www.cyclonis.com Open in urlscan Pro
18.172.112.42  Public Scan

19 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=121120&time=1731960296878&url=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F%23 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=121120&time=1731960296878&url=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F%23&e_ipv6=AQKaAl4HiGzAQAAAAZNA4NaRN0RTyhpNUTgo83bRGfZQ_Okm3cPIOoyzgdaem-qnz_QsD_zfV7k

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/	58 KB 13 KB	379ms 210ms	Document text/html	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash a40d25b86fcb17152b7bb644494d5675b5569fccaf7f783b48ec2584535ab141 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html date Mon, 18 Nov 2024 20:04:56 GMT etag W/"f4732dfffa547ccfbc8e5a99ce9abece" last-modified Tue, 20 Feb 2024 14:33:49 GMT server AmazonS3 vary accept-encoding via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-cf-id 7-tTfMtsG2n_v-fzmwxubmK3CdNsinuiBOTk4nTdwocchbjuiDyuOw== x-amz-cf-pop FRA60-P8 x-amz-id-2 OMvrJNoDiNMj72VOB0JjlO+t0MBOCWePIZWBiIoI6zATuqWRSO4hNpTIDr7ZVOuMVG3/IDTc74c= x-amz-request-id YNZN41ZNVC9334WZ x-amz-server-side-encryption AES256 x-cache Miss from cloudfront
GET H2	200	bundle.css www.cyclonis.com/wp-content/themes/default/css/	360 KB 87 KB	59ms 57ms	Stylesheet text/css	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.cyclonis.com/wp-content/themes/default/css/bundle.css?1708346373 Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 6f7c5bfa1f98313b72bbb4d6f69107382f0f8c4d31408100fd5596922ee6462d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"7d2eae099aff663c1bbae354d8f79857" age 990 x-cache Hit from cloudfront x-amz-cf-id 69EB2RZd_dRk1_fY9U080m7vfG26pdxrbawlDgmaZ9QMkSnZIfHjzA== date Mon, 18 Nov 2024 19:48:26 GMT content-type text/css vary accept-encoding last-modified Tue, 17 Sep 2024 12:29:59 GMT x-amz-id-2 j0bS70RJBof0D4LNWbF5PAEwnlL5bV0EenpiUiTgEltyFplJRXdmHrl24t+Tv9T0slja/JURj0k= cache-control max-age=3600 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id Q43G2V77WCG1FCRH x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	blog.css www.cyclonis.com/wp-content/themes/default/css/pages/	6 KB 2 KB	75ms 74ms	Stylesheet text/css	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.cyclonis.com/wp-content/themes/default/css/pages/blog.css?1708346362 Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash e6daabfd88febf51b431637ab757f281673764a0e998df71bc7ae8d7b48290ff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"fed89198f335541c188d12f06a6a7125" age 990 x-cache Hit from cloudfront x-amz-cf-id UPGeTpQQC8IdvsYC7ORZWnj26zRoBcW9LnOnwVDay56Jo7nxQp1pbQ== date Mon, 18 Nov 2024 19:48:26 GMT content-type text/css vary accept-encoding last-modified Wed, 21 Feb 2024 12:08:27 GMT x-amz-id-2 qJZPs9CwYBuHsGGVttKbzyvWq7uteVKLD4kMY1+B2GjIq4rakWSrFOeK2n57J9HuTaH6sH8Weh4= cache-control max-age=3600 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id Q43Y8H6G7ZRBRJXX x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	binghijackers-765x510.jpg www.cyclonis.com/images/2021/05/	35 KB 36 KB	225ms 224ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/images/2021/05/binghijackers-765x510.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 531ee1921beb030080bb426817a6bb57b5231614d2e6b6262139e238d1703aa6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers cache-control max-age=16070400 etag "4bee30960fb887ff0ef6827e094f5689" via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id YNZYPNY1QJSBDMMQ accept-ranges bytes x-cache Miss from cloudfront content-length 36116 x-amz-cf-id -3zyKxhIAv012qfpzpKv4HBoG5w16mWB9rKhSdKv5V3RZI3s4P8gTA== date Mon, 18 Nov 2024 20:04:56 GMT content-type image/jpeg last-modified Tue, 29 Mar 2022 15:47:11 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 x-amz-id-2 3P4sOU2L/jqH/tDqsh/3FX2JTkh8pjVQtNOX+3teIxUuJtVAr2vSc9mmfAFiTIrsd+sPdQ87OYw=
GET H2	200	exit-popup.js.php Show response www.cyclonis.com/wp-content/plugins/exit-popup/js/	24 KB 5 KB	88ms 87ms	Script application/javascript	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.cyclonis.com/wp-content/plugins/exit-popup/js/exit-popup.js.php?v1=1708346355&v2=1707994700 Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 4f741f183185b16c1e126b2d61e695b85be21d53e3eccdbc7787c1b0df1d2eae Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"3d67798aef0a53f1a0b09f89dc242883" age 2743 x-cache Hit from cloudfront x-amz-cf-id XJMVscYHSQ4xslNIAfwSHn4wD6YegF7xACzSPGceMs92UOmoUObCFw== date Mon, 18 Nov 2024 19:19:13 GMT content-type application/javascript; charset=UTF-8 vary accept-encoding last-modified Mon, 18 Nov 2024 13:13:11 GMT x-amz-id-2 bkz08bQWmaPnJ/aIXhWZvojTSjOZrNaCT1B+eMLtXpVxXO3IGQKq0Em/bbIfKVnlWHhVfUty8aw= cache-control max-age=3600 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id 4XEVVWNNSGJ7C8V1 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	script.js.php Show response www.cyclonis.com/wp-content/plugins/rotatead/default--en/	576 KB 20 KB	78ms 77ms	Script application/javascript	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.cyclonis.com/wp-content/plugins/rotatead/default--en/script.js.php?v1=1708346355&v2=1679479249 Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash d3a46aa3d6eb9625a20739f191103d7542521467d77d0400979546523a524c82 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"2e448cf6a3d708fcdab0874b29d44bf4" age 2752 x-cache Hit from cloudfront x-amz-cf-id QKQ4xzn_G2OgGsxSF_QukqmPhPqHGwqXjLr7GN1ARe8cnQLSPBprYQ== date Mon, 18 Nov 2024 19:19:04 GMT content-type application/javascript; charset=UTF-8 vary accept-encoding last-modified Mon, 18 Nov 2024 13:13:12 GMT x-amz-id-2 59xzCMFrBx02DBpMOAcPshnetzJpSk+Y4RbICl6/BvI9HvcKOjmMDucyCzGCr9ruZYZbl4oKU/g= cache-control max-age=3600 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id 4XENAKWQM8FB84G8 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	bundle.js Show response www.cyclonis.com/wp-content/themes/default/js/	64 KB 16 KB	88ms 87ms	Script application/javascript	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.cyclonis.com/wp-content/themes/default/js/bundle.js?1708346373 Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 658ae2ca9a8a1b4ba5f6377846ffb011d3026aa7e5bba5de5008ca3cbf8e01ff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"6095242c6defedf9672ea3d6e1b949f8" age 990 x-cache Hit from cloudfront x-amz-cf-id _S0YmcS8F8ba8_qWwUUax5EVI3J6WZqGqSe6TpJXkBOmv_q1-odwJw== date Mon, 18 Nov 2024 19:48:26 GMT content-type application/javascript; charset=UTF-8 vary accept-encoding last-modified Mon, 18 Nov 2024 13:15:05 GMT x-amz-id-2 NLCUpNfpKR3MwfeXX9pSDttiZ8osVjyeWSMksDsYJSqMYb2ogLfI318g6xziJxokwnsRGOpofG8= cache-control max-age=3600 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id Q43SRB5C053K2285 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	ddt6yri.css use.typekit.net/	3 KB 952 B	290ms 108ms	Stylesheet text/css	2a02:26f0:780::210:a480 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/ddt6yri.css Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software nginx / Resource Hash c9b1c56c64b428544d65758b8d639b0492df0310c9c788203d3d9164de653711 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; cache-control private, max-age=600, stale-while-revalidate=604800 timing-allow-origin * content-encoding gzip cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 729 date Mon, 18 Nov 2024 20:04:56 GMT content-type text/css;charset=utf-8 vary Accept-Encoding server nginx
GET H2	200	gtm.js Show response www.googletagmanager.com/	301 KB 105 KB	272ms 93ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NBRCHSV Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ac8bdeb2c75b27b121563fc24daa9d8242e3a4558edbde8e37325edba3e996cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Mon, 18 Nov 2024 20:04:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 18 Nov 2024 20:04:56 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 18 Nov 2024 18:32:11 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 106421 x-xss-protection 0 server Google Tag Manager
