regione.liguria.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	regione.liguria.it 1 redirects ticketweb.regione.liguria.it	33 KB
1	liguriainformasalute.it 1 redirects www.ticket.liguriainformasalute.it	205 B
8	2

	Domain	Requested by
9	ticketweb.regione.liguria.it	1 redirects ticketweb.regione.liguria.it
1	www.ticket.liguriainformasalute.it	1 redirects
8	2

This site contains no links.

Subject Issuer	Validity	Valid
*.regione.liguria.it Actalis Organization Validated Server CA G3	`2023-09-21` - `2024-10-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ticketweb.regione.liguria.it/cuppay/index.do
Frame ID: 8B1FFA3EBB3DEDB6F4956EFF913F110D
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pagamento Elettronico Prestazioni Sanitarie

Page URL History Show full URLs

http://www.ticket.liguriainformasalute.it/ HTTP 301
https://ticketweb.regione.liguria.it/ Page URL
https://ticketweb.regione.liguria.it/cuppay/index.do HTTP 302
https://ticketweb.regione.liguria.it/cuppay/index.do Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

32 kB
Transfer

37 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ticket.liguriainformasalute.it/ HTTP 301
https://ticketweb.regione.liguria.it/ Page URL
https://ticketweb.regione.liguria.it/cuppay/index.do HTTP 302
https://ticketweb.regione.liguria.it/cuppay/index.do Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.ticket.liguriainformasalute.it/ HTTP 301
https://ticketweb.regione.liguria.it/

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ticketweb.regione.liguria.it/
Redirect Chain

http://www.ticket.liguriainformasalute.it/
https://ticketweb.regione.liguria.it/

214 B
809 B

118ms
41ms

Document
text/html

81.23.87.93
DATASIEL_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketweb.regione.liguria.it/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.23.87.93 Quiliano, Italy, ASN39719 (DATASIEL_AS, IT),

Reverse DNS

https-rl.regione.liguria.it

Software

Apache-Coyote/1.1 /

Resource Hash

2f7bf98c7d751f6e8665c86c7a9c93192e370843714c3a744ec4418b28e09eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-store no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 29 Oct 2023 14:15:11 GMT
ETag: W/"214-1276599336258-gzip"
Keep-Alive: timeout=300, max=100
Last-Modified: Tue, 15 Jun 2010 10:55:36 GMT
Server: Apache-Coyote/1.1
Strict-Transport-Security: max-age=31536000;includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 ticketweb.regione.liguria.it (Access Gateway-ag-D7E477AFA71FE630-9277397)

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 29 Oct 2023 14:15:11 GMT
Location: https://ticketweb.regione.liguria.it/
Server: nginx

GET
H/1.1

200
OK

Primary Request index.do Show response
ticketweb.regione.liguria.it/cuppay/
Redirect Chain

https://ticketweb.regione.liguria.it/cuppay/index.do
https://ticketweb.regione.liguria.it/cuppay/index.do

4 KB
2 KB

141ms
141ms

Document
text/html

81.23.87.93
DATASIEL_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketweb.regione.liguria.it/cuppay/index.do

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.23.87.93 Quiliano, Italy, ASN39719 (DATASIEL_AS, IT),

Reverse DNS

https-rl.regione.liguria.it

Software

Apache-Coyote/1.1 /

Resource Hash

2384dcc5940ff3af718595646b22821a983f14479e16d986f6900d26bed3032a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

Referer: https://ticketweb.regione.liguria.it/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-store no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 29 Oct 2023 14:15:11 GMT
Keep-Alive: timeout=300, max=98
Server: Apache-Coyote/1.1
Strict-Transport-Security: max-age=31536000;includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 ticketweb.regione.liguria.it (Access Gateway-ag-D7E477AFA71FE630-9277399)

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Date: Sun, 29 Oct 2023 14:15:11 GMT
Keep-Alive: timeout=300, max=99
Location: https://ticketweb.regione.liguria.it/cuppay/./index.do
Server: Apache-Coyote/1.1
Strict-Transport-Security: max-age=31536000;includeSubDomains
Via: 1.1 ticketweb.regione.liguria.it (Access Gateway-ag-D7E477AFA71FE630-9277398)

GET
H/1.1 200
OK style.jsp
ticketweb.regione.liguria.it/cuppay/stylesheet/ 7 KB
2 KB 41ms
41ms Stylesheet
text/css 81.23.87.93
DATASIEL_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ticketweb.regione.liguria.it/cuppay/stylesheet/style.jsp

