Skip to content
StackPatrolMVP
All vendors
JS Library / CDN

polyfill.io

China-ownedChina
Vendor site

Polyfill service. Sold to Funnull in 2024 and used to deliver malware — treat as compromised; remove and self-host.

SECURITY: Active supply-chain risk since Feb 2024. Cloudflare and Fastly run safe mirrors.

Detected by domain patterns

polyfill.iopolyfill.com

European alternatives

polyfill-fastly.iopolyfill-fastly.netSelf-hosted core-js

Does your website use polyfill.io?

Run a free StackPatrol scan to see all third-party services on your front page.

Free · No signup · We only scan the front page + one bonus page

More in JS Library / CDN

jQuery CDN
US-owned
United States
BootstrapCDN
US-owned
United States
UNPKG
US-owned
United States
esm.sh
Unknown
Global
Skypack
US-owned
United States
Iconify
Unknown
Global