pol88attacker.xyz Open in urlscan Pro
172.67.195.120  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response pol88attacker.xyz/	93 KB 16 KB	620ms 452ms	Document text/html	172.67.195.120 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pol88attacker.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.120 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bf1d768780eaf50ec28b4749cba104495c44376c5e275f6e680d6c506166300 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8bb64aeccdbd543d-YYZ content-encoding br content-type text/html date Fri, 30 Aug 2024 16:52:41 GMT last-modified Fri, 30 Aug 2024 14:51:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3IU8mfMlICli6LIG7c194kmoefHdIftJlQVgxPC2OEEHMp1owNw4LZkY%2FK%2BWAHk96q1sp1ZY28hUX%2FKjRrAPqXVPqtAn%2FlvM5wJnyB0csYBiClfazkUKVsW13vtKTZ5%2BPbJXg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	n6orZHBMisn0FBhjOc8t9X976IBzjRvuv8W3fT5lq-wfecGJXnX1IyvhF2jtFRZLFRZqwAsyFhJajDb35eb352FyZQZcFAJDe6MKfcBRiAuTdKu3Scv7f6Rwk3IbMg6BJMJ7f6RBk3IbMg6YJMJ7f6RFk3IbMg6VJMJ7f6Rek3IbMg6sJMHbMLhXU_je.js Show response use.typekit.net/ik/	17 KB 7 KB	200ms 32ms	Script text/javascript	2600:141b:b000::1736:a111 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/ik/n6orZHBMisn0FBhjOc8t9X976IBzjRvuv8W3fT5lq-wfecGJXnX1IyvhF2jtFRZLFRZqwAsyFhJajDb35eb352FyZQZcFAJDe6MKfcBRiAuTdKu3Scv7f6Rwk3IbMg6BJMJ7f6RBk3IbMg6YJMJ7f6RFk3IbMg6VJMJ7f6Rek3IbMg6sJMHbMLhXU_je.js Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::1736:a111 Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 505afa6215071aff5751a819d760c9527aa0ea2cf58fe4d5bc6bf9d63ee5d7ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Fri, 30 Aug 2024 16:52:41 GMT server nginx vary Accept-Encoding content-type text/javascript;charset=utf-8 access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 6678
GET H2	200	css2 fonts.googleapis.com/	4 KB 898 B	157ms 48ms	Stylesheet text/css	2607:f8b0:4006:81f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300 Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 851f6306bd352041009fdb4f3d399f68d18d54fc9aef4529bc964b80861895d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 30 Aug 2024 16:52:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 30 Aug 2024 15:21:43 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 30 Aug 2024 16:52:41 GMT
GET H2	200	modern.js Show response assets.squarespace.com/@sqs/polyfiller/1.6/	115 KB 42 KB	108ms 42ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75 Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Wed, 02 Oct 2024 02:39:38 GMT date Fri, 30 Aug 2024 16:52:41 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 4232104 x-cache HIT, HIT content-length 42447 x-served-by cache-iad-kcgs7200042-IAD, cache-yul1970034-YUL last-modified Mon, 31 Oct 2022 21:19:57 GMT server UploadServer x-timer S1725036762.857041,VS0,VE0 etag "fe0d53a94823df972dbf107bf190771a" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 50877, 511669
GET H2	200	extract-css-runtime-34f0dade4f126eb29770-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	44 KB 16 KB	66ms 46ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-34f0dade4f126eb29770-min.en-US.js Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 3fb1421118b1ffbea6d0b46732d50689e9fe4a8ededb4cff413d5bb298ad772b Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Sat, 30 Aug 2025 14:28:45 GMT date Fri, 30 Aug 2024 16:52:41 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 8637 x-cache HIT, HIT content-length 16161 x-served-by cache-iad-kiad7000052-IAD, cache-yul1970034-YUL last-modified Fri, 30 Aug 2024 14:20:34 GMT server UploadServer x-timer S1725036762.953150,VS0,VE0 etag "1c04bbd76ac24a94e3147f5b172e7405" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 8, 143
GET H2	200	extract-css-moment-js-vendor-6c569122bfa66a51a056-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	1 MB 92 KB	58ms 21ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-6c569122bfa66a51a056-min.en-US.js Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 94749a9a2a419c6962ea8c3634aee02da5fc8fc73054dc956eeadf710ec90bd5 Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Wed, 20 Aug 2025 14:24:26 GMT date Fri, 30 Aug 2024 16:52:42 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 872895 x-cache HIT, HIT content-length 94163 x-served-by cache-iad-kjyo7100039-IAD, cache-yul1970034-YUL last-modified Tue, 20 Aug 2024 12:57:30 GMT server UploadServer x-timer S1725036762.052946,VS0,VE0 etag "be72c39973090bd68a3659e401a5ec6b" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 19, 80702
GET H2	200	cldr-resource-pack-e85130cf44bc2d365b8b-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	89 KB 15 KB	81ms 66ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-e85130cf44bc2d365b8b-min.en-US.js Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 129b3f7ddf4bee8c1a30382728b10c0f2386eb365827f1b8a6fedabe6b52e390 Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Sat, 23 Aug 2025 21:30:08 GMT date Fri, 30 Aug 2024 16:52:42 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 588154 x-cache HIT, HIT content-length 15306 x-served-by cache-iad-kjyo7100122-IAD, cache-yul1970034-YUL last-modified Fri, 23 Aug 2024 21:10:29 GMT server UploadServer x-timer S1725036762.053397,VS0,VE0 etag "f70fd6edf772a4fd1c45a392bb8d19d9" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 36, 48583
GET H2	200	common-vendors-stable-b03dd66b7c78e5e40bc7-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	240 KB 69 KB	82ms 67ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-b03dd66b7c78e5e40bc7-min.en-US.js Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 423b74beedf0ad7dcb56cadfe978d5b04bd72f344da9592f2ff7573c314320de Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Wed, 20 Aug 2025 14:24:26 GMT date Fri, 30 Aug 2024 16:52:42 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 872895 x-cache HIT, HIT content-length 70711 x-served-by cache-iad-kiad7000179-IAD, cache-yul1970034-YUL last-modified Tue, 20 Aug 2024 12:53:41 GMT server UploadServer x-timer S1725036762.053373,VS0,VE0 etag "4aacbe6daaa22438c7740edded72e77b" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 18, 66517
GET H2	200	common-vendors-7598f4eb50a2ef12b555-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	662 KB 162 KB	79ms 65ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7598f4eb50a2ef12b555-min.en-US.js Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 0e6b1caae382fc6d13a4eb006b327d80c3991937d8dc808479c845aa1b863bcd Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Thu, 28 Aug 2025 15:49:39 GMT date Fri, 30 Aug 2024 16:52:42 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 176582 x-cache HIT, HIT content-length 165687 x-served-by cache-iad-kjyo7100027-IAD, cache-yul1970034-YUL last-modified Wed, 28 Aug 2024 02:30:50 GMT server UploadServer x-timer S1725036762.053337,VS0,VE0 etag "0553055e6382092a330ba4fcaae3924f" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 26, 24038
GET H2	200	common-11bc3fc61d7822ac5843-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	1 MB 350 KB	81ms 67ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/common-11bc3fc61d7822ac5843-min.en-US.js Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 38a80d6489cc9ddc3c676a3dc41265bde614225c284641b97f5b375723fa05d7 Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 29 Aug 2025 20:38:26 GMT date Fri, 30 Aug 2024 16:52:42 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 72855 x-cache HIT, HIT content-length 357574 x-served-by cache-iad-kiad7000050-IAD, cache-yul1970034-YUL last-modified Thu, 29 Aug 2024 19:59:20 GMT server UploadServer x-timer S1725036762.053325,VS0,VE0 etag "f155eadbe3f5bc252c6ab0653384cc15" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 43, 6529
GET H2	200	user-account-core-3ecf7c2af0d4c40dc489-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	148 KB 40 KB	80ms 66ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/user-account-core-3ecf7c2af0d4c40dc489-min.en-US.js Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 3dd64b4192d77bcb246f63f29cb8c18cf5126040b29aa5767c27225c53900cfd Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 29 Aug 2025 20:38:26 GMT date Fri, 30 Aug 2024 16:52:42 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 72855 x-cache HIT, HIT content-length 41015 x-served-by cache-iad-kjyo7100111-IAD, cache-yul1970034-YUL last-modified Thu, 29 Aug 2024 14:18:56 GMT server UploadServer x-timer S1725036762.053294,VS0,VE0 etag "8152d2a4add52dafbfc0910bdabd6af2" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 26, 1406
GET H2	200	user-account-core-b6e8cafbf34b05da5c2b-min.en-US.css assets.squarespace.com/universal/styles-compressed/	2 KB 1 KB	190ms 32ms	Stylesheet text/css	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/styles-compressed/user-account-core-b6e8cafbf34b05da5c2b-min.en-US.css Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 8e815de943351493b2d3859da2d958f71f6d7e46d7ba2aed29fb6d2bc0c2b08a Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Wed, 20 Aug 2025 14:24:30 GMT date Fri, 30 Aug 2024 16:52:41 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 872891 x-cache HIT, HIT content-length 782 x-served-by cache-iad-kjyo7100122-IAD, cache-yul1970022-YUL last-modified Tue, 20 Aug 2024 12:57:13 GMT server UploadServer x-timer S1725036762.705901,VS0,VE0 etag "4d4ff8dafcec6b02f6da5306ef223be5" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 28, 29281
GET H2	200	performance-eb022691e09e39c54c48-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	39 KB 12 KB	101ms 87ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/performance-eb022691e09e39c54c48-min.en-US.js Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 5b52ca3c358fa7e400d3ae22c2bd04e2490790b5e5bab9f92fe398122abc87c1 Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Sat, 23 Aug 2025 21:30:08 GMT date Fri, 30 Aug 2024 16:52:42 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 588154 x-cache HIT, HIT content-length 11717 x-served-by cache-iad-kjyo7100036-IAD, cache-yul1970034-YUL last-modified Fri, 23 Aug 2024 21:08:10 GMT server UploadServer x-timer S1725036762.053656,VS0,VE0 etag "40f8d59b0c862ab50087d85446042e7a" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 80, 40969
GET H2	200	site.css static1.squarespace.com/static/versioned-site-css/66d1da7b7c408d083ae6f5b3/0/5c5a519771c10ba3470d8101/66d1da7b7c408d083ae6f5bb/1560/	1 MB 118 KB	259ms 151ms	Stylesheet text/css	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static1.squarespace.com/static/versioned-site-css/66d1da7b7c408d083ae6f5b3/0/5c5a519771c10ba3470d8101/66d1da7b7c408d083ae6f5bb/1560/site.css Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Squarespace / Resource Hash 64a4179eacebdc578f7f744157833c680bf4574a460188eaf8c875d1cb056e0d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 16:52:41 GMT content-encoding gzip x-content-type-options nosniff via 1.1 varnish, 1.1 varnish age 7764 x-cache HIT, MISS x-contextid ZgJ2NT8g/UdEAvEIB content-length 120949 x-served-by cache-dfw-kdfw8210083-DFW, cache-yul1970048-YUL pragma cache server Squarespace x-timer S1725036762.657690,VS0,VE129 vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=94608000 accept-ranges bytes timing-allow-origin * x-cache-hits 4, 0
GET H2	200	static.css static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1724874459348-IAPQAMSDO7QQBY5ABI2Q/	227 KB 19 KB	126ms 18ms	Stylesheet text/css	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1724874459348-IAPQAMSDO7QQBY5ABI2Q/static.css Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Squarespace / Resource Hash 62a2984a4e753023dffeca77ec4827433196e145009b74303bc2fa406186e95d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 16:52:41 GMT content-encoding gzip x-content-type-options nosniff via 1.1 varnish, 1.1 varnish age 162301 x-cache HIT, HIT x-contextid osXEAYRF/JC5mhtKQ content-length 18733 x-served-by cache-dfw-kdfw8210072-DFW, cache-yul1970048-YUL pragma cache server Squarespace x-timer S1725036762.657749,VS0,VE0 vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=94608000 accept-ranges bytes timing-allow-origin * x-cache-hits 8, 16286
GET H2	200	logo+%281%29.gif images.squarespace-cdn.com/content/v1/66d1da7b7c408d083ae6f5b3/a952478f-bc9d-4c0a-bd68-35d59f2c693b/	93 KB 93 KB	147ms 41ms	Image image/gif	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.squarespace-cdn.com/content/v1/66d1da7b7c408d083ae6f5b3/a952478f-bc9d-4c0a-bd68-35d59f2c693b/logo+%281%29.gif?format=1500w Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b954198572862c7877d5cf3b552d80e3497e8a782b18dd3dfddfacd07478e2fd Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 16:52:41 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 7305 x-cache HIT, MISS content-length 95160 x-served-by cache-iad-kcgs7200047-IAD, cache-yul1970021-YUL x-timer S1725036762.657441,VS0,VE16 etag CKj474T6nIgDEAE= vary Accept-Encoding content-type image/gif access-control-allow-origin * access-control-expose-headers Content-Length, Timing-Allow-Origin cache-control max-age=31536000,s-maxage=31536000 accept-ranges bytes timing-allow-origin * x-sqsp-is-public true x-cache-hits 3, 0
GET H2	200	10009034.jpg images.squarespace-cdn.com/content/v1/66d1da7b7c408d083ae6f5b3/e63e4e25-e1b2-4c55-ab31-d331477ca803/	232 KB 232 KB	38ms 36ms	Image image/jpeg	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.squarespace-cdn.com/content/v1/66d1da7b7c408d083ae6f5b3/e63e4e25-e1b2-4c55-ab31-d331477ca803/10009034.jpg?format=2500w Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 23ff26f12694f81e922778c3614b1bf41450ae410d6c0e63e8a070999165d149 Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 16:52:41 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 7305 x-cache HIT, MISS content-length 237278 x-served-by cache-iad-kjyo7100075-IAD, cache-yul1970021-YUL x-timer S1725036762.715265,VS0,VE17 etag CNv4qZX7nIgDEAE= vary Accept-Encoding content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length, Timing-Allow-Origin cache-control max-age=31536000,s-maxage=31536000 accept-ranges bytes timing-allow-origin * x-sqsp-is-public true x-cache-hits 2, 0
GET H2	200	site-bundle.5ba448b7aa80223d4688bd176bcb7afb.js Show response static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/	258 KB 48 KB	34ms 22ms	Script application/javascript	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.5ba448b7aa80223d4688bd176bcb7afb.js Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Squarespace / Resource Hash 16b9ada1898d9d51a9dbee20d069ca52b8719ada9600a09f648c8ce2788eda1a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 16:52:42 GMT content-encoding gzip x-content-type-options nosniff via 1.1 varnish, 1.1 varnish age 55475 x-cache HIT, HIT x-contextid TztcGpiq/vkk8PVSu content-length 48466 x-served-by cache-dfw-kdal2120035-DFW, cache-yul1970048-YUL pragma cache server Squarespace x-timer S1725036762.053072,VS0,VE0 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=94608000 accept-ranges bytes timing-allow-origin * x-cache-hits 46, 4117
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	159ms 31ms	Font font/woff2	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 29 Aug 2024 17:09:11 GMT x-content-type-options nosniff age 85411 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7748 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:01:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Aug 2025 17:09:11 GMT
GET H2	200	l use.typekit.net/af/829fc1/00000000000000003b9acaf8/27/	19 KB 19 KB	159ms 52ms	Font application/font-woff2	2600:141b:b000::1736:a111 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/829fc1/00000000000000003b9acaf8/27/l?subset_id=2&fvd=n5&v=3 Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::1736:a111 Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 841ec96a41283cf23db2d69fe67d9beee3e9b222bccfe81ecf6edefc78e92151 Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 16:52:42 GMT server nginx etag "7fe86a8b0e0aad464390eb5e39aa627a47e9886d" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 18988
GET H2	200	pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	158ms 33ms	Font font/woff2	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 12:45:37 GMT x-content-type-options nosniff age 14825 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7840 x-xss-protection 0 last-modified Fri, 22 Mar 2024 00:02:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Aug 2025 12:45:37 GMT
GET H2	200	12.png images.squarespace-cdn.com/content/v1/66d1da7b7c408d083ae6f5b3/f149ee3e-28cb-4ffe-a22a-43c505c411be/	1 MB 1 MB	45ms 42ms	Image image/png	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://images.squarespace-cdn.com/content/v1/66d1da7b7c408d083ae6f5b3/f149ee3e-28cb-4ffe-a22a-43c505c411be/12.png?format=2500w Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9d416fe2240bdb904940f33e4802025da6e0401263b678a1a0afd9ab180a2e69 Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 16:52:42 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 7305 x-cache HIT, MISS content-length 1386546 x-served-by cache-iad-kjyo7100033-IAD, cache-yul1970021-YUL x-timer S1725036762.215339,VS0,VE25 etag CPLXmKn6nIgDEAE= vary Accept-Encoding content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length, Timing-Allow-Origin cache-control max-age=31536000,s-maxage=31536000 accept-ranges bytes timing-allow-origin * x-sqsp-is-public true x-cache-hits 2, 0
GET H2	200	floating-cart.11c2f1b3c1cb2ba0d418.js Show response static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/	451 B 461 B	20ms 19ms	Script application/javascript	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.11c2f1b3c1cb2ba0d418.js Requested by Host: static1.squarespace.com URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.5ba448b7aa80223d4688bd176bcb7afb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Squarespace / Resource Hash a61ddd7c4db00fa694a870c95e1d2afa9fa3bf7034d92c8f68a341fc21edb053 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 16:52:43 GMT content-encoding gzip x-content-type-options nosniff via 1.1 varnish, 1.1 varnish age 542530 x-cache HIT, HIT x-contextid xiApd6Di/yLGaUXYt content-length 303 x-served-by cache-dfw-kdfw8210163-DFW, cache-yul1970048-YUL pragma cache server Squarespace x-timer S1725036764.827260,VS0,VE0 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=94608000 accept-ranges bytes timing-allow-origin * x-cache-hits 11868, 36883
GET H2	200	l use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/	18 KB 18 KB	111ms 76ms	Font application/font-woff2	2600:141b:b000::1736:a111 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/l?subset_id=2&fvd=n7&v=3 Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::1736:a111 Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash ed6051a0f73e874c8f9022913259d82e4ce1e20931143d198fb3897a6bbc4239 Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 16:52:44 GMT server nginx etag "97b7c9f4f56c2074bd1fb9bdecb230e994c98ff6" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 18700
GET H2	200	l use.typekit.net/af/18be85/00000000000000003b9acaf9/27/	19 KB 19 KB	111ms 77ms	Font application/font-woff2	2600:141b:b000::1736:a111 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/18be85/00000000000000003b9acaf9/27/l?subset_id=2&fvd=i5&v=3 Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::1736:a111 Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 85c3a5594b6b182be2065368bbd934dfd6f8686e377d6067439aeb06dc281507 Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 16:52:44 GMT server nginx etag "d0a93708ec00980f9301c2d7a46d3c7529a435ea" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 19668
GET H2	200	l use.typekit.net/af/6ce26b/00000000000000003b9acafd/27/	19 KB 19 KB	265ms 231ms	Font application/font-woff2	2600:141b:b000::1736:a111 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/6ce26b/00000000000000003b9acafd/27/l?subset_id=2&fvd=i7&v=3 Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::1736:a111 Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 8a4b7dd2497ec37fc2cad39a9a11bb20d54a8392d9a79ada17d746da704c70e8 Request headers Referer https://pol88attacker.xyz/ Origin https://pol88attacker.xyz User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 16:52:44 GMT server nginx etag "de8a8ae419ea5ddbea36a8436e0fcd851e5ef998" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 19180
GET H2	200	38777-9e13a3be593863a5fbe3-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	52 KB 14 KB	25ms 23ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/38777-9e13a3be593863a5fbe3-min.en-US.js Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-34f0dade4f126eb29770-min.en-US.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash e2dc68f1fb0407b9c45f9812724ca24c1de882cb499812e8efebaab5f997f8f6 Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 22 Aug 2025 15:26:05 GMT date Fri, 30 Aug 2024 16:52:44 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 696399 x-cache HIT, HIT content-length 14502 x-served-by cache-iad-kjyo7100122-IAD, cache-yul1970022-YUL last-modified Thu, 22 Aug 2024 14:35:33 GMT server UploadServer x-timer S1725036764.411409,VS0,VE0 etag "ca13a50e4472fdce3f9e8c0e29dfedca" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 38, 69653
GET H2	200	2775-26803601f91618e0a2fe-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	12 KB 4 KB	37ms 36ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/2775-26803601f91618e0a2fe-min.en-US.js Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-34f0dade4f126eb29770-min.en-US.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 37a5c139431341320b059df50c0721a603ec8f5da9e9879152a238b61f421fc5 Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Fri, 22 Aug 2025 15:26:05 GMT date Fri, 30 Aug 2024 16:52:44 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 696399 x-cache HIT, HIT content-length 3399 x-served-by cache-iad-kiad7000062-IAD, cache-yul1970022-YUL last-modified Thu, 22 Aug 2024 14:34:11 GMT server UploadServer x-timer S1725036764.411598,VS0,VE0 etag "cdbfab6b939e8b27a7b22774de58c8a8" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 26, 69749
GET H2	200	2356ee25bed07678b7ee-min.en-US.css assets.squarespace.com/universal/styles-compressed/	14 KB 2 KB	25ms 24ms	Stylesheet text/css	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/styles-compressed/2356ee25bed07678b7ee-min.en-US.css Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-34f0dade4f126eb29770-min.en-US.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 4255b3e8937d02e114d491e449b5755a584038c54cf94bd38cf42fd0fe443ab6 Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Tue, 26 Aug 2025 17:28:48 GMT date Fri, 30 Aug 2024 16:52:44 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 343436 x-cache HIT, HIT content-length 1599 x-served-by cache-iad-kcgs7200119-IAD, cache-yul1970022-YUL last-modified Thu, 22 Aug 2024 11:12:42 GMT server UploadServer x-timer S1725036764.411436,VS0,VE0 etag "9cb83a7744bad9cc130b31afdddd20e7" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 22, 47501
GET H2	200	async-gdpr-cookie-banner-bf3f4f25a5cc909870ec-min.en-US.js Show response assets.squarespace.com/universal/scripts-compressed/	25 KB 7 KB	37ms 36ms	Script text/javascript	151.101.64.237 FASTLY
General Check archive.org Show headers Download Go to Full URL https://assets.squarespace.com/universal/scripts-compressed/async-gdpr-cookie-banner-bf3f4f25a5cc909870ec-min.en-US.js Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-34f0dade4f126eb29770-min.en-US.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.237 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 324ac0caa707e5f442d1739090dbadb1162746710c1c27f93d1691998fcfd930 Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers expires Sat, 23 Aug 2025 21:30:12 GMT date Fri, 30 Aug 2024 16:52:44 GMT content-encoding br via 1.1 varnish, 1.1 varnish age 588151 x-cache HIT, HIT content-length 7227 x-served-by cache-iad-kiad7000039-IAD, cache-yul1970022-YUL last-modified Fri, 23 Aug 2024 21:08:41 GMT server UploadServer x-timer S1725036764.411593,VS0,VE0 etag "2ce6df7c82ea00aff06e2aa7552f54a6" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 37, 42862
POST H3	404	RecordHit Show response pol88attacker.xyz/api/census/	263 B 617 B	513ms 499ms	XHR text/html	172.67.195.120 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pol88attacker.xyz/api/census/RecordHit Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7598f4eb50a2ef12b555-min.en-US.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.120 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash caf0217668958d0bfed76803a8ea943a6ef0ed251bedf69c8d16f3d20e46a782 Request headers Accept application/json, text/plain, */* Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 30 Aug 2024 16:52:44 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ND2X050Z7B%2BLTpDDW1Rl3PqxS3a%2BC57O1zORf2CThU%2B%2BBeAqjLPINJBYuddYKBXVJqKK9jYxxnA7aB5MpvFlovkTt9mu119X5ORKJKpQyqNur8AZ%2FKTlkrDt9LtSn31gd0Sasg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 8bb64b01b802543d-YYZ alt-svc h3=":443"; ma=86400
POST H3	404	button-render Show response pol88attacker.xyz/api/census/	263 B 614 B	510ms 497ms	XHR text/html	172.67.195.120 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pol88attacker.xyz/api/census/button-render Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7598f4eb50a2ef12b555-min.en-US.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.120 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash caf0217668958d0bfed76803a8ea943a6ef0ed251bedf69c8d16f3d20e46a782 Request headers Accept application/json, text/plain, */* Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/json Response headers date Fri, 30 Aug 2024 16:52:44 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJ60k3mr1%2F4QhaA3yqRKFuQF4NfqrRMdLB1YPcJq4v5RkXrYgYdYuL80hmrw6BRj7Q0gzlTNcdG9jPznqwf7TlY4EgJgvSm8hPORdZS6NQ6cVGK4lBwlzbkWJ8wJFa6KHL%2F9fw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 8bb64b01b805543d-YYZ alt-svc h3=":443"; ma=86400
POST H3	404	button-render Show response pol88attacker.xyz/api/census/	263 B 614 B	510ms 494ms	XHR text/html	172.67.195.120 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pol88attacker.xyz/api/census/button-render Requested by Host: assets.squarespace.com URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7598f4eb50a2ef12b555-min.en-US.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.120 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash caf0217668958d0bfed76803a8ea943a6ef0ed251bedf69c8d16f3d20e46a782 Request headers Accept application/json, text/plain, */* Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type application/json Response headers date Fri, 30 Aug 2024 16:52:44 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QkfQy87HLY7ZJFTo8Tv811y8vvQLw3TE59ttmtuq7%2FWtYywykkIuCK3ckqZA9cyihcd7k20eL4T%2F8bsPzpuyD8JxPiSuQSDf0WBK15tPwr0bJnx%2Bdb32wMUDCmZK7QDlqblIcw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cf-ray 8bb64b01b806543d-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	p.gif p.typekit.net/	35 B 205 B	413ms 32ms	Image image/gif	2600:141b:1c00:8::1728:b338 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://p.typekit.net/p.gif?s=2&k=646866_66d1da7b7c408d083ae6f5b3&ht=tk&h=pol88attacker.xyz&f=26060.26053.26061.26054&a=646866&js=1.21.0&app=typekit&e=js&_=1725036764799 Requested by Host: pol88attacker.xyz URL: https://pol88attacker.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:8::1728:b338 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39 Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 16:52:45 GMT last-modified Sun, 11 Feb 2024 13:00:56 GMT server nginx etag "65c8c508-23" content-type image/gif access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 35
GET H2	200	favicon.ico images.squarespace-cdn.com/content/v1/66d1da7b7c408d083ae6f5b3/f4ac7805-06cc-408f-b2ff-e85a726a01a8/	36 KB 36 KB	43ms 40ms	Other image/gif	151.101.64.238 FASTLY
General Check archive.org Show headers Download Go to Full URL https://images.squarespace-cdn.com/content/v1/66d1da7b7c408d083ae6f5b3/f4ac7805-06cc-408f-b2ff-e85a726a01a8/favicon.ico?format=100w Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 20aa17c52f61b502e93575aa6ee1de875121b33428d9d4db5084d39088aad0ff Request headers Referer https://pol88attacker.xyz/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers tracepoint Fastly date Fri, 30 Aug 2024 16:52:45 GMT via 1.1 google, 1.1 varnish, 1.1 varnish age 7314 x-cache HIT, MISS content-length 36719 x-served-by cache-iad-kcgs7200033-IAD, cache-yul1970021-YUL x-timer S1725036765.342453,VS0,VE15 etag CKeHzab7nIgDEAE= vary Accept-Encoding content-type image/gif access-control-allow-origin * access-control-expose-headers Content-Length, Timing-Allow-Origin cache-control max-age=31536000,s-maxage=31536000 accept-ranges bytes timing-allow-origin * x-sqsp-is-public true x-cache-hits 2, 0

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Typekit object| SQUARESPACE_ROLLUPS object| Static object| webpackChunk_sqs_polyfiller object| webpackChunkextract_css object| SQUARESPACE_I18N object| YUI_CONFIG function| YUI function| __extends function| __assign function| __rest function| __decorate function| __param function| __esDecorate function| __runInitializers function| __propKey function| __setFunctionName function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet function| __classPrivateFieldIn function| __addDisposableResource function| __disposeResources object| regeneratorRuntime function| _ object| core object| __sqsWebGL object| websiteComponents function| Common boolean| COMMON_ALREADY_RAN function| noop object| Singleton object| Class object| Squarespace object| UserAccountApi object| webpackChunknew_bedford_framework object| Y object| YUIStats string| _YUI_HISTORY_HASH_ENVIRONMENT_ID string| _yuid object| ESC_MANAGER object| Modernizr object| ImageLoader object| JSTween string| id object| __STATSIG__

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pol88attacker.xyz/	1970-01-21 08:46:36	Name: ss_cvr Value: 5841adcf-47f2-4969-aecf-d7a2916104c7|1725036764237|1725036764237|1725036764237|1
			pol88attacker.xyz/	1970-01-20 23:10:38	Name: ss_cvt Value: 1725036764237

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pol88attacker.xyz/api/census/button-render Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pol88attacker.xyz/api/census/button-render Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pol88attacker.xyz/api/census/RecordHit Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.squarespace.com
fonts.googleapis.com
fonts.gstatic.com
images.squarespace-cdn.com
p.typekit.net
pol88attacker.xyz
static1.squarespace.com
use.typekit.net
151.101.64.237
151.101.64.238
172.67.195.120
2600:141b:1c00:8::1728:b338
2600:141b:b000::1736:a111
2607:f8b0:4006:809::2003
2607:f8b0:4006:81f::200a
0e6b1caae382fc6d13a4eb006b327d80c3991937d8dc808479c845aa1b863bcd
129b3f7ddf4bee8c1a30382728b10c0f2386eb365827f1b8a6fedabe6b52e390
16b9ada1898d9d51a9dbee20d069ca52b8719ada9600a09f648c8ce2788eda1a
20aa17c52f61b502e93575aa6ee1de875121b33428d9d4db5084d39088aad0ff
23ff26f12694f81e922778c3614b1bf41450ae410d6c0e63e8a070999165d149
324ac0caa707e5f442d1739090dbadb1162746710c1c27f93d1691998fcfd930
37a5c139431341320b059df50c0721a603ec8f5da9e9879152a238b61f421fc5
38a80d6489cc9ddc3c676a3dc41265bde614225c284641b97f5b375723fa05d7
3dd64b4192d77bcb246f63f29cb8c18cf5126040b29aa5767c27225c53900cfd
3fb1421118b1ffbea6d0b46732d50689e9fe4a8ededb4cff413d5bb298ad772b
423b74beedf0ad7dcb56cadfe978d5b04bd72f344da9592f2ff7573c314320de
4255b3e8937d02e114d491e449b5755a584038c54cf94bd38cf42fd0fe443ab6
505afa6215071aff5751a819d760c9527aa0ea2cf58fe4d5bc6bf9d63ee5d7ea
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
5b52ca3c358fa7e400d3ae22c2bd04e2490790b5e5bab9f92fe398122abc87c1
62a2984a4e753023dffeca77ec4827433196e145009b74303bc2fa406186e95d
64a4179eacebdc578f7f744157833c680bf4574a460188eaf8c875d1cb056e0d
6bf1d768780eaf50ec28b4749cba104495c44376c5e275f6e680d6c506166300
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
841ec96a41283cf23db2d69fe67d9beee3e9b222bccfe81ecf6edefc78e92151
851f6306bd352041009fdb4f3d399f68d18d54fc9aef4529bc964b80861895d0
85c3a5594b6b182be2065368bbd934dfd6f8686e377d6067439aeb06dc281507
8a4b7dd2497ec37fc2cad39a9a11bb20d54a8392d9a79ada17d746da704c70e8
8e815de943351493b2d3859da2d958f71f6d7e46d7ba2aed29fb6d2bc0c2b08a
94749a9a2a419c6962ea8c3634aee02da5fc8fc73054dc956eeadf710ec90bd5
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d416fe2240bdb904940f33e4802025da6e0401263b678a1a0afd9ab180a2e69
a61ddd7c4db00fa694a870c95e1d2afa9fa3bf7034d92c8f68a341fc21edb053
b954198572862c7877d5cf3b552d80e3497e8a782b18dd3dfddfacd07478e2fd
caf0217668958d0bfed76803a8ea943a6ef0ed251bedf69c8d16f3d20e46a782
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
e2dc68f1fb0407b9c45f9812724ca24c1de882cb499812e8efebaab5f997f8f6
ed6051a0f73e874c8f9022913259d82e4ce1e20931143d198fb3897a6bbc4239