GET DATA	200 OK	truncated /	331 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3ea7176956a0b26257da1cc24efe8ce2a02ec023658b1a7a6cad49673c8634b8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	600 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash de09822fbabc8d70afe9ce25da49c7a8106a07728138135c4f0de12aec7dc4f2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H2	200	flags.png www.cyclonis.com/wp-content/plugins/Etranslate/assets/images/	20 KB 21 KB	58ms 57ms	Image image/png	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/plugins/Etranslate/assets/images/flags.png?v=3 Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/wp-content/themes/default/css/bundle.css?1708346373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 4ae693ab06968b7fd084e3f6b1c6357ac5df4ab686cf7c57ef22f5bc3bccee27 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/wp-content/themes/default/css/bundle.css?1708346373 Response headers etag "9397005d3df8300f060721d5e78f8e12" age 15412 x-cache Hit from cloudfront x-amz-cf-id MLVYwwyu6rvlegeypPaBLNfE3jWfV7OTHB8hS2NXG40kFzlH0SqhKA== date Mon, 18 Nov 2024 15:48:04 GMT content-type image/png last-modified Wed, 21 Feb 2024 12:08:31 GMT x-amz-id-2 LisZXQoIWx6YFSKETgzEu+rZb/PEEFhfyqDSWDKAxZLlu9kWcr6BbnMiyHC0DmkMWPfR9iYCVB/Xcip6o4sxNxeK9nGW7hoHDpcEWZQIwOg= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id GGQX3RFHGC53ZFQ2 accept-ranges bytes content-length 20504 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	covid-19-coronavirus-outbreak-map.jpg www.cyclonis.com/images/2020/03/	137 KB 138 KB	178ms 176ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/images/2020/03/covid-19-coronavirus-outbreak-map.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 95b31ad5e643d1a75759dac3d3a6492f06efb75ae8d4f62cf0bb3fe5967da99b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers vary accept-encoding etag "00340ef5f5e81bff5034c404d52f5b5a" via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id 4V7GACRWPZA0V5J2 expires Mon, 11 Oct 2021 13:34:27 GMT accept-ranges bytes x-cache RefreshHit from cloudfront content-length 140373 x-amz-cf-id N37LlwYuu8FfqU0eWW7JFxVmhpsyVyYIuBY12Dryy0eTuNzTPD8_sg== date Mon, 18 Nov 2024 20:04:57 GMT content-type image/jpeg last-modified Mon, 04 Oct 2021 14:01:37 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 x-amz-id-2 MiZD4V081pYAQT6QS9B4VbsEhYMbn4Mm+y3U/CrUao+RbToPtvuXJi/6woX0hSiVCc8dBWfz35w=
GET H2	200	creamfinancehack-70x70.jpg www.cyclonis.com/images/2021/09/	2 KB 3 KB	134ms 132ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/images/2021/09/creamfinancehack-70x70.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 98db210b6713526eeb7480fcb27849d417d1e11c618973da9ff2fd0e9d5babcf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers cache-control max-age=16070400 etag "c8610361c8cbaf2ac2c34c69add4c498" age 15260 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id XQEQEQY0WRZJM89N accept-ranges bytes x-cache Hit from cloudfront content-length 2531 x-amz-cf-id ljfhaw5rJtBJahCuODeckx3jbXdLh4Pvyi3UB5IvqYx5aIRHGgkkZA== date Mon, 18 Nov 2024 15:50:37 GMT content-type image/jpeg last-modified Mon, 04 Oct 2021 13:31:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 x-amz-id-2 XiEEDXeo6LGe4QsshoB2OXKlOvRj+Miy/bUbUwo79zvkrZ0dgeAn+uICxbY2A9bGMt0yBm0rfus=
GET H2	200	trojan-horse-70x70.jpg www.cyclonis.com/images/2021/08/	3 KB 3 KB	59ms 57ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/images/2021/08/trojan-horse-70x70.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 65e1b3ba9373a641c0cf3d6b84a1dc92fb2a2f8b49330e3616276f9c75d13309 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers cache-control max-age=16070400 etag "585da5797f08c928b624b50ee051a717" age 15260 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id XQENPJXRVFEJCP5J accept-ranges bytes x-cache Hit from cloudfront content-length 2648 x-amz-cf-id AKa37Tqfuc1epDgE4YneWoW5sNSsiX3pyDff_0MF2-pwsw7I49EP8w== date Mon, 18 Nov 2024 15:50:37 GMT content-type image/jpeg last-modified Mon, 04 Oct 2021 13:30:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 x-amz-id-2 4d45yO6hT+gFOfh73ZKTWXxT6fvuQBxZspffnTuaAB5wMQ327+vB8P7sF2Q/rZt/CS6YiZYU3XM=
GET H2	200	ytsmxads-70x70.png www.cyclonis.com/images/2021/05/	4 KB 5 KB	71ms 69ms	Image image/png	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/images/2021/05/ytsmxads-70x70.png Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash a98383e52be002d2a91a306307ec184693af11e0005cecaa6295be5825b6d4eb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers cache-control max-age=16070400 etag "f5301d9d65690bc9c6f5bbd8c064e3f9" age 15260 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id XQEKTBY17SKVEPAY accept-ranges bytes x-cache Hit from cloudfront content-length 4322 x-amz-cf-id 8OUDWkXgOdo7P42xeLa6TFD4Nk3UXndZv_Vizkh8Zh0v_h2BTFOITg== date Mon, 18 Nov 2024 15:50:37 GMT content-type image/png last-modified Mon, 04 Oct 2021 13:29:16 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 x-amz-id-2 uXjS9N3fUi8DrdyFFOcmiLN247Jd2cqy1mG0jv+dRu2QTK6MqpkR+T2XvIKCMcTu6sy6eqEn9oA=
GET H2	200	iphonebootattack-70x70.jpg www.cyclonis.com/images/2022/01/	2 KB 2 KB	71ms 69ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/images/2022/01/iphonebootattack-70x70.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 92ecf68993eefcc28a1fab01d85243a9b250adf18e63e7b8cca2c15f821207e7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers cache-control max-age=16070400 etag "ddfc05a912e9a8ddb02a6bd6c817b709" age 15260 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id XQEQNBAX84VBD3HB accept-ranges bytes x-cache Hit from cloudfront content-length 1885 x-amz-cf-id ZAil7lv48wNxJX_wXdGrIUhXklN1iIGN2Gtf4erL9byVufHtQ1YBgg== date Mon, 18 Nov 2024 15:50:37 GMT content-type image/jpeg last-modified Fri, 07 Jan 2022 17:10:14 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 x-amz-id-2 WgC9K86z3JjdJbPa9CA3r4dAh8WV51hLvSJsyH/ivBcBHbbhxy3BavR4QJh7pYIh347rSiVxGIw=
GET H2	200	ransomware-lock-381-150x150.jpg www.cyclonis.com/images/2023/07/	6 KB 7 KB	70ms 68ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/images/2023/07/ransomware-lock-381-150x150.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 16f06d57eff3be4a1a96ee1ffeef659850413ad3346153af2c1e63bb506dc92d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers etag "981c435af63d28659bb2d9c691ae58fe" age 15260 x-cache Hit from cloudfront x-amz-cf-id _bz8NXWf0r0fQXimAMEfL6xOmqfWj2OCz2fUZxvpHZI4J6JfDEMCAA== date Mon, 18 Nov 2024 15:50:37 GMT content-type image/jpeg last-modified Wed, 12 Jul 2023 17:32:05 GMT x-amz-id-2 R16GLCwt4fWrPqs+DuAVllWGo13YIQiJ+Pr5+TNtTSQfWCKrnh8eh2DZTMoDvUWw/2hvZtq8VwY= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id XQEQ2K24E0H5TCC9 accept-ranges bytes content-length 6482 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	pop-up-warning-360x244.jpg www.cyclonis.com/images/2022/04/	20 KB 21 KB	192ms 191ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/images/2022/04/pop-up-warning-360x244.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 8d549c0e3c416ac52af4df827d423c421c9bf9a391b0e4330a698c94e6299157 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers cache-control max-age=16070400 etag "89994dd972a95a00bebe885d3968ad9c" via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id T1FJQ6B3E0009S99 accept-ranges bytes x-cache Miss from cloudfront content-length 20770 x-amz-cf-id hrOz1Zt3RR19Ubpggo8cKSr_lpGDYAmkBFES0QIuLVEA__oay_oJFw== date Mon, 18 Nov 2024 20:04:57 GMT content-type image/jpeg last-modified Thu, 14 Apr 2022 16:13:57 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 x-amz-id-2 GYMErXjSdLOJCVBXq6flOug4h3U5AV34HsgH2tWuk3+iUeR1O616Mw0vgeopqQx6+DStZIQHozk=
