urlscan.io logo urlscan.io
SecurityTrails logo

nightsatvegas.com Open in urlscan Pro
2606:4700:3031::ac43:8a7a  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trk.klclick3.com/ls/click?upn=ywBj43t9mVZI2hb2gzrWFyzpWRRchB-2BgxE22QfFDaE67ufoUoE7xCWAe78B25o6ovc8kyU0ChiqddKZdv...
Effective URL: https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Submission: On November 29 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3031::ac43:8a7a, located in United States and belongs to CLOUDFLARENET, US. The main domain is nightsatvegas.com.
TLS certificate: Issued by GTS CA 1P5 on November 24th 2023. Valid for: 3 months.
This is the only time nightsatvegas.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:223... 16509 (AMAZON-02)
3 13 2606:4700:303... 13335 (CLOUDFLAR...)
10 1
Apex Domain
Subdomains		 Transfer
13 nightsatvegas.com
nightsatvegas.com
39 KB
1 klclick3.com
trk.klclick3.com — Cisco Umbrella Rank: 37393
338 B
10 2
Domain Requested by
13 nightsatvegas.com 3 redirects nightsatvegas.com
1 trk.klclick3.com 1 redirects
10 2

This site contains no links.

Subject Issuer Validity Valid
nightsatvegas.com
GTS CA 1P5		 2023-11-24 -
2024-02-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Frame ID: AD1023DEEA52AC5CF89C3E997177B51D
Requests: 6 HTTP requests in this frame

Frame: https://nightsatvegas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 0F2213724C236B5DE6A6640ABFF30C66
Requests: 2 HTTP requests in this frame

Frame: https://nightsatvegas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 8C9BADCE8B9E3BC2F5192C99FE773FD3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://trk.klclick3.com/ls/click?upn=ywBj43t9mVZI2hb2gzrWFyzpWRRchB-2BgxE22QfFDaE67ufoUoE7xCWAe78B25... HTTP 302
    https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH Page URL
  2. https://nightsatvegas.com/cdn-cgi/phish-bypass?atok=.nmon9InrSMRXW809pfxNgEHShLO02E7AxjJTaAgVg0-170124... HTTP 301
    https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH Page URL
  3. https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH Page URL

