portal.fxgt.com Open in urlscan Pro
2606:4700:10::6816:4d8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gemforex.co/
Effective URL:
https://portal.fxgt.com/register?refid=gemforex
Submission: On September 01 via manual (September 1st 2023, 8:53:04 am UTC) from JP — Scanned from NL

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 17 HTTP transactions. The main IP is 2606:4700:10::6816:4d8, located in United States and belongs to CLOUDFLARENET, US. The main domain is portal.fxgt.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 28th 2023. Valid for: a year.

This is the only time portal.fxgt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:10:... 2606:4700:10::6816:4d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	3

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gemforex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:4d8 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.fxgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	fxgt.com portal.fxgt.com	158 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6130	20 KB
1	gemforex.co 1 redirects gemforex.co	769 B
17	3

	Domain	Requested by
11	portal.fxgt.com	portal.fxgt.com
4	challenges.cloudflare.com	portal.fxgt.com challenges.cloudflare.com
1	gemforex.co	1 redirects
17	3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
fxgt.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-28`	a year	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://portal.fxgt.com/register?refid=gemforex
Frame ID: 9232A7F601A81E7A18D12B84EFFD493E
Requests: 17 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/b4wuc/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 29823B662D7DA812F202A25F4CCDD382
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8pv4g/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: ECDCFC06E74EC8BE2724119850AE83E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

http://gemforex.co/ HTTP 302
https://portal.fxgt.com/register?refid=gemforex Page URL
https://portal.fxgt.com/register?refid=gemforex Page URL

Page Statistics

17
Requests

88 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

178 kB
Transfer

453 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=j
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gemforex.co/ HTTP 302
https://portal.fxgt.com/register?refid=gemforex Page URL
https://portal.fxgt.com/register?refid=gemforex Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gemforex.co/ HTTP 302
https://portal.fxgt.com/register?refid=gemforex

17 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

http://gemforex.co/
https://portal.fxgt.com/register?refid=gemforex

6 KB
5 KB

101ms
35ms

Document
text/html

2606:4700:10::6816:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fxgt.com/register?refid=gemforex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41ed5025bbfb10cd802d89489fd4a1aa2eb54b63ba679cf741e43ac8e42519ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7ffc47bace47bbf5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 01 Sep 2023 08:52:58 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

CF-RAY: 7ffc47ba1e1c9b2d-FRA
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Date: Fri, 01 Sep 2023 08:52:58 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Location: https://portal.fxgt.com/register?refid=gemforex
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxdlnB%2BQZ7KYs0kbmmBW7Z65oQoiOVMIPtVbg7kC7jA%2Bs2Q4HhUkmouH8qJc6x70a%2FbN23dNFqwRsBA8%2BqRDv4T1uRfYqk0JbuAYQ0vBlbWPfJBSRoYZM81vNl%2FaBVSl3%2BN9zjojDSiYhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 challenges.css
portal.fxgt.com/cdn-cgi/styles/ 6 KB
3 KB 26ms
25ms Stylesheet
text/css 2606:4700:10::6816:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fxgt.com/cdn-cgi/styles/challenges.css

Requested by

Host: portal.fxgt.com
URL: https://portal.fxgt.com/register?refid=gemforex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://portal.fxgt.com/register?refid=gemforex
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 08:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 13:09:20 GMT
server: cloudflare
etag: W/"64e60500-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7ffc47bb3efbbbf5-FRA
expires: Fri, 01 Sep 2023 10:52:58 GMT

GET
H3 200 v1 Show response
portal.fxgt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 166 KB
57 KB 46ms
45ms Script
application/javascript 2606:4700:10::6816:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fxgt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ffc47bace47bbf5

Requested by

Host: portal.fxgt.com
URL: https://portal.fxgt.com/register?refid=gemforex

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7550bf249c3337cce1e3e5c8e32eccaec44e1e49bcf20ad2721a39b71da8a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://portal.fxgt.com/register?refid=gemforex&__cf_chl_rt_tk=oAdB.uG__WDgXiOwOR_AihWDWDW3MOH0ajwiUMArxpk-1693558378-0-gaNycGzNCzs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 08:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ffc47bb7e2f1e58-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/be88c2a1/ 29 KB
10 KB 128ms
44ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/be88c2a1/api.js?onload=GuZZHB3&render=explicit
Requested by: Host: portal.fxgt.com
URL: https://portal.fxgt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ffc47bace47bbf5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92cefd873feda547496b569ec49cc16ea82c1c28959c46bc8b096b57afe04be7