GET H2	200	browser-hijacker-5-360x240.jpg www.cyclonis.com/images/2022/01/	12 KB 13 KB	193ms 192ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/images/2022/01/browser-hijacker-5-360x240.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash d3b90816c8cc096c9150aeb3d0c059ee596f785301bb99f225205703854f4dca Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers cache-control max-age=16070400 etag "257642a2ef94d00e91fcdcfd5643ff28" via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id T1FW7BZRCJ9ZTHN8 accept-ranges bytes x-cache Miss from cloudfront content-length 12582 x-amz-cf-id PMaQZkJlWFpYda1DvxgGoFkLOFs5QGw7-8rUulzWhAiKrxk-vaIj0A== date Mon, 18 Nov 2024 20:04:57 GMT content-type image/jpeg last-modified Tue, 04 Jan 2022 16:45:43 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 x-amz-id-2 oiQ06siG5b60ydSDe7dO86i5W2hhs/5fsUnqivwOZlx+cfzbrMSpQotRQ1IWKhU8fv9i0kzhBd0=
GET H2	200	s3amazonawscomredirect-360x240.jpg www.cyclonis.com/images/2021/05/	16 KB 17 KB	238ms 237ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/images/2021/05/s3amazonawscomredirect-360x240.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash fdec806613a95600a95643d8ebcead2a6e3f1b411a4bf9b858add0a78a1a1e34 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers cache-control max-age=16070400 etag "4662da606bd5885c288a8ce4f2120674" via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id T1FK4BENB07HZCXP accept-ranges bytes x-cache Miss from cloudfront content-length 16536 x-amz-cf-id iThv2X0WEmDFBsDF-aeFO5mRb31hsCBvntiEaFpcwwy2-kQifgTlQA== date Mon, 18 Nov 2024 20:04:57 GMT content-type image/jpeg last-modified Mon, 13 Dec 2021 16:58:48 GMT server AmazonS3 x-amz-cf-pop FRA60-P8 x-amz-id-2 vxCoUoqWFJ7DbfqKkXS+QOgLMekflEYvVOBTm7nUlr7PdC/pnXgBKmXGacze48E4GYPEdlCPtks=
GET H2	200	face-750x327.jpg www.cyclonis.com/wp-content/themes/default/images/banners/2023-02-28/face/	11 KB 11 KB	109ms 109ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/banners/2023-02-28/face/face-750x327.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/wp-content/themes/default/css/bundle.css?1708346373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash ca1cd6edc3d30d0f343e97fc7ef1f1845f64e7efc6adcaf6cf408b88af482efe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/wp-content/themes/default/css/bundle.css?1708346373 Response headers etag "f5887e7422ee7343ceec56c5a3ce277a" age 13764 x-cache Hit from cloudfront x-amz-cf-id wOXRkIU3TJATtuEgcLJKU1_g0nKbwDf9-iuSC_FgHB2MjXuXLnAIRQ== date Mon, 18 Nov 2024 16:15:33 GMT content-type image/jpeg last-modified Wed, 21 Feb 2024 12:08:09 GMT x-amz-id-2 Rk6IjMEqBL2DOrpbsXN9BRP1rmY8nG3lSWIsQVfGrtJdVp5c/xmXQKGIu8dos3I5W3v3KMKDKM8= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id K5T58BHKTXYQX0DE accept-ranges bytes content-length 11146 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET DATA	200 OK	truncated /	835 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a28f523b71f39a7cf6724c0c48dbaee7fd98dda1e9d1b5f6f2bbaca7683f8d1a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	655 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8487075861356f3db8b150048001f1f9f98d9f1b69de3a184bf6e4a68c5386cf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	714 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0bdf9fe04d456ca137c1650a9ed4e54ea9f5cf4716afdfed97c95192f15539a1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H2	200	youtube.svg www.cyclonis.com/wp-content/themes/default/images/main/icons/social/	555 B 1 KB	88ms 87ms	Image image/svg+xml	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/main/icons/social/youtube.svg?v2 Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/wp-content/themes/default/css/bundle.css?1708346373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 768bdb94ed0ba82fc0ea22254fb006719c2003f2f6fba62b237b2f6f379309c4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/wp-content/themes/default/css/bundle.css?1708346373 Response headers etag "73eca9782804d3759aea347a2f70314f" age 15550 x-cache Hit from cloudfront x-amz-cf-id gbkH8fGMPKYxvtXsU1E_EpVJxnGsT9D-0l1dRHOPW3IAPNhUVKVlOA== date Mon, 18 Nov 2024 15:45:47 GMT content-type image/svg+xml last-modified Wed, 21 Feb 2024 12:08:25 GMT x-amz-id-2 OJIn0OPMzU8iuLaRdC+q/+HnqoEzrTgqm7tVgtClg5N7QaHswJ/yzrqvHIdwZdQ1hc6pqpA5Onc= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id AFFECK3G3B1MB3B0 accept-ranges bytes content-length 555 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET DATA	200 OK	truncated /	418 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 58ab5ed053cac32b1aeb1457dee8db3e89334e7aa4c7a00d2b313741de838898 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	326 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2ebd66102d1cabeac3c438da71fca40956b9ecbaa04c758212cfce63b13eb36c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H2	200	logo.svg www.cyclonis.com/wp-content/themes/default/images/main/	5 KB 3 KB	86ms 86ms	Image image/svg+xml	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/main/logo.svg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 8cb3690ddeeddcc2a682dc8d29c971d9fc366ce11732cc8d5276c1d7cc28adc2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"0b3b2d8b533ca5a7d553c28c680da2dc" age 15550 x-cache Hit from cloudfront x-amz-cf-id J5GIoNEQhttfwhaZasZOBBjFTWmQ2dHtiJKrTXq0lNnwoSt6v7OxEw== date Mon, 18 Nov 2024 15:45:47 GMT content-type image/svg+xml vary accept-encoding last-modified Wed, 21 Feb 2024 12:08:25 GMT x-amz-id-2 JLdKk5qifU14/Yoekp29UYb9LFIzamxQhSr3E0h6QcMvBOibmAV9BWYuJEaCht96EUwCLF2D11c= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id AFF1NNCNMRP22V01 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET DATA	200 OK	truncated /	244 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c1026fb09e2a8621b0fa5ccd4f3c8249456767a5ea3fdc5ae8f341cd74a0c7fb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H2	200	backup.svg www.cyclonis.com/wp-content/themes/default/images/main/cyclonis-backup/	2 KB 1 KB	76ms 74ms	Image image/svg+xml	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/main/cyclonis-backup/backup.svg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash f32dad023faebb62410971305bca111e0e42b8611406e91e82c0369c2ee02967 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"1c40e1fecc4cd0b8309d3bd306666ed0" age 15550 x-cache Hit from cloudfront x-amz-cf-id vnA7HedKfXdwYukvGBodXjHsUovjmLlRGhuTG2hWaAsnaZdYwSlpDw== date Mon, 18 Nov 2024 15:45:47 GMT content-type image/svg+xml vary accept-encoding last-modified Wed, 21 Feb 2024 12:08:25 GMT x-amz-id-2 hIaux+TqHHlHRNdec0chp5G7i4/zCgPxRY1d+huLjWWiw+fWUMR3GNDw9UHIONeFwTKvpq2qCsM= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id AFF7E6V5K8BS02S1 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	CPM-blue.svg www.cyclonis.com/wp-content/themes/default/images/main/password-manager/	3 KB 2 KB	73ms 71ms	Image image/svg+xml	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/main/password-manager/CPM-blue.svg?v=2 Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 6a02b8b9cc75b6cf098d0cfabf997fe1477b9efaff4e5055d005e077295514c5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"05787b09fe32efb7eb302a50d301c033" age 15550 x-cache Hit from cloudfront x-amz-cf-id h5PQSbIHhjR55mEWRJZZyjygci1y8aLCYgRFVWa4qCrccHSRQzIvhw== date Mon, 18 Nov 2024 15:45:47 GMT content-type image/svg+xml vary accept-encoding last-modified Wed, 21 Feb 2024 12:08:25 GMT x-amz-id-2 EsGRkvyn23gJF2VBAVG1aMjazzXmS4z1rXmsoQSBSVBrwBQG1U85yHXi34qO8008GbvUPji4TZI= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id AFFF7N8TC05022QQ x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	cwt.svg www.cyclonis.com/wp-content/themes/default/images/main/world-time/	2 KB 1 KB	68ms 66ms	Image image/svg+xml	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/main/world-time/cwt.svg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash b864439813f3427a9131a8486a92216da817c0862d31f56e847b06b6d0d5d37e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"cfc947428c358adf0c481fff1a5fc1b2" age 15550 x-cache Hit from cloudfront x-amz-cf-id JA2dncq55UU9nMAsDzDcJ-CxbfBckqO7WR-piKfjFPApmDLTSSKdrw== date Mon, 18 Nov 2024 15:45:47 GMT content-type image/svg+xml vary accept-encoding last-modified Wed, 21 Feb 2024 12:08:25 GMT x-amz-id-2 NT9ddV5pGYYaubGDiRnJ1luAtR07+WC3vy2qzeiMihnaOC+htr+v7JRWDt0tcswvFSdSliItrPc= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id AFF7C36Y3Z50RD0Z x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	company-blue.svg www.cyclonis.com/wp-content/themes/default/images/pages/company/icons/	2 KB 1 KB	67ms 65ms	Image image/svg+xml	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/pages/company/icons/company-blue.svg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 7488f2006e17c84efc8087b07436668662b913b11cd0c4f4f79c3e28dd62a3a8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"6eb5d9ed445371238acedd25ed803c09" age 15550 x-cache Hit from cloudfront x-amz-cf-id U-1Pm5kolPYytOVLPKfEqPH0THWBCVD0qiVfM8MdvZj092Xi55cV7g== date Mon, 18 Nov 2024 15:45:47 GMT content-type image/svg+xml vary accept-encoding last-modified Wed, 21 Feb 2024 12:08:26 GMT x-amz-id-2 L1U8KO248ex51jnF7lOeCNJJyy/zSEY6/U2G85fkTWyePL/Y6a2MnHmSOLBSoZcH7Mqog4YzwWei/sr87UUK5o/cYg3DVdvfKMNzlZYZaGw= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id AFFC712KTJCNDA4V x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	contact-blue.svg www.cyclonis.com/wp-content/themes/default/images/pages/contact/icons/	284 B 767 B	68ms 67ms	Image image/svg+xml	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/pages/contact/icons/contact-blue.svg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 22e02e389c55f576750d892516f77893f50c652572593f1e0d7b421473c12d43 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers etag "a54ae17f35efb8d3b527c42554b3fd1d" age 15550 x-cache Hit from cloudfront x-amz-cf-id tvwlAe3zllrcXNPj3Sd-d1tRYwkq5YxyEN6Z6kKgwKqiRx5xzpCrgQ== date Mon, 18 Nov 2024 15:45:47 GMT content-type image/svg+xml last-modified Wed, 21 Feb 2024 12:08:26 GMT x-amz-id-2 76VBBSKwRN2N5/aXN2XpzibXJ/VlW63nYixbBre7laX3i0csvDoodBDV6543aQx4R5Mh3aC5yvc= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id AFFCENSWNE2BQF6D accept-ranges bytes content-length 284 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	sponsored.png www.cyclonis.com/wp-content/themes/default/images/banners/	1 KB 2 KB	81ms 80ms	Image image/png	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/banners/sponsored.png Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 0a3f66ec8d37fe00940e8cfebd62af0d18b7e3ff09170096e1779a8971020948 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers etag "3159dfdd116bd98c8fe1519f6270e9a3" age 15413 x-cache Hit from cloudfront x-amz-cf-id PP0JLk4Zv4UZpR7P2fqQUBg0ai8yK9Zhos_nwF8U2qXPNH9dNb8mIQ== date Mon, 18 Nov 2024 15:48:04 GMT content-type image/png last-modified Wed, 21 Feb 2024 12:08:24 GMT x-amz-id-2 eU+G5vrYu0Ch/YMqK+pG7J19CPN/KvMLOdDLPJEyOxpz+X2ruN17N75n8IhBDuCk7tfqc25uvuE= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id GGQNGDP1AXVBS9XB accept-ranges bytes content-length 1362 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	404	logo-full-black.svg www.cyclonis.com/wp-content/themes/default/images/main/spyhunter/	33 KB 33 KB	399ms 397ms	Image text/html	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/main/spyhunter/logo-full-black.svg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash cd3e4c741bf567fdb0eee2e8c16110398b19fe21a9a92cb51db6a2892719947f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers x-amz-cf-pop FRA60-P8 content-encoding gzip etag W/"0085a2a513f98bad07baf15fcae4552b" age 15802 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-cache Error from cloudfront x-amz-cf-id wsmGvlALO964SGaXIYzs2Rcb8VHqgbALW47fZd4_d8AtFkgDuMzH7g== date Mon, 18 Nov 2024 15:41:35 GMT content-type text/html vary accept-encoding server AmazonS3 last-modified Mon, 18 Nov 2024 13:35:11 GMT x-amz-server-side-encryption AES256
GET H2	200	logo-windows.png www.cyclonis.com/wp-content/themes/default/images/banners/sh/2020-06-25/	8 KB 8 KB	84ms 83ms	Image image/png	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/banners/sh/2020-06-25/logo-windows.png Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash d166699a4c369c473999e9e982119758a6353f22a84e8a398d92b3fcb81d26c5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers etag "0ec1ab5aa3139441934d7b25b7e6326c" age 15466 x-cache Hit from cloudfront x-amz-cf-id rH13w_xOrHnZh6mdGeIYB5zM3HRBdjd9MxkzCCgIZsWX6rvcKeVinA== date Mon, 18 Nov 2024 15:47:11 GMT content-type image/png last-modified Wed, 21 Feb 2024 12:07:49 GMT x-amz-id-2 hRvC4p2GWD86eN+/G/9eolCBbXj4VOM4KJ8hPYjnFOpVqIrwBVfcbmp5lPG4d6N9hLL88INJAg0= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id ZYSS547FFW020HVH accept-ranges bytes content-length 7910 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	gui-win.jpg www.cyclonis.com/wp-content/themes/default/images/banners/sh/2020-06-25/	12 KB 13 KB	86ms 85ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/banners/sh/2020-06-25/gui-win.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 887fd0777ff3f27c963095e5f5930072f063350c71a948e5151748fb042ad2d3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers etag "26b834f187efa078b487e7dd731779ea" age 15413 x-cache Hit from cloudfront x-amz-cf-id ssdR74IU10GrqdlVLBjsK07l3WpZ72wu3pOhlNR-wN13YexBvI_fKw== date Mon, 18 Nov 2024 15:48:04 GMT content-type image/jpeg last-modified Wed, 21 Feb 2024 12:07:49 GMT x-amz-id-2 bxy57sKjDLsfeHGplHBeP37+PfIk03WfiUeVtQ18VKhpqxgcjn9Gmca7sffR1s6q1y+/AUhd6NQ= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id GGQMAHTHFAE5Z9F1 accept-ranges bytes content-length 12615 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	get.php Show response myaccount.enigmasoftware.com/tools/ip2country/	2 B 753 B	702ms 418ms	XHR application/json	2600:9000:2670:5a00:17:a556:9bc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://myaccount.enigmasoftware.com/tools/ip2country/get.php Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/wp-content/themes/default/js/bundle.js?1708346373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2670:5a00:17:a556:9bc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 (Amazon) / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers cache-control max-age=86400, no-cache="set-cookie" access-control-allow-methods GET, POST via 1.1 6b15a9d1514a5645abfd43cbf330ce48.cloudfront.net (CloudFront) expires Tue, 19 Nov 2024 20:04:56 GMT access-control-allow-origin * x-cache Miss from cloudfront content-length 2 x-amz-cf-id 3ojYb-1_kkRbxbSbav7oD7cOOAFLwTnQynFvswOcibvQKa6u1ULhfA== date Mon, 18 Nov 2024 20:04:56 GMT content-type application/json last-modified Wed, 24 Apr 2024 06:57:15 GMT server Apache/2.4.46 (Amazon) x-amz-cf-pop FRA56-P9 access-control-allow-headers X-Requested-With