Page Statistics

10
Requests

80 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

38 kB
Transfer

63 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trk.klclick3.com/ls/click?upn=ywBj43t9mVZI2hb2gzrWFyzpWRRchB-2BgxE22QfFDaE67ufoUoE7xCWAe78B25o6ovc8kyU0ChiqddKZdvoOcIparL99MgslYwVHmlx2fGqumEzN6QK0v7EA4v-2FGItBwMov1TtkM-2Bp9RODlRiPuD9Ke7YxjSi6996SoMx-2FxO8Bng-3DQzxA_PoPSv5Gw7kvm-2FaTPf5isV0F8OzVemx3-2BMda5lKttFwV5hYNASaBIOvhduvo23ZgN-2F8HqQRRSFyPnwsEPnCA4w6P3MZBb-2Fu7ndoP5jkyHgtMDr0yhhETWo9sA2aHAdZFwxZBSPLP9vf206r6SEtgRmgV4rLlEoBSXqx6Y6gDJFfCfT6S4c8MyjEW4bDMCTeyaQuSP6hdjpN51jiaBXcyvFIo8R92Rj0OKuheTvTzD3cYFWelEnzgWRceMznQnSLqNkomGHCuNIJFNanWx5Cdw4HscpiGwnpozwbCfokPGWXwKb4lJYeDUatT0qYyvLWB5 HTTP 302
    https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH Page URL
  2. https://nightsatvegas.com/cdn-cgi/phish-bypass?atok=.nmon9InrSMRXW809pfxNgEHShLO02E7AxjJTaAgVg0-1701240369-0-%2F%3Futm_source%3DKlaviyo%26utm_medium%3Dcampaign%26_kx%3DLBFiFHLJS34Vl2-Qu32r3A%253D%253D.ThMDgH HTTP 301
    https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH Page URL
  3. https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://trk.klclick3.com/ls/click?upn=ywBj43t9mVZI2hb2gzrWFyzpWRRchB-2BgxE22QfFDaE67ufoUoE7xCWAe78B25o6ovc8kyU0ChiqddKZdvoOcIparL99MgslYwVHmlx2fGqumEzN6QK0v7EA4v-2FGItBwMov1TtkM-2Bp9RODlRiPuD9Ke7YxjSi6996SoMx-2FxO8Bng-3DQzxA_PoPSv5Gw7kvm-2FaTPf5isV0F8OzVemx3-2BMda5lKttFwV5hYNASaBIOvhduvo23ZgN-2F8HqQRRSFyPnwsEPnCA4w6P3MZBb-2Fu7ndoP5jkyHgtMDr0yhhETWo9sA2aHAdZFwxZBSPLP9vf206r6SEtgRmgV4rLlEoBSXqx6Y6gDJFfCfT6S4c8MyjEW4bDMCTeyaQuSP6hdjpN51jiaBXcyvFIo8R92Rj0OKuheTvTzD3cYFWelEnzgWRceMznQnSLqNkomGHCuNIJFNanWx5Cdw4HscpiGwnpozwbCfokPGWXwKb4lJYeDUatT0qYyvLWB5 HTTP 302
  • https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Request Chain 3
  • https://nightsatvegas.com/cdn-cgi/phish-bypass?atok=.nmon9InrSMRXW809pfxNgEHShLO02E7AxjJTaAgVg0-1701240369-0-%2F%3Futm_source%3DKlaviyo%26utm_medium%3Dcampaign%26_kx%3DLBFiFHLJS34Vl2-Qu32r3A%253D%253D.ThMDgH HTTP 301
  • https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Request Chain 5
  • https://nightsatvegas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nightsatvegas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Request Chain 7
  • https://nightsatvegas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nightsatvegas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nightsatvegas.com/
Redirect Chain
  • https://trk.klclick3.com/ls/click?upn=ywBj43t9mVZI2hb2gzrWFyzpWRRchB-2BgxE22QfFDaE67ufoUoE7xCWAe78B25o6ovc8kyU0ChiqddKZdvoOcIparL99MgslYwVHmlx2fGqumEzN6QK0v7EA4v-2FGItBwMov1TtkM-2Bp9RODlRiPuD9Ke7Yx...
  • https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8a7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f8065602aa6992fced3b4cb0bae529eb55d354c391421bffe12d284d3fbcae1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-ray
82d8e457bf3d1983-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 06:46:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXO4FK%2Bh9wnsV3Cn9ZrAjM7fQ2ZhDibHVW5IJac43jV832z9mwZr4HxrdlZJkrPnZ4M9%2BAbxGJFonCYtoefMl7mcnwaqwj5gfCB9lLdG0oHnQK486XzEOCqxBl7ETHtkC4UPgayIOkuh2MT5RZcQjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

content-length
136
content-type
text/html; charset=utf-8
date
Wed, 29 Nov 2023 06:46:09 GMT
location
https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
server
nginx
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-amz-cf-id
cCvmA3ek1EqmlapdQN4VB6kmDFYfS3ypUblvIFuG481nTEmmBEiP7A==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
cf.errors.css
nightsatvegas.com/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nightsatvegas.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: nightsatvegas.com
URL: https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8a7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
server
cloudflare
etag
W/"65568fe4-5e44"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
82d8e457ef631983-FRA
expires
Wed, 29 Nov 2023 08:46:09 GMT
icon-exclamation.png
nightsatvegas.com/cdn-cgi/images/ 		452 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nightsatvegas.com/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: nightsatvegas.com
URL: https://nightsatvegas.com/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8a7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nightsatvegas.com/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:46:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
server
cloudflare
etag
"65568fe4-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
82d8e4580f871983-FRA
content-length
452
expires
Wed, 29 Nov 2023 08:46:09 GMT
/
nightsatvegas.com/
Redirect Chain
  • https://nightsatvegas.com/cdn-cgi/phish-bypass?atok=.nmon9InrSMRXW809pfxNgEHShLO02E7AxjJTaAgVg0-1701240369-0-%2F%3Futm_source%3DKlaviyo%26utm_medium%3Dcampaign%26_kx%3DLBFiFHLJS34Vl2-Qu32r3A%253D%2...
  • https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8a7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94618a596a5ab52a7902260ba2898da02d21fcdea71be6c70189e045dc1f1b64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
82d8e4779dcb1983-FRA
content-type
text/html; charset=utf-8
date
Wed, 29 Nov 2023 06:46:15 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IglYwof4BbMS2JmyjJ5S88d%2BXDvegLjGfw7gPEGOdxh%2FHRiwfIHEBy%2FscqVbM9JrjwubUvn%2FjQF9bHLLan3GYM%2FBIuKIxQsGa731lRd62vr8OSKEEd4uKq809h7y88v2ttONuPPvxDXdWca924nakw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

