analyticscampus.com Open in urlscan Pro
66.29.141.144  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

• https://mc.yandex.com/sync_cookie_image_check?scid=7917c42c-7f8b-69f5-dc32-a353df287d23&cid=99162160 HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?cid=99162160&redirect_domain=mc.yandex.com&scid=7917c42c-7f8b-69f5-dc32-a353df287d23&token=10834.hKYbWOPUTLXNKYOxKFfhAJEpkfeAK_w6RX_OfCTiEZOT-tJlE6csVt2Eeybh2pAL.A4CGrN9dPJbP3yFzsy68lVZzzBY%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?cid=99162160&scid=7917c42c-7f8b-69f5-dc32-a353df287d23&token=10834.RWdedekN4bPCCnLAJtDwcXN9pCOeWz21C54AL727TQ-Dn-mQlV9Zez3D6K-e12NSlLHmU5Ml3kXmwgPbXGyBfP-LuJWxuudaoNCLzTV1IbM%2C.X8b0_wXYqkLkOPN_hPgRMQgX6Kg%2C

Request Chain 59

• https://mc.yandex.com/watch/99162160?wmode=7&page-url=https%3A%2F%2Fanalyticscampus.com%2Fself-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22141%22%2C%22Not%3FA_Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22141%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A141.0.7390.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22141.0.7390.122%22%2C%22Not%3FA_Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22141.0.7390.122%22%0Achm%0A%3F0%0Achp%0ALinux%0Achv%0A6.8.0&browser-info=pv%3A1%3Avf%3A3xktzc2ogg05v7x8e2v8cowhnxhaz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ano-NO%3Av%3A2240%3Acn%3A1%3Adp%3A0%3Als%3A1251492921060%3Ahid%3A389098071%3Az%3A60%3Ai%3A20251029121613%3Aet%3A1761736573%3Ac%3A1%3Arn%3A1030321422%3Arqn%3A1%3Au%3A1761736573695153223%3Aw%3A1728x1117%3As%3A1600x1200x24%3Ask%3A2%3Afp%3A2280%3Awv%3A2%3Ads%3A31%2C441%2C1056%2C174%2C0%2C0%2C%2C737%2C0%2C3723%2C3723%2C15%2C2440%3Aco%3A0%3Acpf%3A1%3Ans%3A1761736568253%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1761736573%3At%3ASelf-propagating%20worm%20present%20in%20marketplaces%20for%20Visible%20Studio%20Code%20extensions%20-%20Analytics%20Campus&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(83952128)ti(1) HTTP 302
• https://mc.yandex.com/watch/99162160/1?wmode=7&page-url=https%3A%2F%2Fanalyticscampus.com%2Fself-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22141%22%2C%22Not%3FA_Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22141%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A141.0.7390.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22141.0.7390.122%22%2C%22Not%3FA_Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22141.0.7390.122%22%0Achm%0A%3F0%0Achp%0ALinux%0Achv%0A6.8.0&browser-info=pv%3A1%3Avf%3A3xktzc2ogg05v7x8e2v8cowhnxhaz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ano-NO%3Av%3A2240%3Acn%3A1%3Adp%3A0%3Als%3A1251492921060%3Ahid%3A389098071%3Az%3A60%3Ai%3A20251029121613%3Aet%3A1761736573%3Ac%3A1%3Arn%3A1030321422%3Arqn%3A1%3Au%3A1761736573695153223%3Aw%3A1728x1117%3As%3A1600x1200x24%3Ask%3A2%3Afp%3A2280%3Awv%3A2%3Ads%3A31%2C441%2C1056%2C174%2C0%2C0%2C%2C737%2C0%2C3723%2C3723%2C15%2C2440%3Aco%3A0%3Acpf%3A1%3Ans%3A1761736568253%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1761736573%3At%3ASelf-propagating%20worm%20present%20in%20marketplaces%20for%20Visible%20Studio%20Code%20extensions%20-%20Analytics%20Campus&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29ti%281%29&redirnss=1

Request Chain 60

• https://mc.yandex.com/sync_cookie_image_check_secondary?scid=3a7ce554-d5cf-9f2e-3c28-75fa72baa07e&cid=99162160 HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start_secondary?cid=99162160&redirect_domain=mc.yandex.com&scid=3a7ce554-d5cf-9f2e-3c28-75fa72baa07e&token=10834.buWcMUELHwpeJQiIooPhuQ8u0rAeD_aTUx8OjG1TwKFeqdk6S3XVLB2YDvau4KuG.4gzqa8lACRuEW3QJK9I0t4VY0Jo%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide_secondary?cid=99162160&scid=3a7ce554-d5cf-9f2e-3c28-75fa72baa07e&token=10834.tbfvmNRZypXWzIOeMW98fhALkvZrCeaEFuOMSPoWkS7YFrscyhxyKyY4DxW36NoyrxHgg4eKvKnCHWasNePLLyv2J-sFWWpfXYpwcXfGSrU%2C.yDoMKbe3OMJO_Xyz-E1LPwjGPC4%2C HTTP 302
• https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=99162160&redirect_domain=mc.yandex.com&scid=3a7ce554-d5cf-9f2e-3c28-75fa72baa07e&token=10834.yk6j9NT0y4f5VQCaiQQ9ee4bdamQdoyVNNpsHGgp8wDyfWBGPLnTRgtw9POS8Pv6I6XC6Gvn4Nrx03i8VCdI9BydFX_Mh5qq7KcDGJDSjUnxSFImrG47yTvvp8HcC776bP3QuoxHdBtPTF-reK8spo9Sxj75jaCG93Eu9iyVOBIt1W6CxUdfJkYaawv5-hsskzh6TNxFZ0B0qXzaIKWM2w%2C%2C.rwNNq286HDSJT-70ZWNe7IWjUw4%2C

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/	310 KB 52 KB	1529ms 1057ms	Document text/html	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 52da2da6576d9345f9e9e294b5c212823d91263b75dbbb4cf68ceff4f215dc07 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Linux" Response headers content-encoding br content-type text/html; charset=UTF-8 date Wed, 29 Oct 2025 11:16:09 GMT etag "30532-1761736569;br" link <https://analyticscampus.com/wp-json/>; rel="https://api.w.org/" <https://analyticscampus.com/wp-json/wp/v2/posts/2241>; rel="alternate"; title="JSON"; type="application/json" <https://analyticscampus.com/?p=2241>; rel=shortlink server LiteSpeed vary Accept-Encoding x-litespeed-cache miss x-litespeed-cache-control public,max-age=604800 x-litespeed-tag 944_post,944_URL.59e26c9cab2cda3252c9f97e31cab130,944_Po.2241,944_ x-pingback https://analyticscampus.com/xmlrpc.php x-turbo-charged-by LiteSpeed
GET H2	200	style.min.css analyticscampus.com/wp-includes/css/dist/block-library/	114 KB 14 KB	221ms 219ms	Stylesheet text/css	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-includes/css/dist/block-library/style.min.css?ver=6.8.3 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 838ede31a58a3cdb411d6dd7f13cbe65d4a26193d9fa31882854e63938f12bac Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 05 Nov 2025 11:16:09 GMT accept-ranges bytes content-length 14360 date Wed, 29 Oct 2025 11:16:09 GMT x-turbo-charged-by LiteSpeed content-type text/css last-modified Tue, 15 Jul 2025 23:59:18 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	styles.css analyticscampus.com/wp-content/plugins/contact-form-7/includes/css/	3 KB 1 KB	346ms 344ms	Stylesheet text/css	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=6.1.2 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 4048fd0e6c44412465449ba4f5c7272349ee1574401cec755d6b8d9c0ccc28dd Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 05 Nov 2025 11:16:10 GMT accept-ranges bytes content-length 899 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/css last-modified Sun, 12 Oct 2025 10:13:37 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	wp-automatic.css analyticscampus.com/wp-content/plugins/wp-automatic/css/	3 KB 757 B	348ms 346ms	Stylesheet text/css	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 05 Nov 2025 11:16:10 GMT accept-ranges bytes content-length 537 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/css last-modified Mon, 13 Oct 2025 16:45:42 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	style.css analyticscampus.com/wp-content/plugins/td-composer/td-multi-purpose/	38 KB 5 KB	347ms 346ms	Stylesheet text/css	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=def8edc4e13d95bdf49953a9dce2f608 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 82c98a428ca69d9af95841f03e1a85311fe5a56f34babd91004d48b9cca7ddde Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 05 Nov 2025 11:16:10 GMT accept-ranges bytes content-length 4542 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/css last-modified Sun, 12 Oct 2025 10:17:42 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	css fonts.googleapis.com/	39 KB 3 KB	639ms 147ms	Stylesheet text/css	142.250.185.