GET H2	200	scripts.js Show response www.cyclonis.com/wp-content/plugins/user-info/js/	2 KB 1 KB	75ms 74ms	Script application/javascript	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.cyclonis.com/wp-content/plugins/user-info/js/scripts.js?v=legacy-update Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/wp-content/themes/default/js/bundle.js?1708346373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 5fe5c650e137a0666d76306f0b170be7ee6c2ca2b8b3ffa5288454c8ccfdddba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"24ca723d6b16d3002d7e4de0a87852c8" age 472 x-cache Hit from cloudfront x-amz-cf-id D49mV2FZKTGyysZc5Gx5M3Y6mikgiE1nff5By-EUzvjcUA-M555Arw== date Mon, 18 Nov 2024 19:57:05 GMT content-type application/javascript; charset=UTF-8 vary accept-encoding last-modified Mon, 18 Nov 2024 13:14:10 GMT x-amz-id-2 VNgWICqTmZ9fpBiK/nlbOpFh+78vMQ1jdPaZeDkvV1RKkr1XuqEnfOWBSORoiDtUbUEFmoqER4E= cache-control max-age=3600 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id AFF5044WGZFMDQDR x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	dynamic_price.js.php Show response www.cyclonis.com/wp-content/plugins/dynamic_price/js/	11 KB 3 KB	74ms 74ms	Script application/javascript	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.cyclonis.com/wp-content/plugins/dynamic_price/js/dynamic_price.js.php?v=2 Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/wp-content/themes/default/js/bundle.js?1708346373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 5d18e9ddedfc08f5a0c043a2f5415bbfbfee553f428da26dce4e001ab97b5852 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"99ceb312f67f63e2fd08624d09f4801d" age 990 x-cache Hit from cloudfront x-amz-cf-id lUdnbs24VdIy1qRMWmvsaP-MnJOAOHq44KoaqtzBwe6XpeiQDZGUpw== date Mon, 18 Nov 2024 19:48:27 GMT content-type application/javascript; charset=UTF-8 vary accept-encoding last-modified Mon, 18 Nov 2024 13:13:11 GMT x-amz-id-2 pMJTZvAkRk352LZzYD7fa8UAMkuAzWoKTR/sjNUdNBHllliqgg9JwkTj9TVzXRb1RRajb8dERTCHGcWGQFoDw+7llGKeo2oXCAcA/M4dDTU= cache-control max-age=3600 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id AFFFP19WWBKG8JEX x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	p.css p.typekit.net/	5 B 173 B	263ms 69ms	Stylesheet text/css	2a02:26f0:3500:5::17d8:4d2f AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=ddt6yri&ht=tk&f=139.140.175.176&a=86769693&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/ddt6yri.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:5::17d8:4d2f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://use.typekit.net/ Response headers cache-control public, max-age=604800 etag "6649f74c-5" cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 5 date Mon, 18 Nov 2024 20:04:56 GMT content-type text/css last-modified Sun, 19 May 2024 12:57:48 GMT server nginx
GET H2	200	get.php Show response myaccount.enigmasoftware.com/tools/ip2country/	2 B 0	570ms 570ms	XHR application/json	2600:9000:2670:5a00:17:a556:9bc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://myaccount.enigmasoftware.com/tools/ip2country/get.php Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/wp-content/plugins/user-info/js/scripts.js?v=legacy-update Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2670:5a00:17:a556:9bc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 (Amazon) / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers cache-control max-age=86400, no-cache="set-cookie" access-control-allow-methods GET, POST via 1.1 6b15a9d1514a5645abfd43cbf330ce48.cloudfront.net (CloudFront) expires Tue, 19 Nov 2024 20:04:56 GMT access-control-allow-origin * x-cache Miss from cloudfront content-length 2 x-amz-cf-id 3ojYb-1_kkRbxbSbav7oD7cOOAFLwTnQynFvswOcibvQKa6u1ULhfA== date Mon, 18 Nov 2024 20:04:56 GMT content-type application/json last-modified Wed, 24 Apr 2024 06:57:15 GMT server Apache/2.4.46 (Amazon) x-amz-cf-pop FRA56-P9 access-control-allow-headers X-Requested-With
GET H2	200	js Show response www.googletagmanager.com/gtag/	363 KB 120 KB	62ms 62ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GGXRJ88RM6&l=dataLayer&cx=c&gtm=45He4be0v77946716za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBRCHSV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fdbc4d4d831e731636a0f36c87ddbc2a1d85ac06aa54b5207deeaab432fe9ff8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Mon, 18 Nov 2024 20:04:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 18 Nov 2024 20:04:56 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 122948 x-xss-protection 0 server Google Tag Manager
POST H2	204	collect region1.google-analytics.com/g/	0 0	192ms 63ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GGXRJ88RM6&gtm=45je4be0v9117449714z877946716za200zb77946716&_p=1731960295847&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=1609562087.1731960296&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731960296&sct=1&seg=0&dl=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F&dt=What%20is%20the%20Nexus.ensighten.com%20Browser%20Hijacker%3F&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=985 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GGXRJ88RM6&l=dataLayer&cx=c&gtm=45He4be0v77946716za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://www.cyclonis.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 18 Nov 2024 20:04:56 GMT content-type text/plain server Golfe2
GET H2	200	/ Show response www.enigmasoftware.com/spyhunter-remover-details/	64 KB 15 KB	414ms 95ms	Fetch text/html	18.66.122.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.enigmasoftware.com/spyhunter-remover-details/ Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/wp-content/themes/default/js/bundle.js?1708346373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-99.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash d8b9b579432e1b05539fcc4404392aef1c21ca1b5562e37bd0fc75f6319f9bd3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers content-encoding br etag W/"9db158b16e8390123e253586c71b8eee" age 35922 access-control-allow-methods GET x-cache Hit from cloudfront x-amz-cf-id O1XMI2miBdiMFu7iLAKtTQIzl7zs0VLwMvEQNhtmOCb9UEHUECQ6dA== date Mon, 18 Nov 2024 10:06:15 GMT content-type text/html vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding last-modified Tue, 24 Sep 2024 09:39:01 GMT x-amz-id-2 U0zkwT5/TI/fRVk1TmgOWoLmW7XvF2jTjBkgX+zklTAzqpRf7gBcK14COof9h/sOrUFhtxJJaho= via 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront) x-amz-request-id KCH2NNDPS89ZT77X access-control-allow-origin * x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	l use.typekit.net/af/71f83c/00000000000000003b9b093b/27/	32 KB 32 KB	226ms 77ms	Font application/font-woff2	2a02:26f0:780::210:a480 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=faa6313b65fcf8f6d6b3c9326732dd497228b2fb1a4ea6ec96bebbefec93e89c&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/ddt6yri.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software nginx / Resource Hash acd3478fa9e3a1ca477fad9d4e21bed04edfce414f6382a8199e1cb60bbd36eb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://www.cyclonis.com Referer https://use.typekit.net/ddt6yri.css Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "e49dfdd3c83277c3a9625f26c0d4dcbc3f0cbf66" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 32744 date Mon, 18 Nov 2024 20:04:56 GMT content-type application/font-woff2 server nginx
GET H2	200	l use.typekit.net/af/4838bd/00000000000000003b9b0934/27/	31 KB 31 KB	257ms 109ms	Font application/font-woff2	2a02:26f0:780::210:a480 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=faa6313b65fcf8f6d6b3c9326732dd497228b2fb1a4ea6ec96bebbefec93e89c&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/ddt6yri.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:780::210:a480 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software nginx / Resource Hash 487a9a64eeacda0f597528dbf84806c7bd5473a39d93deb0587bce79e1bfb104 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://www.cyclonis.com Referer https://use.typekit.net/ddt6yri.css Response headers cache-control public, max-age=31536000 timing-allow-origin * etag "4bb88608ef3bf293048c5f7084b3109d5b749aea" cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 31756 date Mon, 18 Nov 2024 20:04:56 GMT content-type application/font-woff2 server nginx
GET H3	200	zi-tag.js Show response js.zi-scripts.com/	9 KB 3 KB	396ms 103ms	Script application/javascript	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/zi-tag.js Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers content-encoding gzip cf-cache-status DYNAMIC x-amz-version-id PTl7rnF_EEhUwyN5J882FhdYw1E0brGf etag W/"b2877da906a3216c4f3fc4030b205e54" age 62278 alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id wYizUs_jB0jUtOutPps1eTaMhu8iiBpFfryH85L9WG282YrPy3QafA== date Mon, 18 Nov 2024 20:04:56 GMT content-type application/javascript last-modified Thu, 18 Jul 2024 08:13:46 GMT vary Accept-Encoding priority u=3,i=?0 server-timing cfExtPri via 1.1 1e00c42760ff679060e160d93e8831b6.cloudfront.net (CloudFront) cf-ray 8e4a928ebd6394a7-LHR x-amz-cf-pop LHR62-C4 server cloudflare