Requested by

Host: ticketweb.regione.liguria.it
URL: https://ticketweb.regione.liguria.it/cuppay/index.do

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.23.87.93 Quiliano, Italy, ASN39719 (DATASIEL_AS, IT),

Reverse DNS

https-rl.regione.liguria.it

Software

Apache-Coyote/1.1 /

Resource Hash

43ccd929e9feceed80a44a0498c2ab2a10f7dba7121563cc33764287b46006eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ticketweb.regione.liguria.it/cuppay/index.do
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:15:11 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
Content-Encoding: gzip
Via: 1.1 ticketweb.regione.liguria.it (Access Gateway-ag-D7E477AFA71FE630-9277400)
Server: Apache-Coyote/1.1
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css;charset=ISO-8859-1
Connection: Keep-Alive
Keep-Alive: timeout=300, max=97

GET
H/1.1 200
OK headerNuovo.jpg
ticketweb.regione.liguria.it/cuppay/img/ 13 KB
14 KB 40ms
40ms Image
image/jpeg 81.23.87.93
DATASIEL_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketweb.regione.liguria.it/cuppay/img/headerNuovo.jpg

Requested by

Host: ticketweb.regione.liguria.it
URL: https://ticketweb.regione.liguria.it/cuppay/stylesheet/style.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.23.87.93 Quiliano, Italy, ASN39719 (DATASIEL_AS, IT),

Reverse DNS

https-rl.regione.liguria.it

Software

Apache-Coyote/1.1 /

Resource Hash

e5ee4e1e900affcfa832cc8a525ad064d222af072318062e0103859ff036587f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ticketweb.regione.liguria.it/cuppay/stylesheet/style.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:15:11 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
Via: 1.1 ticketweb.regione.liguria.it (Access Gateway-ag-D7E477AFA71FE630-9277401)
Last-Modified: Thu, 26 Nov 2009 09:32:52 GMT
Server: Apache-Coyote/1.1
ETag: W/"13475-1259227972000"
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=300, max=96
Content-Length: 13475

GET
H/1.1 200
OK fondoHeader.jpg
ticketweb.regione.liguria.it/cuppay/img/ 3 KB
3 KB 87ms
39ms Image
image/jpeg 81.23.87.93
DATASIEL_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketweb.regione.liguria.it/cuppay/img/fondoHeader.jpg

Requested by

Host: ticketweb.regione.liguria.it
URL: https://ticketweb.regione.liguria.it/cuppay/stylesheet/style.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.23.87.93 Quiliano, Italy, ASN39719 (DATASIEL_AS, IT),

Reverse DNS

https-rl.regione.liguria.it

Software

Apache-Coyote/1.1 /

Resource Hash

714401f31eb7f527e2f8c3070c860b56797be9d58f9da484d10d261b2a83d782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ticketweb.regione.liguria.it/cuppay/stylesheet/style.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:15:11 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
Via: 1.1 ticketweb.regione.liguria.it (Access Gateway-ag-D7E477AFA71FE630-9277402)
Last-Modified: Thu, 26 Nov 2009 09:32:52 GMT
Server: Apache-Coyote/1.1
ETag: W/"3016-1259227972000"
Content-Type: image/jpeg
Connection: Keep-Alive
Keep-Alive: timeout=300, max=95
Content-Length: 3016

GET
H/1.1 200
OK pagoPAsmall.png
ticketweb.regione.liguria.it/cuppay/img/ 4 KB
4 KB 115ms
41ms Image
image/png 81.23.87.93
DATASIEL_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketweb.regione.liguria.it/cuppay/img/pagoPAsmall.png

Requested by

Host: ticketweb.regione.liguria.it
URL: https://ticketweb.regione.liguria.it/cuppay/stylesheet/style.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.23.87.93 Quiliano, Italy, ASN39719 (DATASIEL_AS, IT),

Reverse DNS

https-rl.regione.liguria.it

Software

Apache-Coyote/1.1 /

Resource Hash

2e0626d1a2a5d60d193a853cb001eb27e1ef10dffd18c59a746e72a79851e2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ticketweb.regione.liguria.it/cuppay/stylesheet/style.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:15:11 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
Via: 1.1 ticketweb.regione.liguria.it (Access Gateway-ag-7FD51CA9666E2D2A-17892808)
Last-Modified: Tue, 14 Jun 2016 08:39:52 GMT
Server: Apache-Coyote/1.1
ETag: W/"4128-1465893592000"
Content-Type: image/png
Connection: Keep-Alive
Keep-Alive: timeout=300, max=100
Content-Length: 4128

