{"report_id":"0a414cd4-64ff-4276-9cba-58b06e689c20","version":6,"status":"done","tags":[],"date":"2026-02-28T18:00:39Z","url":{"schema":"https","addr":"allocation-punch.com","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"64.29.17.65","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"allocation-punch.com/","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"title":"$PUNCH - The Sanctuary Monkey","dom":{"size":81400,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (53498)","md5":"4ce07bfc5c7b766bc9a7861e8fd6e1d5","sha1":"0c6922e491f769e2b1f6b2f887b7a69c9ba9b65b","sha256":"e04ff30571e48a04fb8daafa934e1c051e20a3c090505b97c69193649d169843","sha512":"8a00915c4fc5e171bcfffc710d2c08d23f53823f67736d7437dc02ed038be8f4bc4e8ef74a61de93e67a2e95a9af8551f3455bfda8abb1b66181298106b36d69","ssdeep":"1536:CQJwyez+2nhCt3AxjQJ1jUlarkpjgOuqG:CQJwywhCtwxjZarg0N","tlshash":"0d83f82543590a3c650787d8f7e2733a636ec34be61b895cb7ec42b56f86c88dc27294","dom_hash":"domhash7899bffe0075a990c2c60c8c29aae4ab","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"allocation-punch.com","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"64.29.17.65","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-04T18:00:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":6,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T18:00:17Z","timestamp":1772301617,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":59560,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T18:00:17.622663+0000\",\"flow_id\":1596341317899994,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.43\",\"src_port\":59560,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":924,\"bytes_toclient\":3520,\"start\":\"2026-02-28T18:00:17.562906+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T18:00:17Z","timestamp":1772301617,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":59556,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T18:00:17.628241+0000\",\"flow_id\":1304280798728,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.43\",\"src_port\":59556,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":924,\"bytes_toclient\":1654,\"start\":\"2026-02-28T18:00:17.562696+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T18:00:17Z","timestamp":1772301617,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":59576,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T18:00:17.632046+0000\",\"flow_id\":708322469713808,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.43\",\"src_port\":59576,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3444,\"start\":\"2026-02-28T18:00:17.563088+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T18:00:17Z","timestamp":1772301617,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":59596,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T18:00:17.634192+0000\",\"flow_id\":1193144820537739,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.43\",\"src_port\":59596,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":924,\"bytes_toclient\":3518,\"start\":\"2026-02-28T18:00:17.563595+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T18:00:17Z","timestamp":1772301617,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":59588,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T18:00:17.636506+0000\",\"flow_id\":1844019196958934,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.43\",\"src_port\":59588,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3445,\"start\":\"2026-02-28T18:00:17.563414+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T18:00:17Z","timestamp":1772301617,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":59580,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T18:00:17.641298+0000\",\"flow_id\":1394342563518523,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.43\",\"src_port\":59580,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3445,\"start\":\"2026-02-28T18:00:17.563259+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"allocation-punch.