POST H3	200	collect www.google.com/ccm/	0 0	379ms 95ms	Ping text/plain	2a00:1450:4001:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=995171791.1731960296&auid=167111780.1731960296&npa=0&gtm=45He4be0v77946716za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&tft=1731960296462&tfd=1031&apve=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBRCHSV Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	378ms 96ms	Script application/javascript	2a02:26f0:3500:10::210:a99 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBRCHSV Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software / Resource Hash 8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers cache-control max-age=29352 content-encoding gzip x-cdn AKAM x-content-type-options nosniff accept-ranges bytes content-length 14628 date Mon, 18 Nov 2024 20:04:56 GMT last-modified Thu, 22 Aug 2024 10:43:55 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding x-amz-server-side-encryption AES256
GET H3	200	destination Show response www.googletagmanager.com/gtag/	247 KB 89 KB	59ms 59ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-356305483&l=dataLayer&cx=c&gtm=45He4be0v77946716za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBRCHSV Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d4c9ac558cf30f7a8bc48ae7c0c13424eff771a10d3c52cf8964ff78fd1a2629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Mon, 18 Nov 2024 20:04:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 18 Nov 2024 20:04:56 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 18 Nov 2024 18:32:11 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 90826 x-xss-protection 0 server Google Tag Manager
GET H2	200	bat.js Show response bat.bing.com/	50 KB 15 KB	375ms 98ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBRCHSV Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding gzip etag "028e0691d20db1:0" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 7A1A02DDBD654F0F8890F2F32ECD6AF6 Ref B: LON601060106052 Ref C: 2024-11-18T20:04:56Z accept-ranges bytes x-cache CONFIG_NOCACHE content-length 14570 date Mon, 18 Nov 2024 20:04:56 GMT content-type application/javascript last-modified Wed, 16 Oct 2024 22:47:44 GMT vary Accept-Encoding
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	373ms 99ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-EXPuqIZi' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Mon, 18 Nov 2024 20:04:56 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-EXPuqIZi' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=5733, tp=11, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug Rm+fGOGlKVyk9fACZeisXhLQV+CXOhiQ7tAqJshPLC9v6zA6ICb3oBqjj9+AMjfG+9IE5DSzoSRBqgJfS6MUgg== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 62152 x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	sw_iframe.html www.googletagmanager.com/static/service_worker/4al0/ Frame 044F	0 0	280ms 40ms	Document text/html	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwww.cyclonis.com Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBRCHSV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 283412 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 1476 content-type text/html cross-origin-opener-policy same-origin; report-to="analytics-container-tag-serving" cross-origin-resource-policy cross-origin date Fri, 15 Nov 2024 13:21:24 GMT expires Sat, 15 Nov 2025 13:21:24 GMT last-modified Mon, 21 Oct 2024 16:58:00 GMT report-to {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]} server sffe service-worker-allowed /static/service_worker vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	lftracker_v1_YEgkB8lvZRp4ep3Z.js Show response sc.lfeeder.com/	31 KB 12 KB	352ms 94ms	Script application/javascript	2600:9000:2250:ba00:4:d7e1:700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc.lfeeder.com/lftracker_v1_YEgkB8lvZRp4ep3Z.js Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:ba00:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ef8430297a91cee0817a09fe7321bb086722000127b458cd41a8f3a6a9ca3e17 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers content-encoding br x-amz-version-id yFiqYTuKNR7MHKPFYgdixJ0jzGWR2K2O etag W/"f1c108983c4da1d07c7e3a142f9092bf" age 3002 x-cache Hit from cloudfront x-amz-cf-id ZiisWdSZcWb9yzaJ09lvqlzoJ7ZS3B9XvM_L_jh55iL9P0LgXspgVg== date Mon, 18 Nov 2024 19:14:55 GMT content-type application/javascript vary accept-encoding, Origin last-modified Wed, 09 Oct 2024 07:20:26 GMT cache-control max-age=3600 cross-origin-resource-policy cross-origin via 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	favicon.png www.cyclonis.com/wp-content/themes/default/images/main/	14 KB 14 KB	69ms 69ms	Other image/png	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.cyclonis.com/wp-content/themes/default/images/main/favicon.png?v=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 7813572c93772d419b3365b28c53247c94177b14d822065b5ce9e0c2c05a3b62 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers etag "618f75035af0cf11760d6b614b656cbf" age 15311 x-cache Hit from cloudfront x-amz-cf-id pTxyhsSQ4cGHpXEB0dZGAoWnHZBW_2pBAdUsX0-dXu54CKz9mOybuw== date Mon, 18 Nov 2024 15:49:45 GMT content-type image/png last-modified Wed, 21 Feb 2024 12:08:25 GMT x-amz-id-2 YdqoU/oi7xObK7MPQLSdHWA2xKiKjaSmGT8fEeAAWPUQKHwuu3QKUj7GDgiaWXjuOHvR905RQtQ= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id PT565R4CW1D31SHH accept-ranges bytes content-length 14329 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/356305483/	5 KB 2 KB	279ms 74ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/356305483/?random=1731960296613&cv=11&fst=1731960296613&bg=ffffff&guid=ON&async=1&gtm=45be4be0z877946716za201zb77946716&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F&hn=www.googleadservices.com&frm=0&tiba=What%20is%20the%20Nexus.ensighten.com%20Browser%20Hijacker%3F&npa=0&pscdl=noapi&auid=167111780.1731960296&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-356305483&l=dataLayer&cx=c&gtm=45He4be0v77946716za200 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f2318162578cd932598ae48057fab9c26235395079b87df2b64ee1d61973b7f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * content-encoding br pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 2356 date Mon, 18 Nov 2024 20:04:56 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	356305483 td.doubleclick.net/td/rul/ Frame 0E85	0 0	292ms 124ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/rul/356305483?random=1731960296613&cv=11&fst=1731960296613&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0z877946716za201zb77946716&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F&hn=www.googleadservices.com&frm=0&tiba=What%20is%20the%20Nexus.ensighten.com%20Browser%20Hijacker%3F&npa=0&pscdl=noapi&auid=167111780.1731960296&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-356305483&l=dataLayer&cx=c&gtm=45He4be0v77946716za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.cyclonis.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 18 Nov 2024 20:04:56 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	getSubscriptions Show response js.zi-scripts.com/unified/v1/master/	150 B 573 B	181ms 181ms	Fetch application/json	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8318b7adc20601338d35bbf64c3a7158647a8196d7f9162b1c87fb0cfe224f00 Request headers Authorization Bearer f6309159eb1699110904 Referer https://www.cyclonis.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type application/json visited_url https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/# Response headers content-encoding gzip cf-cache-status DYNAMIC etag W/"96-sDAK6zceo0hMm5KvnmgjqEpK6Yo" apigw-requestid BdWcggy0vHcEPhw= alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront x-amz-cf-id uVAy5XWERiACdOkV4U098R0ggjBi8OuK3wFWF_puKKYvN1pj3jSrog== date Mon, 18 Nov 2024 20:04:57 GMT content-type application/json; charset=utf-8 vary Origin priority u=1,i server-timing cfExtPri via 1.1 656d1e740e270e1a97ba3d0855116928.cloudfront.net (CloudFront) cf-ray 8e4a92915a42654d-LHR access-control-allow-origin https://www.cyclonis.com x-amz-cf-pop LHR62-C4 x-powered-by Express server cloudflare