Request headers

Referer
Origin: https://portal.fxgt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 08:52:59 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7ffc47bcca594d46-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
portal.fxgt.com/ 6 KB
6 KB 47ms
46ms Image
text/html 2606:4700:10::6816:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.fxgt.com/favicon.ico

Requested by

Host: portal.fxgt.com
URL: https://portal.fxgt.com/register?refid=gemforex

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa54414d4701ebb98cc28f6ddf3a74e18e88f6de31fd611d56949d8fa66fe9fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://portal.fxgt.com/register?refid=gemforex
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 08:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=cvM2iNYyA2JG.g1I2sXkgJqH9nwhcojopLRLqa1YnMY-1693558378-0-AdJSqAhHUZOouhicMpv5BFtwX10tMeTiFf_LSh2Yb8bfj7trGJZ7AM8SHlYQ9l-LLOXtNcX7Hk9BMK8ZKzUvxOF9aRoQ548hggkImf-tw0VhZ99EvQ0J4vc8FFgyP3pLdVhKuJY4W1t-bf-fFLFSo15aZRp9SXCHFAb2LqJVhtge1cNdORYHmp7LgC2jyhZolw; report-to cf-csp-endpoint
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=cvM2iNYyA2JG.g1I2sXkgJqH9nwhcojopLRLqa1YnMY-1693558378-0-AdJSqAhHUZOouhicMpv5BFtwX10tMeTiFf_LSh2Yb8bfj7trGJZ7AM8SHlYQ9l-LLOXtNcX7Hk9BMK8ZKzUvxOF9aRoQ548hggkImf-tw0VhZ99EvQ0J4vc8FFgyP3pLdVhKuJY4W1t-bf-fFLFSo15aZRp9SXCHFAb2LqJVhtge1cNdORYHmp7LgC2jyhZolw"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/html; charset=UTF-8
x-frame-options: DENY
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7ffc47bc4f311e58-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 4792e0a8-1660-4894-b79f-462de13d7d52
https://portal.fxgt.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://portal.fxgt.com/4792e0a8-1660-4894-b79f-462de13d7d52
Requested by: Host: portal.fxgt.com
URL: https://portal.fxgt.com/register?refid=gemforex
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://portal.fxgt.com/register?refid=gemforex
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 2de55f76e3f1171 Show response
portal.fxgt.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1175472346:1693556544:NFoVJFwDuZhoqo-z7mSsNDgmKS2MoAMA7mYNVQgZIXY/7ffc47bace47bbf5/ 9 KB
7 KB 49ms
48ms XHR
text/plain 2606:4700:10::6816:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fxgt.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1175472346:1693556544:NFoVJFwDuZhoqo-z7mSsNDgmKS2MoAMA7mYNVQgZIXY/7ffc47bace47bbf5/2de55f76e3f1171

Requested by

Host: portal.fxgt.com
URL: https://portal.fxgt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ffc47bace47bbf5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

032f76372106ad8a14d3348b4762a851bafd5e213497f26a15a97a7b98839a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portal.fxgt.com/register?refid=gemforex
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
CF-Challenge: 2de55f76e3f1171
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 01 Sep 2023 08:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain; charset=UTF-8
cf-ray: 7ffc47bcf85f1e58-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: Z1HWRbae2F+v+lEidS8J4iKGSwBasWLRIsvm8Yw/bvdeKh5uNQEipfLY9gfh6sxl$4Y+wvWPYIcBbnMTVmdMaUw==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/b4wuc/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 2982 0
0 65ms
32ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/b4wuc/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/be88c2a1/api.js?onload=GuZZHB3&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ffc47bdf8cc047a-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 08:52:59 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 2de55f76e3f1171 Show response
portal.fxgt.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1175472346:1693556544:NFoVJFwDuZhoqo-z7mSsNDgmKS2MoAMA7mYNVQgZIXY/7ffc47bace47bbf5/ 2 KB
2 KB 50ms
49ms XHR
text/html 2606:4700:10::6816:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fxgt.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1175472346:1693556544:NFoVJFwDuZhoqo-z7mSsNDgmKS2MoAMA7mYNVQgZIXY/7ffc47bace47bbf5/2de55f76e3f1171

