urlscan.io logo urlscan.io
SecurityTrails logo

pay.isfba.com Open in urlscan Pro
124.220.79.247  Public Scan

Go To Rescan Add Verdict Report
URL: http://pay.isfba.com/
Submission: On December 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 124.220.79.247, located in China and belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is pay.isfba.com.
This is the only time pay.isfba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 124.220.79.247 45090 (TENCENT-N...)
2 2 2a04:4e42:600... 54113 (FASTLY)
2 2a04:4e42:400... 54113 (FASTLY)
1 1 118.212.235.102 4837 (CHINA169-...)
1 36.248.54.254 4837 (CHINA169-...)
1 103.186.109.225 58543 (CHINATELE...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 5
3    124.220.79.247 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
pay.isfba.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    118.212.235.102 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: 102.235.212.118.adsl-pool.jx.chinaunicom.com
cdn.bootcdn.net
1    36.248.54.254 (Guangzhou, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
cdn.bootcdn.net
1    103.186.109.225 (China)

ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN)
dmku.byteamone.cn
1    2606:4700:3033::ac43:d98b (United States)

ASN13335 (CLOUDFLARENET, US)
api.dujin.org
Apex Domain
Subdomains		 Transfer
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
60 KB
3 isfba.com
pay.isfba.com
3 KB
2 bootcdn.net
cdn.bootcdn.net — Cisco Umbrella Rank: 115120
98 KB
1 dujin.org
api.dujin.org
303 KB
1 byteamone.cn
dmku.byteamone.cn
332 B
7 5
Domain Requested by
4 cdn.jsdelivr.net 2 redirects pay.isfba.com
3 pay.isfba.com 1 redirects cdn.bootcdn.net
2 cdn.bootcdn.net 1 redirects pay.isfba.com
1 api.dujin.org pay.isfba.com
1 dmku.byteamone.cn cdn.bootcdn.net
7 5

This site contains no links.

Subject Issuer Validity Valid
dmku.byteamone.cn
R3		 2023-09-30 -
2023-12-29		 3 months crt.sh
api.dujin.org
GTS CA 1P5		 2023-10-23 -
2024-01-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://pay.isfba.com/
Frame ID: AB4447D1843F903BD461F480916857D3
Requests: 5 HTTP requests in this frame

Frame: http://pay.isfba.com/error/
Frame ID: 24D0A0CDE4BFD9D4B47E06ED61FA790F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LLQPlayer

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

7
Requests

29 %
HTTPS

43 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

462 kB
Transfer

852 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cdn.jsdelivr.net/gh/ffsir/CDN/player/css/llqplayer.css HTTP 301
  • https://cdn.jsdelivr.net/gh/ffsir/CDN/player/css/llqplayer.css
Request Chain 1
  • http://cdn.bootcdn.net/ajax/libs/jquery/3.5.1/jquery.js HTTP 301
  • https://cdn.bootcdn.net/ajax/libs/jquery/3.5.1/jquery.js
Request Chain 2
  • http://cdn.jsdelivr.net/gh/ffsir/CDN/player/js/llqplayer.js HTTP 301
  • https://cdn.jsdelivr.net/gh/ffsir/CDN/player/js/llqplayer.js
Request Chain 3
  • http://pay.isfba.com/error HTTP 301
  • http://pay.isfba.com/error/

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay.isfba.com/ 		1 KB
971 B 		Document
General
Check archive.org
Download Go to
Full URL
http://pay.isfba.com/
Protocol
HTTP/1.1
Server
124.220.79.247 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.55 (Win64) OpenSSL/1.1.1s mod_fcgid/2.3.9a /
Resource Hash
4c9b35f27f5a0d64582ddf77e0c5f755266ec36e6c4b3dfec83bdcf2b7bb270c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
576
Content-Type
text/html
Date
Sat, 09 Dec 2023 10:59:50 GMT
ETag
"407-60bd589dbb392-gzip"
Keep-Alive
timeout=5, max=1000
Last-Modified
Wed, 06 Dec 2023 11:20:29 GMT
Server
Apache/2.4.55 (Win64) OpenSSL/1.1.1s mod_fcgid/2.3.9a
Upgrade
h2,h2c
Vary
Accept-Encoding
llqplayer.css
cdn.jsdelivr.net/gh/ffsir/CDN/player/css/
Redirect Chain
  • http://cdn.jsdelivr.net/gh/ffsir/CDN/player/css/llqplayer.css
  • https://cdn.jsdelivr.net/gh/ffsir/CDN/player/css/llqplayer.css
89 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/ffsir/CDN/player/css/llqplayer.css
Requested by
Host: pay.isfba.com
URL: http://pay.isfba.com/
Protocol
H2
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
523f056657c4911b3105f78cfde8dca56ff7a403504158956766295511d3a115
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pay.isfba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 09 Dec 2023 10:59:51 GMT
x-content-type-options
nosniff
content-encoding
br
age
34131
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
14643
x-served-by
cache-fra-eddf8230082-FRA, cache-mia-kmia1760058-MIA
x-jsd-version-type
branch
etag
W/"1638e-/mpvmwKXGKSzzF3VXss117mnF7c"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Date
Sat, 09 Dec 2023 10:59:50 GMT
Server
Varnish
X-Cache
HIT
Location
https://cdn.jsdelivr.net/gh/ffsir/CDN/player/css/llqplayer.css
Connection
close
Accept-Ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
0
Retry-After
0
X-Served-By
cache-mia-kmia1760020-MIA
jquery.js
cdn.bootcdn.net/ajax/libs/jquery/3.5.1/
Redirect Chain
  • http://cdn.bootcdn.net/ajax/libs/jquery/3.5.1/jquery.js
  • https://cdn.bootcdn.net/ajax/libs/jquery/3.5.1/jquery.js
281 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/jquery/3.5.1/jquery.js
Requested by
Host: pay.isfba.com
URL: http://pay.isfba.com/
Protocol
H2
Server
36.248.54.254 Guangzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pay.isfba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:59:53 GMT
content-encoding
gzip
x-cache-lookup
Cache Miss, Cache Miss
strict-transport-security
max-age=63072000;
age
0
x-powered-by
PHP/7.4.19
server
nginx
vary
Accept-Encoding
access-control-max-age
1800
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cache-control
max-age=31536000
access-control-allow-credentials
true
x-nws-log-uuid
14024281569251989500
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
Sat, 09 Dec 2023 10:59:53 GMT

Redirect headers

Date
Sat, 09 Dec 2023 10:59:51 GMT
Strict-Transport-Security
max-age=63072000;
X-Cache-Lookup
Return Directly
Server
SLT
Location
https://cdn.bootcdn.net/ajax/libs/jquery/3.5.1/jquery.js
Cache-Control
max-age=31536000
X-NWS-LOG-UUID
3855626480395932645
Connection
keep-alive
Content-Length
0
llqplayer.js
cdn.jsdelivr.net/gh/ffsir/CDN/player/js/
Redirect Chain
  • http://cdn.jsdelivr.net/gh/ffsir/CDN/player/js/llqplayer.js
  • https://cdn.jsdelivr.net/gh/ffsir/CDN/player/js/llqplayer.js
178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/ffsir/CDN/player/js/llqplayer.js
Requested by
Host: pay.isfba.com
URL: http://pay.isfba.com/
Protocol
H2
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f744bad9252a975e77068a3ff67af23449c58fe66b105bebbff7318a09ff114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pay.isfba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 09 Dec 2023 10:59:51 GMT
x-content-type-options
nosniff
content-encoding
br
age
0
x-jsd-version
master
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
45364
x-served-by
cache-fra-etou8220050-FRA, cache-mia-kmia1760058-MIA
x-jsd-version-type
branch
etag
W/"2c65b-sq1q0L9xCX8KqUa0WPcgLcs8ES4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Date
Sat, 09 Dec 2023 10:59:50 GMT
Server
Varnish
X-Cache
HIT
Location
https://cdn.jsdelivr.net/gh/ffsir/CDN/player/js/llqplayer.js
Connection
close
Accept-Ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length
0
Retry-After
0
X-Served-By
cache-mia-kmia1760030-MIA
/
pay.isfba.com/error/ Frame 24D0
Redirect Chain
  • http://pay.isfba.com/error
  • http://pay.isfba.com/error/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pay.isfba.com/error/
Requested by
Host: cdn.bootcdn.net
URL: http://cdn.bootcdn.net/ajax/libs/jquery/3.5.1/jquery.js
Protocol
HTTP/1.1
Server
124.220.79.247 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
Apache/2.4.55 (Win64) OpenSSL/1.1.1s mod_fcgid/2.3.9a /
Resource Hash
94d5d5d3b67a16a9f74494cf6d60cba4662c7aa49a70813bd3e125fbe50f4447

Request headers

Referer
http://pay.isfba.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1013
Content-Type
text/html
Date
Sat, 09 Dec 2023 10:59:54 GMT
ETag
"634-60bd589dbb392-gzip"
Keep-Alive
timeout=5, max=998
Last-Modified
Wed, 06 Dec 2023 11:20:29 GMT
Server
Apache/2.4.55 (Win64) OpenSSL/1.1.1s mod_fcgid/2.3.9a
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
235
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 09 Dec 2023 10:59:53 GMT
Keep-Alive
timeout=5, max=999
Location
http://pay.isfba.com/error/
Server
Apache/2.4.55 (Win64) OpenSSL/1.1.1s mod_fcgid/2.3.9a
tj.php
dmku.byteamone.cn/ 		29 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmku.byteamone.cn/tj.php?referer=
Requested by
Host: cdn.bootcdn.net
URL: http://cdn.bootcdn.net/ajax/libs/jquery/3.5.1/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
103.186.109.225 , China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),
Reverse DNS
Software
openresty /
Resource Hash
52c9b0eb9b4fa0ab0f98ac59c970c971adc6f2aeda82ea00ba0248a6516c8389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Referer
http://pay.isfba.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 10:59:56 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
1920.php
api.dujin.org/bing/ Frame 24D0 		302 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.dujin.org/bing/1920.php
Requested by
Host: pay.isfba.com
URL: http://pay.isfba.com/error/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
498ca26c6c7b0d1fcc5c24e296488282c97b09896a19fd5cac139597a957d76e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
http://pay.isfba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 10:59:57 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
last-modified
Sat, 09 Dec 2023 10:59:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYvdwz9pZaIaPpDMejr5lbxeGGigK5djpE%2FcvxNsZjYhIoEHDIKUJDadU8P2LjNw1ZuFvk5RmmxiCc%2Fqwges200lW5K0U9HClUL0hQdZ8D7HBDaboST92duhp6ewvUQ5stfgKdYzpuir5O%2Br"}],"group":"cf-nel","max_age":604800}
content-type
image/JPEG
cache-control
max-age=86400
cf-ray
832cbdcd986831f5-MIA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| dmku string| mgtv function| $ function| jQuery string| _0xodh object| _0x228c function| _0x5579 object| Base64 object| url undefined| iivIbX undefined| ZbkVjs undefined| dEcDLD undefined| ZVSBzI undefined| res undefined| data function| startPlay function| pageStart function| imgTruely function| llqplayer function| llqplayerChat function| Online function| NowTime function| timeCheck function| dekeyurl function| enKey function| isNumber function| isEmpty function| getUrlParam function| setCookie function| getCookie function| getVideoID function| getUserSet function| getRootUrl function| md5

0 Cookies