|var _enxt = _enxt || ;|
|enxt.src = '//versahq.com/api/v1/enxt.js'; var k = document.getElementById('enxt-script');|
John, I am curious what the next.js file is. I am researching some proxy traffic for my organization and we are seeing requests for "http://versahq.com/api/v1/enxt.js", but we are not sure what site is requesting this. The users did not manually request this traffic, so likely someone is referencing this URL somewhere. This seems to be the most likely place to request information as to what this is doing and why. We are attempting to identify source to determine / rule out whether it's malicious or not. Thanks for your help. --jl
Never mind, I found the referer. It was thehill.com. The versa page is 404 though.....FYI.