Google Analytics shows /ghost/authframe

It’s used by the comments app so it can authenticate a logged in admin user for comment moderation. There’s no security issue or bug, it’s there by design and builds off the existing secure cookie used for the admin area.