Requested by

Host: portal.fxgt.com
URL: https://portal.fxgt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ffc47bace47bbf5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e37d405ea85b72182fa36b3dc5d81951fbf419fe9333137ccd97a42758943ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portal.fxgt.com/register?refid=gemforex
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
CF-Challenge: 2de55f76e3f1171
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: WWDy/NmToqWVSbxdU2i4+rrs8z1nSvoyTzDu0ExgPaOZkhvkks1K+Fuk78oQ4R8NPuqNjNgaF1whU2e9nRpHWdQ47z5RBDMVwN4GcoT5/u8=$ioa70MfSi080O8dfvShHqg==
cf-chl-out-s: ziGqs6hB7kgCMOxnwd+iB6CXIiN97zT/IUJBAHaneFpjLmqJLdLYlQKaDUZKE+hlFNTAcd0OLoJfrMZ3UT1atyRqAxCf3uMyfjOqXy6sP3aV0LtoMlzQ/LEUzJ1C/Yiwji2UmD0vUXccM92DncJyDpZTViuWTASyCjUW8DfW4ys=$+bjI+EA86f+DzW71CeAfmQ==
date: Fri, 01 Sep 2023 08:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/html; charset=UTF-8
cf-ray: 7ffc47c03d4d1e58-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 Primary Request register Show response
portal.fxgt.com/ 6 KB
4 KB 34ms
33ms Document
text/html 2606:4700:10::6816:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fxgt.com/register?refid=gemforex

Requested by

Host: portal.fxgt.com
URL: https://portal.fxgt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ffc47bace47bbf5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e728da002971e9941a4ea2813be868c9786079d6e68ec7770907a7c97317d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portal.fxgt.com/register?refid=gemforex
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7ffc47cf0a031e58-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 01 Sep 2023 08:53:01 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 challenges.css
portal.fxgt.com/cdn-cgi/styles/ 6 KB
3 KB 22ms
22ms Stylesheet
text/css 2606:4700:10::6816:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fxgt.com/cdn-cgi/styles/challenges.css

Requested by

Host: portal.fxgt.com
URL: https://portal.fxgt.com/register?refid=gemforex

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://portal.fxgt.com/register?refid=gemforex
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 08:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 13:09:20 GMT
server: cloudflare
etag: W/"64e60500-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7ffc47cf4a501e58-FRA
expires: Fri, 01 Sep 2023 10:53:01 GMT

GET
H3 200 v1 Show response
portal.fxgt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 171 KB
59 KB 37ms
36ms Script
application/javascript 2606:4700:10::6816:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fxgt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ffc47cf0a031e58

Requested by

Host: portal.fxgt.com
URL: https://portal.fxgt.com/register?refid=gemforex

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e3fa10b4cf3d6bb950ce9e581c35dde75d88444c80d676877ae24e4848de94c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://portal.fxgt.com/register?refid=gemforex&__cf_chl_rt_tk=4j9yAc9taaOeu1FXA5rm8Gnawy5pIs.LV3TYvjjVbG4-1693558381-0-gaNycGzNCjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 08:53:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ffc47cf6a751e58-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/be88c2a1/ 29 KB
10 KB 74ms
73ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/be88c2a1/api.js?onload=GuZZHB3&render=explicit
Requested by: Host: portal.fxgt.com
URL: https://portal.fxgt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ffc47cf0a031e58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92cefd873feda547496b569ec49cc16ea82c1c28959c46bc8b096b57afe04be7

Request headers

Referer
Origin: https://portal.fxgt.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 08:53:02 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7ffc47cfdc904d46-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
portal.fxgt.com/ 6 KB
6 KB 36ms
36ms Image
text/html 2606:4700:10::6816:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.fxgt.com/favicon.ico