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRubik%3A500%2C400&display=swap&ver=12.6.8 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f10.1e100.net Software ESF / Resource Hash 25f5e5e06b0e58806f00fd6c308681e25838a95197d6baff8e312bb7d4057c3a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 29 Oct 2025 11:16:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 29 Oct 2025 11:16:10 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 29 Oct 2025 11:16:10 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	style.css analyticscampus.com/wp-content/themes/Newspaper/	155 KB 25 KB	356ms 355ms	Stylesheet text/css	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/themes/Newspaper/style.css?ver=12.6.8 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 0b82485edb800f0ea228c54dd7b2138e0fb824ce939cd34034f613bd93625710 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 05 Nov 2025 11:16:10 GMT accept-ranges bytes content-length 24915 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/css last-modified Sun, 12 Oct 2025 10:16:59 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	td_legacy_main.css analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/	169 KB 24 KB	395ms 394ms	Stylesheet text/css	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=def8edc4e13d95bdf49953a9dce2f608 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash af664f64b475678e0d181c23dd6eca9ee45afd956d129a66c9e30910f2a985cf Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 05 Nov 2025 11:16:10 GMT accept-ranges bytes content-length 24387 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/css last-modified Sun, 12 Oct 2025 10:17:41 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tdb_main.css analyticscampus.com/wp-content/plugins/td-cloud-library/assets/css/	47 KB 7 KB	402ms 401ms	Stylesheet text/css	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-cloud-library/assets/css/tdb_main.css?ver=b33652f2535d2f3812f59e306e26300d Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 2143754326c96d8d845f202477e7749564794b31273e6ecc869d6f881be36213 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 05 Nov 2025 11:16:10 GMT accept-ranges bytes content-length 7001 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/css last-modified Sun, 12 Oct 2025 10:17:51 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	jquery.min.js Show response analyticscampus.com/wp-includes/js/jquery/	86 KB 29 KB	404ms 403ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 29744 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Tue, 07 Nov 2023 23:10:20 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	jquery-migrate.min.js Show response analyticscampus.com/wp-includes/js/jquery/	13 KB 5 KB	533ms 532ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 4678 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Tue, 08 Aug 2023 23:20:53 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	main-front.js Show response analyticscampus.com/wp-content/plugins/wp-automatic/js/	2 KB 638 B	535ms 535ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=1.0.1 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 561334fb61409284cd9fd1e30131a2c9e25ae9db87babb56a037c572e31c78cf Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 466 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Mon, 13 Oct 2025 16:45:42 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	4076668-0-89936600-1761096212-shutterstock_2550174839.jpg www.infoworld.com/wp-content/uploads/2025/10/	17 KB 17 KB	229ms 85ms	Image image/webp	192.0.66.100 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://www.infoworld.com/wp-content/uploads/2025/10/4076668-0-89936600-1761096212-shutterstock_2550174839.jpg?quality=50&strip=all&w=1024 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.66.100 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0bfd2e49f228a677767e6d16ca7ba6619ac0c3d63d0162de4086c1ffd55d4637 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control max-age=31536000 x-rq arn1 etag "c0c513cc9df44592" x-bytes-saved 9730125 access-control-allow-methods GET, HEAD accept-ranges bytes, bytes access-control-allow-origin * x-cache HIT content-length 17376 date Wed, 29 Oct 2025 11:16:10 GMT content-type image/webp vary Accept server nginx last-modified Tue, 28 Oct 2025 09:11:37 GMT
GET H2	200	Analytics-Campus-1-300x90.png analyticscampus.com/wp-content/uploads/2025/10/	6 KB 6 KB	536ms 535ms	Image image/png	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://analyticscampus.com/wp-content/uploads/2025/10/Analytics-Campus-1-300x90.png Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 7610049da9f4eedfa818d01d4cfa227936b377b28cfaa7853408b2225d132fc5 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control public, max-age=604800 expires Wed, 05 Nov 2025 11:16:10 GMT accept-ranges bytes content-length 5634 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type image/png last-modified Sun, 12 Oct 2025 14:07:38 GMT server LiteSpeed
GET		56c6e5cc-7f3c-4884-8cfa-77435c116ae2 https://analyticscampus.com/	0 0
GET H2	200	hooks.min.js Show response analyticscampus.com/wp-includes/js/dist/	5 KB 2 KB	369ms 369ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-includes/js/dist/hooks.min.js?ver=4d63a3d491d11ffd8ac6 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 9a1e0d38b691f1d22a92cff65ec0439b428170ac39a4493c7ecb06d5585f56a3 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 1571 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Tue, 12 Nov 2024 23:14:40 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	i18n.min.js Show response analyticscampus.com/wp-includes/js/dist/	9 KB 4 KB	220ms 220ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 3542 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Tue, 02 Apr 2024 23:35:03 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	index.js Show response analyticscampus.com/wp-content/plugins/contact-form-7/includes/swv/js/	12 KB 3 KB	338ms 338ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=6.1.2 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 29fdd17a7002a2e1bbd9b33adafc53457c64006b5aca8f6e4dbf907de35433ca Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 3369 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:13:37 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	index.js Show response analyticscampus.com/wp-content/plugins/contact-form-7/includes/js/	13 KB 4 KB	230ms 228ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=6.1.2 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash ddcce687729cb358abf9d0d8e1217a097859be2b0d18c23d7c851b38c87bc9c0 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 4008 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:13:37 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tagdiv_theme.min.js Show response analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/	156 KB 37 KB	230ms 228ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=12.6.8 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 010f69dae1a693c14cce28a8b9ef4b5e81b46906f47830154ac07364104ca855 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 37873 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:42 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tdPostImages.js Show response analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/	2 KB 749 B	232ms 230ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdPostImages.js?ver=12.6.8 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 78a137d5382f19aaea55e95b55e39a7829de05832714fc275d8a10312a3539d6 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 577 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:42 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tdSocialSharing.js Show response analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/	3 KB 1012 B	233ms 231ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSocialSharing.js?ver=12.6.8 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 8e81fcac714f76272bbeb4872fed3a4b84410ed89fe0243acf406986a7611b27 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 840 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:42 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tdModalPostImages.js Show response analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/	9 KB 1 KB	233ms 232ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdModalPostImages.js?ver=12.6.8 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash ed5724159a8f6ac6e42d3a8b66fdc874b0a197c53368a09579cd67fdd5fcc094 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 1286 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:42 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	comment-reply.min.js Show response analyticscampus.com/wp-includes/js/	3 KB 1 KB	240ms 239ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-includes/js/comment-reply.min.js?ver=6.8.3 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 1247 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Tue, 12 Nov 2024 23:14:40 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	js_files_for_front.min.js Show response analyticscampus.com/wp-content/plugins/td-cloud-library/assets/js/	29 KB 6 KB	233ms 232ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=b33652f2535d2f3812f59e306e26300d Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash d099103502b4063574eb2ba0dd2b8e3c0d6362c8036c337f5571a11716ef5781 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 5955 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:51 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tdToTop.js Show response analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/	1 KB 702 B	234ms 233ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdToTop.js?ver=12.6.8 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash e89e04007c3b2f1de030c03b393af88674a08cde2a9ec6b2a045d41089569865 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 530 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:42 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tdAjaxSearch.js Show response analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/	6 KB 1 KB	236ms 235ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdAjaxSearch.js?ver=12.6.8 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash ced232c8b6b165ef0cb92272d25f07dc37d0a37b54932735a0bc3e5113132d85 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 1358 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:42 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tdbMenu.js Show response analyticscampus.com/wp-content/plugins/td-cloud-library/assets/js/	11 KB 3 KB	236ms 235ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-cloud-library/assets/js/tdbMenu.js?ver=b33652f2535d2f3812f59e306e26300d Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash aa775a723775f00371970027ce65fbc791832edd5087687b9c56c238880516fc Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 2938 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:51 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tdbSearch.js Show response analyticscampus.com/wp-content/plugins/td-cloud-library/assets/js/	6 KB 2 KB	236ms 235ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-cloud-library/assets/js/tdbSearch.js?ver=b33652f2535d2f3812f59e306e26300d Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 7c1781abe479d7ea4bb36a3dad324da720c45829b6e8de9d2c8f97e2ea3983ad Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 1709 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:51 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tdMenu.js Show response analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/	4 KB 1 KB	237ms 236ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdMenu.js?ver=12.6.8 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 3d97c7a354ee5666e22c59498be5331a0edee5d6f7527a58a5744f323173bc8d Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 1219 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:42 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tdLoadingBox.js Show response analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/	3 KB 761 B	237ms 236ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdLoadingBox.js?ver=12.6.8 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash a51003115e6640ac72b7a1c6525250bd66ff3cb60f207168c9aef0369c484098 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 589 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:42 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	tdSmartSidebar.js Show response analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/	10 KB 2 KB	237ms 236ms	Script text/javascript	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tdSmartSidebar.js?ver=12.6.8 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 52782ac293bb10b38779db0cb458edb581f2cd603d0aec4c30dd0ca6b6a9388b Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers content-encoding br accept-ranges bytes content-length 1994 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type text/javascript last-modified Sun, 12 Oct 2025 10:17:42 GMT vary Accept-Encoding server LiteSpeed
OPTIONS H2	204	/ bsc-testnet.bnbchain.org/ Frame	0 0	489ms 169ms	Preflight	35.71.129.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.bnbchain.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.129.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ac4305617488db6f8.awsglobalaccelerator.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://analyticscampus.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers * access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin * access-control-max-age 600 date Wed, 29 Oct 2025 11:16:10 GMT referrer-policy origin-when-cross-origin strict-transport-security max-age=31536000; includeSubdomains x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET DATA	200 OK	truncated Show response /	4 KB 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 770b55018e47ecd669e78f7030026d0edb88261c137799e9dcacaba25b4c72ed Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Referer Response headers Content-Type text/javascript
POST H2	200	/ Show response bsc-testnet.bnbchain.org/	6 KB 3 KB	172ms 170ms	Fetch application/json	35.71.129.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.bnbchain.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.129.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ac4305617488db6f8.awsglobalaccelerator.com Software / Resource Hash 588c39a4814e9d8dab8b5746c554be36fa159b68c4f7140a4831142af0702750 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubdomains access-control-max-age 600 content-encoding br access-control-allow-credentials true access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff x-nr-trace-id df803b4fcd380691f0201456135e30e2 access-control-allow-origin * date Wed, 29 Oct 2025 11:16:11 GMT x-xss-protection 1; mode=block content-type application/json; charset=utf-8 vary Accept-Encoding referrer-policy origin-when-cross-origin access-control-allow-headers *
GET H2	404	bg.png analyticscampus.com/wp-content/uploads/2025/10/	3 KB 3 KB	818ms 818ms	Image text/html	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://analyticscampus.com/wp-content/uploads/2025/10/bg.png Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 326d1a7776d1615a6eff78423d5c9a4c0e23595193c0b1a44247cf8e03b4a940 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers link <https://analyticscampus.com/wp-json/>; rel="https://api.w.org/" x-litespeed-cache-control public,max-age=3600 cache-control no-cache, must-revalidate, max-age=0, no-store, private content-encoding br x-litespeed-tag 944_HTTP.404,944_404,944_URL.25cfdc7d0f9349393cc9cf7c7522a245,944_ expires Wed, 11 Jan 1984 05:00:00 GMT x-litespeed-cache miss date Wed, 29 Oct 2025 11:16:11 GMT x-turbo-charged-by LiteSpeed content-type text/html; charset=UTF-8 vary Accept-Encoding server LiteSpeed
GET H2	404	mob.jpg analyticscampus.com/wp-content/uploads/2025/10/	3 KB 3 KB	830ms 830ms	Image text/html	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://analyticscampus.com/wp-content/uploads/2025/10/mob.jpg Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 326d1a7776d1615a6eff78423d5c9a4c0e23595193c0b1a44247cf8e03b4a940 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers link <https://analyticscampus.com/wp-json/>; rel="https://api.w.org/" x-litespeed-cache-control public,max-age=3600 cache-control no-cache, must-revalidate, max-age=0, no-store, private content-encoding br x-litespeed-tag 944_HTTP.404,944_404,944_URL.b00c9c8c1cfad3d055e7164c7d3dd5fd,944_ expires Wed, 11 Jan 1984 05:00:00 GMT x-litespeed-cache miss date Wed, 29 Oct 2025 11:16:11 GMT x-turbo-charged-by LiteSpeed content-type text/html; charset=UTF-8 vary Accept-Encoding server LiteSpeed
GET H2	404	bghd.jpg analyticscampus.com/wp-content/uploads/2025/10/	3 KB 3 KB	823ms 823ms	Image text/html	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://analyticscampus.com/wp-content/uploads/2025/10/bghd.jpg Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 326d1a7776d1615a6eff78423d5c9a4c0e23595193c0b1a44247cf8e03b4a940 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers link <https://analyticscampus.com/wp-json/>; rel="https://api.w.org/" x-litespeed-cache-control public,max-age=3600 cache-control no-cache, must-revalidate, max-age=0, no-store, private content-encoding br x-litespeed-tag 944_HTTP.404,944_404,944_URL.e2ea45dc2abf2d52c0ca215cd88de0e8,944_ expires Wed, 11 Jan 1984 05:00:00 GMT x-litespeed-cache miss date Wed, 29 Oct 2025 11:16:11 GMT x-turbo-charged-by LiteSpeed content-type text/html; charset=UTF-8 vary Accept-Encoding server LiteSpeed
GET H2	404	3.jpg analyticscampus.com/wp-content/uploads/2025/10/	3 KB 3 KB	902ms 902ms	Image text/html	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://analyticscampus.com/wp-content/uploads/2025/10/3.jpg Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 326d1a7776d1615a6eff78423d5c9a4c0e23595193c0b1a44247cf8e03b4a940 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers link <https://analyticscampus.com/wp-json/>; rel="https://api.w.org/" x-litespeed-cache-control public,max-age=3600 cache-control no-cache, must-revalidate, max-age=0, no-store, private content-encoding br x-litespeed-tag 944_HTTP.404,944_404,944_URL.59ee3c82694351729519b75f5ce7a53e,944_ expires Wed, 11 Jan 1984 05:00:00 GMT x-litespeed-cache miss date Wed, 29 Oct 2025 11:16:11 GMT x-turbo-charged-by LiteSpeed content-type text/html; charset=UTF-8 vary Accept-Encoding server LiteSpeed
GET H2	200	newspaper.woff analyticscampus.com/wp-content/themes/Newspaper/images/icons/	33 KB 33 KB	242ms 242ms	Font font/woff	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?23 Requested by Host: analyticscampus.com URL: https://analyticscampus.com/wp-content/themes/Newspaper/style.css?ver=12.6.8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash d3bdf8bf7932544a7776521d75c5e5d03223a4997fdefdb0bfd4b80021f58d23 Request headers Origin https://analyticscampus.com sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/wp-content/themes/Newspaper/style.css?ver=12.6.8 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control public, max-age=604800 expires Wed, 05 Nov 2025 11:16:10 GMT accept-ranges bytes content-length 33904 date Wed, 29 Oct 2025 11:16:10 GMT x-turbo-charged-by LiteSpeed content-type font/woff last-modified Sun, 12 Oct 2025 10:16:59 GMT server LiteSpeed
GET H2	200	iJWKBXyIfDnIV7nBrXyw023e.woff2 fonts.gstatic.com/s/rubik/v31/	34 KB 35 KB	709ms 216ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubik/v31/iJWKBXyIfDnIV7nBrXyw023e.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRubik%3A500%2C400&display=swap&ver=12.6.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 99ec7ccb40cf143f977c893649deece6cc2dcc7c0ff82ebf84b6584090f207ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://analyticscampus.com sec-ch-ua-platform "Linux" Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers age 98387 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 28 Oct 2026 07:56:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 28 Oct 2025 07:56:24 GMT last-modified Tue, 09 Sep 2025 18:27:55 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 35324 x-xss-protection 0 server sffe
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 fonts.gstatic.com/s/opensans/v44/	42 KB 42 KB	673ms 181ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRubik%3A500%2C400&display=swap&ver=12.6.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 441af0def989ebfdbd6ad85ffaed85e967ab21a05f1dd342f16259464a206dd0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://analyticscampus.com sec-ch-ua-platform "Linux" Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers age 97957 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 28 Oct 2026 08:03:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 28 Oct 2025 08:03:34 GMT last-modified Mon, 15 Sep 2025 16:30:57 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 42964 x-xss-protection 0 server sffe
GET H2	200	KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBHMdazQ.woff2 fonts.gstatic.com/s/roboto/v49/	34 KB 34 KB	627ms 135ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBHMdazQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C600%2C700%7CRubik%3A500%2C400&display=swap&ver=12.6.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 8139a402ce239285716452e5668bce94bbf240b433fcfa2e154aa7e4d240445b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://analyticscampus.com sec-ch-ua-platform "Linux" Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers age 91698 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 28 Oct 2026 09:47:53 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 28 Oct 2025 09:47:53 GMT last-modified Mon, 08 Sep 2025 18:08:42 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 34668 x-xss-protection 0 server sffe
GET H2	200	3ccf6389766267e29409e975ec4b1f73a75602fee5f62465c85c4faba7f6498e secure.gravatar.com/avatar/	1 KB 1 KB	532ms 87ms	Image image/jpeg	192.0.73.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://secure.gravatar.com/avatar/3ccf6389766267e29409e975ec4b1f73a75602fee5f62465c85c4faba7f6498e?s=52&d=mm&r=g Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash b28bfd2d4028486d24851b571909d431ad8d5546d2f6aea6ae7f615dd520206d Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers link <https://gravatar.com/avatar/3ccf6389766267e29409e975ec4b1f73a75602fee5f62465c85c4faba7f6498e?s=52&d=mm&r=g>; rel="canonical" cache-control max-age=300 x-nc HIT arn 18 expires Wed, 29 Oct 2025 11:21:10 GMT accept-ranges bytes access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-length 1067 server-timing a8c-cdn, dc;desc=arn, cache;desc=HIT;dur=1.0 date Wed, 29 Oct 2025 11:16:10 GMT content-type image/jpeg last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-disposition inline; filename="3ccf6389766267e29409e975ec4b1f73a75602fee5f62465c85c4faba7f6498e.jpg"
