rghost.net
Open in
urlscan Pro
2606:4700:30::681b:a375
Public Scan
Effective URL: https://rghost.net/855ThtlHw?r=1500
Submission: On November 27 via api from CZ
Summary
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 17th 2019. Valid for: 6 months.
This is the only time rghost.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.27.180.254 104.27.180.254 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
14 | 2606:4700:30:... 2606:4700:30::681b:a375 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:808::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c08::9a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:818::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
19 | 6 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
rghost.net |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
www.recaptcha.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
rghost.net
rghost.net |
817 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
google.de
www.google.de |
109 B |
1 |
google.com
1 redirects
www.google.com |
190 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
159 B |
1 |
gstatic.com
www.gstatic.com |
91 KB |
1 |
recaptcha.net
www.recaptcha.net |
819 B |
1 |
googletagmanager.com
www.googletagmanager.com |
27 KB |
1 |
rgho.st
1 redirects
rgho.st |
409 B |
19 | 9 |
Domain | Requested by | |
---|---|---|
14 | rghost.net |
rghost.net
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
1 | www.google.de |
rghost.net
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.gstatic.com |
www.recaptcha.net
|
1 | www.recaptcha.net |
rghost.net
|
1 | www.googletagmanager.com |
rghost.net
|
1 | rgho.st | 1 redirects |
19 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
t.me |
www.facebook.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni44416.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-11-17 - 2020-05-25 |
6 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
misc.google.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2019-11-05 - 2020-01-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://rghost.net/855ThtlHw?r=1500
Frame ID: 83CBD1F3745B71F24CC118E9ECCDBF00
Requests: 19 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://rgho.st/855ThtlHw?r=1500
HTTP 301
https://rghost.net/855ThtlHw?r=1500 Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- meta csrf-param /^authenticity_token$/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://rgho.st/855ThtlHw?r=1500
HTTP 301
https://rghost.net/855ThtlHw?r=1500 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1766903492&t=pageview&_s=1&dl=https%3A%2F%2Frghost.net%2F855ThtlHw%3Fr%3D1500&dp=%2F855ThtlHw&ul=en-us&de=UTF-8&dt=Paypal%20Checker.php%20%E2%80%94%20RGhost%20%E2%80%94%20file%20sharing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=4271912&gjid=2010204221&cid=2014336792.1574889228&tid=UA-15644263-1&_gid=1936569958.1574889228&_r=1>m=2ouav9&z=1372075779 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15644263-1&cid=2014336792.1574889228&jid=4271912&_gid=1936569958.1574889228&gjid=2010204221&_v=j79&z=1372075779 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15644263-1&cid=2014336792.1574889228&jid=4271912&_v=j79&z=1372075779 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15644263-1&cid=2014336792.1574889228&jid=4271912&_v=j79&z=1372075779&slf_rd=1&random=2264215650
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
855ThtlHw
rghost.net/ Redirect Chain
|
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400-d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843.woff2
rghost.net/assets/font-awesome/ |
74 KB 74 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900-3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be.woff2
rghost.net/assets/font-awesome/ |
74 KB 74 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular-2cd6b07b7855716761250290ce3cf447ccc98e793e484294d3fa8ccbb55b016a.woff
rghost.net/assets/roboto/ |
60 KB 61 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RobotoSlab-Regular-faf7aa5ba903daf6658fba09b30abd2bc812c6956df52df9791e9f59be86f7ed.woff
rghost.net/assets/roboto-slab/ |
23 KB 23 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Medium-72841a4c4171b13ab1edf2c8f8046f0958f2ff608ce4e0d568dd5c6319f8a933.woff
rghost.net/assets/roboto/ |
62 KB 62 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-6d63d9349dc7351fda55a9f0a60f22e912bb05abc02f119d8d8ca47ad363635f.css
rghost.net/assets/ |
729 KB 88 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-630a820b618a6280a3ff.js
rghost.net/packs/js/ |
1 MB 235 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
73 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reload-22801a33062992783f79ed3668214ba9f2fea1d6894e70fccd072a1272ea1f12.gif
rghost.net/assets/ |
24 KB 24 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
rghost.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 836 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.recaptcha.net/recaptcha/ |
731 B 819 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
only_ghost-c23ee1700b2ee59b9dbcbcb2e38245baadb66f47ee3e3c6e94e67968be5323b4.svg
rghost.net/assets/ |
1 KB 678 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Bold-e7cbaf29c3812b80577cb845b5d359486242338f25620ba65260e265464fe359.woff
rghost.net/assets/roboto/ |
61 KB 62 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Light-2cbb012f1d36c09d3f17100ef2cf8213cbd429d9e519dff536c12ed6f07a0d25.woff
rghost.net/assets/roboto/ |
61 KB 61 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
file-extensions-6014f70763e04959ceb462258880af71247fb479438a4c310433941c9c891c84.woff
rghost.net/assets/ |
46 KB 46 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/75nbHAdFrusJCwoMVGTXoHoM/ |
254 KB 91 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| $ function| jQuery function| tc function| initTheme function| gtag function| track_event function| track_error object| turbolinks_scroll object| RGHost object| __SENTRY__ function| setImmediate function| clearImmediate object| RecaptchaFetcher object| ShareBlockLogic object| Share object| ShowBlockLogic function| t object| Turbolinks boolean| _rails_loaded object| Rails boolean| initThemeComplete string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rghost.net/ | Name: _gat_gtag_UA_15644263_1 Value: 1 |
|
.rghost.net/ | Name: _gid Value: GA1.2.1936569958.1574889228 |
|
rghost.net/ | Name: _rghs Value: 0C66cGvBeuhtbDDOYqnXqE1wvcD%2FZTbQAp2eJeY8mMbmGIBZh8FSkj7icek%2FOvetaiIktI%2BrmtDq4ptxoqLwdMmO5pxIdcDqAlaClLjlHmdPjTgSMH8SqrMcF6xyU805o5dsLAxgm0MDhapKhW5k343DDFsrEYi0OeATR4GVR9vmdtQXxcNizTZ8IVO7hUIygAfNtBUNfrj%2B9EFegH60mdZvAnaU%2Fad2pMWZo%2FR81CasblP98q4s3AbBjc1cDlmLBOJkO%2BzrD%2Fxn5xrPQRQljtKUd%2BrTPqwvFpZ%2FlQhS%2F%2Fjtu9A%3D--PctnCNTY8E7gUJOQ--dfam5mk4wG0sU8lKdrUzZA%3D%3D |
|
.rghost.net/ | Name: _ga Value: GA1.2.2014336792.1574889228 |
|
.rghost.net/ | Name: __cfduid Value: d23e8426b5ee6cc7000a53eb67563a9281574889228 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
rgho.st
rghost.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
104.27.180.254
2606:4700:30::681b:a375
2a00:1450:4001:800::2003
2a00:1450:4001:808::200e
2a00:1450:4001:815::2003
2a00:1450:4001:818::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:821::2008
2a00:1450:400c:c08::9a
22801a33062992783f79ed3668214ba9f2fea1d6894e70fccd072a1272ea1f12
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2cbb012f1d36c09d3f17100ef2cf8213cbd429d9e519dff536c12ed6f07a0d25
2cd6b07b7855716761250290ce3cf447ccc98e793e484294d3fa8ccbb55b016a
3b6f51d30b4b20b9e7b3da75b5c14a51ce39ec203b9fa37e043f097272d5540e
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
5ba5df41a47b0ec9251b6b0ee09e20b2c1296aa5bb8d751182be504c190aa0ca
6014f70763e04959ceb462258880af71247fb479438a4c310433941c9c891c84
72841a4c4171b13ab1edf2c8f8046f0958f2ff608ce4e0d568dd5c6319f8a933
addeb673cb68e82aa48dce8d59a79a08d67bf386f789af989af571880410e921
c23ee1700b2ee59b9dbcbcb2e38245baadb66f47ee3e3c6e94e67968be5323b4
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
d8d83edaf287f3e8041d07ecbacd44e29c16891070c8c754f9b2b64de8ac9466
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e7cbaf29c3812b80577cb845b5d359486242338f25620ba65260e265464fe359
ec08c3dd181a778ea3f5c326c7fed52899808152cf4215e60f470bc0ed917d70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6daf045c50ca2d97637342c1938467b62ba21c0c31b01e0f30d80c38b58ea87
faf7aa5ba903daf6658fba09b30abd2bc812c6956df52df9791e9f59be86f7ed