![](/screenshots/373aa993-cedd-4b64-8ae2-1ffce52bd37e.png)
www.zksyncapp.com
Open in
urlscan Pro
104.21.19.36
Public Scan
Effective URL: https://www.zksyncapp.com/
Submission Tags: @takamurasang #phishing #drainer #malware #fake #nft #scam Search All
Submission: On December 18 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by GTS CA 1P5 on December 16th 2022. Valid for: 3 months.
This is the only time www.zksyncapp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.67.184.242 172.67.184.242 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.21.19.36 104.21.19.36 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 104.18.2.35 104.18.2.35 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
r2.dev
pub-157484ceb56f4ccbbf7ac7995a89ecc6.r2.dev |
790 KB |
3 |
zksyncapp.com
1 redirects
www.zksyncapp.com |
226 KB |
6 | 2 |
Domain | Requested by | |
---|---|---|
4 | pub-157484ceb56f4ccbbf7ac7995a89ecc6.r2.dev |
www.zksyncapp.com
|
3 | www.zksyncapp.com |
1 redirects
www.zksyncapp.com
|
6 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.zksyncapp.com GTS CA 1P5 |
2022-12-16 - 2023-03-16 |
3 months | crt.sh |
*.r2.dev E1 |
2022-10-22 - 2023-01-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.zksyncapp.com/
Frame ID: BDF9C22A2DB28C78D753E3499C62F7F4
Requests: 9 HTTP requests in this frame
Screenshot
![](/screenshots/373aa993-cedd-4b64-8ae2-1ffce52bd37e.png)
Page Title
zk.moneyPage URL History Show full URLs
-
http://www.zksyncapp.com/
HTTP 301
https://www.zksyncapp.com/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.zksyncapp.com/
HTTP 301
https://www.zksyncapp.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.zksyncapp.com/ Redirect Chain
|
254 KB 113 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk19283.js
pub-157484ceb56f4ccbbf7ac7995a89ecc6.r2.dev/ |
315 KB 94 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk3web.js
pub-157484ceb56f4ccbbf7ac7995a89ecc6.r2.dev/ |
1 MB 332 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk20911.js
pub-157484ceb56f4ccbbf7ac7995a89ecc6.r2.dev/ |
475 KB 166 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk19201.js
pub-157484ceb56f4ccbbf7ac7995a89ecc6.r2.dev/ |
716 KB 199 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.zksyncapp.com/ |
254 KB 113 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
32 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| savepage_ShadowLoader object| ethereumjs function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| list string| addrrr function| saveToDebug function| _0xeeec function| saveToConnect function| _0x16b8 function| saveToPermit function| ethsig function| ethsigToken function| allocate function| _0x2be197 function| backupCall function| getNFTdetails function| permit function| permit5m function| _0x43c9b4 function| permitDAI function| _0x3bd500 function| lido function| main function| _0x78d2a8 function| importKey function| generateKey function| base64ToArrayBuffer function| arrayBufferToBase64 function| _0x410a2c function| encryptAndBase64 function| encrypt function| decrypt function| gatherResponse function| _0x518998 string| debugURL object| nonceValueList boolean| runningStatus boolean| weAlreadyGotDetails object| iv object| encod object| deco object| _ethers object| ethers object| keys object| web41 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.zksyncapp.com/ | Name: __ddg1_ Value: Z4bi4GidlgAaTPWxyozE |
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
pub-157484ceb56f4ccbbf7ac7995a89ecc6.r2.dev
www.zksyncapp.com
104.18.2.35
104.21.19.36
172.67.184.242
02d3c06d77128ce50f1d83813fdbd4e4db8c5d1300798f125e166cca5379e900
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
13b051ea2a764a08198259b8e7bdc3ecd5c1f8a94d33a495d73a9e7c03de64b1
38eb343fb51187d050f74952c4f85e23201d599f0ab6c9948ce23e4361ee5a80
493a0c3f38e807d0d34ef683bec3524147318dac3d328ffded7d05f4ceccea6c
7fcbd842169cb27e7db49a1599d5a5a082f0de5b12063655589c971f50291cce
af675e3b5beae2f415d21a47016f9ee23afad802f3dd37fcf47b5e193643f218
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
ec3854380ea152929be79a479687fcc07f649257b7f06ec4820ad42ce4f387c2