URL: https://payment.thepunchcommunity.com/
Submission: On August 28 via automatic, source certstream-suspicious — Scanned from SG

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 157.230.242.207, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is payment.thepunchcommunity.com.
TLS certificate: Issued by R10 on August 28th 2024. Valid for: 3 months.
This is the only time payment.thepunchcommunity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 157.230.242.207 14061 (DIGITALOC...)
1 2404:6800:400... 15169 (GOOGLE)
1 3.165.82.121 16509 (AMAZON-02)
1 3.165.82.127 16509 (AMAZON-02)
17 4
Apex Domain
Subdomains
Transfer
14 thepunchcommunity.com
payment.thepunchcommunity.com
www.thepunchcommunity.com
174 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
158 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
17 3
Domain Requested by
12 payment.thepunchcommunity.com payment.thepunchcommunity.com
2 www.thepunchcommunity.com payment.thepunchcommunity.com
2 js.stripe.com payment.thepunchcommunity.com
js.stripe.com
1 fonts.googleapis.com payment.thepunchcommunity.com
17 4

This site contains links to these domains. Also see Links.

Domain
www.thepunchcommunity.com
www.moonkeygroup.com
www.indonesiadigitalmarketing.id
www.birudaun.net
Subject Issuer Validity Valid
payment.thepunchcommunity.com
R10
2024-08-28 -
2024-11-26
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-08-27 -
2024-12-05
3 months crt.sh
*.thepunchcommunity.com
R11
2024-07-01 -
2024-09-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://payment.thepunchcommunity.com/
Frame ID: 9479E52BF8BB9D93212926D3E75B22B9
Requests: 16 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-2aecec925f441cf34a9390c6519dd0b6.html
Frame ID: 141CAEA39A7E35FDBB18C73AE04C6F7B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

The Punch Community

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • dataTables.*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

333 kB
Transfer

1129 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
payment.thepunchcommunity.com/
14 KB
4 KB
Document
General
Full URL
https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
a5fa4e7f5f52eb719f8bc402c959a36183a3e9e19e9a379327ec3d94642cd156

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
4147
content-type
text/html; charset=UTF-8
date
Wed, 28 Aug 2024 18:39:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-cache
MISS
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Alegreya+SC&display=swap
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6712d267ac297547f41c152812b891fa5144d7718828e7938cc52fa62630ec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Aug 2024 18:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 18:39:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Aug 2024 18:39:35 GMT
bootstrap.min.css
payment.thepunchcommunity.com/assets/css/
119 KB
19 KB
Stylesheet
General
Full URL
https://payment.thepunchcommunity.com/assets/css/bootstrap.min.css
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 09:22:46 GMT
server
nginx
etag
W/"625e7f66-1da71"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
style.css
payment.thepunchcommunity.com/assets/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://payment.thepunchcommunity.com/assets/css/style.css
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
498fce7e15ed5dda7b02b5e5c1b13eb5faa107862e743fcdeb307e9f5cc000fb

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 09:22:46 GMT
server
nginx
etag
W/"625e7f66-1054"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
dataTables.bootstrap4.min.css
payment.thepunchcommunity.com/assets/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://payment.thepunchcommunity.com/assets/css/dataTables.bootstrap4.min.css
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
ba0a6ace4f4d84add2dac5693204ab2229f5033b09325a9420c3825f2ccf68bf

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 09:22:46 GMT
server
nginx
etag
W/"625e7f66-1513"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
datepicker.css
payment.thepunchcommunity.com/assets/css/
18 KB
2 KB
Stylesheet
General
Full URL
https://payment.thepunchcommunity.com/assets/css/datepicker.css
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
22ba89116416afe1b5ba68a954dd5c9f84da4df93e0f1a08507db0e22736e2fa

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 09:22:46 GMT
server
nginx
etag
W/"625e7f66-461a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
punch.png
payment.thepunchcommunity.com/assets/
3 KB
4 KB
Image
General
Full URL
https://payment.thepunchcommunity.com/assets/punch.png
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
1828bf8f0b4e47a037191bce1dbebac900e967231443b9da2570355177462037

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
last-modified
Tue, 19 Apr 2022 09:22:42 GMT
server
nginx
etag
"625e7f62-d62"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
3426
punch-logo.png
payment.thepunchcommunity.com/assets/
25 KB
25 KB
Image
General
Full URL
https://payment.thepunchcommunity.com/assets/punch-logo.png
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
18bf17dbfc3efe57a5b5bfde3537e67bf77a533b12035e4700d43ac8fa9134aa

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
last-modified
Tue, 19 Apr 2022 09:22:42 GMT
server
nginx
etag
"625e7f62-623a"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
25146
jquery.min.js
payment.thepunchcommunity.com/assets/js/
86 KB
30 KB
Script
General
Full URL
https://payment.thepunchcommunity.com/assets/js/jquery.min.js
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 09:22:46 GMT
server
nginx
etag
W/"625e7f66-15851"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
bootstrap.min.js
payment.thepunchcommunity.com/assets/js/
39 KB
11 KB
Script
General
Full URL
https://payment.thepunchcommunity.com/assets/js/bootstrap.min.js
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 09:22:46 GMT
server
nginx
etag
W/"625e7f66-9b00"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
jquery.dataTables.min.js
payment.thepunchcommunity.com/assets/js/
83 KB
29 KB
Script
General
Full URL
https://payment.thepunchcommunity.com/assets/js/jquery.dataTables.min.js
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
ffbce8dbb2e5fe154a842b04fb2f26d924b96e114f11016179308bf3b1eeba60

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 09:22:46 GMT
server
nginx
etag
W/"625e7f66-14aa7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
dataTables.bootstrap4.min.js
payment.thepunchcommunity.com/assets/js/
3 KB
2 KB
Script
General
Full URL
https://payment.thepunchcommunity.com/assets/js/dataTables.bootstrap4.min.js
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
d5b6ebd94e15926993c5ac5c1e5169f6b80184baf04133f6ae5f3f8e58af19bd

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 09:22:46 GMT
server
nginx
etag
W/"625e7f66-cce"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
bootstrap-datepicker.js
payment.thepunchcommunity.com/assets/js/
46 KB
12 KB
Script
General
Full URL
https://payment.thepunchcommunity.com/assets/js/bootstrap-datepicker.js
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
986511f1a769906aaa5557b6267180f43596342bddf89b7e86c61508df0729f3

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 09:22:46 GMT
server
nginx
etag
W/"625e7f66-b6e5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
/
js.stripe.com/v3/
649 KB
158 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.82.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-82-121.sin2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1ae191e9821c8f4b769e615617695b562f14edc01256147bbee5a115134b3ff4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:10 GMT
content-encoding
br
via
1.1 85e1446ec73e61adff915b5f7ea53e88.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
26
x-amz-cf-pop
SIN2-P5
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Aug 2024 17:58:36 GMT
server
Cloudfront
etag
W/"de4797946e76e0f71f1ee367fda3e215"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
MDS5EZ1DXRL93poIUXdL8rMAHVPBFEAIGSkjsErP5q2652gLts3GWA==
Porter-Bold.ttf
www.thepunchcommunity.com/wp-content/uploads/2020/10/
31 KB
31 KB
Font
General
Full URL
https://www.thepunchcommunity.com/wp-content/uploads/2020/10/Porter-Bold.ttf
Requested by
Host: payment.thepunchcommunity.com
URL: https://payment.thepunchcommunity.com/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
db2ef3829786a9147a77ca9b672dde8c6786844818e94294974636dce898c20a

Request headers

Referer
https://payment.thepunchcommunity.com/
Origin
https://payment.thepunchcommunity.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
last-modified
Tue, 19 Apr 2022 08:41:37 GMT
server
nginx
etag
"625e75c1-7c14"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
31764
controller-with-preconnect-2aecec925f441cf34a9390c6519dd0b6.html
js.stripe.com/v3/ Frame 141C
0
0
Document
General
Full URL
https://js.stripe.com/v3/controller-with-preconnect-2aecec925f441cf34a9390c6519dd0b6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.82.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-82-127.sin2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.thepunchcommunity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
14
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 28 Aug 2024 18:39:22 GMT
etag
"2aecec925f441cf34a9390c6519dd0b6"
last-modified
Wed, 28 Aug 2024 17:17:59 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 99398deb12f3ca47bfc25e25f75ba386.cloudfront.net (CloudFront)
x-amz-cf-id
sefCyfIbSE7W-awCB7I-dr3fQtChEcyP2uuoKJu0foUbKEwd_cZd3w==
x-amz-cf-pop
SIN2-P5
x-cache
Hit from cloudfront
x-content-type-options
nosniff
favicon-1-150x150.png
www.thepunchcommunity.com/wp-content/uploads/2020/10/
3 KB
3 KB
Other
General
Full URL
https://www.thepunchcommunity.com/wp-content/uploads/2020/10/favicon-1-150x150.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
157.230.242.207 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
752527.cloudwaysapps.com
Software
nginx /
Resource Hash
b936695a4073993f2ec7e08cb0f84c0bd9b393fdd7cf84e9c167ab1757154fa2

Request headers

Referer
https://payment.thepunchcommunity.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 18:39:35 GMT
last-modified
Tue, 19 Apr 2022 08:41:37 GMT
server
nginx
etag
"625e75c1-a17"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
2583

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| $jscomp function| formatDate object| dateToday string| startDate object| webpackChunkStripeJSouter function| noop function| Stripe object| stripe object| elements object| style object| cardElement function| createToken function| stripeTokenHandler

1 Cookies

Domain/Path Name / Value
payment.thepunchcommunity.com/ Name: ci_session
Value: ec2fofga1lj8fg06g68b7qf5ccnko5oo

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://payment.thepunchcommunity.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o