GET
H/1.1 200
OK prosegui.gif
ticketweb.regione.liguria.it/cuppay/img/ 97 B
505 B 115ms
42ms Image
image/gif 81.23.87.93
DATASIEL_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketweb.regione.liguria.it/cuppay/img/prosegui.gif

Requested by

Host: ticketweb.regione.liguria.it
URL: https://ticketweb.regione.liguria.it/cuppay/stylesheet/style.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.23.87.93 Quiliano, Italy, ASN39719 (DATASIEL_AS, IT),

Reverse DNS

https-rl.regione.liguria.it

Software

Apache-Coyote/1.1 /

Resource Hash

bd62cc3ce3f622ebe929a44f86f1e0bbf32325509d957c95149e80aa2b284efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ticketweb.regione.liguria.it/cuppay/stylesheet/style.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:15:11 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
Via: 1.1 ticketweb.regione.liguria.it (Access Gateway-ag-7FD51CA9666E2D2A-17892809)
Last-Modified: Thu, 26 Nov 2009 09:32:52 GMT
Server: Apache-Coyote/1.1
ETag: W/"97-1259227972000"
Content-Type: image/gif
Connection: Keep-Alive
Keep-Alive: timeout=300, max=100
Content-Length: 97

GET
H/1.1 200
OK logo_dts.png
ticketweb.regione.liguria.it/cuppay/img/ 5 KB
6 KB 113ms
39ms Image
image/png 81.23.87.93
DATASIEL_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ticketweb.regione.liguria.it/cuppay/img/logo_dts.png

Requested by

Host: ticketweb.regione.liguria.it
URL: https://ticketweb.regione.liguria.it/cuppay/stylesheet/style.jsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.23.87.93 Quiliano, Italy, ASN39719 (DATASIEL_AS, IT),

Reverse DNS

https-rl.regione.liguria.it

Software

Apache-Coyote/1.1 /

Resource Hash

ebfdadb68e2af2daa4384b3f599d0077fd73bac9c0f1b79f984f3b2d6bba8bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://ticketweb.regione.liguria.it/cuppay/stylesheet/style.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Sun, 29 Oct 2023 14:15:11 GMT
Strict-Transport-Security: max-age=31536000;includeSubDomains
Via: 1.1 ticketweb.regione.liguria.it (Access Gateway-ag-C0E026D374F21F59-5079585)
Last-Modified: Wed, 24 May 2017 08:16:40 GMT
Server: Apache-Coyote/1.1
ETag: W/"5391-1495613800000"
Content-Type: image/png
Connection: Keep-Alive
Keep-Alive: timeout=300, max=100
Content-Length: 5391

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ticketweb.regione.liguria.it/cuppay	1969-12-31 23:59:59	Name: JSESSIONID Value: 8DA01CE8B932BD1BBAA6508F54B2D84B
			.regione.liguria.it/	1969-12-31 23:59:59	Name: ZNPCQ003-32393800 Value: 7037dbbb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ticketweb.regione.liguria.it
www.ticket.liguriainformasalute.it
81.23.80.94
81.23.87.93
2384dcc5940ff3af718595646b22821a983f14479e16d986f6900d26bed3032a
2e0626d1a2a5d60d193a853cb001eb27e1ef10dffd18c59a746e72a79851e2c1
2f7bf98c7d751f6e8665c86c7a9c93192e370843714c3a744ec4418b28e09eaa
43ccd929e9feceed80a44a0498c2ab2a10f7dba7121563cc33764287b46006eb
714401f31eb7f527e2f8c3070c860b56797be9d58f9da484d10d261b2a83d782
bd62cc3ce3f622ebe929a44f86f1e0bbf32325509d957c95149e80aa2b284efa
e5ee4e1e900affcfa832cc8a525ad064d222af072318062e0103859ff036587f
ebfdadb68e2af2daa4384b3f599d0077fd73bac9c0f1b79f984f3b2d6bba8bbc

ticketweb.regione.liguria.it Open in urlscan Pro 81.23.87.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

32 kBTransfer

37 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

ticketweb.regione.liguria.it Open in urlscan Pro
81.23.87.93 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

32 kB
Transfer

37 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions