ghostface.fun Open in urlscan Pro
2606:4700:3034::ac43:879f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ghostface.fun/
Submission: On June 05 via api (June 5th 2024, 12:03:22 pm UTC) from BE — Scanned from DE

Summary HTTP 15 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3034::ac43:879f, located in United States and belongs to CLOUDFLARENET, US. The main domain is ghostface.fun.
TLS certificate: Issued by E1 on May 31st 2024. Valid for: 3 months.

This is the only time ghostface.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3034::ac43:879f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
15	3

12 2606:4700:3034::ac43:879f (United States)

ASN13335 (CLOUDFLARENET, US)

ghostface.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	ghostface.fun ghostface.fun	1 MB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2406	306 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	101 KB
15	3

	Domain	Requested by
12	ghostface.fun	ghostface.fun
2	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	ghostface.fun
15	3

This site contains links to these domains. Also see Links.

Domain
raydium.io
www.dexview.com
play.ghostface.fun

Subject Issuer	Validity	Valid
ghostface.fun E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ghostface.fun/
Frame ID: B283DA4304ACBC59647B163B86615A2B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ghost Face

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1369 kB
Transfer

1885 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://raydium.io/swap/?inputCurrency=8wB8fdPEiwnA8GZdfqdu1khuPAg1EsjmmHAhE3NPWGPq&outputCurrency=sol&fixed=in&inputMint=sol&outputMint=8wB8fdPEiwnA8GZdfqdu1khuPAg1EsjmmHAhE3NPWGPq

Search URL Search Domain Scan URL

URL: https://www.dexview.com/

Search URL Search Domain Scan URL

URL: https://play.ghostface.fun/
Title: Play

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
ghostface.fun/ 831 B
958 B 122ms
48ms Document
text/html 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostface.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 379580909768ad5b87ad520dfd061714bc4d35b836c9cc1afce55f52e13e0db1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 139765
alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
cf-cache-status: DYNAMIC
cf-ray: 88f004b45d503643-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 05 Jun 2024 12:03:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1TMw3RHZZP6piWRRg05%2FhunGeXWqp13p1ExI69bNhzoFepnByISq%2FpIBJ8YnDo0g6%2BuQ8s3zTL3kdRoOTHVuS1UTex63%2BdYNPVwT4QR0fmNT1N3NTiB10ciK4rfvwHBX5YfQTKNTYLgu8qqW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-nf-request-id: 01HZM4GB6KZFK7N2C0570CSH5F

GET
H3 200 index-C1tPjMw9.js Show response
ghostface.fun/assets/ 176 KB
57 KB 401ms
400ms Script
application/javascript 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostface.fun/assets/index-C1tPjMw9.js
Requested by: Host: ghostface.fun
URL: https://ghostface.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c001622e38dab5fcf3bb677910c57964e7cfaea667c83c0f4fc80343ac2f095

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/
Origin: https://ghostface.fun
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HZM4GB82NTGCV5R2M2KQ36X8
date: Wed, 05 Jun 2024 12:03:15 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"14b001d583bd708d3b1540d50c4df022-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wzvi2pvZyMxkO%2BTChMZ9tyBj%2BvM59K4ofnbUuWRBMuaRnwjBXQEuSHZe0gepKtj4XiLxvwiHHZwCuXFbBZ746T5rSlHAGUPVP9pScC3udGLs6rUz7ZW1PzPFkT%2BYSinRLvoTYYqzuI4%2Bl%2FU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 88f004b4bde33643-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 index-DuschYCY.css
ghostface.fun/assets/ 17 KB
5 KB 379ms
378ms Stylesheet
text/css 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostface.fun/assets/index-DuschYCY.css
Requested by: Host: ghostface.fun
URL: https://ghostface.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da1f2ad59f0cfe18301e07b5481e77371108d8bf74e4f5e8aa17d361775b9e82

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/
Origin: https://ghostface.fun
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HZM4GB8HRA7Q1S9WMZV9860F
date: Wed, 05 Jun 2024 12:03:15 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"729698db52d42f8b5822c03f7542ecf3-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUT8lIYrnBID5Jcmw62ixpMWLCcQL7225oIkPJHyWwgoutRS%2BxJ7PBB5xuVHmlW3VlIJ1w0e7jV97Y830kWyWW3x573tyTTF21Oj%2Fx0oZOYMcYQYhx8qOwE%2BXBimiUaIh1quZ4V3PztpNjEq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 88f004b4bde63643-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
101 KB 60ms
38ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CBQNZ39PDV

Requested by

Host: ghostface.fun
URL: https://ghostface.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f71e78ac3686b99c05366b1d47e7e477722b37270352817f381b8f97d96578e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 12:03:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103408
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jun 2024 12:03:15 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 75ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CBQNZ39PDV&gtm=45je4630v9186578495za200&_p=1717588995690&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1059042464.1717588996&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717588995&sct=1&seg=0&dl=https%3A%2F%2Fghostface.fun%2F&dt=Ghost%20Face&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=539
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBQNZ39PDV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 12:03:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ghostface.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 p2.png
ghostface.fun/assets/ 3 KB
4 KB 255ms
248ms Image
image/png 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghostface.fun/assets/p2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 224cb0806c573a131b38e1dea85a15a583f0a76cb68e3de89eb9ad52963b5f63

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HZM4GBPEJ52C7B2J73564C42
date: Wed, 05 Jun 2024 12:03:15 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "4a05993b38481dc9f4e4a1da30c24b14-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TdBIrpjjKjM8Px20o82EpLTw%2BalbhsrF8eufvN6AtKBxtc%2FxuXd%2Baa8DQP4LBjsfVUl0MpQwaPqWy31g0N24LBX5NAODmfI9gex2eyowVqawkq2GPzAFjo5T5Dn5qE9kLAiT1ox%2Bawp%2BZ7M1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 88f004b78a2a3643-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3540

GET
H3 200 dexview.svg
ghostface.fun/assets/ 3 KB
2 KB 246ms
238ms Image
image/svg+xml 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghostface.fun/assets/dexview.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d21ff9dccc0b75c5b285da76f4a94b18ef1cdab31864f200891e0870a3f39bce

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HZM4GBP5MXPMTVRWKRFY1XJ6
date: Wed, 05 Jun 2024 12:03:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"78c1d790ad8fb4d46d5c9568bb50faa1-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nXjkGOXNhfXL9Sqf8Gabe14ZxAUfnfFZQ1HvKOF7t7zOLsj5qEFLu45dp8OayhOQD0PCYN3IkFn0S1Qo0iEXi%2Fkj%2FOyZpAgJrt1jaxx66VL0SKxzI5eFzH7o87IrimSgDMqsmt7cXc51xtS"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400, must-revalidate
cf-ray: 88f004b78a2b3643-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Raydium.svg
ghostface.fun/assets/ 3 KB
1 KB 274ms
267ms Image
image/svg+xml 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghostface.fun/assets/Raydium.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf5c8eab7d78416a6e2af3945db973dcbb7679f2e44e4bb9dfd777b0d9a5f28a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HZM4GBPCK5ZMF23X2EMGYDCW
date: Wed, 05 Jun 2024 12:03:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"61ac2f06cc5650728add376539f504ba-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LGjPdhuYbbAGfJiYuDbZIwodu85xU7ogCXlus2xz8kIwTjM8%2FCsvAJ5dc4Caji2W35GFJJrGhs3YQRnH%2Fbp2gV5DVASZuAdGPTgdugeecYGSx7%2FHXeZRvJeNOdmUiCQ0hhIJYc0s4GXhPV2i"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400, must-revalidate
cf-ray: 88f004b78a2e3643-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 2F.png
ghostface.fun/assets/ 558 KB
559 KB 281ms
273ms Image
image/png 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghostface.fun/assets/2F.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 780c7932a9e9107799607dfc77b5b576cdd4e69df15d79f883519a629f57abb4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HZM4GBPHK4QFPTNRWHV4367A
date: Wed, 05 Jun 2024 12:03:16 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "e1c7bb720c4f5393e4e477402ff717c8-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BuN%2BNpf7nFsV6Wi%2B8OoeBqz25LayjCJHTL7Hv98uOEKE6mjVxVhS2H5CpNVQZWQydglaSvzp5CgALo9BfgWOYgVTPCGjX794sSSsqssi%2B8suwP4Sr1RwZ05Ny2jPFAvhZDrF7WqWKuwsyqqh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 88f004b78a303643-FRA
alt-svc: h3=":443"; ma=86400
content-length: 571549

GET
H3 206 music.mp3
ghostface.fun/ 66 KB
0 781ms
765ms Media
audio/mpeg 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostface.fun/music.mp3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://ghostface.fun/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HZM4GBPS5CGVSSG3XRXH8834
date: Wed, 05 Jun 2024 12:03:16 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: "c101e12f4cecceabbab5aa74ce462b97-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RhuGlMhB1Y3eJX44ZtC75oLl2cokmPlkA8RNbxYB5%2Fg1eK872LjikDxxwyGo%2BztWP4mfy437yOpOuaCfKuY%2F7SlvWS4Zplo0Pkrri4P3PTm0kycOzk0FtNdmMTnEEb3mRgnfEeUlRGQe8MUn"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-5628792/5628793
cache-control: public, max-age=14400, must-revalidate
cf-ray: 88f004b7aa503643-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 5628793

GET
H3 200 background-six.png
ghostface.fun/assets/ 476 KB
477 KB 264ms
255ms Image
image/png 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghostface.fun/assets/background-six.png
Requested by: Host: ghostface.fun
URL: https://ghostface.fun/assets/index-DuschYCY.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99d545154dbe7f4f10cf966e25c46a9caa5da26285e6e257d04ee64fc51243f3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/assets/index-DuschYCY.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HZF1M7VGJAGNPTA3GEEAE8XD
date: Wed, 05 Jun 2024 12:03:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=stale
etag: "97074ccd46040d9f062a6570b6583e2b-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aPj9Yb5x68R%2FQavXqp8X5GKPzBfgQpKkXt83K1r9ZDbeo4k9aHHWmBrkdlFe1EuC73qla3c%2Far%2FitlDNPt9zT4KDccouRr0zOjN3M2mvwhIbp8u0vj8PCrlEx7TTBDtsjj5CvX47eL4wwRzf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 88f004b7aa4e3643-FRA
alt-svc: h3=":443"; ma=86400
content-length: 487673

GET
H3 200 CHILLER-C-r5SxP8.TTF
ghostface.fun/assets/ 94 KB
64 KB 62ms
61ms Font
font/ttf 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostface.fun/assets/CHILLER-C-r5SxP8.TTF
Requested by: Host: ghostface.fun
URL: https://ghostface.fun/assets/index-DuschYCY.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64327ea7bccc5583396d6796cbc535d27c0389906a36312e5811d9ec535c6a03

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/assets/index-DuschYCY.css
Origin: https://ghostface.fun
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HZF1M7VM9JVE3D4ACZQ39H7A
date: Wed, 05 Jun 2024 12:03:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"b534b46cc9fb8a3528e37a19bcc56588-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=05PKXsDni3P9%2BiwORYe%2BP0Anv0EmaZRIKAkd34bwpwz1uhSCw%2FDvrzr%2FmuxySunZ0Tvsgv1BsUjsJ8uCmZkoyJnW04OZM%2BVF9CdEECKgogsO4z7C%2B0N0bDA4LuvWq1Xlr9C8jTJ%2Be%2Fmmk21g"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=14400, must-revalidate
cf-ray: 88f004b7ca6c3643-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 animeace2_reg-DARIzMjQ.ttf
ghostface.fun/assets/ 32 KB
15 KB 53ms
52ms Font
font/ttf 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostface.fun/assets/animeace2_reg-DARIzMjQ.ttf
Requested by: Host: ghostface.fun
URL: https://ghostface.fun/assets/index-DuschYCY.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da397371e46e5ee93be5f59478a667c3a2c2434754a60624561034e18c8beaa9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/assets/index-DuschYCY.css
Origin: https://ghostface.fun
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HZF1M7WQFZF6DXJ3B65C8MD7
date: Wed, 05 Jun 2024 12:03:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"bbc97e90a1b18baa8b330b10e6fc5836-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77GpYPCxIROhiRuvuoafXrXELr5feTp0sCvhP4sUtgd5bv4%2BmeaM0wZ%2FkQzUaPjZ7BFjLhEkF5%2BvMZFm3xP0jUFgyo0EiXMNf9UKa9WWD%2FKnmeVdgpaKDNLo2PWb77KjxP32ssMIRvXraXBz"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=14400, must-revalidate
cf-ray: 88f004b7ca6e3643-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
ghostface.fun/ 151 KB
84 KB 782ms
782ms Other
image/vnd.microsoft.icon 2606:4700:3034::ac43:879f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostface.fun/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:879f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a5dcd70256d042291904c5cc7f26db7ddfa329245f4876b179a71ed637cbcd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HZM4GBQGSCF8734CB01QGD3N
date: Wed, 05 Jun 2024 12:03:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"3263dff62d7589700d133d5982c8c1b9-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=175hK5UAdAMfbteq3WShAYkkL6fdbX8k1SbbpzTboCDDCfqbQ56qvh511wS5KrwzeAEpnBhB82kN1QNEswlNoaxLLOyyxJlbEJmcH%2FNyaZqslUTE9LEslKxK3yBR5bJpomPpOcFafOuzVzBf"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=14400, must-revalidate
cf-ray: 88f004b7ca723643-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CBQNZ39PDV&gtm=45je4630v9186578495za200&_p=1717588995690&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1059042464.1717588996&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717588995&sct=1&seg=0&dl=https%3A%2F%2Fghostface.fun%2F&dt=Ghost%20Face&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5553
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CBQNZ39PDV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ghostface.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 05 Jun 2024 12:03:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ghostface.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ghostface.fun/	1970-01-21 06:42:28	Name: _ga Value: GA1.1.1059042464.1717588996
			.ghostface.fun/	1970-01-21 06:42:28	Name: _ga_CBQNZ39PDV Value: GS1.1.1717588995.1.0.1717588995.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ghostface.fun
region1.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700:3034::ac43:879f
2a00:1450:4001:82f::2008
224cb0806c573a131b38e1dea85a15a583f0a76cb68e3de89eb9ad52963b5f63
379580909768ad5b87ad520dfd061714bc4d35b836c9cc1afce55f52e13e0db1
5c001622e38dab5fcf3bb677910c57964e7cfaea667c83c0f4fc80343ac2f095
64327ea7bccc5583396d6796cbc535d27c0389906a36312e5811d9ec535c6a03
780c7932a9e9107799607dfc77b5b576cdd4e69df15d79f883519a629f57abb4
99d545154dbe7f4f10cf966e25c46a9caa5da26285e6e257d04ee64fc51243f3
cf5c8eab7d78416a6e2af3945db973dcbb7679f2e44e4bb9dfd777b0d9a5f28a
d21ff9dccc0b75c5b285da76f4a94b18ef1cdab31864f200891e0870a3f39bce
d3a5dcd70256d042291904c5cc7f26db7ddfa329245f4876b179a71ed637cbcd
da1f2ad59f0cfe18301e07b5481e77371108d8bf74e4f5e8aa17d361775b9e82
da397371e46e5ee93be5f59478a667c3a2c2434754a60624561034e18c8beaa9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f71e78ac3686b99c05366b1d47e7e477722b37270352817f381b8f97d96578e2

ghostface.fun Open in urlscan Pro 2606:4700:3034::ac43:879f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1369 kBTransfer

1885 kBSize

2 Cookies

3 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

Indicators

ghostface.fun Open in urlscan Pro
2606:4700:3034::ac43:879f Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1369 kB
Transfer

1885 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions