{"report_id":"0107d6c6-6a63-435f-8eb7-837fe80658ae","version":6,"status":"done","tags":[],"date":"2026-04-28T16:15:12Z","url":{"schema":"http","addr":"clickpromosbr.com","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"title":"ClickBus | Passagens de Ônibus Online para mais de 4.800 destinos","dom":{"size":183589,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65465), with no line terminators","md5":"fb290d5ab655e8adf8869d4c93c7d73c","sha1":"410afac89910178957d4e051b6b06f2da8f5b5b7","sha256":"bcf5a9c1bc8476f94dd1acc3c587f2638d9cd55ce2dd62c42c84b0c85b8ba30b","sha512":"8626a33e3813b19195cbac3909c2370fcfae92c7ef0ba20a9fb38ebe83390ea3546a02bf729f036746d9aee521aaf152ea8f28cfc275aa46b1894c571e1e9ea1","ssdeep":"1536:ZvkQdfNkf0C5+vb+vEm+vv+vjxUDiFG0KKdxRJpIwIXcW0Oz:ZBO+vb+vEm+vv+vq8wsS","tlshash":"9904d9f05211ee62a91717d0f079ffed7046672aebaac319a2fc4a0517cec72ca505e1","dom_hash":"domhash306916dbaeceafc06efec618d26b6530","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"clickpromosbr.com","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T16:15:12Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":6,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T16:14:47Z","timestamp":1777392887,"ip_dst":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34980,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T16:14:47.926003+0000\",\"flow_id\":13902221347908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":34980,\"dest_ip\":\"172.64.149.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050130,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"slelguoygbfzlpylpxfs.supabase.co\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":934,\"bytes_toclient\":3515,\"start\":\"2026-04-28T16:14:47.920644+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T16:14:47Z","timestamp":1777392887,"ip_dst":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34998,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T16:14:47.930971+0000\",\"flow_id\":450554366463294,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":34998,\"dest_ip\":\"172.64.149.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050130,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"slelguoygbfzlpylpxfs.supabase.co\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1654,\"start\":\"2026-04-28T16:14:47.920894+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T16:14:47Z","timestamp":1777392887,"ip_dst":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34996,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T16:14:47.933038+0000\",\"flow_id\":1659441631399109,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":34996,\"dest_ip\":\"172.64.149.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050130,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"slelguoygbfzlpylpxfs.supabase.co\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":934,\"bytes_toclient\":1654,\"start\":\"2026-04-28T16:14:47.920773+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T16:14:47Z","timestamp":1777392887,"ip_dst":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35020,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T16:14:47.936812+0000\",\"flow_id\":364852589039155,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":35020,\"dest_ip\":\"172.64.149.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050130,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"slelguoygbfzlpylpxfs.supabase.co\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":934,\"bytes_toclient\":1654,\"start\":\"2026-04-28T16:14:47.921139+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T16:14:47Z","timestamp":1777392887,"ip_dst":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T16:14:47.938239+0000\",\"flow_id\":1577132878139031,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":35034,\"dest_ip\":\"172.64.149.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050130,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"slelguoygbfzlpylpxfs.supabase.co\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1654,\"start\":\"2026-04-28T16:14:47.921239+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T16:14:47Z","timestamp":1777392887,"ip_dst":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":35006,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T16:14:47.940589+0000\",\"flow_id\":202743343418832,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":35006,\"dest_ip\":\"172.64.149.246\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2050130,\"rev\":1,\"signature\":\"ET INFO Observed Online Application Hosting Domain (supabase .co in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_01_17\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_01_17\"]}},\"tls\":{\"sni\":\"slelguoygbfzlpylpxfs.supabase.co\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3440,\"start\":\"2026-04-28T16:14:47.921040+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"clickpromosbr.com","ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":58,"request_count":29,"received_data":1129546,"sent_data":20625,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]}]},{"fqdn":"slelguoygbfzlpylpxfs.supabase.co","ip":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-01-11","domain_rank":0,"first_seen":"2025-07-14T04:07:45.375788Z","last_seen":"2026-04-22T08:41:44.991466Z","alert_count":0,"request_count":7,"received_data":61100,"sent_data":3795,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-26T22:16:47.246638Z","alert_count":0,"request_count":4,"received_data":147052,"sent_data":2264,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-04-26T22:25:05.471148Z","alert_count":0,"request_count":21,"received_data":7929832,"sent_data":9775,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-26T22:20:29.825994Z","alert_count":0,"request_count":1,"received_data":13366,"sent_data":480,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"static.clickbus.com","ip":{"addr":"179.191.182.65","port":443,"asn":52580,"as":"Azion Technologies Ltda.","country":"Germany","country_code":"DE"},"domain_registered":"2003-04-22","domain_rank":0,"first_seen":"2017-01-31T16:07:09Z","last_seen":"2026-04-25T04:55:40.934634Z","alert_count":0,"request_count":1,"received_data":614,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"www.google.com","ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-04-26T22:38:44.781388Z","alert_count":0,"request_count":40,"received_data":19360,"sent_data":36704,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c3e3e350f78cf22bd7b335d70b41a58a","sha1":"cce22220b6a8dff76692755cc45439b4ec474a4d","sha256":"ee6bb81f4e9fc030a39a7c71affc4d1f2b900baa4b4c7af83361388d7c39599b","sha512":"15b6cbf8bd67e82a4952004138ebc95c44e4d373317826f1560eeec13416cc1d6a38d834609ef4b713e7a9c92d1b1bbf84de08e2e4061ed3d1e3891982c25b0a","ssdeep":"","tlshash":"3f90025ff2302063a756122b166f15456421626565550869123830eb4955148474265c","size":57,"data":"","first_seen":"2025-06-30T14:23:19.448274Z","last_seen":"2026-04-28T20:09:06.636087Z","times_seen":41449,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"00933d3d76fccf8f1d330b001b6dc118","sha1":"72a3f9f693a7d05bb6f1b38fd381a0f4e8bb5c7a","sha256":"4009527b06902e2fcd3c2ce78c0652caf43bda1783d1577198d0c3919782c607","sha512":"8fce1ced1efcaf7f17f0fbc71664f0ca59f5f7bddc682fdbc8b9ef3862def740a845bc3cd5cc3926c09b98782296d14c9b38d50b2dd6cb53b296ec76ba558602","ssdeep":"","tlshash":"090156a9f328199a66d92fbfa06a570c7460603e380600319507edfa1700de021cbd8e","size":845,"data":"","first_seen":"2025-08-20T23:30:20.291724Z","last_seen":"2026-04-28T20:09:06.636618Z","times_seen":31407,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-04-28T20:21:08.457102Z","times_seen":103994,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17954541018\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2121104f1bb6d367bbaca84daf8e12f4","sha1":"9c8b45686e8293c40d36940b685955904099f9a4","sha256":"48da44d7e1da050ed84ec9d34eea4490339d12ecc1e5f8ce451083317c90137e","sha512":"60fb73381d3840c37b857e46235f915c288bc853454ad8188f168b133644d0234bcb319ef1c922a775f0b4653fb8e56fb10b28e63e7aab9bc96df2982ba517ff","ssdeep":"6144:dXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:C7DxYr2JYwyJ2","tlshash":"748419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","size":392030,"data":"","first_seen":"2026-04-28T16:15:32.932844Z","last_seen":"2026-04-28T17:01:18.984947Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/97cc118af71a88f5.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0dbdb56bb35e54293272a9f3746e2f1d","sha1":"0715426bcd02765f520455b3f0afe8cb3ee3c926","sha256":"fbf6858ed43aadbff79c80fb200dcb75df416b81c5ffc9d3eb6604b57651bf38","sha512":"4cd253fdb26c36b9d84d4ebe80b18a45d17bff78c4774bbeabf86fef2be200713406dd0d7b475b47a8eca1f19c758d6d6193dc83ede2b5259cce9b1a47a7be9f","ssdeep":"384:zqCn7vBqHWQlkalgZfXVdqzq+NhQj/kdDzwEMeb:zqCn782QldlK9dqzq+N88dL","tlshash":"79b2b5a971d5f4910b9354a5803f500bf23a1d76286da0a0e3e2cdf579b055ee133f9e","size":25087,"data":"","first_seen":"2026-04-28T16:15:32.963728Z","last_seen":"2026-04-28T17:01:18.979429Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17962594608\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f3e739501e075af1d7da030529d1cb4","sha1":"045e008d7db7e1023ba143979c8029deb0043d77","sha256":"4000fc4e2f722418effb3b0e443cc4bb28c7e697f1c82d238bf923696b718380","sha512":"d87db60c0547e8367709c239cafde10d15cc8921726d40716ca0972641ebcc920a653d525fdbec9942fa55ecaae398c8453cd3baa5c8dd726482bfbed6e00fbc","ssdeep":"6144:xXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:e7DxYr2JYwyJ2","tlshash":"838419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","size":392030,"data":"","first_seen":"2026-04-28T16:15:32.914318Z","last_seen":"2026-04-28T17:01:18.980005Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938295145\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"730d156f5ae5f61517b6abb0f3c27ad7","sha1":"f911a44142c639f6f46a96672c0bbb7dd414b755","sha256":"32bc01738dd762be778174865bdacd33b8c724e91b433ae7f36a598c5e451d9e","sha512":"74fae4ac71cf65719b439a2be19bff1d4ab1bdcd140fb507a65d3d69225f63948e3f47c0f11869dced8f3162f2ad154f950af8bf581cdec7e3238038c9fda29a","ssdeep":"6144:mXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:77DxYr2JYwyJ2","tlshash":"108419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","size":392030,"data":"","first_seen":"2026-04-28T16:15:32.991444Z","last_seen":"2026-04-28T17:01:18.974824Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938908374\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cccc108277e7765401d01da80757378a","sha1":"1eb6b88dfcab99569102fb94017d3e9ea669f45f","sha256":"d353deaa64576c5329f31aa9d916474f2dd1c8f2f14d4fba74b84da284816b22","sha512":"1f61f79bbc1a2208a807410818518a9091e40b28ec37ae62b358b5f42bdd90880dbcae7d7733348d48bae285e46581b6f86982f8aac9b9dadfa4f3e8e42c6ede","ssdeep":"6144:jXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:87DxYr2JYwyJ2","tlshash":"f48419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","size":392030,"data":"","first_seen":"2026-04-28T16:15:32.976736Z","last_seen":"2026-04-28T17:01:18.998045Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17939049238\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"372391cf895cc5a4208c345f636fd963","sha1":"7b73c0a358887c33b23c2808348ef9b8f40d4096","sha256":"d1621545ee340b1f4faa0a272b68b0bf7b9bf17154ef2b2af0bb6e7ab52fff70","sha512":"86e3bbd9978f04699a172790d86540374bd5d51aace410c488e181dd4ee8ce2cf14140573d9e081411d5eac2c865e5c4db899fe360358daa80c892ef607cbcbb","ssdeep":"6144:mXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:77DxYr2JYwyJ2","tlshash":"008419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","size":392030,"data":"","first_seen":"2026-04-28T16:15:32.978571Z","last_seen":"2026-04-28T17:01:19.006828Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938906868\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a06a58847ff995b931965820b10770b8","sha1":"e47839503f517753fd92bc4db806db7bdc25f753","sha256":"2cdc4479f018f76af0fdbcb9520a47a3565a25f21e773c79d4adf96de5dce9e5","sha512":"8f78a21eb4562885370cb9162e08cbcfba417a58ec6d955f4e3d95851f05d7ccae2aeefd3e0816aa05d850d6f2c0deb3f8fd91ec3962c13631aa37dd81c02051","ssdeep":"6144:HXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:o7DxYr2JYwyJ2","tlshash":"218419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","size":392030,"data":"","first_seen":"2026-04-28T16:15:32.939591Z","last_seen":"2026-04-28T16:15:32.939591Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/e827905b7201dd80.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb0a39b54ebb9a270d79249622e7aa59","sha1":"a072535e78cc606fb5081012508d190fc4c486af","sha256":"b317e7437a0bd5b75a06443f2d320854ba736bf06d42ee9e0c9a9d65c3d50641","sha512":"f370ce9db3c74c9dec483fc38de47c277e89a97f210796313c2ceb99a10b77c7857f1bd7abecf0c6923de11cdacdf7109dbade7d9a7fc76aa6593989012aa00d","ssdeep":"768:A5XTWORnCjD7TLOJ2oB6mIVG2uIyEL+XJX4gytg:0XKECjDWu6XJX8tg","tlshash":"33c2f971b7647d79f396c182716ae948773a3b6aa00a8100f17c9ca93718cc2b5f1f97","size":27123,"data":"","first_seen":"2026-04-28T16:15:32.98454Z","last_seen":"2026-04-28T17:01:18.983996Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"53c31fb7c46b44fbd86dbb25738e6342","sha1":"5cb5786477b60885d9aa22b7a44a77e157b268d9","sha256":"a8ab3ee5cec02f91eafd585a79c3d7a5ef96c405f664a0d6c8c87964032a8f6f","sha512":"29a7ed2269b65d4a66c30f4c230ed4fa6e281a0ad86771ea5bca43e2fe7c69a8501f60dd7d35d74070ce63c900510fe335e9b16d101e08404b0bc3efee0cd4bc","ssdeep":"","tlshash":"41f06256e91bfc513d60ce1f121b1f6bacd8dc3e9030625df26cc5c85262c6a4748990","size":640,"data":"","first_seen":"2026-04-28T16:15:33.015108Z","last_seen":"2026-04-28T17:01:19.014829Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"434795bcc241ebfd1123d3bd6f37ed66","sha1":"004e26f346afc3abdbabcef58ceb466b80e8db37","sha256":"5c8b6081547ac70cfda251c025f843c15dfe13cd7e826a4d4743e1ba95b92a28","sha512":"ebbc9521c4eb77307a323fbb6190f68e3628375b8f0c9b4fd6a79d09131a8ba89522d6d641427d5f26e5124284a7b4e89cc2588e863763ef32d2c2221328262e","ssdeep":"96:LE7mltsijqRcHoUEfNfX1qkAK/ma5wVEHm10WZma57miblF1BRouofZC7cgeySl:LpacHKW8agMlFrRoXXgkl","tlshash":"d9a12fdf2808cd66d99f2d5e23fb8d3b148c96a746c286f8c6d8ef05445b0ba97d4e40","size":4841,"data":"","first_seen":"2026-04-28T16:15:33.015936Z","last_seen":"2026-04-28T17:01:19.015369Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"cacdff904b07ec8c63cbdcf03ee77061","sha1":"04d4d8a3bff83ba019fcc7e5a6b5b694436b3776","sha256":"f66d09c75345f78b907d99e2bf16d59fd0d115f02fbee0fcc4f763f1a7859ff7","sha512":"a743118ac3887a989d6e2b7c73e4f5b9bd165903c1456969aa5a79c371c633c347fa28052761f43dd34cbb9a07789b97ba56c5c418ceca3ebbd364a30a58f9fd","ssdeep":"","tlshash":"6751262ad90ffc55bd61de8f013b5f3e98d4d83b8070163db75dc88884218bb6b8a881","size":2675,"data":"","first_seen":"2026-04-28T16:15:33.01687Z","last_seen":"2026-04-28T17:01:19.015864Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b3391b7a7a3d500abeba450868ec176e","sha1":"92d7ed53a9592270e85bd384773e756c12710b02","sha256":"8eacb37023d340138e6d04c7811fe96fcf1c98a98cecf58d12254790f1c4909a","sha512":"ba6ee21e4126e18e128a2f1888468472acdedec9f5849654aab366734732138c9fd303e5a2e8daa1f3065cd728ca15d060b622951067d62085bea1f794c50b80","ssdeep":"96:LXVFZMxInEVIsXgHlIKoqHVRXMMgpnEVIMinMppEpLVdcb6IZEV5TyjWznY:1xEVQHalEVJEpY1EVlfrY","tlshash":"4d91dd347112ed2dfe5b3d54293eac6e654de356898ece28d3e4cd2056c6c78ab42ac0","size":4559,"data":"","first_seen":"2026-04-28T16:15:33.017745Z","last_seen":"2026-04-28T17:01:19.016351Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slelguoygbfzlpylpxfs.supabase.co/storage/v1/object/public/scripts//route-messenger.js","fqdn":"slelguoygbfzlpylpxfs.supabase.co","domain":"slelguoygbfzlpylpxfs.supabase.co","tld":"supabase.co"},"ip":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c5361739c6397bd51c7c07ba80720670","sha1":"9673c849f6db02da9649991026ec8d5e5b77a26e","sha256":"99fb917a3cffdfc1a342bb31aa8f5cb595a7206e4853494dbaef11df617c26d1","sha512":"ca8a4ff25f1b002a5b0652787d5b543297edd1e849c414e83656f1a86cd37800c56c00719523f3b984a5714268f4cbffbe541d05cc66f7b11a0141cae8c6199b","ssdeep":"96:ENW+WjSCSG7hdGu1layJCWjIVeuydbiekJPzAWwg4M8rFbOD:ENgnSG7hdGu2yIWEIuydbiekJLAWU7rs","tlshash":"4a91dd4e07f3022789b322592f4b751935329213360ada5c3aacc7c15f18d2bd6e6bdc","size":4232,"data":"","first_seen":"2025-08-18T20:36:16.291351Z","last_seen":"2026-04-28T17:01:18.989052Z","times_seen":98,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17950545750\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"14e033988ad6aa9731d9f11e8fb9a999","sha1":"24545189c0f17f65225adad34fc05c0b1c55f330","sha256":"4b15111fd7a89ab6e3f8922716b4884c4fc6d9fbd729fc1641722d4bf7ce3efd","sha512":"06f9199e80977b43fffb7b3d021c0d4b592772105a8736858d45632b9206e32d51ad558e89ccd43d4590668399254777dcf9b962423f0b773be32ae1a8b58732","ssdeep":"6144:5+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:MYrMGYY64GG3kh","tlshash":"298419cdb3d6705653a3b478903f018ba27a7992f84cc899f185c8e42e7469a4277f7c","size":391253,"data":"","first_seen":"2026-04-28T16:15:32.942095Z","last_seen":"2026-04-28T16:15:32.942095Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17954416201\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"017063c42ba90d0d26a64bf60ff6bfd9","sha1":"c7361a244f5ff1eb84e1750029f702911e85fde1","sha256":"80938934c04e31e258844a9b911c09e1cc9f563c9e22111ac533f5ac5dc2b6b5","sha512":"0ded94a9de6d6351d807cfecd6aef6bdf3cec168a7febac933bf51a04acf8e64db84ee6d587bbb2a7c0b3c692728479484866cc36dffc8782fcf8f5ae2ab718d","ssdeep":"6144:V+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:4YrMGYY64GG3kh","tlshash":"3c8419cdb3d6705653a3b478903f018ba27a7992f84cc899f185c8e42e7469a4277f7c","size":391253,"data":"","first_seen":"2026-04-28T16:15:32.91999Z","last_seen":"2026-04-28T16:15:32.91999Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/206405b2565a029b.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a54e7379d2643df120208305092e697","sha1":"b5e37f1339dfd8f5559c654ff8761fd1286a7079","sha256":"9273dcef7ce6a2f6f834e5b80d57c30d0bc788377b7fbf0eb45c758cf144a8cc","sha512":"43bc8179bcf6f604cae383a582de38f70616836a95ee1fcf259ff9e202b3c12b8325c90f095df473b24f690720e0d17da3b3138674b419fbbbfb60e2c5f68b0f","ssdeep":"","tlshash":"b37195663194fd81239a94c8c43f400fb25e6d7718ae74a4fbea4cf1246589ab0f1fb5","size":3703,"data":"","first_seen":"2026-04-28T16:15:33.004329Z","last_seen":"2026-04-28T17:01:18.993876Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/9d6d9df8670bc232.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"3f37804b3e3704788e3b2d85dc66633a","sha1":"02fcbc52dde2e7cce39ea1932b3fd080b91146b4","sha256":"dc02e6e58d4ed9b78ec0bf3b9dde7826e71836bbf9c2c5bf32c0ed6e195ad20f","sha512":"208060fe9d924d5238463f0d6ecc57a2d204c626cfbe3f5b3a04c9fd66f60c0d900bee65f87c4ebcc1f435cafc6d74600a173612e355e6eb7b946e1da7b00b77","ssdeep":"1536:acyfEcXzdEMTbmgl0UAa1j4CQbOOvXDYXL1vXeoFtxPkmXqm5gFPh:MfE4EMupvUvBePh","tlshash":"b733b8449155bfecba2706ecba5f905d702d3b80cb4e8874f1b82c2226854e47b5bbdd","size":53746,"data":"","first_seen":"2026-04-28T16:15:32.959154Z","last_seen":"2026-04-28T17:01:19.012621Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/d2be314c3ece3fbe.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e189b2054d05a586f4fd6eec2888c203","sha1":"7d92609e0338be85a1f0085efa31f699878f269c","sha256":"a6248517cd3ee53a8186b51c59e1e764e3dc0c512f4acbd50e818f9884663e21","sha512":"1c0e250e62e070ed252776fbd469b27c9c19dc68e695b9e90003b746e3ab6f9c919b39ed1890d581bc0bec54a0b8b2b8a68a415db186d4d278121cbe124a8ad6","ssdeep":"384:735z75Bq9E0m1YmRDQ0cJ3tn79Fg/Ag8qWtOPSNxErV:D5z9BX0ZMOx3ErV","tlshash":"fed2e8717395f9a352db85d9d03a0015f2290d3530ae24b07394dcef368dc89a1fafa9","size":30681,"data":"","first_seen":"2026-01-15T14:11:00.285057Z","last_seen":"2026-04-28T19:58:23.312836Z","times_seen":4464,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"612237d1220fe29b3a72d64be4358cce","sha1":"51e318bc733988abef40bcb27941df042ea2eeb5","sha256":"41deb41a51bd0aa28962e0f53d8b679d006e1ecd7279c71fb6f8d55c37445cbb","sha512":"dacc3c573947b16d44e74249d9a36013d66820def8b84658bebdc09c045775ba4985fa2280c3498f67c66be6d689fba43a4857afc20f2b829a4ddeed5ead0ad5","ssdeep":"","tlshash":"4b01888e2d996c7f229f0eefcb47e9042908678195c107a21de26b8ee86187fd291c51","size":743,"data":"","first_seen":"2026-04-28T16:15:33.018661Z","last_seen":"2026-04-28T17:01:19.017958Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17275402659","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"302c65bce3a1a3a06b2ca6cb2be7b5a9","sha1":"6b9cdd960af8b30b0f73ad6783a3960df6dddb46","sha256":"46635ca07ca09b4c494f75bbd027c660e596f60986fbc04a471621bf805cb446","sha512":"f1553bb394cf7ef0b317df5c370a10017142ab37f1927236b84eeb7a01d22b51e9697eafb9c0399803f3109fea347dc9ecdd7a5ee252f3c9fbe1b7c648ac8f8b","ssdeep":"6144:O+VYoy0E5MxYsgna64dXXsRSrssan89U5OcuvTSMl:BYrMxYY64GGiMF","tlshash":"2e9409cdb3d6706253a3b478903f018ba57a79a2b44cc899f185cce42e7469a4277f7c","size":418839,"data":"","first_seen":"2026-04-28T16:15:33.005691Z","last_seen":"2026-04-28T16:15:33.005691Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17960346333\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6755f96320f77a33030d8cad9306e0b9","sha1":"6eb5b8c9342fd8c1ebc40aac3252357941197ca3","sha256":"ac207b66045d4fd4d011830710d46cce6351a625a3407a0e96b42bd9615bb840","sha512":"b8b380f4818b7a1028f6af553a2b0851fa4fbc5b2e44c5a09f21e708491b39aa06ce5d2b7798ffe1208e990cda2310b3f0079810a6af630b8f187819e81c44fe","ssdeep":"6144:ZXY72UJEQ2KZpbPN2JYtCcq8WDUEOtSZuKaBBJh:W7D2Yr2JYwvJk","tlshash":"bd9408cdb3d6745253a3b478903f018ba17a79a2b44cc89af185cce42e7469a4277f7c","size":419674,"data":"","first_seen":"2026-04-28T16:15:32.91023Z","last_seen":"2026-04-28T17:01:19.000066Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17939041333\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"23c54edba12bc661fcf7f38073b5694b","sha1":"a230a7b7baa88bfa13be7cb4c835330b20872eaa","sha256":"14fca97896c00829a85ada0212394c4bc9011d0f5c27785b7def54c86ef9dd74","sha512":"fe6143a3c8ee827d2e99f8e3a4807fdb67d129b7c86ec2fbdecbca52f8f0187adfee7ab9c1f33d9a8ab372e8eb9b8a9beee7424f1e7ddd789dcfdaf837ded1a5","ssdeep":"6144:bXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:E7DxYr2JYwyJ2","tlshash":"668419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","size":392030,"data":"","first_seen":"2026-04-28T16:15:32.968451Z","last_seen":"2026-04-28T17:01:19.009367Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/9615397dc5f70c9e.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f6e5344b02f87c1de19043bcb67231b6","sha1":"561a36fd2415807a9d66d328c8270daa41f8d192","sha256":"1818f7ccbd15c6487ec4d1751da3bfdd9ebaa96ffcacba8d9e7f0e6f763785d5","sha512":"b349e26dec051d6341d2693ba0894858f4fe1653650c3336831f4f79c96adaaf7025bb78bdbde5dc95e7b3b6c4c447ee271595fa2ad687944a7a7c75965c6ed2","ssdeep":"768:sS+J56JKJ6lZjqtIMj+TxziE4dWjlmGSEINjyT+0fNAjNhXcac+sV/vwmwWJPY87:sS25DOeXSoG+kfNAL4FeB3Y","tlshash":"84032a99b395fec8560a87d0e42fd00db13f3e789e1ad474a2f86c452e044d8b51afe6","size":38635,"data":"","first_seen":"2026-04-28T16:15:32.906982Z","last_seen":"2026-04-28T17:01:19.01111Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/5d674cc7259bfc4f.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"91fe7df7b211345ccb5cce3ef936c5fb","sha1":"6371cd2a52393e9640c3300fdfff1c9bf3bac3fc","sha256":"56169c3edc77bb9b506e4575a6afb48da99d3ec0c99db9205ae5d93ac4931238","sha512":"1a900c8f793bca0f429ce349bb7091db6f81f3faf66d1699a9a803e73e5f1aab84872850a8b7f5a9e130577bb2251e6e5bc1cd17ae5ede3995e17a7ddb27e04b","ssdeep":"3072:xlXL5l5cSSScmfJPyGoi8xP3ciNgZTjymL6ZXtJ967+3N:xlXL53cSSScmfPZZnfSXtJ967+3N","tlshash":"da241be83995f6626eb302a710af1803733c252b280d4d60a251fdddb57845eb17bf9e","size":223604,"data":"","first_seen":"2026-04-28T16:15:32.974605Z","last_seen":"2026-04-28T17:01:18.990908Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"0cdecc568b7ad5400b784af1e6b0b3f1","sha1":"9765e01f1cda95e4d08d6184b163e28d43e86c26","sha256":"432f884380170457fb480ef565db892dd27ffeb3255fa213dfeed57147f7f2ae","sha512":"aac94845e3e02aad9b9c5de91b62861f0b5a88e3b0f681f7d09bdd3823ec04aa1fce696bcb1242e01badc255751e3938632da84c4fd569cdcc33621150242dd8","ssdeep":"","tlshash":"cae06d396805ee57ed2e3d922a3eed7b248d055b008ccea852c4ce000502a7a3b03ec1","size":418,"data":"","first_seen":"2026-04-28T16:15:33.020575Z","last_seen":"2026-04-28T17:01:19.016854Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"804149f2220379700e11c397327f8d14","sha1":"49cac25008fb8966a21ffe3d894fe23fab81ee20","sha256":"7493dc40da3213c3cc7309fa972054228d514aad8d115825034a2c6ed675f2b1","sha512":"359b8bb52f69e8eb67c672bb24f3f5c29516fa99e846b92f0cfced16ea9ad27534757aa7bb4b71f8ad31e4c429b83d2a3bac0f417f6127aa12f300b342a8b9ea","ssdeep":"","tlshash":"6a51792ad90bec24bd55ed8f103f6f3e98d9cc3b8175822ca29ccc859020cb657858d0","size":2469,"data":"","first_seen":"2026-04-28T16:15:33.021702Z","last_seen":"2026-04-28T17:01:19.017336Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slelguoygbfzlpylpxfs.supabase.co/storage/v1/object/public/scripts/orchids-browser-logs.js","fqdn":"slelguoygbfzlpylpxfs.supabase.co","domain":"slelguoygbfzlpylpxfs.supabase.co","tld":"supabase.co"},"ip":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"178d2cfb698af2d2118d210a26b74417","sha1":"d3da8cf02d5f45939da3106341c7c502bab584ab","sha256":"9e35eb68fcc4dfddc5021b0f11e870d7594e5c79890f1d3ad701107dc3cf7035","sha512":"af9997b2dc2e706f68e1f2a86713b878360fa383c29b2e76d21f78fbfe5c2813b6ef6b843bf2192680c7f5e4b168dce42055e4e0e3377d554a0ce7f9ac28e3b0","ssdeep":"192:G2bvjMa1hQuTQDeWGoRaQNTRYHnM+7plSKQyfDMXd4IqIxoFkaEsr+mwAMe/Be/+:Gjuvy4HXWgX","tlshash":"fb22525b6df360255113203a9b8b6d05b136e813354ef8babb9c4354afc0965c2f3bd9","size":9919,"data":"","first_seen":"2026-02-11T21:21:42.779616Z","last_seen":"2026-04-28T17:01:19.008647Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938232522\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"49bb3dfc88c412615040afd9e0a989d2","sha1":"41555aa01533b061fffba828094ce6988ebaaedb","sha256":"1afef856a2068d37f40d26ec857997cf99dabd5bdd14ef783a59592335b61cc6","sha512":"6f15b72b582393a6db1f3be02c072274c92a6ece19119fb56871c68c0a39d86bf113760222a2c0490b18ad05c71cfbe2913c2f1771110cfc7a2079220b686ffa","ssdeep":"6144:uXY72UJEQ2KZpbPN2JYtCcq8WDUEOtSZuKaBBJh:z7D2Yr2JYwvJk","tlshash":"c09408cdb3d6745253a3b478903f018ba17a79a2b44cc89af185cce42e7469a4277f7c","size":419674,"data":"","first_seen":"2026-04-28T16:15:33.002026Z","last_seen":"2026-04-28T16:15:33.002026Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/72c822cfe5b6f4f2.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a36728e25aa9960384870f7325ae2833","sha1":"8f17bc857a5a78f548283df069989fa830339775","sha256":"0bf745aa5bf586c03d206de24ed8858949ca3e96db818b857875e47259a2a48f","sha512":"9fe937364b53f154ab806ed0227cf9dc5b0f506a2c24a57fb22a84b593fcd4edc0eaa1115378e1f717fc327de188110b5465d2fc17906614a4b3060c5a455d42","ssdeep":"384:Dj/l+d/8JUopNgVAYH9cseDoweTEDKzLj1JvWx4vi9RHOarcp0DDqH8mlkfGNiZY:nlW1LvW3HvA0DDqH8mieUZRYqLM","tlshash":"d303a5b572d5faa2128340f0c83f1016f27d4c7521ac74a0a7e4ccdbb99858d96bafd9","size":40324,"data":"","first_seen":"2026-02-22T03:12:43.071537Z","last_seen":"2026-04-28T17:01:18.996193Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17960246516\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0c69f2b329143b4bce9d00a29a04ecc","sha1":"f761d7a11d5de619e83a0c3493f59be5cc372629","sha256":"a053b782f41c8d75ca7c27bd4d8f71c3212a7b600cfc02d72fe5829d605edea5","sha512":"d670095d11d245bb28f8a00a2ebb29501d86748d0eb17527f3fd6a702204b2528425b98b25767bc1c58ea5395aae15ad27e3da85815fa5c178efd59887407e9a","ssdeep":"6144:8+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:3YrMGYY64GG3kh","tlshash":"2f8419cdb3d6705653a3b478903f008bb27a7992b84cc899f185c8e42e7469a4277f7d","size":391253,"data":"","first_seen":"2026-04-28T16:15:32.987042Z","last_seen":"2026-04-28T16:15:32.987042Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938373818\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b52bbc7dcaf4ea9ea226161830976478","sha1":"0a25b649961a03b11b2f2bc33630244597b96dc2","sha256":"63f170a606e86eece54b253c555836a8b9c8138f8d644f2f9c8fae30e3dbde04","sha512":"efdd1e9c3a368c97c444242e35e5396a93888f7cb0d7e80270b99f5369de3277e6531fe837ce69fe3c3a9856fbf522c1bc12ddfd9076ea9304d3fd73ea8541ac","ssdeep":"6144:v+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:KYrMGYY64GG3kh","tlshash":"ed8429cdb3d6705653a3b478903f008ba27a7992f84cc899f185c8e42e7469a4277f7d","size":391253,"data":"","first_seen":"2026-04-28T16:15:32.993998Z","last_seen":"2026-04-28T16:15:32.993998Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938367659\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d60428298dfbb3f40dbd3c9178e18b5c","sha1":"02596aa7c8cc7f7e006e7ba053842343636a9b57","sha256":"d9d0a7300a55e488aac08332b6f6a6e072f97a9ba40b0d03878a3109259a4903","sha512":"08b2bfc38087b876401ca1c5a512164a2f01d102e41b845af28987971773a4b2f48462802a47bc38f50be1ed2db978ddbfa19f5b30c584448b497e0877d9b232","ssdeep":"6144:U+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:vYrMGYY64GG3kh","tlshash":"848419cdb3d6705653a3b478903f018ba27a7992f84cc899f185c8e42e7469a4277f7c","size":391253,"data":"","first_seen":"2026-04-28T16:15:32.954684Z","last_seen":"2026-04-28T16:15:32.954684Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b56296fbf893d8b2ba7fb380c2f6caf5","sha1":"ea65fd0f42113f6ae13e36e58501ac6ca7724f16","sha256":"695deed9f5c724ddf50a6718aaca50573da12684d2e9af4c474b82de5d3f25b5","sha512":"5ba546a06825ad48298ca63ea5f28e0ddb914406040a53ea3217ce2c72c9ead5667245865ecf5dbffd85e9c1a796c9fb0dd8c422a5c4ba93442ac7206e5afdb4","ssdeep":"","tlshash":"dc51003c7122de49ee4e3945343eec3e304fa2478ac9cb74c2f8de11448a878ab529d0","size":3094,"data":"","first_seen":"2026-04-28T16:15:33.022533Z","last_seen":"2026-04-28T17:01:19.018519Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/b8cab6e606b7ac9b.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8effabece4c4b25f0c32eca50d60a9cc","sha1":"ee96ec16991a4077f75eecef32bd2dc6b8bc6c8c","sha256":"876f7adba1aa1e6743efe3349912ccdb2028a55e90085a0954419e496057f600","sha512":"3278b4de5f23df10051ce8ad1354620eb3ac7246d51f6e877902c4fd67ddb97421050cc169699adedd697e4e9d029c4c83e5b2ab4361a03342cde40c186ad561","ssdeep":"","tlshash":"594154c862009d7db23702e93176b14cb25b2b68d84f5876f63eb867390651bb9523cd","size":2033,"data":"","first_seen":"2026-01-21T11:02:40.602784Z","last_seen":"2026-04-28T17:01:18.981258Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/turbopack-73e24dd78409dfe7.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa773b7f59f3664c2d88c163a65d344e","sha1":"55eedcedb14ebf7bd9bc9465cb6d315455e4d369","sha256":"26437e3965b51c1021bd1a01695a7943a2e0399b777a4f7384372918c097649a","sha512":"67c0ff2c53de7b79d675275f731409da5faf3840fe375cd6da3b64bfc72223b60f72534109dde6dcc9625f8079d321711c83d72b2e5913b75cfdc3257ceeb11f","ssdeep":"192:R7iSFn8/Esp1Uj5EG5T1uCO9ledFMhMrg4W9PZcxkUk1IsS:R7iS2gvO9lenkJZZQl","tlshash":"0022d6da33a6f07743afa5e6907f4044f17904a8141d581c93aca8fb383946e49e3f27","size":10232,"data":"","first_seen":"2026-04-28T16:15:32.912088Z","last_seen":"2026-04-28T17:01:19.000562Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17939047489\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4afffc683146ec2f5cdff0f7ec495d1e","sha1":"240e4e5ff485ab4cd7c3dd93b4df24146652ab88","sha256":"4fde2525350dddefd56951a637f8f3ce9a68e3e70fb5badeffc5e9f7097ffea0","sha512":"074e4a460ebfcfbb613adadca5ac68cc75048a3674857d7f69cb2bab2f46907af1f012f908d761e81ca56a655332dd2bcc991486b989fb409622f04a6de2b701","ssdeep":"6144:m+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:5YrMGYY64GG3kh","tlshash":"ad8429cdb3d6705653a3b478903f018ba27a7992f84cc899f185c8e42e7469a4277f7c","size":391253,"data":"","first_seen":"2026-04-28T16:15:32.944468Z","last_seen":"2026-04-28T16:15:32.944468Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17954540541\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"964a3b427991736f954571f9a9300277","sha1":"a8c70b3fdf621b882d2dbdbf79340fa3602cc214","sha256":"ef796d34a97374b2c867b9078044906fc09ca3929655aec7bee554951b1f449b","sha512":"76795a4afd31723d94f85379734b1f55a4195d5af73aaa473e0a01db97263bda2d5e08572a93e299cc75a9a674518713d6ebf1c98e1c15cb9ed856f865d3af46","ssdeep":"6144:i+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:lYrMGYY64GG3kh","tlshash":"168419cdb3d6705653a3b478903f018ba27a7992f84cc899f185c8e42e7469a4277f7c","size":391253,"data":"","first_seen":"2026-04-28T16:15:33.000531Z","last_seen":"2026-04-28T16:15:33.000531Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"f5e515a36b6ce511eb4867b70f20d326","sha1":"cfa8056e69bff27e80da51f614f004a242f772d2","sha256":"b21c0d18028d625f2ebd671dee310f420a1643b688107cb64b964cdba2b7466e","sha512":"860b4e181d8158e89e6fd71790fff007b3e5e818b02c9eddd3f2e25064cfa267348e12930fe8d8d6819d9e16440405b8af6d002c080c3ecc8ad74aba05f06450","ssdeep":"","tlshash":"2b719f386116dd9cfd4b3944347fac2e514de35b8a5acf25c2e8e92296cac386f529c0","size":3649,"data":"","first_seen":"2026-04-28T16:15:33.023506Z","last_seen":"2026-04-28T17:01:19.01935Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/8eecb0986a60c97d.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2680f995f564a138d90515762ad26a75","sha1":"53e3dcd8f4bfd6ff04748df9bf711ae6a97ef6ff","sha256":"5821e0f0568cbb473ac966a9e7fc360348d4541be101092f409a42cd7919b939","sha512":"39411cedc598418bfd63a62d253458313b57412000259b602c0765b8fdaaa4c39c985067ae2d7c2dcd7ac11b3632413f3f094343a2a28e5282bdc0001c310e89","ssdeep":"","tlshash":"0f21dcab5790840b1581e38c8d17640658d807bc13c2244af0cba472d361d8b18e0b7b","size":1186,"data":"","first_seen":"2026-04-28T16:15:32.998392Z","last_seen":"2026-04-28T17:01:19.008181Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"85e4d3710be9a6974a1fd249e5fd0ffa","sha1":"7fe438726a9bcd95dcd1acde93101d60bc604b9e","sha256":"c9f52e85a9745749f1d334c5e4b51831e1ebf327c3049769476dbd57341612e8","sha512":"7637543e83fc34be81d4c71a643bc4efda0758e9898c105e783c1445934befbfc378afdf0df1c20655cb321363b72c9a5135c65c52ff5991a78bc865628129fb","ssdeep":"","tlshash":"d0f0a95d6c08de11dd2a3c6a163b9eba00cccc73c258cd6c929ecd4a16196f22385941","size":654,"data":"","first_seen":"2026-04-28T16:15:33.024389Z","last_seen":"2026-04-28T17:01:19.019895Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"06db8a03e12c4bb1b92319149e0bbcc4","sha1":"10347c7edfb285147e9b71cd05a5b0ca4f1a4cad","sha256":"60081a6e7c65bbce2c024e3a3f56d7ab9e3bc7645d93c9e61d8891d86b93ccb8","sha512":"f891f43d01d275e4506a57fe53ba735b45de1f2248bf027debff295dea444753f1f9437e7e7ea3580dc4e0986468efca0a94be6c7c4b3f561611e2abc38e9c20","ssdeep":"","tlshash":"35c08090cc42cc1dc6660f261c3a1c3521dcc978074595469dd9ed281985b3115b5d89","size":178,"data":"","first_seen":"2025-10-11T22:37:13.519525Z","last_seen":"2026-04-28T17:01:19.020459Z","times_seen":74,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"47f61a806dc0c456c967ff6fa30b199a","sha1":"c2d829469c69e6072c270affb85ae209a3fb2c86","sha256":"8b715bae438655c5d63704c6f219daf6301f29d84994ac268fa8b8e9d65ddc37","sha512":"7188bb1d6e630d57608aa161c8a4cb2538fa104d135d40b0bd5483cf89683ce7d0e5cbbd30f53404436cf425b1968948bcba30699f3af0a27c827501d3754934","ssdeep":"","tlshash":"47c02b35c80efc107830cc0e00141b27c2acc83c00304d04732dc0c84132815130cc55","size":144,"data":"","first_seen":"2026-02-25T02:46:58.551852Z","last_seen":"2026-04-28T17:01:19.02098Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9ee58b22f2bf381299625d1236b44385","sha1":"b80cff354561e5af2b3037943d7fd7ce5c67c5a9","sha256":"962ef7ea52fc66162b612dd5e965a802e52797aae8074510fbc02af7448735ab","sha512":"d45da9cf1a6a9c6089ff150a401eaf3bda07fd8e68755d109b322900ad437015776405ad6e1a654876483dc5b96f2fb62cfef6db4b9a09b941a06f8612216ece","ssdeep":"","tlshash":"57518f712c55cd0c97871e083e7a2d77a4cc93d21ba6b696f1bcdd2401cec36eae8650","size":2971,"data":"","first_seen":"2026-04-28T16:15:33.026682Z","last_seen":"2026-04-28T17:01:19.021511Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17962524341\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"aecf73bba3eade683adb1316cdc75214","sha1":"2699c9e7ade832596fb756261df67070f5663598","sha256":"63ee7b76559d32ae4343a556fa587be535ec31331baa243c54706bc6c7febf5b","sha512":"096a845ac26758c5a6d71c8005e5d9c0c1cda17e430d4e721fea96a62d541751cf44931325cae8a795827ef6671f52c4e7129659f8f210828f1d8c005c7003b3","ssdeep":"6144:kXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:t7DxYr2JYwyJ2","tlshash":"f88419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","size":392030,"data":"","first_seen":"2026-04-28T16:15:32.989061Z","last_seen":"2026-04-28T17:01:19.00423Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/ff1a16fafef87110.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5458632ee5cb3da028baebb11d5f70dd","sha1":"57e264834d3635e52fbbd3d93135842c09ce8525","sha256":"e9786b1305894e4119bb9811a816dac9cf576755596dd989ee15b455749fc35e","sha512":"28ae4e3a3828f99d64b7d4bfc7238d56c9ad910ce267dcb6c01e53be00c88f8a7f024640680d2bd66240a9972322744ee9147883a12ff8c92717c27ebb3fef50","ssdeep":"","tlshash":"63d02b702150f8d84086a4cc8836424bf52928b262fe3895d7ae8cb16174f0c51e1e55","size":282,"data":"","first_seen":"2025-08-20T23:30:20.185011Z","last_seen":"2026-04-28T20:09:06.597459Z","times_seen":18159,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/bea06cd372cb18e1.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"492453a6a1b357aa541b014434495f73","sha1":"f5fb18053280fd0186c43515e8889f42761dcb6f","sha256":"647422b16b882c877e347e1592feb204e4da59535706205d08e7179301351940","sha512":"2aa2110550761218782308bcc47b074e0e1a6df713e71d9ad71f6b8ae9c930aa4a2ff82d48c1721e33f2f04d485ff09130d6dade1105c97450ed4bbef4110733","ssdeep":"","tlshash":"314153c86200dd7da27702d83136f508b26a2a6cc85ba876f53d7c62391551b78927cd","size":2103,"data":"","first_seen":"2026-01-09T02:37:02.14821Z","last_seen":"2026-04-28T17:01:18.999081Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/7d6514a90169e63d.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9cbccd398b98ff0dc5340799770beaf2","sha1":"025684d4b9edcabd29b5e3867d0b7cd6cd854b9a","sha256":"4a35cdeb35ee9081593347d98a78fc62699dd6aa8611cd7be24d112c5fc75f2b","sha512":"2f626c9bcd97834cc130b20dac911ede3086bc12e3e95b5c04f02ae1678a3d5e787dc2d94b4e19b8d70780013684dc19c456b398fc166a9e96e48a21c0ba51f3","ssdeep":"1536:sNc9IxBQi6ha/rzjJ2MnwFZMtOsSjPNziiX8JfFm:svP6M3j0M3tOsqhX8Fm","tlshash":"94b3f8f935d5f48207ab44a6c03f0006f32c5d37149e68a0a3e5edda746499de1b3faa","size":111078,"data":"","first_seen":"2026-01-28T20:33:18.012918Z","last_seen":"2026-04-28T18:06:32.049513Z","times_seen":630,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"57b0fea44f64a187cf347526493a4fb9","sha1":"0172ee4f9f97380fd5c6a9e7c8e540acea5053f4","sha256":"3516a89af2d17c3c8b82e348ef28802341a3b1a93b4b9de287977a222f777fa8","sha512":"558f7dafebb63d9c8762247055d786c452cc471e40dc94d2b4cce6f35a82a1f0e31cf8441361529f4600e3884539a846edd464bb07d110acdcad848d3dad71c4","ssdeep":"","tlshash":"45800474c1400c35c035405314341305017f400d00014740d35455445031105550ddcd","size":35,"data":"","first_seen":"2024-03-15T07:04:26Z","last_seen":"2026-04-28T17:01:19.022136Z","times_seen":117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=11\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245042152za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954475023\u0026tid=AW-17954475023\u0026tft=1777392889937\u0026tfd=2639","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=11\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245042152za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954475023\u0026tid=AW-17954475023\u0026tft=1777392889937\u0026tfd=2639 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245314015za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~117884344~118128922~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938295145\u0026tid=AW-17938295145\u0026tft=1777392890177\u0026tfd=2879","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245314015za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~117884344~118128922~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938295145\u0026tid=AW-17938295145\u0026tft=1777392890177\u0026tfd=2879 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\npragma: no-cache\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245009369za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117384406~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17960246516\u0026tid=AW-17960246516\u0026tft=1777392889579\u0026tfd=2281","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245009369za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117384406~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17960246516\u0026tid=AW-17960246516\u0026tft=1777392889579\u0026tfd=2281 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=18\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0h1v9245317276za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616986~115938466~115938468~117266401~117884344~118167058\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938232522\u0026tid=AW-17938232522\u0026tft=1777392890603\u0026tfd=3305","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=18\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0h1v9245317276za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616986~115938466~115938468~117266401~117884344~118167058\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938232522\u0026tid=AW-17938232522\u0026tft=1777392890603\u0026tfd=3305 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\npragma: no-cache\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2FClickBus%2Fdestinos%2Fconheca%2Fconheca-destino-cidade.webp\u0026w=384\u0026q=75","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2FClickBus%2Fdestinos%2Fconheca%2Fconheca-destino-cidade.webp\u0026w=384\u0026q=75 HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=31536000, must-revalidate\r\ncontent-disposition: attachment; filename=\"conheca-destino-cidade.webp\"\r\ncontent-length: 20020\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\ncontent-type: image/webp\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\netag: euagDUwjsVesWfvaTU0Bi-WsNdwYIRnFUlXrKmLR3co\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept\r\nx-cloud-trace-context: 5c9ecc7b845c2284be24b6eec655a7d5\r\nx-nextjs-cache: HIT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":20020,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 384x257, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ab4913337f60545a82e852d3ab95009b","sha1":"c48da70f4ce6eed9a49de32262aa6e13421de7d7","sha256":"7ae6a00d4c23b157ac59fbda4d4d018be5ac35dc182119c55255eb2a62d1ddca","sha512":"19451ce49aeba9b9377bc18202c79d1a79d8f2824e2453cca2980d225fa3849130d3f1a4aa0956e6940f5d34467e8b959475036e08341ae4d1298032e5641559","ssdeep":"384:CqpTK3ZYYNixszIwgrGRlfLYPtyYjrB7Y8ftHKi2n6LSRpgGqM:KpjNTEwgczYPtFxftSn6PGqM","tlshash":"6492e1cacae0d292f6b56bd814b513e1f463e4a00a2979dddc446d5f08d32b8ef53581","first_seen":"2026-02-14T19:48:49.892882Z","last_seen":"2026-04-28T17:01:19.002429Z","times_seen":4,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245168178za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17962524341\u0026tid=AW-17962524341\u0026tft=1777392889854\u0026tfd=2556","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245168178za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17962524341\u0026tid=AW-17962524341\u0026tft=1777392889854\u0026tfd=2556 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\ncontent-type: text/plain\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245162437za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954416201\u0026tid=AW-17954416201\u0026tft=1777392890080\u0026tfd=2782","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245162437za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954416201\u0026tid=AW-17954416201\u0026tft=1777392890080\u0026tfd=2782 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncontent-type: text/plain\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=5\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0h1v9245323878za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117884344~118167059\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938906868\u0026tid=AW-17938906868\u0026tft=1777392890653\u0026tfd=3355","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=5\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0h1v9245323878za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117884344~118167059\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938906868\u0026tid=AW-17938906868\u0026tft=1777392890653\u0026tfd=3355 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245324425za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939041333\u0026tid=AW-17939041333\u0026tft=1777392890547\u0026tfd=3249","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245324425za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939041333\u0026tid=AW-17939041333\u0026tft=1777392890547\u0026tfd=3249 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\npragma: no-cache\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=5\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0h1v9245323878za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117884344~118167059\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938906868\u0026tid=AW-17938906868\u0026tft=1777392890653\u0026tfd=3355","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=5\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0h1v9245323878za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117884344~118167059\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938906868\u0026tid=AW-17938906868\u0026tft=1777392890653\u0026tfd=3355 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\npragma: no-cache\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slelguoygbfzlpylpxfs.supabase.co/storage/v1/object/public/test-clones/45686cc3-0404-4300-94d5-043481b2e5cc-clickbus-com-br/assets/svgs/google_play_new-4.svg","fqdn":"slelguoygbfzlpylpxfs.supabase.co","domain":"slelguoygbfzlpylpxfs.supabase.co","tld":"supabase.co"},"ip":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supabase.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 06:43:00 GMT","end":"Sun, 31 May 2026 07:42:47 GMT"},"fingerprint":{"sha1":"9E:9E:40:F8:56:B5:7F:B2:5C:52:C4:07:26:47:4E:69:AD:77:F0:96","sha256":"39:8B:CC:E2:D9:95:CB:23:CB:09:2A:93:7B:5B:58:BD:95:B4:08:A4:5F:BF:89:AB:7B:B1:14:03:47:89:AE:7D"}}},"request":{"raw":"GET /storage/v1/object/public/test-clones/45686cc3-0404-4300-94d5-043481b2e5cc-clickbus-com-br/assets/svgs/google_play_new-4.svg HTTP/1.1\r\nHost: slelguoygbfzlpylpxfs.supabase.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\ncontent-type: image/svg+xml\r\ncf-ray: 9f375cadfb1cb4ff-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=3600\r\ncontent-encoding: br\r\netag: W/\"cdfff261ec0db027538c5e26cff7ad98\"\r\nlast-modified: Sun, 08 Feb 2026 11:09:12 GMT\r\nserver: cloudflare\r\nsb-gateway-mode: direct\r\nsb-gateway-version: 1\r\nsb-project-ref: slelguoygbfzlpylpxfs\r\nsb-request-id: 019dd4df-28be-7ae4-9a42-e75ace451783\r\nx-robots-tag: none\r\nx-smart-cdn: true\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: __cf_bm=bJ24mTM.vqVhKx6SbOgCDjFtBEZBcrosm.WZgkrlfD8-1777392887.9946094-1.0.1.1-ReRfZrUYAWyttYW9LOZRjdL0ud8xzBpVD945GHlFewloMVwNZLt4zCJOKnU.ND4j.hA2IcIC0.Uau3v9uyHVEi0NVT20OZl78BKWSBgC4_ZZiD4vNTkKVjN8F3ZgGOsj; HttpOnly; Secure; Path=/; Domain=supabase.co; Expires=Tue, 28 Apr 2026 16:44:48 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8466,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cdfff261ec0db027538c5e26cff7ad98","sha1":"d7295a72d5ede37805f5f96d183e85c5db47d2f5","sha256":"dc85a20ca9fc21f10701216a0908b6250b865b9c4de8e5c27d6cff9d91b56094","sha512":"acb5c96032140729c0408d5e8e57764c80b743ba471e1928be2af7e3df065ac8701ca9aba1e0c34347c517bd7171da6d05f4351c758738d94ee11a29d1b99640","ssdeep":"192:iRDqBHJLCZEP0wCyO7yyQAy6aqrgd+Gf0qG5jJL8RKUk:iQBpLCZEdOfNrQ+Gsn9L8U","tlshash":"2302d7dafb34a2f9e184f3b89505a4a1284b54a2ab42d638c3e38e1ae5620dd551dcc3","first_seen":"2026-02-14T19:48:49.904122Z","last_seen":"2026-04-28T17:01:19.001253Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1023,"timings":{"blocked":73,"dns":31,"connect":3,"send":0,"wait":847,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/9615397dc5f70c9e.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/9615397dc5f70c9e.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"96eb-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":38635,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (28148)","md5":"f6e5344b02f87c1de19043bcb67231b6","sha1":"561a36fd2415807a9d66d328c8270daa41f8d192","sha256":"1818f7ccbd15c6487ec4d1751da3bfdd9ebaa96ffcacba8d9e7f0e6f763785d5","sha512":"b349e26dec051d6341d2693ba0894858f4fe1653650c3336831f4f79c96adaaf7025bb78bdbde5dc95e7b3b6c4c447ee271595fa2ad687944a7a7c75965c6ed2","ssdeep":"768:sS+J56JKJ6lZjqtIMj+TxziE4dWjlmGSEINjyT+0fNAjNhXcac+sV/vwmwWJPY87:sS25DOeXSoG+kfNAL4FeB3Y","tlshash":"84032a99b395fec8560a87d0e42fd00db13f3e789e1ad474a2f86c452e044d8b51afe6","first_seen":"2026-04-28T16:15:32.906982Z","last_seen":"2026-04-28T17:01:19.01111Z","times_seen":2,"resource_available":true,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/notosans/v42/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mnPyxVig.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:48.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/notosans/v42/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mnPyxVig.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 35928\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Apr 2026 11:02:25 GMT\r\nexpires: Fri, 23 Apr 2027 11:02:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 450743\r\nlast-modified: Wed, 10 Sep 2025 16:23:36 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35928,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 35928, version 1.0","md5":"a317875aac104234bd7c39df8c501fbb","sha1":"870661970316f61acaab613e3209b9c09e2961f3","sha256":"065e2ab41209dcd60b1c88517c71a741803e3b0647059cb8ee7efff522ed1d40","sha512":"619f405a133ec8227767f08c598399a737d30cea6f76d3c065d2d97ce162bae040ced7fca13ed874d66a1f98472a3a07cf12bb146f432c8d4df24745488e13d0","ssdeep":"768:ybZHErhpxKts8YgN3IJe53ZnJREjqvYSVgXsdp+v0Gd:ybxErktsfgN3fXlicOzd","tlshash":"bef2f11c1a34eb974328047b840084b533ea6da7d63192b121a5fb44cca46fafecfdd6","first_seen":"2025-09-11T17:08:53.61315Z","last_seen":"2026-04-28T20:27:38.545544Z","times_seen":19837,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":83,"dns":0,"connect":0,"send":0,"wait":27,"receive":62,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17960346333\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17960346333\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:58:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 142886\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":419674,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"6755f96320f77a33030d8cad9306e0b9","sha1":"6eb5b8c9342fd8c1ebc40aac3252357941197ca3","sha256":"ac207b66045d4fd4d011830710d46cce6351a625a3407a0e96b42bd9615bb840","sha512":"b8b380f4818b7a1028f6af553a2b0851fa4fbc5b2e44c5a09f21e708491b39aa06ce5d2b7798ffe1208e990cda2310b3f0079810a6af630b8f187819e81c44fe","ssdeep":"6144:ZXY72UJEQ2KZpbPN2JYtCcq8WDUEOtSZuKaBBJh:W7D2Yr2JYwvJk","tlshash":"bd9408cdb3d6745253a3b478903f018ba17a79a2b44cc89af185cce42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.91023Z","last_seen":"2026-04-28T17:01:19.000066Z","times_seen":2,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":109,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=0\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-17275402659\u0026tid=AW-17275402659\u0026tft=1777392889168\u0026tfd=1870","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=0\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-17275402659\u0026tid=AW-17275402659\u0026tft=1777392889168\u0026tfd=1870 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/td?id=AW-17938906868\u0026v=3\u0026t=t\u0026pid=357537659\u0026gtm=45be64r0h1v9245323878za200\u0026seq=1\u0026exp=0~115938466~115938468~117266400~117884344~118167059\u0026dl=clickpromosbr.com%2F\u0026tdp=AW-17938906868;245323878;0;2;0\u0026frm=0\u0026pcid=_AW-17275402659\u0026bt=0\u0026ct=3\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /td?id=AW-17938906868\u0026v=3\u0026t=t\u0026pid=357537659\u0026gtm=45be64r0h1v9245323878za200\u0026seq=1\u0026exp=0~115938466~115938468~117266400~117884344~118167059\u0026dl=clickpromosbr.com%2F\u0026tdp=AW-17938906868;245323878;0;2;0\u0026frm=0\u0026pcid=_AW-17275402659\u0026bt=0\u0026ct=3\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:46:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgtc:46:0\r\nreport-to: {\"group\":\"ascnsrsgtc:46:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:46:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245322435za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401~118167060~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939047489\u0026tid=AW-17939047489\u0026tft=1777392890231\u0026tfd=2932","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245322435za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401~118167060~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939047489\u0026tid=AW-17939047489\u0026tft=1777392890231\u0026tfd=2932 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245122540za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938468~117266400~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17962594608\u0026tid=AW-17962594608\u0026tft=1777392890288\u0026tfd=2991","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245122540za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938468~117266400~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17962594608\u0026tid=AW-17962594608\u0026tft=1777392890288\u0026tfd=2991 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\ncontent-type: text/plain\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/turbopack-73e24dd78409dfe7.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/turbopack-73e24dd78409dfe7.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"27f8-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":10232,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6402)","md5":"aa773b7f59f3664c2d88c163a65d344e","sha1":"55eedcedb14ebf7bd9bc9465cb6d315455e4d369","sha256":"26437e3965b51c1021bd1a01695a7943a2e0399b777a4f7384372918c097649a","sha512":"67c0ff2c53de7b79d675275f731409da5faf3840fe375cd6da3b64bfc72223b60f72534109dde6dcc9625f8079d321711c83d72b2e5913b75cfdc3257ceeb11f","ssdeep":"192:R7iSFn8/Esp1Uj5EG5T1uCO9ledFMhMrg4W9PZcxkUk1IsS:R7iS2gvO9lenkJZZQl","tlshash":"0022d6da33a6f07743afa5e6907f4044f17904a8141d581c93aca8fb383946e49e3f27","first_seen":"2026-04-28T16:15:32.912088Z","last_seen":"2026-04-28T17:01:19.000562Z","times_seen":2,"resource_available":true,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17962594608\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17962594608\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:58:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135910\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":392030,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"5f3e739501e075af1d7da030529d1cb4","sha1":"045e008d7db7e1023ba143979c8029deb0043d77","sha256":"4000fc4e2f722418effb3b0e443cc4bb28c7e697f1c82d238bf923696b718380","sha512":"d87db60c0547e8367709c239cafde10d15cc8921726d40716ca0972641ebcc920a653d525fdbec9942fa55ecaae398c8453cd3baa5c8dd726482bfbed6e00fbc","ssdeep":"6144:xXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:e7DxYr2JYwyJ2","tlshash":"838419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.914318Z","last_seen":"2026-04-28T17:01:18.980005Z","times_seen":2,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":106,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=0\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-17275402659\u0026tid=AW-17275402659\u0026tft=1777392889168\u0026tfd=1870","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:37:36 GMT","end":"Mon, 22 Jun 2026 08:37:35 GMT"},"fingerprint":{"sha1":"08:79:9D:7F:DB:8C:0A:9F:3E:E2:C7:8A:F2:4D:E4:E2:5B:36:28:22","sha256":"07:42:F0:13:40:B6:A1:62:31:62:8E:96:2F:96:8C:7C:C0:5B:F0:8A:DB:0B:A6:E2:44:14:41:7D:B2:7C:B9:74"}}},"request":{"raw":"POST /ccm/collect?rcb=0\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-17275402659\u0026tid=AW-17275402659\u0026tft=1777392889168\u0026tfd=1870 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\npragma: no-cache\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":96,"dns":0,"connect":21,"send":0,"wait":30,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=18\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0h1v9245317276za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616986~115938466~115938468~117266401~117884344~118167058\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938232522\u0026tid=AW-17938232522\u0026tft=1777392890603\u0026tfd=3305","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=18\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0h1v9245317276za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616986~115938466~115938468~117266401~117884344~118167058\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938232522\u0026tid=AW-17938232522\u0026tft=1777392890603\u0026tfd=3305 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\npragma: no-cache\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slelguoygbfzlpylpxfs.supabase.co/storage/v1/object/public/scripts/orchids-browser-logs.js","fqdn":"slelguoygbfzlpylpxfs.supabase.co","domain":"slelguoygbfzlpylpxfs.supabase.co","tld":"supabase.co"},"ip":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supabase.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 06:43:00 GMT","end":"Sun, 31 May 2026 07:42:47 GMT"},"fingerprint":{"sha1":"9E:9E:40:F8:56:B5:7F:B2:5C:52:C4:07:26:47:4E:69:AD:77:F0:96","sha256":"39:8B:CC:E2:D9:95:CB:23:CB:09:2A:93:7B:5B:58:BD:95:B4:08:A4:5F:BF:89:AB:7B:B1:14:03:47:89:AE:7D"}}},"request":{"raw":"GET /storage/v1/object/public/scripts/orchids-browser-logs.js HTTP/1.1\r\nHost: slelguoygbfzlpylpxfs.supabase.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\ncontent-type: text/javascript\r\ncf-ray: 9f375cadeb09b4ff-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=public, max-age=300\r\ncontent-encoding: br\r\netag: W/\"178d2cfb698af2d2118d210a26b74417\"\r\nlast-modified: Sun, 08 Feb 2026 09:31:53 GMT\r\nserver: cloudflare\r\nsb-gateway-mode: direct\r\nsb-gateway-version: 1\r\nsb-project-ref: slelguoygbfzlpylpxfs\r\nsb-request-id: 019dd4df-28b4-70e9-9212-6ec850959784\r\nx-robots-tag: none\r\nx-smart-cdn: true\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: __cf_bm=AbSB7aww_E54NKuHzItgw_xQo1K5gMlINS6QHr8Ce28-1777392887.9827733-1.0.1.1-5sw_M5eKa4l5tVTi_4zlFs5dn7DOCbLJqxy.AuNjFVHGi4QRjwB92Tv_yC9wTa71dA_IJjie4pzueW2EiiPEpzWqUXs.tkY1x_pJXKh4zwEeF1UlpR4XLvHS_aSeMLgt; HttpOnly; Secure; Path=/; Domain=supabase.co; Expires=Tue, 28 Apr 2026 16:44:48 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":9919,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"178d2cfb698af2d2118d210a26b74417","sha1":"d3da8cf02d5f45939da3106341c7c502bab584ab","sha256":"9e35eb68fcc4dfddc5021b0f11e870d7594e5c79890f1d3ad701107dc3cf7035","sha512":"af9997b2dc2e706f68e1f2a86713b878360fa383c29b2e76d21f78fbfe5c2813b6ef6b843bf2192680c7f5e4b168dce42055e4e0e3377d554a0ce7f9ac28e3b0","ssdeep":"192:G2bvjMa1hQuTQDeWGoRaQNTRYHnM+7plSKQyfDMXd4IqIxoFkaEsr+mwAMe/Be/+:Gjuvy4HXWgX","tlshash":"fb22525b6df360255113203a9b8b6d05b136e813354ef8babb9c4354afc0965c2f3bd9","first_seen":"2026-02-11T21:21:42.779616Z","last_seen":"2026-04-28T17:01:19.008647Z","times_seen":30,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":11,"connect":3,"send":0,"wait":97,"receive":0,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slelguoygbfzlpylpxfs.supabase.co/storage/v1/object/public/scripts//route-messenger.js","fqdn":"slelguoygbfzlpylpxfs.supabase.co","domain":"slelguoygbfzlpylpxfs.supabase.co","tld":"supabase.co"},"ip":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supabase.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 06:43:00 GMT","end":"Sun, 31 May 2026 07:42:47 GMT"},"fingerprint":{"sha1":"9E:9E:40:F8:56:B5:7F:B2:5C:52:C4:07:26:47:4E:69:AD:77:F0:96","sha256":"39:8B:CC:E2:D9:95:CB:23:CB:09:2A:93:7B:5B:58:BD:95:B4:08:A4:5F:BF:89:AB:7B:B1:14:03:47:89:AE:7D"}}},"request":{"raw":"GET /storage/v1/object/public/scripts//route-messenger.js HTTP/1.1\r\nHost: slelguoygbfzlpylpxfs.supabase.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\ncontent-type: text/javascript\r\ncf-ray: 9f375cadeb06b4ff-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=3600\r\ncontent-encoding: br\r\netag: W/\"de1c0087f5d1e479e34d37485071ce7c-1\"\r\nlast-modified: Sun, 27 Jul 2025 06:13:48 GMT\r\nserver: cloudflare\r\nsb-gateway-mode: direct\r\nsb-gateway-version: 1\r\nsb-project-ref: slelguoygbfzlpylpxfs\r\nsb-request-id: 019dd4df-28b5-77b1-93ed-280ad281d7b6\r\nx-robots-tag: none\r\nx-smart-cdn: true\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: __cf_bm=hyBaIZFvbOf1ZORzG7fMlT95JDxgw02Z_tHOFjN6Jxw-1777392887.9822981-1.0.1.1-JGgucmzN5lUNA2XQopx3EW7ISGORL8mDIszJ3mOK6HDmgFUJQhfgmf8wuCanFX20XDR3M1UoSzvwWIO5GUq_kB1XMYX0sxTGP8_Wg6wfeAOroDQslD67ELP_M5BxFNMY; HttpOnly; Secure; Path=/; Domain=supabase.co; Expires=Tue, 28 Apr 2026 16:44:48 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4232,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"c5361739c6397bd51c7c07ba80720670","sha1":"9673c849f6db02da9649991026ec8d5e5b77a26e","sha256":"99fb917a3cffdfc1a342bb31aa8f5cb595a7206e4853494dbaef11df617c26d1","sha512":"ca8a4ff25f1b002a5b0652787d5b543297edd1e849c414e83656f1a86cd37800c56c00719523f3b984a5714268f4cbffbe541d05cc66f7b11a0141cae8c6199b","ssdeep":"96:ENW+WjSCSG7hdGu1layJCWjIVeuydbiekJPzAWwg4M8rFbOD:ENgnSG7hdGu2yIWEIuydbiekJLAWU7rs","tlshash":"4a91dd4e07f3022789b322592f4b751935329213360ada5c3aacc7c15f18d2bd6e6bdc","first_seen":"2025-08-18T20:36:16.291351Z","last_seen":"2026-04-28T17:01:18.989052Z","times_seen":98,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":30,"dns":32,"connect":3,"send":0,"wait":108,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17954416201\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17954416201\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135696\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":391253,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"017063c42ba90d0d26a64bf60ff6bfd9","sha1":"c7361a244f5ff1eb84e1750029f702911e85fde1","sha256":"80938934c04e31e258844a9b911c09e1cc9f563c9e22111ac533f5ac5dc2b6b5","sha512":"0ded94a9de6d6351d807cfecd6aef6bdf3cec168a7febac933bf51a04acf8e64db84ee6d587bbb2a7c0b3c692728479484866cc36dffc8782fcf8f5ae2ab718d","ssdeep":"6144:V+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:4YrMGYY64GG3kh","tlshash":"3c8419cdb3d6705653a3b478903f018ba27a7992f84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.91999Z","last_seen":"2026-04-28T16:15:32.91999Z","times_seen":1,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":58,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=3\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9244964109za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400~118128923~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17960346333\u0026tid=AW-17960346333\u0026tft=1777392889740\u0026tfd=2442","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=3\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9244964109za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400~118128923~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17960346333\u0026tid=AW-17960346333\u0026tft=1777392889740\u0026tfd=2442 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245162437za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954416201\u0026tid=AW-17954416201\u0026tft=1777392890080\u0026tfd=2782","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245162437za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954416201\u0026tid=AW-17954416201\u0026tft=1777392890080\u0026tfd=2782 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245314015za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~117884344~118128922~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938295145\u0026tid=AW-17938295145\u0026tft=1777392890177\u0026tfd=2879","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245314015za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~117884344~118128922~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938295145\u0026tid=AW-17938295145\u0026tft=1777392890177\u0026tfd=2879 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245425598za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~118167060~118463261\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938373818\u0026tid=AW-17938373818\u0026tft=1777392890334\u0026tfd=3035","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245425598za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~118167060~118463261\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938373818\u0026tid=AW-17938373818\u0026tft=1777392890334\u0026tfd=3035 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slelguoygbfzlpylpxfs.supabase.co/storage/v1/object/public/test-clones/45686cc3-0404-4300-94d5-043481b2e5cc-clickbus-com-br/assets/svgs/app_store_new-5.svg","fqdn":"slelguoygbfzlpylpxfs.supabase.co","domain":"slelguoygbfzlpylpxfs.supabase.co","tld":"supabase.co"},"ip":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supabase.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 06:43:00 GMT","end":"Sun, 31 May 2026 07:42:47 GMT"},"fingerprint":{"sha1":"9E:9E:40:F8:56:B5:7F:B2:5C:52:C4:07:26:47:4E:69:AD:77:F0:96","sha256":"39:8B:CC:E2:D9:95:CB:23:CB:09:2A:93:7B:5B:58:BD:95:B4:08:A4:5F:BF:89:AB:7B:B1:14:03:47:89:AE:7D"}}},"request":{"raw":"GET /storage/v1/object/public/test-clones/45686cc3-0404-4300-94d5-043481b2e5cc-clickbus-com-br/assets/svgs/app_store_new-5.svg HTTP/1.1\r\nHost: slelguoygbfzlpylpxfs.supabase.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\ncontent-type: image/svg+xml\r\ncf-ray: 9f375cadeb15b4ff-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=3600\r\ncontent-encoding: br\r\netag: W/\"d856cc955fd2b88e6971b868e4e056c7\"\r\nlast-modified: Sun, 08 Feb 2026 11:09:12 GMT\r\nserver: cloudflare\r\nsb-gateway-mode: direct\r\nsb-gateway-version: 1\r\nsb-project-ref: slelguoygbfzlpylpxfs\r\nsb-request-id: 019dd4df-28ba-770c-9008-5b2daaa234e5\r\nx-robots-tag: none\r\nx-smart-cdn: true\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: __cf_bm=7AKozPr7whCoZX3f0hyLbGqhovsmkzHtLTlyvXZraUU-1777392887.9902833-1.0.1.1-U_FruRmAhUmoQNNZ7I5gnY_.F2VPohdaZHGc4IQMNUugq9fRofta_Xhbu93xo.ECHvaUsoWxVrij9XrVBXehjNVNHM7ZCehzehBq0W1iBPUU0QlPf.gMctXDOVpMiNm8; HttpOnly; Secure; Path=/; Domain=supabase.co; Expires=Tue, 28 Apr 2026 16:44:48 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":9199,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d856cc955fd2b88e6971b868e4e056c7","sha1":"573fc94d58c54f4707b55bceb3dca9aae74d0532","sha256":"c5ee018433de0a5300b5cbdd47ac54b116203fe0302fc9baa5e2e0c86293f320","sha512":"af3c678d8a7d5b83ce3d2a820f614be751a1bca6af07d2591a85cdfdfa8db28a14291077fbc8085faf92d1cfaad967b6aeb1a685e78754588f4d388609d34fed","ssdeep":"192:TH/QWAj/dYr8G8LIyMhtVS16fCHgxIpYxnW:D/QWAj/qrL8LmZKHuIqxW","tlshash":"d51296dc274466e07a44f3f9ea0210b9b28f64f97979e29cc7842e97f95149d4cc98c3","first_seen":"2026-02-14T19:48:49.873066Z","last_seen":"2026-04-28T17:01:18.988398Z","times_seen":4,"resource_available":false,"data":null}},"time_used":932,"timings":{"blocked":71,"dns":29,"connect":3,"send":0,"wait":765,"receive":0,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Noto+Sans:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:48.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Noto+Sans:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 28 Apr 2026 16:14:48 GMT\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12680,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"6ecb6fe0b57980a0e2d15c01d12dd9df","sha1":"c1c8ef10651cb14b21cf34f792b87fc1123fcfb5","sha256":"d26577c727f4b7a956cb0c31d95766780f8af659f10cde72b4b389dfe7116f4e","sha512":"cc46dc8c8547b292c5d4a83f6aaa98914cbc1e62d418091beb12a410cbb3e1b331bbcffaa31019b836536f943183d39af10b1205f54608dd7583c436f6d17611","ssdeep":"192:Mq8qg9x3xI/7WUqrBfWx3aIA79Jq6suHx3LI17oSqRbVox3cIO7HC:7Mr+nMzS/","tlshash":"5a42a9a8805bc484ab434cd637df7e26ad1fa1212454d27d9bf859989cabc3a433178e","first_seen":"2025-09-16T20:06:37.993348Z","last_seen":"2026-04-28T17:01:18.9875Z","times_seen":124,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":81,"dns":0,"connect":21,"send":0,"wait":35,"receive":0,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17954618767\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17954618767\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:58:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135909\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":392030,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"1d45210f6ddaed7bfd003099792ff6bc","sha1":"6315e262857edbd4fc8e54066905cd5858d92b20","sha256":"03cb2b7c23fba35a1207d616ce321fa3f11543d0f6d8c743bdc6d0cf7eb8c24c","sha512":"a9dc1377a0bafb25683d411beef1a3ff69f9b6fade18aaf7c2da6c239b5bb920ed40da2e1b7431f132b52996ce27b37a65928b15f3e57821dce695de39f0253a","ssdeep":"6144:2XY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:L7DxYr2JYwyJ2","tlshash":"038419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.927632Z","last_seen":"2026-04-28T17:01:18.9924Z","times_seen":2,"resource_available":true,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245322435za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401~118167060~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939047489\u0026tid=AW-17939047489\u0026tft=1777392890231\u0026tfd=2932","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.244Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245322435za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401~118167060~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939047489\u0026tid=AW-17939047489\u0026tft=1777392890231\u0026tfd=2932 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\npragma: no-cache\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245324425za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939041333\u0026tid=AW-17939041333\u0026tft=1777392890547\u0026tfd=3249","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245324425za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939041333\u0026tid=AW-17939041333\u0026tft=1777392890547\u0026tfd=3249 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2Fdestinos%2F07-rj.jpg\u0026w=384\u0026q=75","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2Fdestinos%2F07-rj.jpg\u0026w=384\u0026q=75 HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=31536000, must-revalidate\r\ncontent-disposition: attachment; filename=\"07-rj.webp\"\r\ncontent-length: 7614\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\ncontent-type: image/webp\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\netag: y6kon2lhM5X903jYDF3Q28YW2GmT6iWyYnuegY33hwo\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept\r\nx-cloud-trace-context: f0257aaa527cda13be24b6eec655a0c9\r\nx-nextjs-cache: HIT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":7614,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 285x285, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"db2ecce465ad3ae8f1462020e992cbc5","sha1":"39d17e570bdbc6af38a99c459a8286a4bef742eb","sha256":"cba9289f69613395fdd378d80c5dd0dbc616d86993ea25b2627b9e818df7870a","sha512":"38519fd99445c683e2e07b7386b89f3122fa7434d546f65a1ee4ccd737ac6929dc901d046838075946802d14aacc96633cdd980df967316cf7df82c454b0d64b","ssdeep":"192:YOV5vkiv+RVXG2TkqwIMsMV6pw6rdXfCx+/okkz:paivoTTkrIMv69Bfu+/xc","tlshash":"88f1af5c487ca1b6de624b670acb8e2643008fe73747f46c2f42e14c8c17769a661f25","first_seen":"2026-02-14T19:48:49.883561Z","last_seen":"2026-04-28T17:01:18.98689Z","times_seen":4,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/api/places?query=Oslo","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /api/places?query=Oslo HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z; _gcl_au=1.1.1516045595.1777392889\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0\r\ncdn-cache-control: no-store, no-cache, must-revalidate\r\ncontent-type: application/json\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: 0\r\npragma: no-cache\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nsurrogate-control: no-store\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvercel-cdn-cache-control: no-store, no-cache, must-revalidate\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d751713988987e9331980363e24189ce","sha1":"97d170e1550eee4afc0af065b78cda302a97674c","sha256":"4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945","sha512":"b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af","ssdeep":"","tlshash":"c7100000000000000000000000000000000003000000c0000000000000000000000000","first_seen":"2023-03-08T00:02:47Z","last_seen":"2026-04-28T20:24:26.501822Z","times_seen":251993,"resource_available":true,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":491,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245009369za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117384406~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17960246516\u0026tid=AW-17960246516\u0026tft=1777392889579\u0026tfd=2281","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:37:36 GMT","end":"Mon, 22 Jun 2026 08:37:35 GMT"},"fingerprint":{"sha1":"08:79:9D:7F:DB:8C:0A:9F:3E:E2:C7:8A:F2:4D:E4:E2:5B:36:28:22","sha256":"07:42:F0:13:40:B6:A1:62:31:62:8E:96:2F:96:8C:7C:C0:5B:F0:8A:DB:0B:A6:E2:44:14:41:7D:B2:7C:B9:74"}}},"request":{"raw":"POST /ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245009369za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117384406~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17960246516\u0026tid=AW-17960246516\u0026tft=1777392889579\u0026tfd=2281 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncontent-type: text/plain\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245324508za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401~118128923\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938908374\u0026tid=AW-17938908374\u0026tft=1777392890430\u0026tfd=3132","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245324508za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401~118128923\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938908374\u0026tid=AW-17938908374\u0026tft=1777392890430\u0026tfd=3132 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=8\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245170320za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117884344\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954541018\u0026tid=AW-17954541018\u0026tft=1777392890127\u0026tfd=2829","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=8\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245170320za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117884344\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954541018\u0026tid=AW-17954541018\u0026tft=1777392890127\u0026tfd=2829 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245324508za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401~118128923\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938908374\u0026tid=AW-17938908374\u0026tft=1777392890430\u0026tfd=3132","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245324508za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266401~118128923\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938908374\u0026tid=AW-17938908374\u0026tft=1777392890430\u0026tfd=3132 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncontent-type: text/plain\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245169453za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~117384406~118463261\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954540541\u0026tid=AW-17954540541\u0026tft=1777392890484\u0026tfd=3186","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245169453za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~117384406~118463261\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954540541\u0026tid=AW-17954540541\u0026tft=1777392890484\u0026tfd=3186 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncontent-type: text/plain\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17954541018\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17954541018\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:58:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135909\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":392030,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"2121104f1bb6d367bbaca84daf8e12f4","sha1":"9c8b45686e8293c40d36940b685955904099f9a4","sha256":"48da44d7e1da050ed84ec9d34eea4490339d12ecc1e5f8ce451083317c90137e","sha512":"60fb73381d3840c37b857e46235f915c288bc853454ad8188f168b133644d0234bcb319ef1c922a775f0b4653fb8e56fb10b28e63e7aab9bc96df2982ba517ff","ssdeep":"6144:dXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:C7DxYr2JYwyJ2","tlshash":"748419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.932844Z","last_seen":"2026-04-28T17:01:18.984947Z","times_seen":2,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":90,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slelguoygbfzlpylpxfs.supabase.co/storage/v1/object/public/test-clones/45686cc3-0404-4300-94d5-043481b2e5cc-clickbus-com-br/assets/svgs/clickoferta-selo-2.svg","fqdn":"slelguoygbfzlpylpxfs.supabase.co","domain":"slelguoygbfzlpylpxfs.supabase.co","tld":"supabase.co"},"ip":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supabase.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 06:43:00 GMT","end":"Sun, 31 May 2026 07:42:47 GMT"},"fingerprint":{"sha1":"9E:9E:40:F8:56:B5:7F:B2:5C:52:C4:07:26:47:4E:69:AD:77:F0:96","sha256":"39:8B:CC:E2:D9:95:CB:23:CB:09:2A:93:7B:5B:58:BD:95:B4:08:A4:5F:BF:89:AB:7B:B1:14:03:47:89:AE:7D"}}},"request":{"raw":"GET /storage/v1/object/public/test-clones/45686cc3-0404-4300-94d5-043481b2e5cc-clickbus-com-br/assets/svgs/clickoferta-selo-2.svg HTTP/1.1\r\nHost: slelguoygbfzlpylpxfs.supabase.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\ncontent-type: image/svg+xml\r\ncf-ray: 9f375cadfb18b4ff-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=3600\r\ncontent-encoding: br\r\netag: W/\"6d17778bf0cbf6454b040c720343f754\"\r\nlast-modified: Sun, 08 Feb 2026 11:09:12 GMT\r\nserver: cloudflare\r\nsb-gateway-mode: direct\r\nsb-gateway-version: 1\r\nsb-project-ref: slelguoygbfzlpylpxfs\r\nsb-request-id: 019dd4df-28bb-7cb0-9cc9-11ca0aec6cac\r\nx-robots-tag: none\r\nx-smart-cdn: true\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: __cf_bm=mbV9vP7NSxrc__u4Eykc9GcberQgTPQvVR_V7QVQjII-1777392887.9909234-1.0.1.1-CgPx6t.Wy2KAGjEODcVTgwHixv7xsGZXq2pkGn5Rps1LxUnINW3GGwUID9s.dJZK3tUpm.VT_j15ceFz5lfGp1JqKhiuQwx1WWtc8Htp5IHYzkBzXqwwCCBouZvevm9O; HttpOnly; Secure; Path=/; Domain=supabase.co; Expires=Tue, 28 Apr 2026 16:44:48 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6354,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6d17778bf0cbf6454b040c720343f754","sha1":"0c8c28689904b98adc08f97def05c8f91352c55f","sha256":"ed946209a42f9d76b469a2279512b7edd66d406bcf70c87dfa612770bc65b9d1","sha512":"df8339a2843fc4af2506cef31be0d979876bf3afe924689e816e261a86abdfff46c0df223e4e034a3fc6521f09d8747211a1bb4db2eadf80414f8a931939aec0","ssdeep":"96:F4T9e1ut8u+sONesx5dGrM/nJVQKxKkR+PdDwOdsky44iSbVKhPmgyLNHs9+Wj/T:ip4XNek53/J7xv82S7SRKt9Yks+","tlshash":"86d185c8b3e5d3f4a905a355cb2e6175bc8f2cee29a58578cb722d47b85116e4cc8cc2","first_seen":"2026-02-14T19:48:49.897968Z","last_seen":"2026-04-28T17:01:18.977149Z","times_seen":5,"resource_available":false,"data":null}},"time_used":874,"timings":{"blocked":73,"dns":0,"connect":0,"send":0,"wait":744,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/e50dc1c5fe79fbbf.css","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/e50dc1c5fe79fbbf.css HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"2ad98-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":175512,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65440)","md5":"1748a6824e9bb270271b0fcd66192289","sha1":"b101e31a928e78d641db2771cc69359a31ce63f0","sha256":"0b867f37cde26a2a4e24fd86fc0b066c04a2f6c1f71c6cc33fc270e9f6572d53","sha512":"4bb5fec4c5fb62493e6877173d459c455c83b9ad4c2d036e063d4fb9b2a33c95e417d8ca363b2999a23beb1510d1ceef9a95eccb4a1d0311c69a43f1d24bb54c","ssdeep":"3072:vVdkQeCpaGo9QhBmKMbznHP9i1MXvXYcOSfl0gU/vmYO4Q1Tp0XslEijzSQrMnod:vVdkQeCpaGo9QhBmKMbznHP9i1MXvXYw","tlshash":"630492a0b129e53fbc3364fd539cf88c510ab180dd6947e9fe26612256c7bf629b7204","first_seen":"2026-04-28T16:15:32.937554Z","last_seen":"2026-04-28T17:01:18.982745Z","times_seen":2,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938906868\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17938906868\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:58:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135908\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":392030,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"a06a58847ff995b931965820b10770b8","sha1":"e47839503f517753fd92bc4db806db7bdc25f753","sha256":"2cdc4479f018f76af0fdbcb9520a47a3565a25f21e773c79d4adf96de5dce9e5","sha512":"8f78a21eb4562885370cb9162e08cbcfba417a58ec6d955f4e3d95851f05d7ccae2aeefd3e0816aa05d850d6f2c0deb3f8fd91ec3962c13631aa37dd81c02051","ssdeep":"6144:HXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:o7DxYr2JYwyJ2","tlshash":"218419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.939591Z","last_seen":"2026-04-28T16:15:32.939591Z","times_seen":1,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17950545750\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17950545750\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135696\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":391253,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"14e033988ad6aa9731d9f11e8fb9a999","sha1":"24545189c0f17f65225adad34fc05c0b1c55f330","sha256":"4b15111fd7a89ab6e3f8922716b4884c4fc6d9fbd729fc1641722d4bf7ce3efd","sha512":"06f9199e80977b43fffb7b3d021c0d4b592772105a8736858d45632b9206e32d51ad558e89ccd43d4590668399254777dcf9b962423f0b773be32ae1a8b58732","ssdeep":"6144:5+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:MYrMGYY64GG3kh","tlshash":"298419cdb3d6705653a3b478903f018ba27a7992f84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.942095Z","last_seen":"2026-04-28T16:15:32.942095Z","times_seen":1,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":92,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17939047489\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17939047489\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135698\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":391253,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"4afffc683146ec2f5cdff0f7ec495d1e","sha1":"240e4e5ff485ab4cd7c3dd93b4df24146652ab88","sha256":"4fde2525350dddefd56951a637f8f3ce9a68e3e70fb5badeffc5e9f7097ffea0","sha512":"074e4a460ebfcfbb613adadca5ac68cc75048a3674857d7f69cb2bab2f46907af1f012f908d761e81ca56a655332dd2bcc991486b989fb409622f04a6de2b701","ssdeep":"6144:m+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:5YrMGYY64GG3kh","tlshash":"ad8429cdb3d6705653a3b478903f018ba27a7992f84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.944468Z","last_seen":"2026-04-28T16:15:32.944468Z","times_seen":1,"resource_available":true,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/favicon.ico?favicon.0b3bf435.ico","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /favicon.ico?favicon.0b3bf435.ico HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z; _gcl_au=1.1.1516045595.1777392889\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: image/x-icon\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-nextjs-cache: HIT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25931,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"c30c7d42707a47a3f4591831641e50dc","sha1":"9ecfcc8f0ead0bf3d2d7c39e084b88f41cc89a2e","sha256":"2b8ad2d33455a8f736fc3a8ebf8f0bdea8848ad4c0db48a2833bd0f9cd775932","sha512":"7053e0f76e92179fb5154e2665d81897736bdcc22b002b0a3f8e212f27ef80f56224adaa09972848a20c66b064d16eafa732140461071ad70b6193c33dd517e0","ssdeep":"384:ryveIpvjGAUdJ/RN0d2q3OTirIDpXofYPj68Xg5RNy7yyTLb4v0:bIAJdhwYqZ8pYYPjSy7j3j","tlshash":"11c28e9b2b7e2015c908257641aeddfb011b5d4b28b4a20025fa3eb7b4b3735091fa7f","first_seen":"2023-04-30T22:57:19Z","last_seen":"2026-04-28T20:27:57.253048Z","times_seen":17286,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=0\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245320065za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938367659\u0026tid=AW-17938367659\u0026tft=1777392890381\u0026tfd=3082","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.384Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=0\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245320065za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938367659\u0026tid=AW-17938367659\u0026tft=1777392890381\u0026tfd=3082 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"slelguoygbfzlpylpxfs.supabase.co/storage/v1/object/public/test-clones/45686cc3-0404-4300-94d5-043481b2e5cc-clickbus-com-br/assets/images/images_16.png","fqdn":"slelguoygbfzlpylpxfs.supabase.co","domain":"slelguoygbfzlpylpxfs.supabase.co","tld":"supabase.co"},"ip":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supabase.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 06:43:00 GMT","end":"Sun, 31 May 2026 07:42:47 GMT"},"fingerprint":{"sha1":"9E:9E:40:F8:56:B5:7F:B2:5C:52:C4:07:26:47:4E:69:AD:77:F0:96","sha256":"39:8B:CC:E2:D9:95:CB:23:CB:09:2A:93:7B:5B:58:BD:95:B4:08:A4:5F:BF:89:AB:7B:B1:14:03:47:89:AE:7D"}}},"request":{"raw":"GET /storage/v1/object/public/test-clones/45686cc3-0404-4300-94d5-043481b2e5cc-clickbus-com-br/assets/images/images_16.png HTTP/1.1\r\nHost: slelguoygbfzlpylpxfs.supabase.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13884\r\ncf-ray: 9f375cadeb00b4ff-OSL\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=3600\r\netag: \"d1be1501cfd704b832a1759c9fadb0cb\"\r\nlast-modified: Sun, 08 Feb 2026 11:09:12 GMT\r\nserver: cloudflare\r\nsb-gateway-mode: direct\r\nsb-gateway-version: 1\r\nsb-project-ref: slelguoygbfzlpylpxfs\r\nsb-request-id: 019dd4df-28b5-7724-9ac7-b44cde25ed02\r\nx-robots-tag: none\r\nx-smart-cdn: true\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: __cf_bm=tYnCMOpuGNJZ4O.g62HwqWGx.Nvwo5n64aCCxJ6tU00-1777392887.9808214-1.0.1.1-J7IyowIHShjr3uiQ3UfSjBhsypBp_lP4KUOBbG6TsbZqBQvubmO9XPYEpb.61JsImpVXAUCKmY53lu.BKCO2CxnZQf0AeQ7naeQe.j5MetzR3RQD3IxUvjY6.vfMlv3J; HttpOnly; Secure; Path=/; Domain=supabase.co; Expires=Tue, 28 Apr 2026 16:44:48 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13884,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d1be1501cfd704b832a1759c9fadb0cb","sha1":"724776cb1a6ce71ba554e43776b1132ca551c6d4","sha256":"7692f2cd864542d3b6f88bd5237bee6dbf20d7b8608e4ffe2c08cc55bb94dad1","sha512":"214d689023a3ef875bc493517ec52180628e7fff7a7e13c0d0f3d0b232ea70ad5f0f64be89d11051d573844dddd1cded1448c26867889a4d1ddc87dfb07c03e5","ssdeep":"384:/oKID8nw+5FbLIJIPGNpC5j6hAMzDgcenFKO4KdXtjK:wKID8wdJIaxU5nFKOo","tlshash":"6352cf6faf99c109fc4bd43f9ba6a829801734d7d0f8b3865c8c49659933816e7ec644","first_seen":"2026-02-14T19:48:49.846905Z","last_seen":"2026-04-28T17:01:18.995679Z","times_seen":4,"resource_available":false,"data":null}},"time_used":816,"timings":{"blocked":56,"dns":0,"connect":0,"send":0,"wait":759,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/ff1a16fafef87110.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.940Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/ff1a16fafef87110.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-length: 282\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"11a-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nx-cloud-trace-context: bc6c20fb64f0a79fbe24b6eec655a2d7\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":282,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with no line terminators","md5":"5458632ee5cb3da028baebb11d5f70dd","sha1":"57e264834d3635e52fbbd3d93135842c09ce8525","sha256":"e9786b1305894e4119bb9811a816dac9cf576755596dd989ee15b455749fc35e","sha512":"28ae4e3a3828f99d64b7d4bfc7238d56c9ad910ce267dcb6c01e53be00c88f8a7f024640680d2bd66240a9972322744ee9147883a12ff8c92717c27ebb3fef50","ssdeep":"","tlshash":"63d02b702150f8d84086a4cc8836424bf52928b262fe3895d7ae8cb16174f0c51e1e55","first_seen":"2025-08-20T23:30:20.185011Z","last_seen":"2026-04-28T20:09:06.597459Z","times_seen":18159,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/image?url=https%3A%2F%2Fcms.clickbus.com%2Fapi%2Fmedia-web%2Ffile%2FAONFev26_Oferta09_10OFF_PIX_R%252420_GROWTH_MOBILE\u0026w=1920\u0026q=75","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcms.clickbus.com%2Fapi%2Fmedia-web%2Ffile%2FAONFev26_Oferta09_10OFF_PIX_R%252420_GROWTH_MOBILE\u0026w=1920\u0026q=75 HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=14400, must-revalidate\r\ncontent-disposition: attachment; filename=\"AONFev26_Oferta09_10OFF_PIX_R%2420_GROWTH_MOBILE.webp\"; filename*=UTF-8''AONFev26_Oferta09_10OFF_PIX_R%252420_GROWTH_MOBILE.webp\r\ncontent-length: 33106\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\ncontent-type: image/webp\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: gn2j-IjSammGer3K2Y8Ho-E0kmewhbpLbuYOIUNfvwY\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept\r\nx-cloud-trace-context: 1e147a4394b45ed9be24b6eec655ac75\r\nx-nextjs-cache: HIT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":33106,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1671, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"42240fb3e3e7759d2cd00a72059745db","sha1":"6a0f8abf4987222690d199da8d3d4d5f82bd9575","sha256":"827da3f888d26a69867abdcad98f07a3e1349267b085ba4b6ee60e21435fbf06","sha512":"d88b101222f33904e0efb8ddc26d6d4db36cf1804694d728207df9896cddda55e41c33bd2da356580d5558303532945932be88bfdaaf0072c6d44f6433845641","ssdeep":"768:eUnOiBXdfWhzrZdZdARh2Pg5b+qHX0AljP9G91:7nOiTu5ZdZCRgg5Fdc","tlshash":"a4e27c45f1b18990fe369237ded108eb6a1ca0beff3611281a81e93f59e16145cfd8a4","first_seen":"2026-04-28T16:15:32.950549Z","last_seen":"2026-04-28T17:01:19.005522Z","times_seen":2,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2Fdestinos%2Flarge%2F01-sp.jpg\u0026w=384\u0026q=75","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2Fdestinos%2Flarge%2F01-sp.jpg\u0026w=384\u0026q=75 HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=31536000, must-revalidate\r\ncontent-disposition: attachment; filename=\"01-sp.webp\"\r\ncontent-length: 9620\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\ncontent-type: image/webp\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\netag: 8kIkNot5SkQNyuFBxpJyvk5mAKx7EoMbBKhXkgQ7fjY\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept\r\nx-cloud-trace-context: 257f4e9d04ad72a0be24b6eec655a3fa\r\nx-nextjs-cache: HIT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":9620,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 384x187, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f5f84425acbbc6542269a5bf33d3b715","sha1":"dfdd3030e0de7b2416c97e472af86de2f970aa39","sha256":"f24224368b794a440dcae141c69272be4e6600ac7b12831b04a85792043b7e36","sha512":"be29431ef9b8e2274f187a62e7c85e937ac1fcc573e3f8af751ad33fc5d07ff5abb43b11ec10b045a20642b25bcdb3105f2cfc14f8723b107ae6339f3ae016cb","ssdeep":"192:QAru/DW20Sge28PoVs7DwakDsf3CyJp8A+SZoVx1toFuYhihW4gT5VIx5bm:MS20aPoV+Pf3CyJuAVGVTtmuYchRbm","tlshash":"a412c0f6c6d75c125c2604f4927beaa5463377113a6cf87214b94ec93b0188329f3a23","first_seen":"2026-02-14T19:48:49.868883Z","last_seen":"2026-04-28T17:01:18.985596Z","times_seen":4,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":166,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938367659\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17938367659\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135698\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":391253,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"d60428298dfbb3f40dbd3c9178e18b5c","sha1":"02596aa7c8cc7f7e006e7ba053842343636a9b57","sha256":"d9d0a7300a55e488aac08332b6f6a6e072f97a9ba40b0d03878a3109259a4903","sha512":"08b2bfc38087b876401ca1c5a512164a2f01d102e41b845af28987971773a4b2f48462802a47bc38f50be1ed2db978ddbfa19f5b30c584448b497e0877d9b232","ssdeep":"6144:U+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:vYrMGYY64GG3kh","tlshash":"848419cdb3d6705653a3b478903f018ba27a7992f84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.954684Z","last_seen":"2026-04-28T16:15:32.954684Z","times_seen":1,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245169453za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~117384406~118463261\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954540541\u0026tid=AW-17954540541\u0026tft=1777392890484\u0026tfd=3186","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245169453za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~117384406~118463261\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954540541\u0026tid=AW-17954540541\u0026tft=1777392890484\u0026tfd=3186 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\npragma: no-cache\r\ncontent-type: text/plain\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245440679za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616986~115938466~115938468~117266400~118128923~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939049238\u0026tid=AW-17939049238\u0026tft=1777392890707\u0026tfd=3408","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.849Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245440679za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616986~115938466~115938468~117266400~118128923~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939049238\u0026tid=AW-17939049238\u0026tft=1777392890707\u0026tfd=3408 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245061248za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954618767\u0026tid=AW-17954618767\u0026tft=1777392889985\u0026tfd=2686","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245061248za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954618767\u0026tid=AW-17954618767\u0026tft=1777392889985\u0026tfd=2686 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncontent-type: text/plain\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T16:14:47.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: s-maxage=31536000\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 28 Apr 2026 16:14:47 GMT\r\netag: \"21fav7msmr3ruu\"\r\nexpires: Tue, 28 Apr 2026 16:14:47 GMT\r\nserver: Google Frontend\r\nset-cookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z; expires=Thu, 28-May-2026 16:14:47 GMT; path=/\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1, 1\r\nx-nextjs-stale-time: 300\r\nx-powered-by: Next.js\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]}],"data":{"size":176305,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (65464), with no line terminators","md5":"c64d1e8db88d9608f7f1574a577a6124","sha1":"575a47b6bfad1a9f4ca9197b6c1cd88a69b66ddc","sha256":"76c6f88fc4dc0e11b499379c5f2b779ab0cd774754541b0438c1e5cfd03a0342","sha512":"c6b44997102c5f51fcf8d0272c3c59d68b22e6d115a9650621bbcdca96d07563f243dacc2f892d6a008e8429ad76f42f74f00d6cf4126d09cabee728efa1a741","ssdeep":"1536:dDRPVfNkf0Cl+vO+vd++v6+vSxMDNuSqxryCPJpIwIXcW0OC:dBu+vO+vd++v6+v92wsp","tlshash":"8a04eaf05211ee62a91717e0f079ffed7046672aebaac319a2fc4a0517cec72c6505e1","first_seen":"2026-04-28T16:15:32.956435Z","last_seen":"2026-04-28T17:01:18.982035Z","times_seen":2,"resource_available":true,"data":null}},"time_used":420,"timings":{"blocked":88,"dns":11,"connect":25,"send":0,"wait":243,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/9d6d9df8670bc232.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/9d6d9df8670bc232.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"d1f2-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53746,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (53603), with no line terminators","md5":"3f37804b3e3704788e3b2d85dc66633a","sha1":"02fcbc52dde2e7cce39ea1932b3fd080b91146b4","sha256":"dc02e6e58d4ed9b78ec0bf3b9dde7826e71836bbf9c2c5bf32c0ed6e195ad20f","sha512":"208060fe9d924d5238463f0d6ecc57a2d204c626cfbe3f5b3a04c9fd66f60c0d900bee65f87c4ebcc1f435cafc6d74600a173612e355e6eb7b946e1da7b00b77","ssdeep":"1536:acyfEcXzdEMTbmgl0UAa1j4CQbOOvXDYXL1vXeoFtxPkmXqm5gFPh:MfE4EMupvUvBePh","tlshash":"b733b8449155bfecba2706ecba5f905d702d3b80cb4e8874f1b82c2226854e47b5bbdd","first_seen":"2026-04-28T16:15:32.959154Z","last_seen":"2026-04-28T17:01:19.012621Z","times_seen":2,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/notosans/v42/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mnPyxVig.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:48.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/notosans/v42/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mnPyxVig.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 35928\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Apr 2026 11:02:25 GMT\r\nexpires: Fri, 23 Apr 2027 11:02:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 450743\r\nlast-modified: Wed, 10 Sep 2025 16:23:36 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35928,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 35928, version 1.0","md5":"a317875aac104234bd7c39df8c501fbb","sha1":"870661970316f61acaab613e3209b9c09e2961f3","sha256":"065e2ab41209dcd60b1c88517c71a741803e3b0647059cb8ee7efff522ed1d40","sha512":"619f405a133ec8227767f08c598399a737d30cea6f76d3c065d2d97ce162bae040ced7fca13ed874d66a1f98472a3a07cf12bb146f432c8d4df24745488e13d0","ssdeep":"768:ybZHErhpxKts8YgN3IJe53ZnJREjqvYSVgXsdp+v0Gd:ybxErktsfgN3fXlicOzd","tlshash":"bef2f11c1a34eb974328047b840084b533ea6da7d63192b121a5fb44cca46fafecfdd6","first_seen":"2025-09-11T17:08:53.61315Z","last_seen":"2026-04-28T20:27:38.545544Z","times_seen":19837,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":88,"dns":1,"connect":21,"send":0,"wait":99,"receive":5,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2Fdestinos%2F03-bh.jpg\u0026w=384\u0026q=75","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2Fdestinos%2F03-bh.jpg\u0026w=384\u0026q=75 HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=31536000, must-revalidate\r\ncontent-disposition: attachment; filename=\"03-bh.webp\"\r\ncontent-length: 7844\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\ncontent-type: image/webp\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\netag: Lm7RlkWbaq4tEKEG9JJkRdYmFn5d1CGmNmJCU9SQv7E\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept\r\nx-cloud-trace-context: 1eb7d701ee6742e2be24b6eec655ae02\r\nx-nextjs-cache: HIT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":7844,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 285x285, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"557654a375974ce84f05702e9cae62e5","sha1":"c428ad7c34da1bc7e2a67c7762325efb2ca11ffc","sha256":"2e6ed196459b6aae2d10a106f4926445d626167e5dd421a636624253d490bfb1","sha512":"4de2ed91451c7547dbc2d19bfa815a3f06499a4046bcad384951c8ed00e02a51a4344ee9fb03e620595595f8e41342792777e960904236b55295fd34367c14af","ssdeep":"192:ILmYMMryY7T8lMoaH0H0LcTWdANX+oalcWAFe5kfC:ydiM4hTvNOoSuekq","tlshash":"ccf1bf266717a476c27dc6f1e14568b3fc432c03ea1a317ac67cd9f4f8153572142976","first_seen":"2026-02-14T19:48:49.900733Z","last_seen":"2026-04-28T17:01:19.001797Z","times_seen":4,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/97cc118af71a88f5.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/97cc118af71a88f5.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"61ff-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":25087,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (25087), with no line terminators","md5":"0dbdb56bb35e54293272a9f3746e2f1d","sha1":"0715426bcd02765f520455b3f0afe8cb3ee3c926","sha256":"fbf6858ed43aadbff79c80fb200dcb75df416b81c5ffc9d3eb6604b57651bf38","sha512":"4cd253fdb26c36b9d84d4ebe80b18a45d17bff78c4774bbeabf86fef2be200713406dd0d7b475b47a8eca1f19c758d6d6193dc83ede2b5259cce9b1a47a7be9f","ssdeep":"384:zqCn7vBqHWQlkalgZfXVdqzq+NhQj/kdDzwEMeb:zqCn782QldlK9dqzq+N88dL","tlshash":"79b2b5a971d5f4910b9354a5803f500bf23a1d76286da0a0e3e2cdf579b055ee133f9e","first_seen":"2026-04-28T16:15:32.963728Z","last_seen":"2026-04-28T17:01:18.979429Z","times_seen":2,"resource_available":true,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/image?url=https%3A%2F%2Fcms.clickbus.com%2Fapi%2Fmedia-web%2Ffile%2FAONFev26_Oferta09_10OFF_PIX_GROWTH_HORIZONTAL\u0026w=1920\u0026q=75","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fcms.clickbus.com%2Fapi%2Fmedia-web%2Ffile%2FAONFev26_Oferta09_10OFF_PIX_GROWTH_HORIZONTAL\u0026w=1920\u0026q=75 HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=14400, must-revalidate\r\ncontent-disposition: attachment; filename=\"AONFev26_Oferta09_10OFF_PIX_GROWTH_HORIZONTAL.webp\"\r\ncontent-length: 42010\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\ncontent-type: image/webp\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: Yoa-UOj80kxokf0nvLXaH9nGOW1es4GA_MVIyFrWqKw\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept\r\nx-cloud-trace-context: caace519601ca5d2be24b6eec655a7fb\r\nx-nextjs-cache: HIT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":42010,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x300, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"19297b10abca9071dc98e0c9369dbc9a","sha1":"e75bd99b90b3a29f2d475eecaa83362f2994f7f4","sha256":"6286be50e8fcd24c6891fd27bcb5da1fd9c6396d5eb38180fcc548c85ad6a8ac","sha512":"d6ef83743fd50919296356509e6c3b2ae7b980983f9f30720b2de2cfa55e1e6dfbc1ad12b48c3a056c9961cd39553c1123402fa5be0cdf7233d23b950db03d75","ssdeep":"768:dYmsZCoAF5clhtcWXHDY4Xt0xuX2gaBEnxcRQ839HYVfa95ORZTJvZMdHmjf:dYmsj0iJXDcC25enxc68tHufa6RZdvws","tlshash":"1c1302b231bfb897fc511cb4d168278b49bf68c9d14306e781176e9d0e9b60212f8d2d","first_seen":"2026-04-28T16:15:32.966355Z","last_seen":"2026-04-28T17:01:18.999544Z","times_seen":2,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17939041333\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17939041333\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:58:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135910\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":392030,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"23c54edba12bc661fcf7f38073b5694b","sha1":"a230a7b7baa88bfa13be7cb4c835330b20872eaa","sha256":"14fca97896c00829a85ada0212394c4bc9011d0f5c27785b7def54c86ef9dd74","sha512":"fe6143a3c8ee827d2e99f8e3a4807fdb67d129b7c86ec2fbdecbca52f8f0187adfee7ab9c1f33d9a8ab372e8eb9b8a9beee7424f1e7ddd789dcfdaf837ded1a5","ssdeep":"6144:bXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:E7DxYr2JYwyJ2","tlshash":"668419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.968451Z","last_seen":"2026-04-28T17:01:19.009367Z","times_seen":2,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245061248za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954618767\u0026tid=AW-17954618767\u0026tft=1777392889985\u0026tfd=2686","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.245Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=1\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245061248za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954618767\u0026tid=AW-17954618767\u0026tft=1777392889985\u0026tfd=2686 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245425598za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~118167060~118463261\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938373818\u0026tid=AW-17938373818\u0026tft=1777392890334\u0026tfd=3035","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=4\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245425598za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401~118167060~118463261\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938373818\u0026tid=AW-17938373818\u0026tft=1777392890334\u0026tfd=3035 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245168178za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17962524341\u0026tid=AW-17962524341\u0026tft=1777392889854\u0026tfd=2556","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245168178za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17962524341\u0026tid=AW-17962524341\u0026tft=1777392889854\u0026tfd=2556 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\npragma: no-cache\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/api/places?query=Oslo%20County","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /api/places?query=Oslo%20County HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z; _gcl_au=1.1.1516045595.1777392889\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0\r\ncdn-cache-control: no-store, no-cache, must-revalidate\r\ncontent-type: application/json\r\ndate: Tue, 28 Apr 2026 16:14:51 GMT\r\nexpires: 0\r\npragma: no-cache\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nsurrogate-control: no-store\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvercel-cdn-cache-control: no-store, no-cache, must-revalidate\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1058,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"03f982a53d6f9398f3522a38660f4e9c","sha1":"95c74cdb8307f42e46c90d1a157a8d543a7818c9","sha256":"577d9813bdea34f60c6585cca2effe0d3e850b54f9f6296eacb622d74950f112","sha512":"6df39268fd03aa466fc8b5aa2680e0fa781d9a86529143fe8f5044d8221eea635e2704400b4bb2d17f8dafbf78d6a6f14996be5bafdab66efb051051b64dd3d7","ssdeep":"","tlshash":"ad1129accd705efd7fa4a4f0a55e3ffd04ae1073c1d81d29a0ad8e56d6e1488a40d418","first_seen":"2026-04-28T16:15:32.97024Z","last_seen":"2026-04-28T17:01:18.986199Z","times_seen":2,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"slelguoygbfzlpylpxfs.supabase.co/storage/v1/object/public/test-clones/45686cc3-0404-4300-94d5-043481b2e5cc-clickbus-com-br/assets/svgs/new-logo-clickbus-horizontal-1.svg","fqdn":"slelguoygbfzlpylpxfs.supabase.co","domain":"slelguoygbfzlpylpxfs.supabase.co","tld":"supabase.co"},"ip":{"addr":"172.64.149.246","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"supabase.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Mar 2026 06:43:00 GMT","end":"Sun, 31 May 2026 07:42:47 GMT"},"fingerprint":{"sha1":"9E:9E:40:F8:56:B5:7F:B2:5C:52:C4:07:26:47:4E:69:AD:77:F0:96","sha256":"39:8B:CC:E2:D9:95:CB:23:CB:09:2A:93:7B:5B:58:BD:95:B4:08:A4:5F:BF:89:AB:7B:B1:14:03:47:89:AE:7D"}}},"request":{"raw":"GET /storage/v1/object/public/test-clones/45686cc3-0404-4300-94d5-043481b2e5cc-clickbus-com-br/assets/svgs/new-logo-clickbus-horizontal-1.svg HTTP/1.1\r\nHost: slelguoygbfzlpylpxfs.supabase.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\ncontent-type: image/svg+xml\r\ncf-ray: 9f375caddafeb4ff-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=3600\r\ncontent-encoding: br\r\netag: W/\"22dc3e938fc37bce8eeb8aa731b7e179\"\r\nlast-modified: Sun, 08 Feb 2026 11:09:12 GMT\r\nserver: cloudflare\r\nsb-gateway-mode: direct\r\nsb-gateway-version: 1\r\nsb-project-ref: slelguoygbfzlpylpxfs\r\nsb-request-id: 019dd4df-28b5-707d-bfde-1dc078509201\r\nx-robots-tag: none\r\nx-smart-cdn: true\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nset-cookie: __cf_bm=WWuHm7QGs2D8hotu0Sw2Z2RKFvbUEZJ6IjQAhdj.qK0-1777392887.9803636-1.0.1.1-jIhuXg9_suux__gjqozvf5xtz6KAsmZAtBQsdOSkzx5xMhq86FZt0EdMIqMFrs2332HOrE2TyFS0O7CpAV_CS_mK5wjfRPqWJwWBfLovNOh0pikUVMIxngA4CLlyAorW; HttpOnly; Secure; Path=/; Domain=supabase.co; Expires=Tue, 28 Apr 2026 16:44:48 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":2406,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"22dc3e938fc37bce8eeb8aa731b7e179","sha1":"13785caf7fd1965a947b711b0a74d5e73068a488","sha256":"9e06d8066355f4b95239748ac2371a5cb2cced578585e652d5097bdd6e61e134","sha512":"4394c9c3e529b1813ce3fd5a0d393712e4e5fa69c19cbf7224e473cae3c0fcc1aff4800642d79cf70a42b51003db503df81430b6b46f3bffb383a18cc6384ae5","ssdeep":"","tlshash":"0141b8d76f34d5f4a0c71fb8df02989a054bb1fcaf724388821eeb6409c3996750ae14","first_seen":"2026-02-14T19:48:49.859434Z","last_seen":"2026-04-28T17:01:19.011616Z","times_seen":5,"resource_available":false,"data":null}},"time_used":1000,"timings":{"blocked":64,"dns":33,"connect":3,"send":0,"wait":846,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/5d674cc7259bfc4f.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/5d674cc7259bfc4f.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"36974-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":223604,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"91fe7df7b211345ccb5cce3ef936c5fb","sha1":"6371cd2a52393e9640c3300fdfff1c9bf3bac3fc","sha256":"56169c3edc77bb9b506e4575a6afb48da99d3ec0c99db9205ae5d93ac4931238","sha512":"1a900c8f793bca0f429ce349bb7091db6f81f3faf66d1699a9a803e73e5f1aab84872850a8b7f5a9e130577bb2251e6e5bc1cd17ae5ede3995e17a7ddb27e04b","ssdeep":"3072:xlXL5l5cSSScmfJPyGoi8xP3ciNgZTjymL6ZXtJ967+3N:xlXL53cSSScmfPZZnfSXtJ967+3N","tlshash":"da241be83995f6626eb302a710af1803733c252b280d4d60a251fdddb57845eb17bf9e","first_seen":"2026-04-28T16:15:32.974605Z","last_seen":"2026-04-28T17:01:18.990908Z","times_seen":2,"resource_available":true,"data":null}},"time_used":345,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":119,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/notosans/v42/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mnPyxVig.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:48.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/notosans/v42/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mnPyxVig.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 35928\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Apr 2026 11:02:25 GMT\r\nexpires: Fri, 23 Apr 2027 11:02:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 450743\r\nlast-modified: Wed, 10 Sep 2025 16:23:36 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35928,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 35928, version 1.0","md5":"a317875aac104234bd7c39df8c501fbb","sha1":"870661970316f61acaab613e3209b9c09e2961f3","sha256":"065e2ab41209dcd60b1c88517c71a741803e3b0647059cb8ee7efff522ed1d40","sha512":"619f405a133ec8227767f08c598399a737d30cea6f76d3c065d2d97ce162bae040ced7fca13ed874d66a1f98472a3a07cf12bb146f432c8d4df24745488e13d0","ssdeep":"768:ybZHErhpxKts8YgN3IJe53ZnJREjqvYSVgXsdp+v0Gd:ybxErktsfgN3fXlicOzd","tlshash":"bef2f11c1a34eb974328047b840084b533ea6da7d63192b121a5fb44cca46fafecfdd6","first_seen":"2025-09-11T17:08:53.61315Z","last_seen":"2026-04-28T20:27:38.545544Z","times_seen":19837,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":98,"dns":5,"connect":8,"send":0,"wait":80,"receive":20,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938908374\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17938908374\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:58:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135908\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":392030,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"cccc108277e7765401d01da80757378a","sha1":"1eb6b88dfcab99569102fb94017d3e9ea669f45f","sha256":"d353deaa64576c5329f31aa9d916474f2dd1c8f2f14d4fba74b84da284816b22","sha512":"1f61f79bbc1a2208a807410818518a9091e40b28ec37ae62b358b5f42bdd90880dbcae7d7733348d48bae285e46581b6f86982f8aac9b9dadfa4f3e8e42c6ede","ssdeep":"6144:jXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:87DxYr2JYwyJ2","tlshash":"f48419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.976736Z","last_seen":"2026-04-28T17:01:18.998045Z","times_seen":2,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17939049238\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17939049238\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:58:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135912\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":392030,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"372391cf895cc5a4208c345f636fd963","sha1":"7b73c0a358887c33b23c2808348ef9b8f40d4096","sha256":"d1621545ee340b1f4faa0a272b68b0bf7b9bf17154ef2b2af0bb6e7ab52fff70","sha512":"86e3bbd9978f04699a172790d86540374bd5d51aace410c488e181dd4ee8ce2cf14140573d9e081411d5eac2c865e5c4db899fe360358daa80c892ef607cbcbb","ssdeep":"6144:mXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:77DxYr2JYwyJ2","tlshash":"008419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.978571Z","last_seen":"2026-04-28T17:01:19.006828Z","times_seen":2,"resource_available":true,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":101,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=8\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245170320za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117884344\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954541018\u0026tid=AW-17954541018\u0026tft=1777392890127\u0026tfd=2829","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=8\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245170320za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938468~117266400~117884344\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954541018\u0026tid=AW-17954541018\u0026tft=1777392890127\u0026tfd=2829 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncontent-type: text/plain\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245122540za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938468~117266400~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17962594608\u0026tid=AW-17962594608\u0026tft=1777392890288\u0026tfd=2991","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245122540za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938468~117266400~118167060\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17962594608\u0026tid=AW-17962594608\u0026tft=1777392890288\u0026tfd=2991 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/b8cab6e606b7ac9b.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/b8cab6e606b7ac9b.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"7f1-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2033,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2033), with no line terminators","md5":"8effabece4c4b25f0c32eca50d60a9cc","sha1":"ee96ec16991a4077f75eecef32bd2dc6b8bc6c8c","sha256":"876f7adba1aa1e6743efe3349912ccdb2028a55e90085a0954419e496057f600","sha512":"3278b4de5f23df10051ce8ad1354620eb3ac7246d51f6e877902c4fd67ddb97421050cc169699adedd697e4e9d029c4c83e5b2ab4361a03342cde40c186ad561","ssdeep":"","tlshash":"594154c862009d7db23702e93176b14cb25b2b68d84f5876f63eb867390651bb9523cd","first_seen":"2026-01-21T11:02:40.602784Z","last_seen":"2026-04-28T17:01:18.981258Z","times_seen":4,"resource_available":true,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/e827905b7201dd80.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.939Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/e827905b7201dd80.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"69f3-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27123,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (21310)","md5":"fb0a39b54ebb9a270d79249622e7aa59","sha1":"a072535e78cc606fb5081012508d190fc4c486af","sha256":"b317e7437a0bd5b75a06443f2d320854ba736bf06d42ee9e0c9a9d65c3d50641","sha512":"f370ce9db3c74c9dec483fc38de47c277e89a97f210796313c2ceb99a10b77c7857f1bd7abecf0c6923de11cdacdf7109dbade7d9a7fc76aa6593989012aa00d","ssdeep":"768:A5XTWORnCjD7TLOJ2oB6mIVG2uIyEL+XJX4gytg:0XKECjDWu6XJX8tg","tlshash":"33c2f971b7647d79f396c182716ae948773a3b6aa00a8100f17c9ca93718cc2b5f1f97","first_seen":"2026-04-28T16:15:32.98454Z","last_seen":"2026-04-28T17:01:18.983996Z","times_seen":2,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17960246516\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17960246516\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135702\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":391253,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"f0c69f2b329143b4bce9d00a29a04ecc","sha1":"f761d7a11d5de619e83a0c3493f59be5cc372629","sha256":"a053b782f41c8d75ca7c27bd4d8f71c3212a7b600cfc02d72fe5829d605edea5","sha512":"d670095d11d245bb28f8a00a2ebb29501d86748d0eb17527f3fd6a702204b2528425b98b25767bc1c58ea5395aae15ad27e3da85815fa5c178efd59887407e9a","ssdeep":"6144:8+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:3YrMGYY64GG3kh","tlshash":"2f8419cdb3d6705653a3b478903f008bb27a7992b84cc899f185c8e42e7469a4277f7d","first_seen":"2026-04-28T16:15:32.987042Z","last_seen":"2026-04-28T16:15:32.987042Z","times_seen":1,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":103,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17962524341\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17962524341\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:58:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135909\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":392030,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"aecf73bba3eade683adb1316cdc75214","sha1":"2699c9e7ade832596fb756261df67070f5663598","sha256":"63ee7b76559d32ae4343a556fa587be535ec31331baa243c54706bc6c7febf5b","sha512":"096a845ac26758c5a6d71c8005e5d9c0c1cda17e430d4e721fea96a62d541751cf44931325cae8a795827ef6671f52c4e7129659f8f210828f1d8c005c7003b3","ssdeep":"6144:kXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:t7DxYr2JYwyJ2","tlshash":"f88419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.989061Z","last_seen":"2026-04-28T17:01:19.00423Z","times_seen":2,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938295145\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17938295145\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:58:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135911\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":392030,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"730d156f5ae5f61517b6abb0f3c27ad7","sha1":"f911a44142c639f6f46a96672c0bbb7dd414b755","sha256":"32bc01738dd762be778174865bdacd33b8c724e91b433ae7f36a598c5e451d9e","sha512":"74fae4ac71cf65719b439a2be19bff1d4ab1bdcd140fb507a65d3d69225f63948e3f47c0f11869dced8f3162f2ad154f950af8bf581cdec7e3238038c9fda29a","ssdeep":"6144:mXY72UJEQxKZpbPN2JYtCcq8WDUEOtS0uKDpYkC:77DxYr2JYwyJ2","tlshash":"108419cdb3d6705653a3b478903f018bb17a79a2b84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:32.991444Z","last_seen":"2026-04-28T17:01:18.974824Z","times_seen":2,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938373818\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17938373818\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135696\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":391253,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"b52bbc7dcaf4ea9ea226161830976478","sha1":"0a25b649961a03b11b2f2bc33630244597b96dc2","sha256":"63f170a606e86eece54b253c555836a8b9c8138f8d644f2f9c8fae30e3dbde04","sha512":"efdd1e9c3a368c97c444242e35e5396a93888f7cb0d7e80270b99f5369de3277e6531fe837ce69fe3c3a9856fbf522c1bc12ddfd9076ea9304d3fd73ea8541ac","ssdeep":"6144:v+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:KYrMGYY64GG3kh","tlshash":"ed8429cdb3d6705653a3b478903f008ba27a7992f84cc899f185c8e42e7469a4277f7d","first_seen":"2026-04-28T16:15:32.993998Z","last_seen":"2026-04-28T16:15:32.993998Z","times_seen":1,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/favicon.ico?favicon.0b3bf435.ico","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /favicon.ico?favicon.0b3bf435.ico HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z; _gcl_au=1.1.1516045595.1777392889\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: image/x-icon\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nx-nextjs-cache: HIT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25931,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"c30c7d42707a47a3f4591831641e50dc","sha1":"9ecfcc8f0ead0bf3d2d7c39e084b88f41cc89a2e","sha256":"2b8ad2d33455a8f736fc3a8ebf8f0bdea8848ad4c0db48a2833bd0f9cd775932","sha512":"7053e0f76e92179fb5154e2665d81897736bdcc22b002b0a3f8e212f27ef80f56224adaa09972848a20c66b064d16eafa732140461071ad70b6193c33dd517e0","ssdeep":"384:ryveIpvjGAUdJ/RN0d2q3OTirIDpXofYPj68Xg5RNy7yyTLb4v0:bIAJdhwYqZ8pYYPjSy7j3j","tlshash":"11c28e9b2b7e2015c908257641aeddfb011b5d4b28b4a20025fa3eb7b4b3735091fa7f","first_seen":"2023-04-30T22:57:19Z","last_seen":"2026-04-28T20:27:57.253048Z","times_seen":17286,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=19\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245050984za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266400~118167058\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17950545750\u0026tid=AW-17950545750\u0026tft=1777392890033\u0026tfd=2735","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=19\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245050984za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266400~118167058\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17950545750\u0026tid=AW-17950545750\u0026tft=1777392890033\u0026tfd=2735 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\npragma: no-cache\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncontent-type: text/plain\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/72c822cfe5b6f4f2.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/72c822cfe5b6f4f2.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:47 GMT\r\netag: W/\"9d84-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":40324,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (26612)","md5":"a36728e25aa9960384870f7325ae2833","sha1":"8f17bc857a5a78f548283df069989fa830339775","sha256":"0bf745aa5bf586c03d206de24ed8858949ca3e96db818b857875e47259a2a48f","sha512":"9fe937364b53f154ab806ed0227cf9dc5b0f506a2c24a57fb22a84b593fcd4edc0eaa1115378e1f717fc327de188110b5465d2fc17906614a4b3060c5a455d42","ssdeep":"384:Dj/l+d/8JUopNgVAYH9cseDoweTEDKzLj1JvWx4vi9RHOarcp0DDqH8mlkfGNiZY:nlW1LvW3HvA0DDqH8mieUZRYqLM","tlshash":"d303a5b572d5faa2128340f0c83f1016f27d4c7521ac74a0a7e4ccdbb99858d96bafd9","first_seen":"2026-02-22T03:12:43.071537Z","last_seen":"2026-04-28T17:01:18.996193Z","times_seen":6,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/8eecb0986a60c97d.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/8eecb0986a60c97d.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"4a2-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1186,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1186), with no line terminators","md5":"2680f995f564a138d90515762ad26a75","sha1":"53e3dcd8f4bfd6ff04748df9bf711ae6a97ef6ff","sha256":"5821e0f0568cbb473ac966a9e7fc360348d4541be101092f409a42cd7919b939","sha512":"39411cedc598418bfd63a62d253458313b57412000259b602c0765b8fdaaa4c39c985067ae2d7c2dcd7ac11b3632413f3f094343a2a28e5282bdc0001c310e89","ssdeep":"","tlshash":"0f21dcab5790840b1581e38c8d17640658d807bc13c2244af0cba472d361d8b18e0b7b","first_seen":"2026-04-28T16:15:32.998392Z","last_seen":"2026-04-28T17:01:19.008181Z","times_seen":2,"resource_available":true,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=3\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9244964109za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400~118128923~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17960346333\u0026tid=AW-17960346333\u0026tft=1777392889740\u0026tfd=2442","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=3\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9244964109za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400~118128923~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17960346333\u0026tid=AW-17960346333\u0026tft=1777392889740\u0026tfd=2442 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\npragma: no-cache\r\ncontent-type: text/plain\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245440679za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616986~115938466~115938468~117266400~118128923~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939049238\u0026tid=AW-17939049238\u0026tft=1777392890707\u0026tfd=3408","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=10\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64r0v9245440679za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616986~115938466~115938468~117266400~118128923~118463262\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17939049238\u0026tid=AW-17939049238\u0026tft=1777392890707\u0026tfd=3408 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\npragma: no-cache\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=11\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245042152za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954475023\u0026tid=AW-17954475023\u0026tft=1777392889937\u0026tfd=2639","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=11\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245042152za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266401\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17954475023\u0026tid=AW-17954475023\u0026tft=1777392889937\u0026tfd=2639 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\ncontent-type: text/plain\r\npragma: no-cache\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17954540541\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17954540541\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135698\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":391253,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"964a3b427991736f954571f9a9300277","sha1":"a8c70b3fdf621b882d2dbdbf79340fa3602cc214","sha256":"ef796d34a97374b2c867b9078044906fc09ca3929655aec7bee554951b1f449b","sha512":"76795a4afd31723d94f85379734b1f55a4195d5af73aaa473e0a01db97263bda2d5e08572a93e299cc75a9a674518713d6ebf1c98e1c15cb9ed856f865d3af46","ssdeep":"6144:i+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:lYrMGYY64GG3kh","tlshash":"168419cdb3d6705653a3b478903f018ba27a7992f84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:33.000531Z","last_seen":"2026-04-28T16:15:33.000531Z","times_seen":1,"resource_available":true,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":103,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=19\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245050984za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266400~118167058\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17950545750\u0026tid=AW-17950545750\u0026tft=1777392890033\u0026tfd=2735","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"POST /ccm/collect?rcb=19\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245050984za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~117266400~118167058\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17950545750\u0026tid=AW-17950545750\u0026tft=1777392890033\u0026tfd=2735 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\npragma: no-cache\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://clickpromosbr.com\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=0\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245320065za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938367659\u0026tid=AW-17938367659\u0026tft=1777392890381\u0026tfd=3082","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.156.