Requested by

Host: portal.fxgt.com
URL: https://portal.fxgt.com/register?refid=gemforex

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f710f01bbbf6395677a35ba4ce0fe6596670c546a893995f92274cb2a08464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://portal.fxgt.com/register?refid=gemforex
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 08:53:02 GMT
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7ffc47cfdb111e58-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 6307c9ec-39d6-4c31-84ff-ea330a761b21
https://portal.fxgt.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://portal.fxgt.com/6307c9ec-39d6-4c31-84ff-ea330a761b21
Requested by: Host: portal.fxgt.com
URL: https://portal.fxgt.com/register?refid=gemforex
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://portal.fxgt.com/register?refid=gemforex
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 a9c80943d829e27 Show response
portal.fxgt.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2037472787:1693556647:FU8GFQ6RmlgReqSCSqn5MXg54zL97-MZSXLwc02mocM/7ffc47cf0a031e58/ 9 KB
7 KB 898ms
898ms XHR
text/plain 2606:4700:10::6816:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.fxgt.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2037472787:1693556647:FU8GFQ6RmlgReqSCSqn5MXg54zL97-MZSXLwc02mocM/7ffc47cf0a031e58/a9c80943d829e27

Requested by

Host: portal.fxgt.com
URL: https://portal.fxgt.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7ffc47cf0a031e58

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a770e08c0bc2345c7d011cc5f211f3674fbba8478f009ef2462385faa7a64956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portal.fxgt.com/register?refid=gemforex
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
CF-Challenge: a9c80943d829e27
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 01 Sep 2023 08:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain; charset=UTF-8
cf-ray: 7ffc47d08c281e58-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: q3TNJuWSYVaJIPW1tBcHnMv6p6BD3/nOw7T4CR/GUbSKONxZP8EMhSMIWcoWOPJi$bFUTnyRlWjLm1j6pbUR8NQ==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8pv4g/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame ECDC 0
0 70ms
56ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8pv4g/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/be88c2a1/api.js?onload=GuZZHB3&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ffc47d6d8ca047a-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 01 Sep 2023 08:53:03 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.fxgt.com/	1970-01-20 14:26:00	Name: __cf_bm Value: MPJjr3sYi4CliSmfSLlUjo7oNIaeZBdOV3ajwg4CjYA-1693558378-0-ARbEzSqH4aR0NoOkdCYp09vS1Xd8kNe9RmxTYIJ54vrf4DOQM5ZwOR5jZAiRhMfRsCbAIVRTr2nIdeobnPCVNQY=
			portal.fxgt.com/	1970-01-20 14:26:01	Name: cf_chl_rc_ni Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://portal.fxgt.com/register?refid=gemforex Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://portal.fxgt.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://portal.fxgt.com/register?refid=gemforex Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://portal.fxgt.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
gemforex.co
portal.fxgt.com
2606:4700:10::6816:4d8
2606:4700::6811:3b8
2a06:98c1:3121::3
032f76372106ad8a14d3348b4762a851bafd5e213497f26a15a97a7b98839a13
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
3e728da002971e9941a4ea2813be868c9786079d6e68ec7770907a7c97317d60
41ed5025bbfb10cd802d89489fd4a1aa2eb54b63ba679cf741e43ac8e42519ca
7e3fa10b4cf3d6bb950ce9e581c35dde75d88444c80d676877ae24e4848de94c
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
91f710f01bbbf6395677a35ba4ce0fe6596670c546a893995f92274cb2a08464
92cefd873feda547496b569ec49cc16ea82c1c28959c46bc8b096b57afe04be7
a7550bf249c3337cce1e3e5c8e32eccaec44e1e49bcf20ad2721a39b71da8a65
a770e08c0bc2345c7d011cc5f211f3674fbba8478f009ef2462385faa7a64956
aa54414d4701ebb98cc28f6ddf3a74e18e88f6de31fd611d56949d8fa66fe9fa
e37d405ea85b72182fa36b3dc5d81951fbf419fe9333137ccd97a42758943ff3
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

portal.fxgt.com Open in urlscan Pro 2606:4700:10::6816:4d8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

88 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

178 kBTransfer

453 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

2 Cookies

6 Console Messages

Security Headers

Indicators

portal.fxgt.com Open in urlscan Pro
2606:4700:10::6816:4d8 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

88 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

178 kB
Transfer

453 kB
Size

2
Cookies

17 HTTP transactions
2 data transactions