cache-control
private, no-cache
cf-ray
82d8e4776dab1983-FRA
content-length
167
content-type
text/html
date
Wed, 29 Nov 2023 06:46:14 GMT
location
https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
/
nightsatvegas.com/ 		0
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Requested by
Host: nightsatvegas.com
URL: https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:8a7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
accept-language
de-DE,de;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Referer
https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
9BieLPVWyjnKXlefCsTXZpEus
7v8j-N48Pl7mV0eKwZUFuCUElrg
pe0oK1lAs17Z4xQIWUS7nHB-Alo
48343151

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 06:46:15 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UylmuGaLlC0M8mrtIgC6ARcInlas8Cf5Fymvqgr0zFT1%2FkQ4lsOWijHnY0CfXY0mPjFWlexqMVEKjwGPl3c5BLYNFUbhZ1yk%2B8smiAYNsrBhzf3I7qbv6cdsMv8l2%2FQtkdpJ2EjcvKtZpYXETgWNRg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
82d8e47ac9301983-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
nightsatvegas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 0F22
Redirect Chain
  • https://nightsatvegas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nightsatvegas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nightsatvegas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Protocol
H2
Server
2606:4700:3031::ac43:8a7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2aa1b88525dd39d875c22aa16ff6fb945ae7b9f0ed2f0a6cd8852d6798e459
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:46:15 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BgBFpA24i%2FBDJDgX9cW26Ubk25YIAfHlPSR9AW7QtE8k3Wcr%2Fy0BPDpTcRCwk8hf2t2ePYwygLa8eO3JEc76GLq1sw12pVGESnSy0fuKmn17ViL2pjHa21WceJo1WW5vU2BX6A2BUbt%2BInbvAB2Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
82d8e47af95b1983-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 29 Nov 2023 06:46:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksH4MXSBqVgZ%2B9TGhIhvoRjbCk9B%2BylBB8VqBa6%2F2ZMjhPgj3Up5D05k8Ba4lP4s9j2rva%2FrfLlaiRbvvAbtlWZAkMu7BpCt69MsaaAj3JTnMNC4PdbfdBHbq2tw7%2BkdZTUnWG6%2FgmzQ1okYTJCsUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
82d8e47ac9371983-FRA
alt-svc
h3=":443"; ma=86400
82d8e4779dcb1983
nightsatvegas.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 0F22 		0
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nightsatvegas.com/cdn-cgi/challenge-platform/h/g/jsd/r/82d8e4779dcb1983
Requested by
Host: nightsatvegas.com
URL: https://nightsatvegas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8a7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Nov 2023 06:46:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byUXI8IFzL1u5Qu0vnIXs73HTBHwqMHB%2F49bwzeOrzTBJTgn7WoAhNCnNZlETS0btjW71x37FrJdJKfuT4Sjoy3mBgG1wNJsjhuDLdpRcC%2F%2BwkX3bHJE2TxX4NA1t6DGTu34%2FyX%2FyNxaP36oqAR3Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
82d8e47bcb7cbb67-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
nightsatvegas.com/ 		2 KB
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Requested by
Host: nightsatvegas.com
URL: https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8a7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2381d434656c1ad629ae513a81221e680dc734ae3c8fb1d3f072f1ccaa625787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82d8e47bfba1bb67-FRA
content-encoding
br
content-type
text/html
date
Wed, 29 Nov 2023 06:46:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8f33jl%2BGMEGPtLM3jB1Kof3Q7NUIrdpIcu2pZaGN4slLKFor%2FJltPoyi8tDy29pgmJyj18YEspus%2F1hZCZRdSjuJ6iaz%2F0BYltU6xWR4beVXd01s8hvrQLQ5MzYYZfLx6g2MDo7GQyQj1FaXhipfCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block 1; mode=block
main.js
nightsatvegas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 8C9B
Redirect Chain
  • https://nightsatvegas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nightsatvegas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nightsatvegas.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Protocol
H3
Server
2606:4700:3031::ac43:8a7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
346ca050d5a2be0506d5fe51ed1ba5f9d274f8c13ba75bc998034fed96ef5ac3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:46:16 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIjPxrlLAnl%2BZKtEDMsT5lx90zMXCnN5PeoiHr7KZU1L31QbxcqI1hA2ZVcmwXqpRn2is9NEojiR8GKwBScTP61QzEbo%2FXBbYYprjZS3RJSpUxPK0SLr54iMt14%2FUDOzphL5NHtHEhkrHG5tFlITrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
82d8e47fcea5bb67-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 29 Nov 2023 06:46:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQDTD5GMVMljD3aD5zANz9Ox%2BKu%2FDTQ0pnkSjEfLyQv1B1aIAPgsEPG6ZTcoj56aS2jQzH0O0HOuEilOzQwwnwvvGPqmduvD2No42%2FlYumjSjaubTA%2Fc7i2u377t3GiWU2xwIc21Lyx963jfTZ20WA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control
max-age=300, public
cf-ray
82d8e47f9e8ebb67-FRA
alt-svc
h3=":443"; ma=86400
82d8e47bfba1bb67
nightsatvegas.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8C9B 		0
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nightsatvegas.com/cdn-cgi/challenge-platform/h/g/jsd/r/82d8e47bfba1bb67
Requested by
Host: nightsatvegas.com
URL: https://nightsatvegas.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:8a7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Nov 2023 06:46:16 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgdeioYzfwITSLzap0%2FBr%2BZdPxLoaqFqJvQUaQGQofvHJTC9UxW4EfUnijKUBqZEtv5EJs%2B52g%2FDzNgAEveMA1hDej4e8CeinBDgv5iIyX6f2m7pDUO52%2Bd%2BlSkE3RZNzLIZu47zkJKB4IShGgSbBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
82d8e4807f2bbb67-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