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:50.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=0\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fclickpromosbr.com%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1963446921.1777392889\u0026dt=ClickBus%20%7C%20Passagens%20de%20%C3%94nibus%20Online%20para%20mais%20de%204.800%20destinos\u0026auid=1516045595.1777392889\u0026navt=n\u0026npa=1\u0026gtm=45be64o1v9245320065za200xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115616985~115938466~115938469~117266400\u0026apve=1\u0026apvf=f\u0026apvc=0\u0026tids=AW-17938367659\u0026tid=AW-17938367659\u0026tft=1777392890381\u0026tfd=3082 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain\r\ndate: Tue, 28 Apr 2026 16:14:50 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17938232522\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17938232522\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:58:43 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 142889\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":419674,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"49bb3dfc88c412615040afd9e0a989d2","sha1":"41555aa01533b061fffba828094ce6988ebaaedb","sha256":"1afef856a2068d37f40d26ec857997cf99dabd5bdd14ef783a59592335b61cc6","sha512":"6f15b72b582393a6db1f3be02c072274c92a6ece19119fb56871c68c0a39d86bf113760222a2c0490b18ad05c71cfbe2913c2f1771110cfc7a2079220b686ffa","ssdeep":"6144:uXY72UJEQ2KZpbPN2JYtCcq8WDUEOtSZuKaBBJh:z7D2Yr2JYwvJk","tlshash":"c09408cdb3d6745253a3b478903f018ba17a79a2b44cc89af185cce42e7469a4277f7c","first_seen":"2026-04-28T16:15:33.002026Z","last_seen":"2026-04-28T16:15:33.002026Z","times_seen":1,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/d2be314c3ece3fbe.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/d2be314c3ece3fbe.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"77d9-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":30681,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30679), with no line terminators","md5":"e189b2054d05a586f4fd6eec2888c203","sha1":"7d92609e0338be85a1f0085efa31f699878f269c","sha256":"a6248517cd3ee53a8186b51c59e1e764e3dc0c512f4acbd50e818f9884663e21","sha512":"1c0e250e62e070ed252776fbd469b27c9c19dc68e695b9e90003b746e3ab6f9c919b39ed1890d581bc0bec54a0b8b2b8a68a415db186d4d278121cbe124a8ad6","ssdeep":"384:735z75Bq9E0m1YmRDQ0cJ3tn79Fg/Ag8qWtOPSNxErV:D5z9BX0ZMOx3ErV","tlshash":"fed2e8717395f9a352db85d9d03a0015f2290d3530ae24b07394dcef368dc89a1fafa9","first_seen":"2026-01-15T14:11:00.285057Z","last_seen":"2026-04-28T19:58:23.312836Z","times_seen":4464,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/206405b2565a029b.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/206405b2565a029b.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"e77-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3703,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3703), with no line terminators","md5":"6a54e7379d2643df120208305092e697","sha1":"b5e37f1339dfd8f5559c654ff8761fd1286a7079","sha256":"9273dcef7ce6a2f6f834e5b80d57c30d0bc788377b7fbf0eb45c758cf144a8cc","sha512":"43bc8179bcf6f604cae383a582de38f70616836a95ee1fcf259ff9e202b3c12b8325c90f095df473b24f690720e0d17da3b3138674b419fbbbfb60e2c5f68b0f","ssdeep":"","tlshash":"b37195663194fd81239a94c8c43f400fb25e6d7718ae74a4fbea4cf1246589ab0f1fb5","first_seen":"2026-04-28T16:15:33.004329Z","last_seen":"2026-04-28T17:01:18.993876Z","times_seen":2,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17275402659","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17275402659 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:48 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 142696\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":418839,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"302c65bce3a1a3a06b2ca6cb2be7b5a9","sha1":"6b9cdd960af8b30b0f73ad6783a3960df6dddb46","sha256":"46635ca07ca09b4c494f75bbd027c660e596f60986fbc04a471621bf805cb446","sha512":"f1553bb394cf7ef0b317df5c370a10017142ab37f1927236b84eeb7a01d22b51e9697eafb9c0399803f3109fea347dc9ecdd7a5ee252f3c9fbe1b7c648ac8f8b","ssdeep":"6144:O+VYoy0E5MxYsgna64dXXsRSrssan89U5OcuvTSMl:BYrMxYY64GGiMF","tlshash":"2e9409cdb3d6706253a3b478903f018ba57a79a2b44cc899f185cce42e7469a4277f7c","first_seen":"2026-04-28T16:15:33.005691Z","last_seen":"2026-04-28T16:15:33.005691Z","times_seen":1,"resource_available":true,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":29,"send":0,"wait":43,"receive":63,"ssl":101},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/notosans/v42/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mnPyxVig.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:48.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/notosans/v42/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7du3mnPyxVig.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://clickpromosbr.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 35928\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Apr 2026 11:02:25 GMT\r\nexpires: Fri, 23 Apr 2027 11:02:25 GMT\r\ncache-control: public, max-age=31536000\r\nage: 450743\r\nlast-modified: Wed, 10 Sep 2025 16:23:36 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35928,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 35928, version 1.0","md5":"a317875aac104234bd7c39df8c501fbb","sha1":"870661970316f61acaab613e3209b9c09e2961f3","sha256":"065e2ab41209dcd60b1c88517c71a741803e3b0647059cb8ee7efff522ed1d40","sha512":"619f405a133ec8227767f08c598399a737d30cea6f76d3c065d2d97ce162bae040ced7fca13ed874d66a1f98472a3a07cf12bb146f432c8d4df24745488e13d0","ssdeep":"768:ybZHErhpxKts8YgN3IJe53ZnJREjqvYSVgXsdp+v0Gd:ybxErktsfgN3fXlicOzd","tlshash":"bef2f11c1a34eb974328047b840084b533ea6da7d63192b121a5fb44cca46fafecfdd6","first_seen":"2025-09-11T17:08:53.61315Z","last_seen":"2026-04-28T20:27:38.545544Z","times_seen":19837,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":85,"dns":1,"connect":21,"send":0,"wait":104,"receive":19,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2FClickBus%2Fcampanhas%2Fcarrossel%2Freact%2Fgenerico.jpg\u0026w=384\u0026q=75","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2FClickBus%2Fcampanhas%2Fcarrossel%2Freact%2Fgenerico.jpg\u0026w=384\u0026q=75 HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=31536000, must-revalidate\r\ncontent-disposition: attachment; filename=\"generico.webp\"\r\ncontent-length: 10190\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\ncontent-type: image/webp\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\netag: RFgYXrHbgQc8-2-2WJMS_58XHHsw3upC6pLz-V40cRE\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept\r\nx-cloud-trace-context: f7f5086c992d1b11be24b6eec655ac4f\r\nx-nextjs-cache: HIT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":10190,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 271x220, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"91b02f31e17524be5396048fedfe953e","sha1":"7bf2205f53d3ed4109e1d34cf410f9043ae2e2e2","sha256":"4458185eb1db81073cfb6fb6589312ff9f171c7b30deea42ea92f3f95e347111","sha512":"fb316c928b72e83c5ffd7e0150c1966e18e88321afe1505e60e3fc0c60df4e9e36f8b3e76263bacb9dc676beb15bfa5567fab298f257b943a80032f0ec962ea3","ssdeep":"192:+KoLWVxoQoJg8wW1sPXrzhZ4LUBv7u3e1cYJ+Lue3KtysKKaemA:pVxIg8wW1gXrzhHGAJ+LStv1UA","tlshash":"0322c073e120e0a18d674b1ff2e2dadf4b9e0bb515809b773112724319659481ed12cd","first_seen":"2026-02-14T19:48:49.907129Z","last_seen":"2026-04-28T17:01:18.997403Z","times_seen":4,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/api/geolocation","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /api/geolocation HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://clickpromosbr.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/json\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":56,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"1653fc4f373be923a866a720365d89ba","sha1":"b509c4484c0c6b5e94df0a7f54c29fbd1ebfea16","sha256":"0e25507f67dfc72520bd0cc27998485774c45d2a0039bd09bed3b0ea6cfe00b8","sha512":"8c61fb5dc2d6460cd025621c0096f1fc32a64b45c444c0146610773bd721d1f05ce39925c453f9bff0c1a9fb5eae45e80945ea157ceea312da1fc6133d62270f","ssdeep":"","tlshash":"a690028d59112cb4e30f531e2206c41700bc21086951d582cadfc40991406543444009","first_seen":"2026-02-14T19:48:49.908553Z","last_seen":"2026-04-28T17:01:18.975885Z","times_seen":4,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":216,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17954475023\u0026cx=c\u0026gtm=4e64o1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"172.217.19.232","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17954475023\u0026cx=c\u0026gtm=4e64o1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\nexpires: Tue, 28 Apr 2026 16:14:49 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Tue, 28 Apr 2026 15:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 135696\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":391253,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"b775900ab0ed48c76d590ec1221bddc8","sha1":"45367a0ac6b4991d329bdc534a34c877eb94c787","sha256":"9d85507090e9b4c5139e11f14f86c0047fc56e5233079c1121d84f1527b548cb","sha512":"e9f8e4d91a4bd308b653f492ed90a21b131ea22ada3d78123447cdf6f75dab57dbe510e3e340dfc80a4ce3ee69743d53dc7eb14302f0d6cfc784b9f4a40303c7","ssdeep":"6144:P+VYoy0E5MGYsgna64dXXsRSrssan89U4OcevQogi:qYrMGYY64GG3kh","tlshash":"3b8419cdb3d6705653a3b478903f018ba27a7992f84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-28T16:15:33.009568Z","last_seen":"2026-04-28T16:15:33.009568Z","times_seen":1,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":89,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.clickbus.com/live/ClickBus/campanhas/home-page/apps/phone-app-clickbus.png","fqdn":"static.clickbus.com","domain":"clickbus.com","tld":"com"},"ip":{"addr":"179.191.182.65","port":443,"asn":52580,"as":"Azion Technologies Ltda.","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.clickbus.com","organization":""},"issuer":{"commonName":"Thawte TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 22 Oct 2025 00:00:00 GMT","end":"Sun, 22 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"03:72:89:8E:88:B9:BA:6A:65:92:E4:4D:DB:BD:E2:84:B3:FE:CF:0E","sha256":"79:07:FE:0A:A0:80:8E:3A:1F:A8:A0:DB:04:C7:D3:C0:B1:91:6E:53:01:57:61:DC:6A:66:5B:A3:67:42:DE:2D"}}},"request":{"raw":"GET /live/ClickBus/campanhas/home-page/apps/phone-app-clickbus.png HTTP/1.1\r\nHost: static.clickbus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\ncontent-type: application/xml\r\nvary: Accept-Encoding\r\nserver: AmazonS3\r\nx-cache: Error from cloudfront\r\nvia: 1.1 385cb8def78c1bb03b9aa3bd53bf1f06.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: FRA50-P2\r\nx-amz-cf-id: h97s0q8kkV2WPbDHiN_r4mtZe3GHbOG6vnlFXTLnFjK2Ht8KTrJW3Q==\r\nx-azion-request-id: 38a8a5c976b559b3fd846bfd0c8fb706\r\nx-azion-edge-location: FRA\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, PUT, POST, OPTIONS\r\naccess-control-allow-credentials: true\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T20:24:20.15363Z","times_seen":14341696,"resource_available":true,"data":null}},"time_used":1492,"timings":{"blocked":556,"dns":244,"connect":22,"send":0,"wait":350,"receive":0,"ssl":316},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/7d6514a90169e63d.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/7d6514a90169e63d.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"1b1e6-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":111078,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9cbccd398b98ff0dc5340799770beaf2","sha1":"025684d4b9edcabd29b5e3867d0b7cd6cd854b9a","sha256":"4a35cdeb35ee9081593347d98a78fc62699dd6aa8611cd7be24d112c5fc75f2b","sha512":"2f626c9bcd97834cc130b20dac911ede3086bc12e3e95b5c04f02ae1678a3d5e787dc2d94b4e19b8d70780013684dc19c456b398fc166a9e96e48a21c0ba51f3","ssdeep":"1536:sNc9IxBQi6ha/rzjJ2MnwFZMtOsSjPNziiX8JfFm:svP6M3j0M3tOsqhX8Fm","tlshash":"94b3f8f935d5f48207ab44a6c03f0006f32c5d37149e68a0a3e5edda746499de1b3faa","first_seen":"2026-01-28T20:33:18.012918Z","last_seen":"2026-04-28T18:06:32.049513Z","times_seen":630,"resource_available":true,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/static/chunks/bea06cd372cb18e1.js","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:47.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/static/chunks/bea06cd372cb18e1.js HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000, immutable\r\ncontent-encoding: gzip\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Tue, 28 Apr 2026 16:14:48 GMT\r\netag: W/\"837-19cf46fb318\"\r\nlast-modified: Mon, 16 Mar 2026 02:18:07 GMT\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept-Encoding\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2103,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2103), with no line terminators","md5":"492453a6a1b357aa541b014434495f73","sha1":"f5fb18053280fd0186c43515e8889f42761dcb6f","sha256":"647422b16b882c877e347e1592feb204e4da59535706205d08e7179301351940","sha512":"2aa2110550761218782308bcc47b074e0e1a6df713e71d9ad71f6b8ae9c930aa4a2ff82d48c1721e33f2f04d485ff09130d6dade1105c97450ed4bbef4110733","ssdeep":"","tlshash":"314153c86200dd7da27702d83136f508b26a2a6cc85ba876f53d7c62391551b78927cd","first_seen":"2026-01-09T02:37:02.14821Z","last_seen":"2026-04-28T17:01:18.999081Z","times_seen":10,"resource_available":true,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"clickpromosbr.com/_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2Fdestinos%2F02-rj.jpg\u0026w=384\u0026q=75","fqdn":"clickpromosbr.com","domain":"clickpromosbr.com","tld":"com"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://clickpromosbr.com/","date":"2026-04-28T16:14:49.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"clickpromosbr.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 12 Apr 2026 17:20:40 GMT","end":"Sat, 11 Jul 2026 17:20:39 GMT"},"fingerprint":{"sha1":"5E:DC:BC:18:DA:73:9C:96:CD:22:C4:46:EE:A7:CF:4B:7E:A8:35:08","sha256":"08:5A:19:C3:D4:A9:4F:A6:2A:AA:92:9E:6B:C1:16:6D:07:AE:CB:A5:7E:D4:7D:BC:42:65:6D:C0:1E:9B:3C:F9"}}},"request":{"raw":"GET /_next/image?url=https%3A%2F%2Fstatic.clickbus.com%2Flive%2Fdestinos%2F02-rj.jpg\u0026w=384\u0026q=75 HTTP/1.1\r\nHost: clickpromosbr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://clickpromosbr.com/\r\nCookie: GAESA=Cp4BMDAwN2I3MzRkOWM3N2NkYWEzYWJmN2I4NWVkNjVlZjJjNDAzMmRmYmUwMzQ2NDg5M2JiZjcyNzY5ZTVmMjc4YzA4MmE0ODEzOGI5NzQ0Zjg1OWRhYjAzZDkyMzQ3NjVjZGE5YzJmNzM2MjcyNjVlZTlkMDQzNzVlNjhmODdkZGE5MzVjZjg4NGMyMDEwMDZhY2I5NzhjY2FhMmUwMDEQlM78pt0z\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=31536000, must-revalidate\r\ncontent-disposition: attachment; filename=\"02-rj.webp\"\r\ncontent-length: 9324\r\ncontent-security-policy: script-src 'none'; frame-src 'none'; sandbox;\r\ncontent-type: image/webp\r\ndate: Tue, 28 Apr 2026 16:14:49 GMT\r\netag: sLMxuDe09zJQDWNENZRkNSrRDxwZv0YCcXxENmjS1mQ\r\nserver: Google Frontend\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Accept\r\nx-cloud-trace-context: 5e2ec8a9d21722abbe24b6eec655a874\r\nx-nextjs-cache: HIT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]}],"data":{"size":9324,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 285x285, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"181f080f3e75dea8a737f1175fb5da62","sha1":"b37aaa69c7441181f993988038353121336eca97","sha256":"b0b331b837b4f732500d6344359464352ad10f1c19bf4602717c443668d2d664","sha512":"27c128226bff5835c5f77a3e74b02f6b0413b11e0135ce4dbbefeecbe1666d87de6dd9729606db569439e0b9bbd3119879c1c6623f547f5fbadbff8b4e990c66","ssdeep":"192:fIhygQ5vGoyU3Jvb3E7uYqpY55jl6XhKfJ1hFjUXSPZG8CQoQy:hN5+oy4NTE6YQMZ6xwhhUCh0","tlshash":"4412af69b77a3f11d097216910023c29dfcb93c3e2d3866a9a920985ded63c50bd857b","first_seen":"2026-02-14T19:48:49.891525Z","last_seen":"2026-04-28T17:01:19.009994Z","times_seen":4,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"clickpromosbr.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}