POST H2	200	/ Show response bsc-testnet.bnbchain.org/	88 KB 27 KB	187ms 186ms	Fetch application/json	35.71.129.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.bnbchain.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.129.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ac4305617488db6f8.awsglobalaccelerator.com Software / Resource Hash c59b806d9e8f6549dc4ff9de86426320a5348f530995662ce792e88d88980b7b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubdomains access-control-max-age 600 content-encoding br access-control-allow-credentials true access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff x-nr-trace-id ca83c61d91b04d9fafbafdde0f7a51f4 access-control-allow-origin * date Wed, 29 Oct 2025 11:16:11 GMT x-xss-protection 1; mode=block content-type application/json; charset=utf-8 vary Accept-Encoding referrer-policy origin-when-cross-origin access-control-allow-headers *
OPTIONS H2	204	/ bsc-testnet.drpc.org/ Frame	0 0	679ms 222ms	Preflight	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://analyticscampus.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS access-control-allow-origin * access-control-max-age 1728000 alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 99624265aca2b1b8-OSL date Wed, 29 Oct 2025 11:16:11 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	all.css use.fontawesome.com/releases/v5.0.0/css/	33 KB 8 KB	496ms 73ms	Stylesheet text/css	172.67.142.245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.0.0/css/all.css Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.142.245 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f29f2bbb25602f4bdbd3122c317244f8fd9741106ffd5a412574b02ee794993 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control max-age=31556926 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"e35d9c4ebaea0573df8e4a9505b72eea" age 722304 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dJKQ9F6wg%2BsHa8BsJF5a9pgisjt6ZWimD24oQah%2FGyRm8%2B%2BarLRi2fYp%2B4aGrwp5hMDu%2FV1R%2BrFfkqI35kz7u%2BuOv%2FbJveFO47pIC%2B3m%2FWA27GE%3D"}]} cf-ray 996242658f924c11-OSL date Wed, 29 Oct 2025 11:16:11 GMT content-type text/css last-modified Fri, 22 Sep 2023 01:44:05 GMT server cloudflare vary Accept-Encoding
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 313 B	152ms 150ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id d7f8f92ade2c119a491c57a736112bea access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:12 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242671878b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
GET H2	200	130px-RecaptchaLogo.svg.png upload.wikimedia.org/wikipedia/commons/thumb/a/ad/RecaptchaLogo.svg/	5 KB 6 KB	669ms 115ms	Image image/png	185.15.59.240 WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/thumb/a/ad/RecaptchaLogo.svg/130px-RecaptchaLogo.svg.png Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.15.59.240 , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS upload-lb.esams.wikimedia.org Software ATS/9.2.11 / Resource Hash 58c80d15e15002a1b2596c6e1a2883661966eb9618ad7fc6dc233288ea7deeba Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers x-request-id dcdd389f-1c69-4a8e-85b3-b33db2417d12 access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache etag f0a795ec9ae1185711dfe0d0ba7d91fc age 20608 report-to { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } x-content-type-options nosniff server-timing cache;desc="hit-front", host;desc="cp3076" x-cache cp3076 hit, cp3076 hit/84 date Wed, 29 Oct 2025 05:32:43 GMT content-type image/png content-disposition inline;filename*=UTF-8''RecaptchaLogo.svg.png last-modified Sun, 24 Dec 2023 14:16:34 GMT x-client-ip 158.248.56.221 x-cache-status hit-front strict-transport-security max-age=106384710; includeSubDomains; preload nel { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} timing-allow-origin * accept-ranges bytes access-control-allow-origin * content-length 4832 server ATS/9.2.11
GET H2	404	bghd.jpg analyticscampus.com/wp-content/uploads/2025/10/	3 KB 3 KB	217ms 217ms	Image text/html	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://analyticscampus.com/wp-content/uploads/2025/10/bghd.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 326d1a7776d1615a6eff78423d5c9a4c0e23595193c0b1a44247cf8e03b4a940 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers link <https://analyticscampus.com/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0, no-store, private content-encoding br expires Wed, 11 Jan 1984 05:00:00 GMT x-litespeed-cache hit content-length 30237 date Wed, 29 Oct 2025 11:16:12 GMT x-turbo-charged-by LiteSpeed content-type text/html; charset=UTF-8 vary Accept-Encoding server LiteSpeed
GET H2	200	worm-parasite-infections-from-pets-2.jpg www.gideononline.com/wp-content/uploads/2024/01/	23 KB 23 KB	413ms 263ms	Image image/jpeg	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.gideononline.com/wp-content/uploads/2024/01/worm-parasite-infections-from-pets-2.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US), Reverse DNS Software cloudflare / Resource Hash dccf062e82ff1fa3b4aa69d67afb83aae5392d8cf83c308165c2a16b035557bc Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control public, max-age=31536000 cf-bgj imgq:100,h2pri etag "6595165b-e4e1" cf-cache-status HIT cf-ray 996242682904c759-OSL accept-ranges bytes access-control-allow-origin * cf-polished origSize=58593 content-length 23324 alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:12 GMT content-type image/jpeg last-modified Wed, 03 Jan 2024 08:10:03 GMT vary Accept-Encoding server cloudflare
GET H2	200	cropped-Analytics-Campus-1-32x32.png analyticscampus.com/wp-content/uploads/2025/10/	2 KB 2 KB	391ms 391ms	Other image/png	66.29.141.144 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://analyticscampus.com/wp-content/uploads/2025/10/cropped-Analytics-Campus-1-32x32.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.144 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium215-5.web-hosting.com Software LiteSpeed / Resource Hash 9f3a6e025502bc4d2a00df51507ecdb946ba0b74e7852faa0f09816c43362d67 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cache-control public, max-age=604800 expires Wed, 05 Nov 2025 11:16:12 GMT accept-ranges bytes content-length 1809 date Wed, 29 Oct 2025 11:16:12 GMT x-turbo-charged-by LiteSpeed content-type image/png last-modified Sun, 12 Oct 2025 14:08:43 GMT server LiteSpeed
GET H2	200	image-3.png blog.ml.cmu.edu/wp-content/uploads/2025/10/	41 KB 42 KB	1059ms 442ms	Image image/png	114.129.130.76 A2HOSTING
General Check archive.org Show headers Download Go to Show image Full URL https://blog.ml.cmu.edu/wp-content/uploads/2025/10/image-3.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 114.129.130.76 , United States, ASN55293 (A2HOSTING, US), Reverse DNS server.mldcmu.ai Software LiteSpeed / Resource Hash d08c9a44883642f9e0ca9c2ee318dba463270671c06825148ae14efe43514bf5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=63072000; includeSubDomains vary User-Agent cache-control public, max-age=31536000 etag "a52b-68f9344b-0;;;" x-content-type-options nosniff referrer-policy expires Thu, 29 Oct 2026 11:16:12 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 42283 date Wed, 29 Oct 2025 11:16:12 GMT content-type image/png last-modified Wed, 22 Oct 2025 19:45:15 GMT server LiteSpeed x-frame-options SAMEORIGIN
GET H2	200	cloudarchitecture_VitaliiGulenok-Alamy.jpg eu-images.contentstack.com/v3/assets/blt69509c9116440be8/blte634455a3e3990dd/68f63e16b497b10a0ede661d/	366 KB 367 KB	222ms 78ms	Image image/jpeg	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://eu-images.contentstack.com/v3/assets/blt69509c9116440be8/blte634455a3e3990dd/68f63e16b497b10a0ede661d/cloudarchitecture_VitaliiGulenok-Alamy.jpg?disable=upscale&width=1200&height=630&fit=crop Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software contentstack / Resource Hash d15ee790de61f5196a0dfc1f1f45be80bca5900fbc4cce5bd1f2232752d1e9da Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers fastly-io-info ifsz=97613 idim=1280x720 ifmt=jpeg ofsz=374688 odim=1200x630 ofmt=jpeg x-request-id 5ef98cf8f4c7948831cf97ea5bf84eef access-control-expose-headers content-disposition, content-type, cache-control, status, content-length etag "uSSsXgTqMCYz7oZ4kzlQUzbiilpC30HoMuJl+mBatGA" cache-tag blt69509c9116440be8.sys_assets blt69509c9116440be8.sys_assets.blte634455a3e3990dd.download fastly-io-stats ifsz=97613 ofsz=374688 ofmt=jpeg x-cache HIT, MISS date Wed, 29 Oct 2025 11:16:12 GMT content-disposition inline; filename=cloudarchitecture_VitaliiGulenok-Alamy.jpg content-type image/jpeg x-runtime 67ms x-cache-hits 7, 0 x-contentstack-organization blt5948195ac13977b0 fastly-stats io=1 x-served-by cache-ams21069-AMS, cache-osl6532-OSL strict-transport-security max-age=31557600 cache-control max-age=31536000 x-timer S1761736572.214982,VS0,VE21 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 374688 fastly-io-served-by vpop-ehle2110033 server contentstack
GET H2	200	EuroLLM-PR-hero-image.png unbabel.com/wp-content/uploads/2024/12/	25 KB 25 KB	883ms 427ms	Image image/webp	104.18.10.30 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://unbabel.com/wp-content/uploads/2024/12/EuroLLM-PR-hero-image.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.30 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d9d69cb78e004f6e4d234e077671574bba76bd7d673431b98acd519e6c08b1a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=31536000, private cf-cache-status MISS etag "674dc4aa-626c" x-content-type-options nosniff cf-ray 9962426aba8cb503-OSL expires Thu, 29 Oct 2026 11:16:12 GMT accept-ranges bytes content-length 25196 date Wed, 29 Oct 2025 11:16:12 GMT content-type image/webp last-modified Mon, 02 Dec 2024 14:31:06 GMT vary Accept, accept-encoding server cloudflare x-frame-options SAMEORIGIN
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	237 KB 80 KB	743ms 208ms	Script application/javascript	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash e9b37bb86b7c81bd87d41b9d3ae945478eef870dc36bf7d900495f8fe98b779b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control max-age=3600 timing-allow-origin * content-encoding br etag "68fb7a75-13c54" accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA expires Wed, 29 Oct 2025 12:16:12 GMT access-control-allow-origin * content-length 80980 date Wed, 29 Oct 2025 11:16:12 GMT last-modified Fri, 24 Oct 2025 13:09:09 GMT content-type application/javascript
GET H2	200	Optoma-UHZ58LV-scaled.jpg www.androidauthority.com/wp-content/uploads/2025/10/	478 KB 479 KB	519ms 89ms	Image image/jpeg	172.66.138.120 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.androidauthority.com/wp-content/uploads/2025/10/Optoma-UHZ58LV-scaled.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.138.120 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / WP Engine Headless Platform Resource Hash 2597a8a4e8dc712a3f064e4ce2c31bcc6a01db7fc3bb0cad3b9f84c286b34156 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers cf-bgj imgq:100,h2pri etag "6901572c-786b5" age 6657 cf-cache-status HIT cf-polished origSize=493237 alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:12 GMT content-type image/jpeg last-modified Tue, 28 Oct 2025 23:52:12 GMT vary , Accept-Encoding cache-control public, max-age=31536000 x-envoy-upstream-service-time 24 cf-ray 9962426addc732fa-OSL accept-ranges bytes access-control-allow-origin * content-length 489606 x-powered-by WP Engine Headless Platform server cloudflare
GET H2	200	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check?scid=7917c42c-7f8b-69f5-dc32-a353df287d23&cid=99162160 https://mc.yandex.ru/sync_cookie_image_start?cid=99162160&redirect_domain=mc.yandex.com&scid=7917c42c-7f8b-69f5-dc32-a353df287d23&token=10834.hKYbWOPUTLXNKYOxKFfhAJEpkfeAK_w6RX_OfCTiEZOT-tJlE6csVt2... https://mc.yandex.com/sync_cookie_image_decide?cid=99162160&scid=7917c42c-7f8b-69f5-dc32-a353df287d23&token=10834.RWdedekN4bPCCnLAJtDwcXN9pCOeWz21C54AL727TQ-Dn-mQlV9Zez3D6K-e12NSlLHmU5Ml3kXmwgPbXGy...	43 B 179 B	115ms 115ms	Image image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?cid=99162160&scid=7917c42c-7f8b-69f5-dc32-a353df287d23&token=10834.RWdedekN4bPCCnLAJtDwcXN9pCOeWz21C54AL727TQ-Dn-mQlV9Zez3D6K-e12NSlLHmU5Ml3kXmwgPbXGyBfP-LuJWxuudaoNCLzTV1IbM%2C.X8b0_wXYqkLkOPN_hPgRMQgX6Kg%2C Protocol H2 Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Referer https://analyticscampus.com/ Response headers strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers x-xss-protection 1; mode=block strict-transport-security max-age=31536000 location https://mc.yandex.com/sync_cookie_image_decide?cid=99162160&scid=7917c42c-7f8b-69f5-dc32-a353df287d23&token=10834.RWdedekN4bPCCnLAJtDwcXN9pCOeWz21C54AL727TQ-Dn-mQlV9Zez3D6K-e12NSlLHmU5Ml3kXmwgPbXGyBfP-LuJWxuudaoNCLzTV1IbM%2C.X8b0_wXYqkLkOPN_hPgRMQgX6Kg%2C
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 163 B	179ms 179ms	Image image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control max-age=3600 timing-allow-origin * accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "68fb7a75-2b" expires Wed, 29 Oct 2025 12:16:13 GMT accept-ranges bytes access-control-allow-origin * content-length 43 date Wed, 29 Oct 2025 11:16:13 GMT content-type image/gif last-modified Fri, 24 Oct 2025 13:09:09 GMT
GET H2	200	metrika_match.html Show response mc.yandex.com/metrika/ Frame E73A	5 KB 3 KB	775ms 184ms	Document text/html	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/metrika/metrika_match.html Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash e115e55e7781f1947fbc6c6bab01729a50a2c04a7cd05c55f71055704e8f85d6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://analyticscampus.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Linux" Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA access-control-allow-origin * cache-control max-age=3600 content-encoding br content-length 2070 content-type text/html date Wed, 29 Oct 2025 11:16:13 GMT etag "68fb7a75-816" expires Wed, 29 Oct 2025 12:16:13 GMT last-modified Fri, 24 Oct 2025 13:09:09 GMT strict-transport-security max-age=31536000 timing-allow-origin *
GET H2	200	1 Show response mc.yandex.com/watch/99162160/ Redirect Chain https://mc.yandex.com/watch/99162160?wmode=7&page-url=https%3A%2F%2Fanalyticscampus.com%2Fself-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions%2F&charset=utf-8&uah=chu%0... https://mc.yandex.com/watch/99162160/1?wmode=7&page-url=https%3A%2F%2Fanalyticscampus.com%2Fself-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions%2F&charset=utf-8&uah=chu...	672 B 1 KB	116ms 116ms	Fetch application/json	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/99162160/1?wmode=7&page-url=https%3A%2F%2Fanalyticscampus.com%2Fself-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22141%22%2C%22Not%3FA_Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22141%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A141.0.7390.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22141.0.7390.122%22%2C%22Not%3FA_Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22141.0.7390.122%22%0Achm%0A%3F0%0Achp%0ALinux%0Achv%0A6.8.0&browser-info=pv%3A1%3Avf%3A3xktzc2ogg05v7x8e2v8cowhnxhaz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ano-NO%3Av%3A2240%3Acn%3A1%3Adp%3A0%3Als%3A1251492921060%3Ahid%3A389098071%3Az%3A60%3Ai%3A20251029121613%3Aet%3A1761736573%3Ac%3A1%3Arn%3A1030321422%3Arqn%3A1%3Au%3A1761736573695153223%3Aw%3A1728x1117%3As%3A1600x1200x24%3Ask%3A2%3Afp%3A2280%3Awv%3A2%3Ads%3A31%2C441%2C1056%2C174%2C0%2C0%2C%2C737%2C0%2C3723%2C3723%2C15%2C2440%3Aco%3A0%3Acpf%3A1%3Ans%3A1761736568253%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1761736573%3At%3ASelf-propagating%20worm%20present%20in%20marketplaces%20for%20Visible%20Studio%20Code%20extensions%20-%20Analytics%20Campus&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29ti%281%29&redirnss=1 Protocol H2 Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 659bf8064494397ba6e1ba78fe437768f1b4842e24b1220543443aee7b2f836c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Referer https://analyticscampus.com/ Response headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA pragma no-cache access-control-allow-credentials true x-content-type-options nosniff expires Wed, 29-Oct-2025 11:16:13 GMT access-control-allow-origin https://analyticscampus.com content-length 672 x-xss-protection 1; mode=block content-type application/json; charset=utf-8 last-modified Wed, 29-Oct-2025 11:16:13 GMT Redirect headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 location /watch/99162160/1?wmode=7&page-url=https%3A%2F%2Fanalyticscampus.com%2Fself-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22141%22%2C%22Not%3FA_Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22141%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A141.0.7390.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22141.0.7390.122%22%2C%22Not%3FA_Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22141.0.7390.122%22%0Achm%0A%3F0%0Achp%0ALinux%0Achv%0A6.8.0&browser-info=pv%3A1%3Avf%3A3xktzc2ogg05v7x8e2v8cowhnxhaz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ano-NO%3Av%3A2240%3Acn%3A1%3Adp%3A0%3Als%3A1251492921060%3Ahid%3A389098071%3Az%3A60%3Ai%3A20251029121613%3Aet%3A1761736573%3Ac%3A1%3Arn%3A1030321422%3Arqn%3A1%3Au%3A1761736573695153223%3Aw%3A1728x1117%3As%3A1600x1200x24%3Ask%3A2%3Afp%3A2280%3Awv%3A2%3Ads%3A31%2C441%2C1056%2C174%2C0%2C0%2C%2C737%2C0%2C3723%2C3723%2C15%2C2440%3Aco%3A0%3Acpf%3A1%3Ans%3A1761736568253%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1761736573%3At%3ASelf-propagating%20worm%20present%20in%20marketplaces%20for%20Visible%20Studio%20Code%20extensions%20-%20Analytics%20Campus&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2883952128%29ti%281%29&redirnss=1 pragma no-cache accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA access-control-allow-credentials true expires Wed, 29-Oct-2025 11:16:13 GMT access-control-allow-origin https://analyticscampus.com x-xss-protection 1; mode=block last-modified Wed, 29-Oct-2025 11:16:13 GMT
GET H2	200	sync_cookie_image_finish_secondary mc.yandex.ru/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check_secondary?scid=3a7ce554-d5cf-9f2e-3c28-75fa72baa07e&cid=99162160 https://mc.yandex.ru/sync_cookie_image_start_secondary?cid=99162160&redirect_domain=mc.yandex.com&scid=3a7ce554-d5cf-9f2e-3c28-75fa72baa07e&token=10834.buWcMUELHwpeJQiIooPhuQ8u0rAeD_aTUx8OjG1TwKFeq... https://mc.yandex.com/sync_cookie_image_decide_secondary?cid=99162160&scid=3a7ce554-d5cf-9f2e-3c28-75fa72baa07e&token=10834.tbfvmNRZypXWzIOeMW98fhALkvZrCeaEFuOMSPoWkS7YFrscyhxyKyY4DxW36NoyrxHgg4eKv... https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=99162160&redirect_domain=mc.yandex.com&scid=3a7ce554-d5cf-9f2e-3c28-75fa72baa07e&token=10834.yk6j9NT0y4f5VQCaiQQ9ee4bdamQdoyVNNpsHGgp8wDy...	43 B 403 B	112ms 111ms	Image image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=99162160&redirect_domain=mc.yandex.com&scid=3a7ce554-d5cf-9f2e-3c28-75fa72baa07e&token=10834.yk6j9NT0y4f5VQCaiQQ9ee4bdamQdoyVNNpsHGgp8wDyfWBGPLnTRgtw9POS8Pv6I6XC6Gvn4Nrx03i8VCdI9BydFX_Mh5qq7KcDGJDSjUnxSFImrG47yTvvp8HcC776bP3QuoxHdBtPTF-reK8spo9Sxj75jaCG93Eu9iyVOBIt1W6CxUdfJkYaawv5-hsskzh6TNxFZ0B0qXzaIKWM2w%2C%2C.rwNNq286HDSJT-70ZWNe7IWjUw4%2C Protocol H2 Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Referer https://analyticscampus.com/ Response headers strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers strict-transport-security max-age=31536000 x-xss-protection 1; mode=block location https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=99162160&redirect_domain=mc.yandex.com&scid=3a7ce554-d5cf-9f2e-3c28-75fa72baa07e&token=10834.yk6j9NT0y4f5VQCaiQQ9ee4bdamQdoyVNNpsHGgp8wDyfWBGPLnTRgtw9POS8Pv6I6XC6Gvn4Nrx03i8VCdI9BydFX_Mh5qq7KcDGJDSjUnxSFImrG47yTvvp8HcC776bP3QuoxHdBtPTF-reK8spo9Sxj75jaCG93Eu9iyVOBIt1W6CxUdfJkYaawv5-hsskzh6TNxFZ0B0qXzaIKWM2w%2C%2C.rwNNq286HDSJT-70ZWNe7IWjUw4%2C
GET H2	200	99162160 mc.yandex.com/clmap/	43 B 0	123ms 123ms	Fetch image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/clmap/99162160?page-url=https%3A%2F%2Fanalyticscampus.com%2Fself-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions%2F&pointer-click=rn%3A219033191%3Ax%3A23405%3Ay%3A21064%3At%3A29%3Ap%3A%3FAAA6%3AX%3A736%3AY%3A552&browser-info=u%3A1761736573695153223%3Av%3A2240%3Avf%3A3xktzc2ogg05v7x8e2v8cowhnxhaz%3Arqnl%3A1%3Ast%3A1761736576&t=gdpr(14)ti(1) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 pragma no-cache access-control-allow-credentials true expires Wed, 29-Oct-2025 11:16:16 GMT access-control-allow-origin https://analyticscampus.com content-length 43 x-xss-protection 1; mode=block content-type image/gif last-modified Wed, 29-Oct-2025 11:16:16 GMT
POST H2	200	1 mc.yandex.com/watch/99162160/	43 B 73 B	193ms 193ms	Ping image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/99162160/1?page-url=goal%3A%2F%2Fanalyticscampus.com%2FClick&page-ref=https%3A%2F%2Fanalyticscampus.com%2Fself-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22141%22%2C%22Not%3FA_Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22141%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A141.0.7390.122%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22141.0.7390.122%22%2C%22Not%3FA_Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22141.0.7390.122%22%0Achm%0A%3F0%0Achp%0ALinux%0Achv%0A6.8.0&hittoken=1761736573_4765bd9b33e4ae2659a8d5d4f190cd1ce20bc6a98f96fadcce167d861f30e39b&browser-info=ar%3A1%3Avf%3A3xktzc2ogg05v7x8e2v8cowhnxhaz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Ano-NO%3Av%3A2240%3Acn%3A1%3Adp%3A1%3Als%3A1251492921060%3Ahid%3A389098071%3Az%3A60%3Ai%3A20251029121616%3Aet%3A1761736576%3Ac%3A1%3Arn%3A739922595%3Arqn%3A2%3Au%3A1761736573695153223%3Aw%3A1728x1117%3As%3A1600x1200x24%3Ask%3A2%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1761736568253%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1761736576%3At%3ASelf-propagating%20worm%20present%20in%20marketplaces%20for%20Visible%20Studio%20Code%20extensions%20-%20Analytics%20Campus&t=gdpr(14)clc(1-736-552)rqnt(2)aw(1)rcm(1)cdl(na)eco(83952128)oms(0)prs(1)w2s(0)ti(0)&force-urlencoded=1&site-info=%7B%22clientID%22%3A%22ja4xqaqe%22%7D Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA pragma no-cache access-control-allow-credentials true expires Wed, 29-Oct-2025 11:16:16 GMT access-control-allow-origin https://analyticscampus.com content-length 43 x-xss-protection 1; mode=block last-modified Wed, 29-Oct-2025 11:16:16 GMT content-type image/gif
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 185 B	152ms 151ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id 219695204fed4427b0e6bcdea5686c91 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:18 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 9962428c3d5eb1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 185 B	153ms 151ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id c69665a3c1f72130a92fa2a5e3adde97 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:19 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242927dcdb1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 185 B	156ms 154ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id ee4cb663cb1108bad8d4a980659bd048 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:20 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 99624298be8eb1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 185 B	148ms 147ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id bfe06be992b85fc72905a42b5197ef03 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:21 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 9962429efe31b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 185 B	149ms 147ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id 298b3ad9a2f1be71f684a11465d16de3 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:22 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242a53d09b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 185 B	151ms 150ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id 4509d30983bd6c19c8ee10726b7411f9 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:23 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242ab7caeb1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 184 B	151ms 149ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id 32e6f987f25bcea1c18fc3a4c6900a8a access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:24 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242b1bc6eb1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 185 B	153ms 152ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id 7b4d5d4cc517f8a9fe3903681a4c93a6 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:25 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242b7fc02b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 185 B	150ms 148ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id c952de0abc321061773e89ca676f3438 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:26 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242be3bbfb1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 195 B	190ms 189ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id 346d5b16a4f7244d5807ebb94b25666c access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:27 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242c47bf3b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 194 B	234ms 233ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id 1d08e35a5f189df2bc76156610fae3b3 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:28 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242cabb76b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 185 B	158ms 156ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id 78f3d565d7bbd5ba0b89da1a2cf651fb access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:29 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242d0fb54b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 194 B	261ms 259ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id 3ea9dd65bd1c227516428a851c63f98d access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:30 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242d73c98b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST		/ bsc-testnet.drpc.org/	0 0
POST H2	200	1 mc.yandex.com/watch/99162160/	43 B 121 B	110ms 110ms	Ping image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/99162160/1?page-url=https%3A%2F%2Fanalyticscampus.com%2Fself-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions%2F&charset=utf-8&hittoken=1761736573_4765bd9b33e4ae2659a8d5d4f190cd1ce20bc6a98f96fadcce167d861f30e39b&browser-info=nb%3A1%3Acl%3A1063%3Aar%3A1%3Avf%3A3xktzc2ogg05v7x8e2v8cowhnxhaz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ano-NO%3Av%3A2240%3Acn%3A1%3Adp%3A1%3Als%3A1251492921060%3Ahid%3A389098071%3Az%3A60%3Ai%3A20251029121631%3Aet%3A1761736592%3Ac%3A1%3Arn%3A980259112%3Arqn%3A3%3Au%3A1761736573695153223%3Aw%3A1728x1117%3As%3A1600x1200x24%3Ask%3A2%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1761736568253%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1761736592&t=gdpr(14)mc(g-1)clc(1-736-552)rqnt(3)aw(1)rcm(1)cdl(na)eco(83952128)oms(0)prs(1)w2s(0)fid(30)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22ct%22%3A%5B%5D%7D%7D Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 pragma no-cache accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA access-control-allow-credentials true expires Wed, 29-Oct-2025 11:16:32 GMT access-control-allow-origin https://analyticscampus.com content-length 43 x-xss-protection 1; mode=block last-modified Wed, 29-Oct-2025 11:16:32 GMT content-type image/gif
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 211 B	157ms 155ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id 2e5cc0ba49468541c200bca2be605943 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:32 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242e3bc68b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 435 B	164ms 162ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id f7b3c8abf290b8c904ae9258b4bb2476 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:33 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242e9ff73b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 311 B	143ms 142ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id 1d03855b768dd0d5bc215e0cc5114bc8 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:34 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242f03883b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare
POST H2	200	/ Show response bsc-testnet.drpc.org/	231 B 185 B	168ms 167ms	Fetch application/json	104.18.10.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bsc-testnet.drpc.org/ Requested by Host: analyticscampus.com URL: https://analyticscampus.com/self-propagating-worm-present-in-marketplaces-for-visible-studio-code-extensions/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.59 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2450d45857a97c198cc24fa8ba4db6066e67b791345ccb99fa9b95a5e2d0b3cf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://analyticscampus.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36 Accept application/json sec-ch-ua "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141" Content-Type application/json sec-ch-ua-mobile ?0 Response headers access-control-max-age 1728000 x-drpc-owner-id cb501251-31a8-4028-8b0a-54679f15c385 content-encoding zstd cf-cache-status DYNAMIC x-drpc-trace-id ea3e6c723a7f4f1e2cb265c851d9afc6 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS x-drpc-owner-tier free alt-svc h3=":443"; ma=86400 date Wed, 29 Oct 2025 11:16:35 GMT content-type application/json vary Accept-Encoding access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true cf-ray 996242f67ae9b1b8-OSL access-control-allow-origin * x-drpc-provider-id drpc-public-multiregion server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

analyticscampus.com

URL

blob:https://analyticscampus.com/56c6e5cc-7f3c-4884-8cfa-77435c116ae2

Domain

bsc-testnet.drpc.org

URL

https://bsc-testnet.drpc.org/