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"punchonsol.lovable.app","ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"domain_registered":"2023-05-06","domain_rank":0,"first_seen":"2026-02-20T15:25:12.903476Z","last_seen":"2026-02-28T15:42:30.72703Z","alert_count":0,"request_count":10,"received_data":6489,"sent_data":4693,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"allocation-punch.com","ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-02-24","domain_rank":0,"first_seen":"2026-02-28T15:42:30.242605Z","last_seen":"2026-02-28T15:42:30.242605Z","alert_count":3,"request_count":3,"received_data":324003,"sent_data":1346,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.195","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-22T22:14:59.650342Z","alert_count":0,"request_count":4,"received_data":138084,"sent_data":2162,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-22T22:18:02.864626Z","alert_count":0,"request_count":1,"received_data":12974,"sent_data":518,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"allocation-punch.com/main.js","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"66f86fde7e336203197b6a35cb37f9b8","sha1":"60dab1ee6f329478b08621a1d75b5dc1cabe97d1","sha256":"efe3d54f39d1e5d3240d1b9e499e83a63b6bd5328b51c7869d398b9194a31b44","sha512":"d928d9a7b0faae67b4285992bc2af73cc0cb09d9008acd7c8d528b4a46d3e32e1f28ffe46e4d662a95bf927a63b31ebb5459ddab23d9683f839bde40057a5ef3","ssdeep":"3072:As3dxw0BQouAxprFTYfJua0eN5ocWJpNU9:Asnw4EfJFw1TNU9","tlshash":"4e14a6871bd0b57623461efa771bb0d0f14449aa3c94469f9604bab82e661e3f9f7033","size":192928,"data":"","first_seen":"2026-02-23T01:16:38.348644Z","last_seen":"2026-02-28T18:00:39.968625Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"punchonsol.lovable.app/favicon.png","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:18.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 18:00:18 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=.eqeF8j5BLABmy45IwKxVLlKf5wJPoWptZ5u4IfJeP0-1772301618.5937982-1.0.1.1-dsZeFJvOEDxr9uwb0XbrLgEwJ6ErgnrIuEMkFMaay8cpuJS40diil2iPtSc_hmI5.hS0GSb3e_tTfbbD68.8YCqDukOKf8cDURZhLVYw26ZAZP2GkrHjPeysinCRSoWX; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 18:30:18 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d51d21c3e181e42-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T17:07:55.698935Z","times_seen":15618608,"resource_available":true,"data":null}},"time_used":146,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allocation-punch.com/style.css","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.allocation-punch.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 07:43:09 GMT","end":"Mon, 25 May 2026 07:43:08 GMT"},"fingerprint":{"sha1":"69:90:35:5C:AC:C9:88:74:25:64:59:4E:CC:3F:EB:99:BF:6A:19:1F","sha256":"F2:8E:CE:9E:C2:6D:BB:1D:0E:4C:CE:B1:E7:79:31:BB:8F:4B:44:56:75:49:CC:88:2B:39:40:B0:31:06:C1:12"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: allocation-punch.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 47929\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"style.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\netag: \"008639f695ff3bf5c0c3339a1c9ef7e7\"\r\nlast-modified: Sat, 28 Feb 2026 04:41:28 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::6mb5v-1772301617538-a1813f568242\r\ncontent-length: 13833\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":75437,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3db392db90ba3cc01311c0934259cbae","sha1":"b74c985f7a308e5d8e770d4157f3786987e82109","sha256":"380ba669e49b70cbae257c6e8357f2c2b1f640025412aed799ae94448a7a29ee","sha512":"0cb6fd59a691f0c394e8bf22ce6343c36930ab843758f8d515d119d8c2eeaabbb33bca5154ab685c5ace5e8130eeb2ef8795bfc1eb5bb818db1a060078915fd7","ssdeep":"768:07XhHtNsYdksQU+ZNYrfAaGsCL4U378VQZkt5FN/GToLAnJ:chHtaYdknUkaGsCr378VQZkt5FNCoL8","tlshash":"b2738419b91da13e2c27a0e983ccbaec611df0c0dd3b06b5be9a412127d27f51dbb558","first_seen":"2026-02-20T15:25:16.838811Z","last_seen":"2026-02-28T18:00:39.966455Z","times_seen":18,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"allocation-punch.