{"report_id":"68bd45ea-1f32-4c70-b9c9-2c1b38d196dd","version":6,"status":"done","tags":[],"date":"2026-02-28T15:42:29Z","url":{"schema":"https","addr":"allocation-punch.com/","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"216.198.79.65","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"allocation-punch.com/","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"title":"$PUNCH - The Sanctuary Monkey","dom":{"size":81400,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (53498)","md5":"4ce07bfc5c7b766bc9a7861e8fd6e1d5","sha1":"0c6922e491f769e2b1f6b2f887b7a69c9ba9b65b","sha256":"e04ff30571e48a04fb8daafa934e1c051e20a3c090505b97c69193649d169843","sha512":"8a00915c4fc5e171bcfffc710d2c08d23f53823f67736d7437dc02ed038be8f4bc4e8ef74a61de93e67a2e95a9af8551f3455bfda8abb1b66181298106b36d69","ssdeep":"1536:CQJwyez+2nhCt3AxjQJ1jUlarkpjgOuqG:CQJwywhCtwxjZarg0N","tlshash":"0d83f82543590a3c650787d8f7e2733a636ec34be61b895cb7ec42b56f86c88dc27294","dom_hash":"domhash7899bffe0075a990c2c60c8c29aae4ab","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"allocation-punch.com/","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"216.198.79.65","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-04T15:42:29Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":6,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T15:42:08Z","timestamp":1772293328,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":57918,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T15:42:08.031268+0000\",\"flow_id\":339401415579492,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.39\",\"src_port\":57918,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":924,\"bytes_toclient\":3519,\"start\":\"2026-02-28T15:42:07.972644+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T15:42:08Z","timestamp":1772293328,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":57910,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T15:42:08.034942+0000\",\"flow_id\":1161767393679109,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.39\",\"src_port\":57910,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":924,\"bytes_toclient\":3519,\"start\":\"2026-02-28T15:42:07.972549+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T15:42:08Z","timestamp":1772293328,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":57896,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T15:42:08.039085+0000\",\"flow_id\":16600263546449,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.39\",\"src_port\":57896,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3444,\"start\":\"2026-02-28T15:42:07.972369+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T15:42:08Z","timestamp":1772293328,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":57922,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T15:42:08.044323+0000\",\"flow_id\":296191897098196,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.39\",\"src_port\":57922,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":924,\"bytes_toclient\":3168,\"start\":\"2026-02-28T15:42:07.972756+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T15:42:08Z","timestamp":1772293328,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":57934,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T15:42:08.046969+0000\",\"flow_id\":694865793898770,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.39\",\"src_port\":57934,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3444,\"start\":\"2026-02-28T15:42:07.973074+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-28T15:42:08Z","timestamp":1772293328,"ip_dst":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":57924,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-02-28T15:42:08.049909+0000\",\"flow_id\":1646065758492831,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.39\",\"src_port\":57924,\"dest_ip\":\"185.41.148.2\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"punchonsol.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":924,\"bytes_toclient\":1654,\"start\":\"2026-02-28T15:42:07.972959+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"allocation-punch.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"punchonsol.lovable.app","ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"domain_registered":"2023-05-06","domain_rank":0,"first_seen":"2026-02-20T15:25:12.903476Z","last_seen":"2026-02-20T15:25:12.903476Z","alert_count":0,"request_count":10,"received_data":6485,"sent_data":4693,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-22T22:14:59.650342Z","alert_count":0,"request_count":4,"received_data":138084,"sent_data":2162,"comment":"","tags":null,"fingerprints":null},{"fqdn":"allocation-punch.com","ip":{"addr":"64.29.17.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":3,"received_data":324003,"sent_data":1346,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-22T22:18:02.864626Z","alert_count":0,"request_count":1,"received_data":12974,"sent_data":518,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"allocation-punch.com/main.js","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"64.29.17.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"66f86fde7e336203197b6a35cb37f9b8","sha1":"60dab1ee6f329478b08621a1d75b5dc1cabe97d1","sha256":"efe3d54f39d1e5d3240d1b9e499e83a63b6bd5328b51c7869d398b9194a31b44","sha512":"d928d9a7b0faae67b4285992bc2af73cc0cb09d9008acd7c8d528b4a46d3e32e1f28ffe46e4d662a95bf927a63b31ebb5459ddab23d9683f839bde40057a5ef3","ssdeep":"3072:As3dxw0BQouAxprFTYfJua0eN5ocWJpNU9:Asnw4EfJFw1TNU9","tlshash":"4e14a6871bd0b57623461efa771bb0d0f14449aa3c94469f9604bab82e661e3f9f7033","size":192928,"data":"","first_seen":"2026-02-23T01:16:38.348644Z","last_seen":"2026-02-28T18:00:39.968625Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-gallery-7-BwVZrCZ-.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:07.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-gallery-7-BwVZrCZ-.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 15:42:08 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=gWCiwQy7y4mS.PTmzyOTjZPXPbddYBBSotI3pyCkVHU-1772293328.120732-1.0.1.1-z30utSIJ1KJIZIhaY_mkKuuCm6n0fOBnXZ052l0V8fbtowD0_2b.Kmc1cYE6Wf1a.qzdHomtSds3Ierg4U8GVZRugWdS4WQusbPhJgweZ_nXfUO1s9G5CKGmygzH535S; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 16:12:08 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d5107b4b83b042d-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":440,"timings":{"blocked":109,"dns":0,"connect":0,"send":0,"wait":331,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/geckoterminal-icon-BShTt9Xs.png","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:07.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/geckoterminal-icon-BShTt9Xs.png HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 15:42:08 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=L2_S6hmJbImmELSwcjvFweauZl3R4W296RJPptpkYuc-1772293328.1208231-1.0.1.1-bj6ThVqfveRQXG4fm5MBCRb3Its0_OCkr6ON_PJKppQKdkYDHjVAZ4oqyqs_odNVyP3GD3i02Hw5.Fjrep4yKzY.pkKqyrkA9AiQyrZC6s2HBrKqeTqlI8rDOGnx5wWe; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 16:12:08 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d5107b4c840042d-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":449,"timings":{"blocked":107,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/moonshot-icon-Bztdtrh4.png","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:07.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/moonshot-icon-Bztdtrh4.png HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 15:42:08 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=1tbY6OYHUlgbwFv2nv85Pto4ex37AS8xQwalut363A8-1772293328.128646-1.0.1.1-WFoEFclklvlvuJtZJznkSiX4.aipdhBhxoQFIpEOCYbczp1CmKrH5ykYQDQ7M6pGrjypkqyCQwBEpiYFnelBa8lHqdQte1Q8sOc5civm0linVlBOQOpJ63XKUwnpffEb; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 16:12:08 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d5107b4c87e042d-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":436,"timings":{"blocked":114,"dns":0,"connect":0,"send":0,"wait":322,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:08.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://allocation-punch.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 18:31:53 GMT\r\nexpires: Thu, 25 Feb 2027 18:31:53 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 17:03:34 GMT\r\ncontent-type: font/woff2\r\nage: 249015\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39128, version 1.0","md5":"166202cc391c71a57730bed12cbcb159","sha1":"76388dbfe374be06fdc6f9ba38d3f4e479025eeb","sha256":"ba344451eab25b217a165363b1982048a5e5830a0daf36577973955a04cac793","sha512":"9f4d1c14aa729e837b964898a1dd27e99ff674256c43326aa982cc0c17fa8b0d71a0b7df627f03cb4ac6ec7f22f0a19d65302743ff09187ce81414dde74c43e2","ssdeep":"768:lxbc6Qon+A9wOfdj2rELqjOmaLqLqKeI+00t0xIj:layndm0j2cqjOmGq+tbUIj","tlshash":"d9030284fd6a02d8c7fc1f6ef25a9f28272c2078440b6a9c44a79a6bd5975f84dd3330","first_seen":"2025-09-17T01:48:11.920934Z","last_seen":"2026-06-08T23:14:22.292317Z","times_seen":31652,"resource_available":false,"data":null}},"time_used":722,"timings":{"blocked":325,"dns":1,"connect":21,"send":0,"wait":30,"receive":38,"ssl":304},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-gallery-2-BFjUVpFJ.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:07.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-gallery-2-BFjUVpFJ.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 15:42:08 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=DVdCZDp_o4dESUKtZhH26mdEnd_91F9rbQLF4tq1ciY-1772293328.13863-1.0.1.1-_SPpu6ecyTfC5yAOwo0McsfghQupA9dAO6q95v_FqXfqEoOiMoR5h1vWcav5tSKt1xl1zSl2w_h8_m.3R8oPVusxRcCe.o.YNk67QHUi0zWGr6bsNF_nBiolZZeYYfqK; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 16:12:08 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d5107b4d8d3042d-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":601,"timings":{"blocked":130,"dns":2,"connect":38,"send":0,"wait":321,"receive":0,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allocation-punch.com/style.css","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"64.29.17.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:07.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.allocation-punch.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 07:43:09 GMT","end":"Mon, 25 May 2026 07:43:08 GMT"},"fingerprint":{"sha1":"69:90:35:5C:AC:C9:88:74:25:64:59:4E:CC:3F:EB:99:BF:6A:19:1F","sha256":"F2:8E:CE:9E:C2:6D:BB:1D:0E:4C:CE:B1:E7:79:31:BB:8F:4B:44:56:75:49:CC:88:2B:39:40:B0:31:06:C1:12"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: allocation-punch.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 39639\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"style.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Sat, 28 Feb 2026 15:42:07 GMT\r\netag: \"008639f695ff3bf5c0c3339a1c9ef7e7\"\r\nlast-modified: Sat, 28 Feb 2026 04:41:28 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::h5phw-1772293327972-4871633eb32b\r\ncontent-length: 13833\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":75437,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3db392db90ba3cc01311c0934259cbae","sha1":"b74c985f7a308e5d8e770d4157f3786987e82109","sha256":"380ba669e49b70cbae257c6e8357f2c2b1f640025412aed799ae94448a7a29ee","sha512":"0cb6fd59a691f0c394e8bf22ce6343c36930ab843758f8d515d119d8c2eeaabbb33bca5154ab685c5ace5e8130eeb2ef8795bfc1eb5bb818db1a060078915fd7","ssdeep":"768:07XhHtNsYdksQU+ZNYrfAaGsCL4U378VQZkt5FN/GToLAnJ:chHtaYdknUkaGsCr378VQZkt5FNCoL8","tlshash":"b2738419b91da13e2c27a0e983ccbaec611df0c0dd3b06b5be9a412127d27f51dbb558","first_seen":"2026-02-20T15:25:16.838811Z","last_seen":"2026-02-28T18:00:39.966455Z","times_seen":18,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"allocation-punch.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-hero-2QRL_pVI.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:07.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-hero-2QRL_pVI.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 15:42:08 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=lvyTQ.siEI4XjS4J3H9DcPRxtZF9NmZJrOtrDa8nQT4-1772293328.1323621-1.0.1.1-jEyGJbPnWpcVJ1PV5e049C.WdrSAlE3czS7IC60cjF_HAB5_dsiu1VfCKlXnyrfdMPzfgaA9rF2jKWSt_N5e7qJOCjjuJqwimBo.C0e.oYCaMkzLpZ1RQBo.mFmY.7C_; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 16:12:08 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d5107b4d8a5042d-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":597,"timings":{"blocked":129,"dns":6,"connect":27,"send":0,"wait":319,"receive":0,"ssl":95},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allocation-punch.com/main.js","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"64.29.17.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:08.000Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.allocation-punch.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 07:43:09 GMT","end":"Mon, 25 May 2026 07:43:08 GMT"},"fingerprint":{"sha1":"69:90:35:5C:AC:C9:88:74:25:64:59:4E:CC:3F:EB:99:BF:6A:19:1F","sha256":"F2:8E:CE:9E:C2:6D:BB:1D:0E:4C:CE:B1:E7:79:31:BB:8F:4B:44:56:75:49:CC:88:2B:39:40:B0:31:06:C1:12"}}},"request":{"raw":"GET /main.js HTTP/1.1\r\nHost: allocation-punch.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 52449\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"main.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Sat, 28 Feb 2026 15:42:07 GMT\r\netag: \"d7b023d73d3e9e2b8694be6dd66d380a\"\r\nlast-modified: Sat, 28 Feb 2026 01:07:58 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::h5phw-1772293327983-92681467ce14\r\ncontent-length: 53894\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":192928,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"66f86fde7e336203197b6a35cb37f9b8","sha1":"60dab1ee6f329478b08621a1d75b5dc1cabe97d1","sha256":"efe3d54f39d1e5d3240d1b9e499e83a63b6bd5328b51c7869d398b9194a31b44","sha512":"d928d9a7b0faae67b4285992bc2af73cc0cb09d9008acd7c8d528b4a46d3e32e1f28ffe46e4d662a95bf927a63b31ebb5459ddab23d9683f839bde40057a5ef3","ssdeep":"3072:As3dxw0BQouAxprFTYfJua0eN5ocWJpNU9:Asnw4EfJFw1TNU9","tlshash":"4e14a6871bd0b57623461efa771bb0d0f14449aa3c94469f9604bab82e661e3f9f7033","first_seen":"2026-02-23T01:16:38.348644Z","last_seen":"2026-02-28T18:00:39.968625Z","times_seen":6,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"allocation-punch.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-cutout-DhN8p0Ob.png","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:07.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-cutout-DhN8p0Ob.png HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 15:42:08 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=LiDaf2BiUjLsL46W8ad.xu3JLQ4GHPwnp5ooahsoWn8-1772293328.119923-1.0.1.1-Atx7qExEXcqRYXvdk2xvuh_aCDt3uXCFM76rT8bYE7v4mjyShf348fZSaPXgcilyj2EZFr84qW78mC5ekM5jjyHWrMPa16b6Wwki4Y23KwG1K7Uf9_XV2x1f4UIdVTas; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 16:12:08 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d5107b4b836042d-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":594,"timings":{"blocked":118,"dns":5,"connect":27,"send":0,"wait":341,"receive":0,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-gallery-1-CZt1JFPO.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:07.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-gallery-1-CZt1JFPO.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 15:42:08 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=.7fOnRV4EXinp3_0uKe2lV7IGf9bSNWtHYANymczPOs-1772293328.1425893-1.0.1.1-4Wx_o5cQt2unFotVFTddnawLdNxaF7hqiZQ8SBEsmbI2snFLNU9XXsy4JQAyC6N7fi3eYXEok9pMgFgd5RPilXPNqGU_ieaHb00CfYusegmbuJdyDkdCxFA.XglptwUa; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 16:12:08 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d5107b4e8f8042d-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":605,"timings":{"blocked":135,"dns":4,"connect":27,"send":0,"wait":313,"receive":0,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Nunito:wght@400;600;700;800\u0026family=Quicksand:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:08.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"09:4B:1C:B6:64:C5:97:5E:E3:CF:D9:FF:1A:01:C4:D8:D7:10:82:7A","sha256":"2F:A7:09:04:89:72:33:DE:1D:F8:A7:A6:EC:9F:0C:74:15:D5:B0:87:85:BE:25:63:1A:0E:73:0C:72:E3:CD:C8"}}},"request":{"raw":"GET /css2?family=Nunito:wght@400;600;700;800\u0026family=Quicksand:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 28 Feb 2026 15:42:08 GMT\r\ndate: Sat, 28 Feb 2026 15:42:08 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12288,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"0900d37b74e05eda8833074c17e589e8","sha1":"313852a9440840cb2c2ce75f263c981a9eefe89e","sha256":"5c44821fdf7851ceaa04ce86b1e1d97f0cc6366276a318fbfe8cf4f473af142b","sha512":"fce1174706a43552d8770216e847e193af517e53121a2642bea09dfab816f91921e735f6e1a63333bc364210aa0c2815b7197d7cfb405fb1131f53525b3631eb","ssdeep":"192:OH+yptkUkH0yXLkeLHbywkkdiHyy1Rko8NPmvWVOPFv1VrPcvMVEPjvTK:il6DPe9hWJQ31","tlshash":"ba42bcd1046be000db871cc227ce7e32ed4e61157464c57aaffd5888ecabc262365b1e","first_seen":"2026-02-20T15:25:16.841028Z","last_seen":"2026-04-29T23:52:48.394068Z","times_seen":25,"resource_available":false,"data":null}},"time_used":305,"timings":{"blocked":141,"dns":1,"connect":11,"send":0,"wait":22,"receive":0,"ssl":115},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/quicksand/v37/6xKtdSZaM9iE8KbpRA_hK1QN.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:08.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/quicksand/v37/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://allocation-punch.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 28244\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 11:46:22 GMT\r\nexpires: Fri, 26 Feb 2027 11:46:22 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 27 Aug 2025 19:19:09 GMT\r\ncontent-type: font/woff2\r\nage: 186946\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28244,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28244, version 1.0","md5":"9d503278216c2225184a236c64e0924b","sha1":"0c24c621374506ce70403a7473b47acd86bbf919","sha256":"2add7d60b1cd2ab84c9967e23d5ec08eb3fc9635c46855b17d59404dec6b410e","sha512":"fa1aca723eb40b6026aa1d21b36ce2573e4164516c9a0b55ff830a434c3954833a06b1df76236b1d682107df1bd3d263ed19cba854c1a6795566a7091749696d","ssdeep":"768:/6zZ6KBVHUlHvwCa0z1sCvODsIBMTKmJ3GG5x4:yzdKvwtszvdNjz4","tlshash":"3cc2e083d14afb33d0afb77adc52d022e9756bccec7e587a97a900398895c1b0644285","first_seen":"2025-09-02T18:36:17.739185Z","last_seen":"2026-06-08T21:53:33.046814Z","times_seen":11175,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-gallery-3-CYdJsfBh.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:07.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-gallery-3-CYdJsfBh.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 15:42:08 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=f_eBxXI_1aqBnvYE_xQQx5QykV4VhyLhxLh3G1eBaMo-1772293328.1390727-1.0.1.1-EY4QTTr3ZoMdKeCNJVjH7j_sypJIqHw036sySbN.2J0l1Hj0DlA1Lm8cGrIhpZ.vmHWi65Xb70p0sIW4hnktZuWQe6hJkEsuLwCCR7Zy1.E0ITlesaiRDgALBJHDtNtK; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 16:12:08 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d5107b4d8d8042d-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":597,"timings":{"blocked":129,"dns":3,"connect":38,"send":0,"wait":316,"receive":0,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/quicksand/v37/6xKtdSZaM9iE8KbpRA_hK1QN.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:08.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/quicksand/v37/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://allocation-punch.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 28244\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 11:46:22 GMT\r\nexpires: Fri, 26 Feb 2027 11:46:22 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 27 Aug 2025 19:19:09 GMT\r\ncontent-type: font/woff2\r\nage: 186946\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28244,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28244, version 1.0","md5":"9d503278216c2225184a236c64e0924b","sha1":"0c24c621374506ce70403a7473b47acd86bbf919","sha256":"2add7d60b1cd2ab84c9967e23d5ec08eb3fc9635c46855b17d59404dec6b410e","sha512":"fa1aca723eb40b6026aa1d21b36ce2573e4164516c9a0b55ff830a434c3954833a06b1df76236b1d682107df1bd3d263ed19cba854c1a6795566a7091749696d","ssdeep":"768:/6zZ6KBVHUlHvwCa0z1sCvODsIBMTKmJ3GG5x4:yzdKvwtszvdNjz4","tlshash":"3cc2e083d14afb33d0afb77adc52d022e9756bccec7e587a97a900398895c1b0644285","first_seen":"2025-09-02T18:36:17.739185Z","last_seen":"2026-06-08T21:53:33.046814Z","times_seen":11175,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":66,"dns":2,"connect":21,"send":0,"wait":35,"receive":2,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:08.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 26 Jan 2026 08:40:56 GMT","end":"Mon, 20 Apr 2026 08:40:55 GMT"},"fingerprint":{"sha1":"C0:70:82:EC:9D:28:B5:4B:51:02:7A:C7:BE:63:94:B1:DC:64:29:FF","sha256":"5E:E3:2A:C0:F5:10:AE:D1:9D:11:A4:88:D0:66:44:3B:31:B7:05:05:0D:A7:35:66:17:B5:35:88:23:3C:E3:F1"}}},"request":{"raw":"GET /s/nunito/v32/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://allocation-punch.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 18:31:53 GMT\r\nexpires: Thu, 25 Feb 2027 18:31:53 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 17:03:34 GMT\r\ncontent-type: font/woff2\r\nage: 249015\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39128, version 1.0","md5":"166202cc391c71a57730bed12cbcb159","sha1":"76388dbfe374be06fdc6f9ba38d3f4e479025eeb","sha256":"ba344451eab25b217a165363b1982048a5e5830a0daf36577973955a04cac793","sha512":"9f4d1c14aa729e837b964898a1dd27e99ff674256c43326aa982cc0c17fa8b0d71a0b7df627f03cb4ac6ec7f22f0a19d65302743ff09187ce81414dde74c43e2","ssdeep":"768:lxbc6Qon+A9wOfdj2rELqjOmaLqLqKeI+00t0xIj:layndm0j2cqjOmGq+tbUIj","tlshash":"d9030284fd6a02d8c7fc1f6ef25a9f28272c2078440b6a9c44a79a6bd5975f84dd3330","first_seen":"2025-09-17T01:48:11.920934Z","last_seen":"2026-06-08T23:14:22.292317Z","times_seen":31652,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":44,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/favicon.png","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:09.