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 817 B	308ms 167ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=121120&time=1731960296878&url=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F%23 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Referer https://www.cyclonis.com/ Response headers x-li-pop afd-prod-ltx1-x content-encoding gzip x-fs-uuid 000627356e4609f20be952b1d02b5223 x-msedge-ref Ref A: CEBA741CA0DA4172B16D3C944F947A34 Ref B: LON04EDGE0710 Ref C: 2024-11-18T20:04:57Z x-li-fabric prod-ltx1 x-restli-protocol-version 1.0.0 access-control-allow-methods GET, OPTIONS x-li-uuid AAYnNW5GCfIL6VKx0CtSIw== x-li-proto http/2 access-control-allow-origin * x-cache CONFIG_NOCACHE date Mon, 18 Nov 2024 20:04:56 GMT content-type application/json access-control-allow-headers *
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=121120&time=1731960296878&url=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F%23 https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=121120&time=1731960296878&url=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F%23&e_ipv6=AQKaAl4HiGzAQAAAAZNA...	0 267 B	282ms 161ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=121120&time=1731960296878&url=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F%23&e_ipv6=AQKaAl4HiGzAQAAAAZNA4NaRN0RTyhpNUTgo83bRGfZQ_Okm3cPIOoyzgdaem-qnz_QsD_zfV7k Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers linkedin-action 1 x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: BF8FE6FC03814783BE87BA3E6A1B0F80 Ref B: LON04EDGE1220 Ref C: 2024-11-18T20:04:57Z x-li-fabric prod-ltx1 x-li-uuid AAYnNW5KY4RrgzhO8I0hOA== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Mon, 18 Nov 2024 20:04:56 GMT content-type application/javascript Redirect headers linkedin-action 1 x-li-pop afd-prod-ltx1-x location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=121120&time=1731960296878&url=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F%23&e_ipv6=AQKaAl4HiGzAQAAAAZNA4NaRN0RTyhpNUTgo83bRGfZQ_Okm3cPIOoyzgdaem-qnz_QsD_zfV7k x-msedge-ref Ref A: E38B546A3AE64FAFAADA69886E42A2F0 Ref B: LON04EDGE0820 Ref C: 2024-11-18T20:04:57Z x-li-fabric prod-ltx1 x-li-uuid AAYnNW5GEG+6pEC9yHjv7A== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Mon, 18 Nov 2024 20:04:57 GMT
GET H2	200	25014077.js Show response bat.bing.com/p/action/	364 B 421 B	45ms 40ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/25014077.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash cce2184ec089babc70ded47b8474c543f6a5ff013e4bfd9dbae8689489bb13ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding br accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: B46EA069C4F8417F8DCA73BAEF931B50 Ref B: LON601060106052 Ref C: 2024-11-18T20:04:56Z x-cache CONFIG_NOCACHE date Mon, 18 Nov 2024 20:04:56 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding
OPTIONS H3	204	getSubscriptions js.zi-scripts.com/unified/v1/master/ Frame	0 0	293ms 201ms	Preflight	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,visited_url Access-Control-Request-Method GET Origin https://www.cyclonis.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken access-control-allow-methods POST, GET, OPTIONS, PATCH, DELETE, PUT access-control-allow-origin https://www.cyclonis.com alt-svc h3=":443"; ma=86400 apigw-requestid BdWceizVvHcEMlA= cf-cache-status DYNAMIC cf-ray 8e4a9290186b654d-LHR date Mon, 18 Nov 2024 20:04:57 GMT priority u=1,i server cloudflare server-timing cfExtPri vary Origin via 1.1 9503482155e233e99173b53da4a996fe.cloudfront.net (CloudFront) x-amz-cf-id v9wMGW4uz6cz00_DpfgVFbM-QGYRae_H4e5K1P3Z2Fg50lcQOtOZ9g== x-amz-cf-pop LHR62-C4 x-cache Miss from cloudfront x-powered-by Express
GET H3	200	1559634284327625 Show response connect.facebook.net/signals/config/	77 KB 16 KB	166ms 166ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1559634284327625?v=2.9.177&r=stable&domain=www.cyclonis.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5a87d6b10900eca861c5ad9ab94ccaaf8632f56f61448c54e10de67c9a1026a2 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-BfQBBTWt' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Mon, 18 Nov 2024 20:04:57 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-BfQBBTWt' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality GOOD; q=0.7, rtt=52, rtx=0, c=75, mss=1232, tbw=71653, tp=67, tpl=0, uplat=125, ullat=0 pragma public x-fb-debug 4pMM6X1ssp3mJNqbPPwF8yafWL5sz0DiJ1mb2q1okzjFpMJIcvcLCTOM5qQZLePnbGiyPmkGKPJyy4q6BXK0qQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.google.com/pagead/1p-user-list/356305483/	42 B 64 B	59ms 58ms	Image image/gif	2a00:1450:4001:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/356305483/?random=1731960296613&cv=11&fst=1731960000000&bg=ffffff&guid=ON&async=1&gtm=45be4be0z877946716za201zb77946716&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F&hn=www.googleadservices.com&frm=0&tiba=What%20is%20the%20Nexus.ensighten.com%20Browser%20Hijacker%3F&npa=0&pscdl=noapi&auid=167111780.1731960296&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7diLlKqe2zvIDqBI95DtUyRuab_hIsXA&random=37083350&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Mon, 18 Nov 2024 20:04:56 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	/ www.google.co.uk/pagead/1p-user-list/356305483/	42 B 64 B	197ms 58ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.uk/pagead/1p-user-list/356305483/?random=1731960296613&cv=11&fst=1731960000000&bg=ffffff&guid=ON&async=1&gtm=45be4be0z877946716za201zb77946716&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F&hn=www.googleadservices.com&frm=0&tiba=What%20is%20the%20Nexus.ensighten.com%20Browser%20Hijacker%3F&npa=0&pscdl=noapi&auid=167111780.1731960296&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7diLlKqe2zvIDqBI95DtUyRuab_hIsXA&random=37083350&rmt_tld=1&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers content-security-policy script-src 'none'; object-src 'none' cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Mon, 18 Nov 2024 20:04:57 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	204	0 bat.bing.com/action/	0 286 B	66ms 65ms	Image text/plain	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=25014077&tm=gtm002&Ver=2&mid=9aa208fa-a7fe-430d-a0cd-bef7b0c67356&bo=1&sid=62277410a5e811efb183adfd31f71c81&vid=6227b3a0a5e811ef81a561d9dd13b618&vids=1&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=What%20is%20the%20Nexus.ensighten.com%20Browser%20Hijacker%3F&kw=what%20is%20the%20nexus.ensighten.com%20browser%20hijacker%3F,%20cyclonis&p=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F%23&r=&lt=1015&evt=pageLoad&sv=1&cdb=AQAQ&rn=220483 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: A8AD0D96E41C41099E28F1E3FC33AAAE Ref B: LON601060106052 Ref C: 2024-11-18T20:04:56Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Mon, 18 Nov 2024 20:04:56 GMT
GET H2	200	/ tr-rc.lfeeder.com/	43 B 336 B	245ms 98ms	Image image/gif	13.224.189.9 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tr-rc.lfeeder.com/?sid=YEgkB8lvZRp4ep3Z&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLUdHWFJKODhSTTYiXSwiZ2FDbGllbnRJZHMiOlsiMTYwOTU2MjA4Ny4xNzMxOTYwMjk2Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNjQuMSJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly93d3cuY3ljbG9uaXMuY29tL3doYXQtaXMtdGhlLW5leHVzLWVuc2lnaHRlbi1jb20tYnJvd3Nlci1oaWphY2tlci8jIiwicGFnZVRpdGxlIjoiV2hhdCBpcyB0aGUgTmV4dXMuZW5zaWdodGVuLmNvbSBCcm93c2VyIEhpamFja2VyPyIsInJlZmVycmVyIjoiIn0sImV2ZW50IjoidHJhY2tpbmctZXZlbnQiLCJjbGllbnRFdmVudElkIjoiZjM0NjZiZDZhNmJjOWEzNyIsInNjcmlwdElkIjoiWUVna0I4bHZaUnA0ZXAzWiIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJjb25zZW50TGV2ZWwiOiJub25lIiwiYW5vbnltaXplSXAiOmZhbHNlLCJsZkNsaWVudElkIjoiTEYxLjEuNGIzYWVjMzA1ZDYwMzUyYS4xNzMxOTYwMjk2OTgzIiwiZm9yZWlnbkNvb2tpZXMiOltdLCJwcm9wZXJ0aWVzIjp7fSwiYXV0b1RyYWNraW5nRW5hYmxlZCI6dHJ1ZSwiYXV0b1RyYWNraW5nTW9kZSI6Im9uX3NjcmlwdF9sb2FkIn0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-9.fra2.r.cloudfront.net Software CloudFront / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers cross-origin-resource-policy cross-origin via 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront) x-cache LambdaGeneratedResponse from cloudfront content-length 43 x-amz-cf-id QJdi3pYc2AZiaBfVtqiAjp2mApHjVsCfEkJpMTtdLbMt6cVBuBFftQ== date Mon, 18 Nov 2024 20:04:57 GMT content-type image/gif x-amz-cf-pop FRA2-C1 server CloudFront vary Origin
GET H3	200	/ www.facebook.com/tr/	0 16 B	152ms 40ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1559634284327625&ev=PageView&dl=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F%23&rl=&if=false&ts=1731960297124&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731960297121.83298012184429445&cs_est=true&ler=empty&cdl=API_unavailable&it=1731960296914&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=5724, tp=11, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Mon, 18 Nov 2024 20:04:57 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 196 B	308ms 196ms	Image image/png	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1559634284327625&ev=PageView&dl=https%3A%2F%2Fwww.cyclonis.com%2Fwhat-is-the-nexus-ensighten-com-browser-hijacker%2F%23&rl=&if=false&ts=1731960297124&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731960297121.83298012184429445&cs_est=true&ler=empty&cdl=API_unavailable&it=1731960296914&coo=false&rqm=FGET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438712835503488702"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Mon, 18 Nov 2024 20:04:57 GMT content-type image/png vary Accept-Encoding x-fb-debug 5GdUwzrhQhjee6jXaykMayjVgmyB6iHXSXK3BfpQk8ZPM3FweRJNQdikes/jRRl7Gu51PV1iHucoROQOu3jZgA== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438712835503488702", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=6092, tp=14, tpl=0, uplat=155, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ Show response ws.zoominfo.com/pixel/65495034aa92b06466cdbbd0/	3 KB 2 KB	445ms 344ms	Fetch text/javascript	2606:4700::6810:762b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/65495034aa92b06466cdbbd0/?iszitag=true Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:762b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5fdd9daa1d1dc1dd2c88bb509d7ac430498f4788232210d73ba83fbb7306458c Security Headers Name Value X-Content-Type-Options nosniff Request headers _zitok 8e5ba12546bbf5a81d0f1731960297 _vtok MTk0Ljc0LjIxMi4xMjQ= visited-url https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/# Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/javascript Response headers x-robots-tag noindex, nofollow content-encoding gzip cf-cache-status DYNAMIC x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Mon, 18 Nov 2024 20:04:58 GMT content-type text/javascript vary Accept-Encoding priority u=1,i access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url access-control-allow-credentials true via 1.1 google cf-ray 8e4a9294fd1e79c8-LHR access-control-allow-origin https://www.cyclonis.com x-powered-by Express server cloudflare
OPTIONS H3	200	/ ws.zoominfo.com/pixel/65495034aa92b06466cdbbd0/ Frame	0 0	285ms 175ms	Preflight text/html	2606:4700::6810:762b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/65495034aa92b06466cdbbd0/?iszitag=true Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:762b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers _vtok,_zitok,content-type,visited-url Access-Control-Request-Method GET Origin https://www.cyclonis.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url access-control-allow-origin https://www.cyclonis.com allow GET,HEAD alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e4a92933ac87731-LHR content-encoding gzip content-type text/html; charset=utf-8 date Mon, 18 Nov 2024 20:04:57 GMT priority u=1,i server cloudflare server-timing cfExtPri via 1.1 google x-content-type-options nosniff x-powered-by Express x-robots-tag noindex, nofollow
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 198 B	160ms 158ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.cyclonis.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept * Content-Type text/plain;charset=UTF-8 Response headers linkedin-action 1 x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: FFDAE934F2CC43C98E9A6A95106AE27C Ref B: LON04EDGE0820 Ref C: 2024-11-18T20:04:57Z x-li-fabric prod-ltx1 access-control-allow-credentials true x-li-uuid AAYnNW5M/CrHB7zgXrzY0w== x-li-proto http/2 access-control-allow-origin https://www.cyclonis.com x-cache CONFIG_NOCACHE date Mon, 18 Nov 2024 20:04:57 GMT vary Origin
GET BLOB	200 OK	5adad2c9-cf68-4a57-afcb-527b760e19c1 Show response https://www.cyclonis.com/	3 KB 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.cyclonis.com/5adad2c9-cf68-4a57-afcb-527b760e19c1 Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 5fdd9daa1d1dc1dd2c88bb509d7ac430498f4788232210d73ba83fbb7306458c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type text/javascript Content-Length 3481
GET H2	200	4.jpg www.cyclonis.com/wp-content/themes/default/images/banners/pm/exit-2020-02/	21 KB 21 KB	58ms 57ms	Image image/jpeg	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/banners/pm/exit-2020-02/4.jpg Requested by Host: www.cyclonis.com URL: https://www.cyclonis.com/wp-content/themes/default/css/bundle.css?1708346373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash b34cd5375d36ad9ae7e23a3a84d110262b304c55f7a02bedc182c9a8481f141c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/wp-content/themes/default/css/bundle.css?1708346373 Response headers etag "519d2356d3a5d8fd8cafb9aea02af984" age 15258 x-cache Hit from cloudfront x-amz-cf-id K8zh8p6oZGF2e8ECco6KjSZl0qnJhW_HtHwUBRqJ_PPdHFK09Muhjw== date Mon, 18 Nov 2024 15:50:44 GMT content-type image/jpeg last-modified Wed, 21 Feb 2024 12:08:12 GMT x-amz-id-2 rUzs76Ba19YA6qiFx9+bfUYHxXYm0ptLYtk3szxYyN/t75Q4bax14/vztWHagcO/GwbuF7MGS/U= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id 0VRHY8HBS55FQ8RD accept-ranges bytes content-length 21323 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	cpm-full-black.svg www.cyclonis.com/wp-content/themes/default/images/main/password-manager/	22 KB 8 KB	93ms 92ms	Image image/svg+xml	18.172.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.cyclonis.com/wp-content/themes/default/images/main/password-manager/cpm-full-black.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.172.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-172-112-42.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash df54d8c4dc73c9aa5431ba2c9fb2d9187a4a1cace4f2e1debd37f8ccecfbbc0b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://www.cyclonis.com/what-is-the-nexus-ensighten-com-browser-hijacker/ Response headers content-encoding gzip etag W/"36712753643ee062fb4c564b0df05ea3" age 15413 x-cache Hit from cloudfront x-amz-cf-id 31eerZdAAwXk7QVLSR-5vJFrr-UvjtB4C0SaPRLxdlGFIgysjfBt4A== date Mon, 18 Nov 2024 15:48:09 GMT content-type image/svg+xml vary accept-encoding last-modified Wed, 21 Feb 2024 12:08:25 GMT x-amz-id-2 UU7irIogmLEaVVeMMneDVlvSWbb//JqqpVbXxrpd4sBAR/F5mi1eE+hjlANNAuc9NZYeEU3kIqA= cache-control max-age=16070400 via 1.1 186bdaa7eeeac80deba6005ccbb75b56.cloudfront.net (CloudFront) x-amz-request-id BRHNRTDA80SHZ2WD x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256