Suspected phishing site | Cloudflare

phishing scam

technology software

English

You're looking at domain 'createwebsite.ghost.io' on the British Indian Ocean Territory country-code top-level domain (.io); it also runs on subdomain 'createwebsite'. The registrable portion 'ghost' spans 5 characters split between 1 vowel and four consonants. Tokenizing the label suggests 1 word: ghost. Median word length comes out to 5 characters. No strong language cues emerged from the frequency lists.

html/7f/77/7f779fb5-3728-467c-9433-9aefc5b7194a_fallback.html.gz

html/7f/77/7f779fb5-3728-467c-9433-9aefc5b7194a.html.gz

3bceafa53269a4c05c1f59e9293f7915e7e85a4119d0647ce5299b2b40941137

50e878a18b2b5be7071dc7c10297381bcfcb55f17c27760ee857af9e31133324

76f74cf8cbe686197a7d645ef726a987f02a1253716eb250b8f20b0ea3f1e51c

18a52fd2cc16c86bcba28796b0e231144f219cc87e049c41d9d378b880a42fba

275407540ae2d5516300e4027ce994e1c97f958d464e137d0fff116d7acf0f24

390eefa5af21228aaab4bb7eb68043b2468a645b3c861aaba17b226cc8c05d95

robots

viewport

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/

html/7f/77/7f779fb5-3728-467c-9433-9aefc5b7194a_nodriver.html.gz

Abuse Team

CloudFlare, Inc.

pages.dev


  if (!navigator.cookieEnabled) {
    window.addEventListener('DOMContentLoaded', function () {
      var cookieEl = document.getElementById('cookie-alert');
      cookieEl.style.display = 'block';
    })
  }



    function onTurnstileSuccess(token) {
      document.getElementById("bypass-button").disabled = false;
    }
  


    window._cf_translation = {};
    
    
  

X-UA-Compatible

☠️ Malicious - https://createwebsite.ghost.io/suite-web/

Security Scan Report: createwebsite.ghost.io

Summary

AI Security Verdict

High Risk

Risk Factors

Details

Bot Protection Detected

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History