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 15:42:09 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=uoWQPpn.BRUUPUEMBh6.Z.dUAEu9a7BmhJMtjYJBt5U-1772293329.1610544-1.0.1.1-s6CX0lx3Nj.6YQWm2C5oTSkeHkJlmY67snbOSUQ_rqY9kspiTDJW7DHid8_poCWogN5bzlUjWk8bmlZ1yM8kVMVYqmO9kEYonVNv.KtFogs3oyN4dNIl2TF4f2Kd8G85; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 16:12:09 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d5107bb4b1f042d-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"allocation-punch.com/","fqdn":"allocation-punch.com","domain":"allocation-punch.com","tld":"com"},"ip":{"addr":"64.29.17.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-28T15:42:07.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.allocation-punch.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 07:43:09 GMT","end":"Mon, 25 May 2026 07:43:08 GMT"},"fingerprint":{"sha1":"69:90:35:5C:AC:C9:88:74:25:64:59:4E:CC:3F:EB:99:BF:6A:19:1F","sha256":"F2:8E:CE:9E:C2:6D:BB:1D:0E:4C:CE:B1:E7:79:31:BB:8F:4B:44:56:75:49:CC:88:2B:39:40:B0:31:06:C1:12"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: allocation-punch.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 478267\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sat, 28 Feb 2026 15:42:07 GMT\r\netag: \"3ff20a5e95355b7bbff7b26783f10b3d\"\r\nlast-modified: Mon, 23 Feb 2026 02:50:59 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::kvwlc-1772293327732-fc1e13291f2f\r\ncontent-length: 10941\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":53999,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (53498), with CRLF line terminators","md5":"3ff20a5e95355b7bbff7b26783f10b3d","sha1":"799d3442df8ce6084572316e873b862da42b0767","sha256":"60ced224b3dc25d7405ff1acb163c8ad58299bf3404fff886f2e7952d3f1a762","sha512":"423523c8b36c231a62f56e2660f92185e14d8be84209df92d9224253ff6539935158fb921d21548ac916c5461407783032c5c2cf67dc9eeb87c2991b7d5f8f6c","ssdeep":"768:MGz+2nKz2w3t33/w792bM7sn8xbMoPLjQ55v1g9L6dccUsONaruDhS:nz+2nhCt3AxjQJ1jUlarkS","tlshash":"f533e93552480e3da50b8ad4f7e1773aa27ec38ad61b885cb7bc01b677c6c58d81b2d4","first_seen":"2026-02-23T01:16:38.358306Z","last_seen":"2026-02-28T18:00:39.9681Z","times_seen":6,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":63,"dns":41,"connect":1,"send":0,"wait":10,"receive":15,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-28","alert":"Sinkholed","trigger":"allocation-punch.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"punchonsol.lovable.app/assets/punch-plushie-Ci7cXJsh.webp","fqdn":"punchonsol.lovable.app","domain":"punchonsol.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.2","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://allocation-punch.com/","date":"2026-02-28T15:42:07.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Feb 2026 17:19:43 GMT","end":"Sun, 17 May 2026 18:19:24 GMT"},"fingerprint":{"sha1":"0F:8D:42:E0:96:F5:48:39:7E:49:C9:ED:4C:1B:E4:D5:15:A1:03:64","sha256":"FB:11:B9:D1:AA:F1:F0:D3:E7:B5:F7:E4:35:88:29:2D:8E:44:99:C3:11:3A:44:9A:D8:73:1C:05:F5:24:B2:E3"}}},"request":{"raw":"GET /assets/punch-plushie-Ci7cXJsh.webp HTTP/1.1\r\nHost: punchonsol.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://allocation-punch.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sat, 28 Feb 2026 15:42:08 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nset-cookie: __cf_bm=9Pe..6t_l98Am_0VX64MdFFDAzrqtMPMQ3dpxoAxOX0-1772293328.1372812-1.0.1.1-fysZa5BQ6zl9DjvuSd.oJIUpoHO64k0Ba0QSypNoM2c2g3OUVqyT5HGg8fiWF4MgcYI7OerbHLnrMMOh706vrhHBNatGusujDeC3FQ80ivDsVY9mG.VbE1UOdKrrEaD6; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Sat, 28 Feb 2026 16:12:08 GMT\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9d5107b4d8cb042d-CPH\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T23:17:23.623528Z","times_seen":16252840,"resource_available":true,"data":null}},"time_used":614,"timings":{"blocked":132,"dns":7,"connect":27,"send":0,"wait":327,"receive":0,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}