ghostshop.pro - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3034::6815:15ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is ghostshop.pro.
TLS certificate: Issued by E1 on July 10th 2023. Valid for: 3 months.

This is the only time ghostshop.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3034::6815:15ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2c40::c7... 2606:2c40::c73c:671c	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
7	2

6 2606:4700:3034::6815:15ef (United States)

ASN13335 (CLOUDFLARENET, US)

ghostshop.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2c40::c73c:671c (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

academy.avast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ghostshop.pro ghostshop.pro	176 KB
1	avast.com academy.avast.com — Cisco Umbrella Rank: 465087	199 KB
7	2

	Domain	Requested by
6	ghostshop.pro	ghostshop.pro
1	academy.avast.com	ghostshop.pro
7	2

This site contains no links.

Subject Issuer	Validity	Valid
ghostshop.pro E1	`2023-07-10` - `2023-10-08`	3 months	crt.sh
academy.avast.com GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ghostshop.pro/
Frame ID: 20C89C40CAC1090F847078DA92374784
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ghost Shop

Page Statistics

7
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

375 kB
Transfer

942 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ghostshop.pro/ 705 B
808 B 146ms
48ms Document
text/html 2606:4700:3034::6815:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostshop.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab678f335de79af7938389705eff6fd289c8ee228da7002afa223113f8af1eaf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e58936f7d1a39e0-FRA
content-encoding: br
content-type: text/html
date: Wed, 12 Jul 2023 10:24:20 GMT
last-modified: Tue, 11 Jul 2023 19:56:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tb1GYilJcW2rCOsgna85jebChEZHM3Gz9%2Fhn1T2uEkMyyVFkCUaopSHbYg1UxzTTG7HXbaiPFDJJi926O0kpHC6XAGbF2PidLXJt91HCzwigooRjAM%2FYDK7khgxJvrfGE%2FzZ52ffAimpQRP%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 chunk-vendors.ae149c76.js Show response
ghostshop.pro/js/ 456 KB
119 KB 63ms
62ms Script
application/javascript 2606:4700:3034::6815:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostshop.pro/js/chunk-vendors.ae149c76.js
Requested by: Host: ghostshop.pro
URL: https://ghostshop.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f86871ed9ca317326f41857e21e51de1e17e27f9fb28a1dccb2d3cb0b6761030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ghostshop.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 10:24:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2023 19:56:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64adb3f8-72181"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7c2xy02zgVhY8hgpbHJkc9svPkt7CRckAhDKjiLOmKEYvE9DEmvvlKXGSUWEk%2FN0ov%2FVP3TPZVUqF6cIoULGtKJSPVeaF4dvCi5GIlEBGZ1iAWkVnRgDlybx4MUwfjG2nIkWM6ddlfHUW11"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e58936fcd9739e0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 app.5d1a6cad.js Show response
ghostshop.pro/js/ 66 KB
23 KB 55ms
54ms Script
application/javascript 2606:4700:3034::6815:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostshop.pro/js/app.5d1a6cad.js
Requested by: Host: ghostshop.pro
URL: https://ghostshop.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3948849f95f8cd1bf7379eaa6eb4d51132e3713521d47ea7beb494eecc50f18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ghostshop.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 10:24:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2023 19:56:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64adb3f8-106ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqxbXRjBy9U3kP49mAkak4vIDPoYytGkrM2PWmZ8t3eCwoyUgrBLpxlwuptqMT7m7s4vAPHi9ABpRdsntX6bBe9tF72AIZEjJuXWcOYuKptdAJXW%2Fe%2BXOxKP59ZHMOLhSpSFuAt7XHX3IXze"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e58936fcd9a39e0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 chunk-vendors.3eef3c85.css
ghostshop.pro/css/ 222 KB
32 KB 93ms
92ms Stylesheet
text/css 2606:4700:3034::6815:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostshop.pro/css/chunk-vendors.3eef3c85.css
Requested by: Host: ghostshop.pro
URL: https://ghostshop.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c0bcb77fa2a6c046076154ca131fe3405dbd0db9ef31bd206c83da5b52c129e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ghostshop.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 10:24:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 11 Jul 2023 19:56:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64adb3f8-376ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDSClxugKoD35bA9jEE2lBnKAEkw%2FZ6tJpRgnJXudY51bid6ELDcjjCvdF8LNAoediz4qXrcJOwCzop4PVYKujfrUSrgTHrxIkmyDHLWnNQG51L8o847u%2FH9l7F6%2FxoLkpRlVNs%2Fh7girib6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e58936fcd9839e0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 app.0d5a582c.css
ghostshop.pro/css/ 460 B
531 B 52ms
52ms Stylesheet
text/css 2606:4700:3034::6815:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ghostshop.pro/css/app.0d5a582c.css
Requested by: Host: ghostshop.pro
URL: https://ghostshop.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1540d1461d22464310aab825a04a333a8f55dd762965443d0588b7153eabf7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ghostshop.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 10:24:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 11 Jul 2023 19:56:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64adb3f8-1cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8QuTRiCPIaAAcOlrHP36Iq7Pem3Xra3GiMc7hZ2O2GJjvVgmvmuEnRJddjiCURXASdCp5nkGTmQwXLk6KXtzESrY1ysO8M5z4LYehwvuxwQEtRje1hwXTsX36CPD1MhTua%2FgH2u8gljDsYA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e58936fcd9939e0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 verizon Show response
ghostshop.pro/api/email/ 64 B
585 B 67ms
66ms XHR
application/json 2606:4700:3034::6815:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ghostshop.pro/api/email/verizon

Requested by

Host: ghostshop.pro
URL: https://ghostshop.pro/js/chunk-vendors.ae149c76.js

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:15ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9120c32be5add8b28834334d90d8f65dc2848c1a3e8ae99a5d26fc78eba40458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer: https://ghostshop.pro/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 10:24:21 GMT
content-encoding: br
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
server: cloudflare
x-frame-options: DENY
vary: Accept, origin
content-type: application/json
allow: GET, HEAD, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wj1H%2BvU7M17N6aupECLvdSTgmvWs4pR92AtBrlu1lSefXmWtCqJzuQxKxdZdEsz%2F06pXMucHOpN0r8KGEn303JAj09aMh87E9vJY0IO6EOJs5pqb3W1iWmLW%2BpLqWvnEs9V%2FBD7Jk7qNrdza"}],"group":"cf-nel","max_age":604800}
cf-ray: 7e5893764e499bb2-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Cracking-Thumb.png
academy.avast.com/hubfs/New_Avast_Academy/what_is_cracking_academy_a1_refresh/ 197 KB
199 KB 145ms
63ms Image
image/webp 2606:2c40::c73c:671c
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://academy.avast.com/hubfs/New_Avast_Academy/what_is_cracking_academy_a1_refresh/Cracking-Thumb.png

Requested by

Host: ghostshop.pro
URL: https://ghostshop.pro/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c09e6f55af153d4d7745196e101a5350608c52377755d7fbef2b2f00cca57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ghostshop.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-67346596183,FD-67347613289,P-4650993,FLS-ALL
x-amz-request-id: 025J6YPD47HDT0BD
x-amz-server-side-encryption: AES256
edge-cache-tag: F-67346596183,FD-67347613289,P-4650993,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Cracking-Thumb.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 20
cf-bgj: imgq:85,h2pri
etag: "aa592a94d9000726f64d230179aace4c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1646067877589
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 20
date: Wed, 12 Jul 2023 10:24:21 GMT
strict-transport-security: max-age=31536000
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: B81JQQ.73c9CTqC1RA9vz7k6Erui0vcr
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=259351
x-cache: RefreshHit from cloudfront
cache-tag: F-67346596183,FD-67347613289,P-4650993,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 201346
x-amz-id-2: +4ACz8hFECVwsukQpnDflTwi7oHDD3UwpoTeqbXMzZqVKv1+TvxUnwgxGQtG/HwcstPI+ixWbyY=
last-modified: Mon, 28 Feb 2022 17:04:38 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkjTf8ySQZiyC7vFJ1XvMIy12ob%2F%2F3j4fq3P5g7iwdB8i6cmhlCuS6UluGjn54TjLjgHXcoylUGDCskLS868q2Bmd8%2B2AXDOKt7BtYpnJoY%2FUpuMbDa3XKudUtZas56Md5lcGdK28JGo3D0Pn23u"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7e589376cf309bb2-FRA
x-amz-cf-id: Rb0fFar3_6JRl5bNEHNr2IdJcaP2ssr2qHHHuNPEsLQm0QUQtHsEVQ==

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.academy.avast.com/	1970-01-20 13:12:39	Name: __cf_bm Value: dd5eZbLw4uVm4Bw0mtJj9iXgEsTaj7EO.xMM4nIWLx8-1689157461-0-AUwCTQXdUgtRPUm9lUBJFbBXTzur8sTW25DwaFfrVVpMqymFM2q4JeTaTZZOC0H+CNqS9QvmFXHRbp/ncPEQAM8=
			.academy.avast.com/	1969-12-31 23:59:59	Name: __cfruid Value: c37d798717fe5dfe2e2a5761e357037ea72965c0-1689157461

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

academy.avast.com
ghostshop.pro
2606:2c40::c73c:671c
2606:4700:3034::6815:15ef
1540d1461d22464310aab825a04a333a8f55dd762965443d0588b7153eabf7c4
7c0bcb77fa2a6c046076154ca131fe3405dbd0db9ef31bd206c83da5b52c129e
9120c32be5add8b28834334d90d8f65dc2848c1a3e8ae99a5d26fc78eba40458
a53c09e6f55af153d4d7745196e101a5350608c52377755d7fbef2b2f00cca57
ab678f335de79af7938389705eff6fd289c8ee228da7002afa223113f8af1eaf
c3948849f95f8cd1bf7379eaa6eb4d51132e3713521d47ea7beb494eecc50f18
f86871ed9ca317326f41857e21e51de1e17e27f9fb28a1dccb2d3cb0b6761030

ghostshop.pro Open in urlscan Pro 2606:4700:3034::6815:15ef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

375 kBTransfer

942 kBSize

2 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

Indicators

ghostshop.pro Open in urlscan Pro
2606:4700:3034::6815:15ef Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

375 kB
Transfer

942 kB
Size

2
Cookies

7 HTTP transactions
0 data transactions