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-cutout-DhN8p0Ob.png","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-cutout-DhN8p0Ob.png HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=UrKMSEImmvwDCszzU_sjzzQ4Ow25fnKz7r6w3iaLozo-1772301617.6763759-1.0.1.1-nqs6VMHWJCQCxZblOKJp002XrYyPFhn8f4CCXABxbxxqZheNI4ahTdRZZv6nYW9I_8qSbkssNtdvazXKVRayTQ1nDfe_G_3y2q3Zj2RsIzfM7OYgUVjKih6H.aqSg7nO; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 18:30:17 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d51d2167a701e42-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T17:07:55.698935Z","times_seen":15618608,"resource_available":true,"data":null}},"time_used":397,"timings":{"blocked":119,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-plushie-Ci7cXJsh.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-plushie-Ci7cXJsh.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=oOB0EY0yDKg2.svyEg3O9n7z7g2gTmPFuxF2y1xBmtQ-1772301617.6916645-1.0.1.1-a.UmDyl9QWotXm1GcxWBTqX4GSmwlzPr12kswEOJsrQ56ddnIavWfxmX9y2oq.5LGCzyn8MNhhmRaFYiITADywtK6OUimu1NKV93RF6S6Hfgf7cJlvTPCDCJ7em9aNi2; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 18:30:17 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d51d2169ab61e42-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T17:07:55.698935Z","times_seen":15618608,"resource_available":true,"data":null}},"time_used":407,"timings":{"blocked":119,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-gallery-1-CZt1JFPO.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-gallery-1-CZt1JFPO.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=bIZZSUGX1ds65Iq2Q6aFsYPhgmlbCokNNTaUzW0tKas-1772301617.6722806-1.0.1.1-LuOWkRYFZ1fQajxFoR4TYK6AE1P__HX64lQRCtabalZ9LwgmR2XC03VKOJ0sd5EyeawGH6AGkqBIwT6amQNI6OzDp62zX9vRMuCBVWErNrunb2ZdUKCyrMrWj.8hzPGR; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 18:30:17 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d51d2167a521e42-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T17:07:55.698935Z","times_seen":15618608,"resource_available":true,"data":null}},"time_used":546,"timings":{"blocked":110,"dns":25,"connect":27,"send":0,"wait":314,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/moonshot-icon-Bztdtrh4.png","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/moonshot-icon-Bztdtrh4.png HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=PsNdA8j__3TUQXeB6c8PQhbhnBSHhpM6JmdANMdsIDs-1772301617.674182-1.0.1.1-f0s3s5ztB.FoMdFvbYWQvWmnAMNKgeYioRcYcjxAYEA_H4vSXk9WJ1psLdeo0la5Ym2H7Ldb2rgo8r_gd2xdnaMpBhonIjtdun8jNLGBA5S1mbKB.4l.aajSx7oYUg6v; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 18:30:17 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d51d2167a601e42-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T17:07:55.698935Z","times_seen":15618608,"resource_available":true,"data":null}},"time_used":392,"timings":{"blocked":105,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.195","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://allocation-punch.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 18:31:53 GMT\r\nexpires: Thu, 25 Feb 2027 18:31:53 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 17:03:34 GMT\r\ncontent-type: font/woff2\r\nage: 257305\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39128, version 1.0","md5":"166202cc391c71a57730bed12cbcb159","sha1":"76388dbfe374be06fdc6f9ba38d3f4e479025eeb","sha256":"ba344451eab25b217a165363b1982048a5e5830a0daf36577973955a04cac793","sha512":"9f4d1c14aa729e837b964898a1dd27e99ff674256c43326aa982cc0c17fa8b0d71a0b7df627f03cb4ac6ec7f22f0a19d65302743ff09187ce81414dde74c43e2","ssdeep":"768:lxbc6Qon+A9wOfdj2rELqjOmaLqLqKeI+00t0xIj:layndm0j2cqjOmGq+tbUIj","tlshash":"d9030284fd6a02d8c7fc1f6ef25a9f28272c2078440b6a9c44a79a6bd5975f84dd3330","first_seen":"2025-09-17T01:48:11.920934Z","last_seen":"2026-05-23T16:36:53.545801Z","times_seen":28486,"resource_available":false,"data":null}},"time_used":655,"timings":{"blocked":319,"dns":1,"connect":8,"send":0,"wait":9,"receive":8,"ssl":308},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/quicksand/v37/6xKtdSZaM9iE8KbpRA_hK1QN.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.195","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/quicksand/v37/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://allocation-punch.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 28244\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 11:46:22 GMT\r\nexpires: Fri, 26 Feb 2027 11:46:22 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 27 Aug 2025 19:19:09 GMT\r\ncontent-type: font/woff2\r\nage: 195236\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28244,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28244, version 1.0","md5":"9d503278216c2225184a236c64e0924b","sha1":"0c24c621374506ce70403a7473b47acd86bbf919","sha256":"2add7d60b1cd2ab84c9967e23d5ec08eb3fc9635c46855b17d59404dec6b410e","sha512":"fa1aca723eb40b6026aa1d21b36ce2573e4164516c9a0b55ff830a434c3954833a06b1df76236b1d682107df1bd3d263ed19cba854c1a6795566a7091749696d","ssdeep":"768:/6zZ6KBVHUlHvwCa0z1sCvODsIBMTKmJ3GG5x4:yzdKvwtszvdNjz4","tlshash":"3cc2e083d14afb33d0afb77adc52d022e9756bccec7e587a97a900398895c1b0644285","first_seen":"2025-09-02T18:36:17.739185Z","last_seen":"2026-05-23T17:11:21.066483Z","times_seen":10356,"resource_available":false,"data":null}},"time_used":668,"timings":{"blocked":326,"dns":1,"connect":8,"send":0,"wait":14,"receive":2,"ssl":314},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allocation-punch.com/","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-28T18:00:17.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.allocation-punch.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 07:43:09 GMT","end":"Mon, 25 May 2026 07:43:08 GMT"},"fingerprint":{"sha1":"69:90:35:5C:AC:C9:88:74:25:64:59:4E:CC:3F:EB:99:BF:6A:19:1F","sha256":"F2:8E:CE:9E:C2:6D:BB:1D:0E:4C:CE:B1:E7:79:31:BB:8F:4B:44:56:75:49:CC:88:2B:39:40:B0:31:06:C1:12"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: allocation-punch.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 486557\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\netag: \"3ff20a5e95355b7bbff7b26783f10b3d\"\r\nlast-modified: Mon, 23 Feb 2026 02:50:59 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::6mb5v-1772301617358-f22ca5f8ff97\r\ncontent-length: 10941\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53999,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (53498), with CRLF line terminators","md5":"3ff20a5e95355b7bbff7b26783f10b3d","sha1":"799d3442df8ce6084572316e873b862da42b0767","sha256":"60ced224b3dc25d7405ff1acb163c8ad58299bf3404fff886f2e7952d3f1a762","sha512":"423523c8b36c231a62f56e2660f92185e14d8be84209df92d9224253ff6539935158fb921d21548ac916c5461407783032c5c2cf67dc9eeb87c2991b7d5f8f6c","ssdeep":"768:MGz+2nKz2w3t33/w792bM7sn8xbMoPLjQ55v1g9L6dccUsONaruDhS:nz+2nhCt3AxjQJ1jUlarkS","tlshash":"f533e93552480e3da50b8ad4f7e1773aa27ec38ad61b885cb7bc01b677c6c58d81b2d4","first_seen":"2026-02-23T01:16:38.358306Z","last_seen":"2026-02-28T18:00:39.9681Z","times_seen":6,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":87,"dns":63,"connect":1,"send":0,"wait":11,"receive":20,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"allocation-punch.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-hero-2QRL_pVI.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-hero-2QRL_pVI.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=PVwaKi0mmkjy6iOJgOOQP4diWYJ5194zVGs94GTquCY-1772301617.6767004-1.0.1.1-6mdG9hcuNXoAplYiCW9DFZEFyB.9aexbFfCtkW8wTs98_N.dN40Om3.cICCHN3njqM1knPwOEssD_mQ8ZFWHAh943GV5bw9..Ao9G2Mosb4vxJvDa8erbKCVfc0XwG.X; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 18:30:17 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d51d2167a711e42-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T17:07:55.698935Z","times_seen":15618608,"resource_available":true,"data":null}},"time_used":405,"timings":{"blocked":117,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-gallery-2-BFjUVpFJ.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-gallery-2-BFjUVpFJ.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=5kiqt5A_jldDfL_z7stX3.QlCp3R6l51wWUqMELkwlI-1772301617.6727278-1.0.1.1-YkZHXoJe2hk0Ns9l8.yEIdM5vvskq1hDwRVSRBgDNuQshXXh5Mw5wIdfeIfgSEBjWMhNK3Fs8BTCZUq7F_0aMSL4.dnwtlQ_saaISvBiAUBvJBnsoNIlYD5p5lrCx5fo; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 18:30:17 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d51d2167a571e42-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T17:07:55.698935Z","times_seen":15618608,"resource_available":true,"data":null}},"time_used":401,"timings":{"blocked":109,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-gallery-3-CYdJsfBh.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-gallery-3-CYdJsfBh.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=JdLcYvNc7MIt0ZC6AObvvhz6E9Qw8axfKvJY_LyxGxI-1772301617.6729825-1.0.1.1-tJMGNBTPtKEEfEJklYVEMirLDPWLiaP28n6IO9HD3qMOv4WlJJG0fQTLEez8_7IYvCMEGfyrX6hM4qCwwnxPjyUTe.gIE1fPAN5D_Pi3vwvBV5r3BEHJ90P6GQ2xmKlx; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 18:30:17 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d51d2167a591e42-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T17:07:55.698935Z","times_seen":15618608,"resource_available":true,"data":null}},"time_used":394,"timings":{"blocked":108,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/quicksand/v37/6xKtdSZaM9iE8KbpRA_hK1QN.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.195","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:18.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/quicksand/v37/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://allocation-punch.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 28244\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 11:46:22 GMT\r\nexpires: Fri, 26 Feb 2027 11:46:22 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 27 Aug 2025 19:19:09 GMT\r\ncontent-type: font/woff2\r\nage: 195236\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28244,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28244, version 1.0","md5":"9d503278216c2225184a236c64e0924b","sha1":"0c24c621374506ce70403a7473b47acd86bbf919","sha256":"2add7d60b1cd2ab84c9967e23d5ec08eb3fc9635c46855b17d59404dec6b410e","sha512":"fa1aca723eb40b6026aa1d21b36ce2573e4164516c9a0b55ff830a434c3954833a06b1df76236b1d682107df1bd3d263ed19cba854c1a6795566a7091749696d","ssdeep":"768:/6zZ6KBVHUlHvwCa0z1sCvODsIBMTKmJ3GG5x4:yzdKvwtszvdNjz4","tlshash":"3cc2e083d14afb33d0afb77adc52d022e9756bccec7e587a97a900398895c1b0644285","first_seen":"2025-09-02T18:36:17.739185Z","last_seen":"2026-05-23T17:11:21.066483Z","times_seen":10356,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.195","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:18.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://allocation-punch.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 18:31:53 GMT\r\nexpires: Thu, 25 Feb 2027 18:31:53 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 17:03:34 GMT\r\ncontent-type: font/woff2\r\nage: 257305\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39128, version 1.0","md5":"166202cc391c71a57730bed12cbcb159","sha1":"76388dbfe374be06fdc6f9ba38d3f4e479025eeb","sha256":"ba344451eab25b217a165363b1982048a5e5830a0daf36577973955a04cac793","sha512":"9f4d1c14aa729e837b964898a1dd27e99ff674256c43326aa982cc0c17fa8b0d71a0b7df627f03cb4ac6ec7f22f0a19d65302743ff09187ce81414dde74c43e2","ssdeep":"768:lxbc6Qon+A9wOfdj2rELqjOmaLqLqKeI+00t0xIj:layndm0j2cqjOmGq+tbUIj","tlshash":"d9030284fd6a02d8c7fc1f6ef25a9f28272c2078440b6a9c44a79a6bd5975f84dd3330","first_seen":"2025-09-17T01:48:11.920934Z","last_seen":"2026-05-23T16:36:53.545801Z","times_seen":28486,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-gallery-7-BwVZrCZ-.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-gallery-7-BwVZrCZ-.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=eGbr.0_h.Kv9Hkq5nKqn8YHNZ3ThvNuFF8ST8qwbsDo-1772301617.6732721-1.0.1.1-DYNzmL1uzIe7Nr6MXYZOI7ZjnAULRhdl.TGyoMEiob.26ailWkEQ62Diyad5gUEEWR2zAHMBiGgy3.YbTYd6GxKsCJeCtm2CvPLU6ageJoVjO7INBm_dvnEGKlywMNNh; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 18:30:17 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d51d2167a5a1e42-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T17:07:55.698935Z","times_seen":15618608,"resource_available":true,"data":null}},"time_used":402,"timings":{"blocked":107,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/geckoterminal-icon-BShTt9Xs.png","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/geckoterminal-icon-BShTt9Xs.png HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=cp7GqO3OFxRd8yZoO6vAiZUDbTwS0IskOaQOFXXMWbs-1772301617.6738567-1.0.1.1-q9dfhSpEJA4slsrVVCPWsPM935cILU59KUGJLgiNyz85hSOOaLBomdhTLXnt7ermaXqdH_WIXwbczcey1wbbkWECMC9HDdDxA0zBtu_pl_5FGkBCzzZeM5a1yLb7LbUN; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 18:30:17 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d51d2167a5d1e42-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T17:07:55.698935Z","times_seen":15618608,"resource_available":true,"data":null}},"time_used":391,"timings":{"blocked":106,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allocation-punch.com/main.js","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"64.29.17.1","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.allocation-punch.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 07:43:09 GMT","end":"Mon, 25 May 2026 07:43:08 GMT"},"fingerprint":{"sha1":"69:90:35:5C:AC:C9:88:74:25:64:59:4E:CC:3F:EB:99:BF:6A:19:1F","sha256":"F2:8E:CE:9E:C2:6D:BB:1D:0E:4C:CE:B1:E7:79:31:BB:8F:4B:44:56:75:49:CC:88:2B:39:40:B0:31:06:C1:12"}}},"request":{"raw":"GET /main.js HTTP/1.1\r\nHost: allocation-punch.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 60739\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"main.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\netag: \"d7b023d73d3e9e2b8694be6dd66d380a\"\r\nlast-modified: Sat, 28 Feb 2026 01:07:58 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::6mb5v-1772301617545-c957b1f64464\r\ncontent-length: 53894\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":192928,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"66f86fde7e336203197b6a35cb37f9b8","sha1":"60dab1ee6f329478b08621a1d75b5dc1cabe97d1","sha256":"efe3d54f39d1e5d3240d1b9e499e83a63b6bd5328b51c7869d398b9194a31b44","sha512":"d928d9a7b0faae67b4285992bc2af73cc0cb09d9008acd7c8d528b4a46d3e32e1f28ffe46e4d662a95bf927a63b31ebb5459ddab23d9683f839bde40057a5ef3","ssdeep":"3072:As3dxw0BQouAxprFTYfJua0eN5ocWJpNU9:Asnw4EfJFw1TNU9","tlshash":"4e14a6871bd0b57623461efa771bb0d0f14449aa3c94469f9604bab82e661e3f9f7033","first_seen":"2026-02-23T01:16:38.348644Z","last_seen":"2026-02-28T18:00:39.968625Z","times_seen":6,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"allocation-punch.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Nunito:wght@400;600;700;800\u0026family=Quicksand:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.21.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://allocation-punch.com/","date":"2026-02-28T18:00:17.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Nunito:wght@400;600;700;800\u0026family=Quicksand:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 28 Feb 2026 18:00:17 GMT\r\ndate: Sat, 28 Feb 2026 18:00:17 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12288,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"0900d37b74e05eda8833074c17e589e8","sha1":"313852a9440840cb2c2ce75f263c981a9eefe89e","sha256":"5c44821fdf7851ceaa04ce86b1e1d97f0cc6366276a318fbfe8cf4f473af142b","sha512":"fce1174706a43552d8770216e847e193af517e53121a2642bea09dfab816f91921e735f6e1a63333bc364210aa0c2815b7197d7cfb405fb1131f53525b3631eb","ssdeep":"192:OH+yptkUkH0yXLkeLHbywkkdiHyy1Rko8NPmvWVOPFv1VrPcvMVEPjvTK:il6DPe9hWJQ31","tlshash":"ba42bcd1046be000db871cc227ce7e32ed4e61157464c57aaffd5888ecabc262365b1e","first_seen":"2026-02-20T15:25:16.841028Z","last_seen":"2026-04-29T23:52:48.394068Z","times_seen":25,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":1,"connect":8,"send":0,"wait":21,"receive":0,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}