12 Cookies

Domain/Path Name / Value
.nightsatvegas.com/ Name: __cf_mw_byp
Value: .nmon9InrSMRXW809pfxNgEHShLO02E7AxjJTaAgVg0-1701240369-0-/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
nightsatvegas.com/ Name: LJYDdL9fArPhlg4L5xNlCxFT8xM
Value: R80zq-r5bg0yMvdQYU-ydYbVswo
nightsatvegas.com/ Name: pttJILRns8gMjOaUuavdOOpG5-w
Value: 1701240342
nightsatvegas.com/ Name: 2ROHJYs6GIpj4KHp2NOlNXG78yY
Value: 1701326742
nightsatvegas.com/ Name: q5vrGV-jFQlhptW-NyuNxMon620
Value: WOJh8jWnGEsv4dmUhhHM1O7RgkE
nightsatvegas.com/ Name: YwRM94TzwDDHYaYEkHQAqJOEUO8
Value: Fa8MOkDEEGr_6bKDXPV9CaC-0yw
nightsatvegas.com/ Name: G9vDG3MjvrfAN2xVj1UiAvFYZdg
Value: oZBJS2s6bHkLWB_KhlUn5dfYruY
nightsatvegas.com/ Name: se0ipAJAxSl-v_zEb-6YGO3-Ags
Value: 1701240374
nightsatvegas.com/ Name: 3-AiG0gX8CNwRP0fL_MZ6K2Gv6A
Value: 1701326774
nightsatvegas.com/ Name: TU9gGwzpdG2tUsO73dK6D3X1l3A
Value: 17YStFdwsRVkKHAmHvyK5D7uBSo
nightsatvegas.com/ Name: ZoAb881iRCLKFKAA1twANqYHzvM
Value: Wsr-zRqbYNcmQ3lnEPjBZQCb0O4
.nightsatvegas.com/ Name: cf_clearance
Value: FLuqEusTkjPV4TbfGqLARSgKhl5bBccVFSAluSUxX0k-1701240376-0-1-6da694b8.ded95221.e4dbb3e-0.2.1701240376

2 Console Messages

Source Level URL
Text
network error URL: https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://nightsatvegas.com/?utm_source=Klaviyo&utm_medium=campaign&_kx=LBFiFHLJS34Vl2-Qu32r3A%3D%3D.ThMDgH
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN