Edit tour

Windows Analysis Report
https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

Overview

General Information

Sample URL:	https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com
Analysis ID:	1650178
Infos:

Detection

HTMLPhisher, Mamba2FA

Score:	96
Range:	0 - 100
Confidence:	100%

Signatures

AI detected phishing page

Antivirus detection for URL or domain

Found malware configuration

Suricata IDS alerts for network traffic

Yara detected HtmlPhish10

Yara detected Mamba 2FA PaaS

AI detected suspicious Javascript

HTML page contains suspicious onload / onerror event

Creates files inside the system directory

Deletes files inside the Windows folder

Detected hidden input values containing email addresses (often used in phishing pages)

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden javascript code

HTML title does not match URL

Invalid 'forgot password' link found

Invalid T&C link found

No HTML title found

Suricata IDS alerts with low severity for network traffic

URL contains potential PII (phishing indication)

Classification

Process Tree

System is w10x64

chrome.exe (PID: 2956 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 6872 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2052,i,12725820562715277993,14582703269513856104,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2080 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 7644 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2052,i,12725820562715277993,14582703269513856104,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=5032 /prefetch:8 MD5: E81F54E6C1129887AEA47E7D092680BF)

chrome.exe (PID: 7848 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com" MD5: E81F54E6C1129887AEA47E7D092680BF)

cleanup

Malware Configuration

Threatname: Mamba2FA

{
  "sv": "o365_1_nom",
  "rand": "NHNuU2c=",
  "uid": "USER04032025U29030403"
}

Yara Signatures

HTML

Source	Rule	Description	Author
0.2.pages.csv	JoeSecurity_Mamba2FA	Yara detected Mamba 2FA PaaS	Joe Security
0.2.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
0.3.pages.csv	JoeSecurity_Mamba2FA	Yara detected Mamba 2FA PaaS	Joe Security
0.1.pages.csv	JoeSecurity_Mamba2FA	Yara detected Mamba 2FA PaaS	Joe Security
0.1.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
0.3.pages.csv	JoeSecurity_HtmlPhish_10	Yara detected HtmlPhish_10	Joe Security
Click to see the 1 entries

Suricata Signatures

ET PHISHING Javascript Browser Fingerprinting POST Request

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2025-03-27T14:41:19.812852+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49732	104.21.70.232	443	TCP
2025-03-27T14:41:42.913312+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49773	104.21.70.232	443	TCP
2025-03-27T14:41:46.737180+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49774	104.21.70.232	443	TCP
2025-03-27T14:41:49.861428+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49785	104.21.70.232	443	TCP
2025-03-27T14:41:53.108461+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49797	104.21.70.232	443	TCP
2025-03-27T14:41:56.201164+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49808	104.21.70.232	443	TCP
2025-03-27T14:41:59.264797+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49819	104.21.70.232	443	TCP
2025-03-27T14:42:02.595155+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49830	104.21.70.232	443	TCP
2025-03-27T14:42:05.820985+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49841	104.21.70.232	443	TCP
2025-03-27T14:42:09.355526+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49852	104.21.70.232	443	TCP
2025-03-27T14:42:13.142082+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49863	104.21.70.232	443	TCP
2025-03-27T14:42:16.443109+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49877	104.21.70.232	443	TCP
2025-03-27T14:42:20.259544+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49889	104.21.70.232	443	TCP
2025-03-27T14:42:23.917746+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49907	104.21.70.232	443	TCP
2025-03-27T14:42:27.796430+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49918	104.21.70.232	443	TCP
2025-03-27T14:42:31.101630+0100	2056643	2	Possible Social Engineering Attempted	192.168.2.5	49930	104.21.70.232	443	TCP

ET PHISHING MAMBA Credential Phish Landing Page 2024-11-08

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2025-03-27T14:41:18.161651+0100	2057333	1	Successful Credential Theft Detected	192.168.2.5	49727	104.21.70.232	443	TCP

Joe Sandbox Signatures

• AV Detection
• Phishing
• Compliance
• Networking
• System Summary

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus detection for URL or domain

Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=ceGoATplRk4sAOILAAe3	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrdFK&sid=cDcq_6oiPpEKxHw5AAe_	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=tT5WNbS8nK_GmKtDAAfC	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrizO&sid=2YiBHHEGh1iHOHKNAAfW	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrizQ&sid=2YiBHHEGh1iHOHKNAAfW	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=3KIffrGciGku9LcFAAe0	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrjtk&sid=sOtA6zh2FsG50UT0AAfZ	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=LP9pboDna7Lg8G9ZAAfh	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrcEg	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNraio&sid=3KIffrGciGku9LcFAAe0	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrhDU&sid=7qMH1QkTS0k0NzOqAAfQ	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNre0C&sid=tT5WNbS8nK_GmKtDAAfC	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrdFJ&sid=cDcq_6oiPpEKxHw5AAe_	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrc-m	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrkmv&sid=EMzR_z9H-w08ZyAdAAfc	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNre0A&sid=tT5WNbS8nK_GmKtDAAfC	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=7qMH1QkTS0k0NzOqAAfQ	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=F0YwhNqusdKEacySAAfI	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrfbC&sid=F0YwhNqusdKEacySAAfI	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrfbB&sid=F0YwhNqusdKEacySAAfI	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrhC-&sid=7qMH1QkTS0k0NzOqAAfQ	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrkmu&sid=EMzR_z9H-w08ZyAdAAfc	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=aHb_mt7ltpbxBIUjAAfL	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrjtl&sid=sOtA6zh2FsG50UT0AAfZ	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrail&sid=3KIffrGciGku9LcFAAe0	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrmGX	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNreWw	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=cDcq_6oiPpEKxHw5AAe_	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrlUi	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=gGEhwn_6LXzjgi5BAAfT	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNri5n&sid=gGEhwn_6LXzjgi5BAAfT	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=2YiBHHEGh1iHOHKNAAfW	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrfLw	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrbdS&sid=ceGoATplRk4sAOILAAe3	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrgMx&sid=aHb_mt7ltpbxBIUjAAfL	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrjeo	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrikj	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=sOtA6zh2FsG50UT0AAfZ	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrnFW	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrmWi&sid=p_0vHNI0wq1dN5-_AAfl	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrgMy&sid=aHb_mt7ltpbxBIUjAAfL	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrkYN	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrg8S	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=t010Hy5o6-DrcLMyAAe8	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrbdU&sid=ceGoATplRk4sAOILAAe3	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrdm-	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrbOF	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrcTV&sid=t010Hy5o6-DrcLMyAAe8	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrhrx	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrlkB&sid=LP9pboDna7Lg8G9ZAAfh	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNri5g&sid=gGEhwn_6LXzjgi5BAAfT	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=p_0vHNI0wq1dN5-_AAfl	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrmWh&sid=p_0vHNI0wq1dN5-_AAfl	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrcTW&sid=t010Hy5o6-DrcLMyAAe8	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNraPW	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrgxy	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrlkC&sid=LP9pboDna7Lg8G9ZAAfh	Avira URL Cloud: Label: malware
Source: https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=EMzR_z9H-w08ZyAdAAfc	Avira URL Cloud: Label: malware

Found malware configuration

Source: 0.0.pages.csv

Malware Configuration Extractor: Mamba2FA {"sv": "o365_1_nom", "rand": "NHNuU2c=", "uid": "USER04032025U29030403"}

Phishing

AI detected phishing page

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

Joe Sandbox AI: Score: 7 Reasons: The brand 'Microsoft' is well-known and typically associated with the domain 'microsoft.com'., The URL 'www.oyabarista.com' does not match the legitimate domain for Microsoft., The domain 'oyabarista.com' does not have any known association with Microsoft., The URL does not contain any recognizable elements related to Microsoft, which is suspicious., The presence of a completely unrelated domain name suggests a high likelihood of phishing. DOM: 0.2.pages.csv

Yara detected HtmlPhish10

Source: Yara match	File source: 0.2.pages.csv, type: HTML
Source: Yara match	File source: 0.1.pages.csv, type: HTML
Source: Yara match	File source: 0.3.pages.csv, type: HTML

Yara detected Mamba 2FA PaaS

Source: Yara match	File source: 0.2.pages.csv, type: HTML
Source: Yara match	File source: 0.3.pages.csv, type: HTML
Source: Yara match	File source: 0.1.pages.csv, type: HTML

AI detected suspicious Javascript

Source: 0.0..script.csv

Joe Sandbox AI: Detected suspicious JavaScript with source url: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZy... The script uses the 'Function' constructor to execute dynamically generated code, which is a high-risk indicator of potential malicious behavior. This allows for the execution of arbitrary JavaScript, which could lead to data exfiltration, system compromise, or other harmful actions.

HTML page contains suspicious onload / onerror event

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

HTTP Parser: (new function(atob(this.dataset.digest)))();

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

HTTP Parser: {"screen":{"availWidth":1280,"availHeight":984,"width":1280,"height":1024,"colorDepth":24,"pixelDepth":24,"availLeft":0,"availTop":0,"orientation":"[object ScreenOrientation]","onchange":null,"isExtended":false,"addEventListener":"function addEventListener() { [native code] }","dispatchEvent":"function dispatchEvent() { [native code] }","removeEventListener":"function removeEventListener() { [native code] }","!!":[]},"window":{"window":"[object Window]","self":"[object Window]","document":"[object HTMLDocument]","name":"","location":"https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com","customElements":"[object CustomElementRegistry]","history":"[object History]","navigation":"[object Navigation]","locationbar":"[object BarProp]","menubar":"[object BarProp]","personalbar":"[object BarProp]","scrollbars":"[object BarProp]","statusbar":"[object BarProp]","toolbar":"[object BarProp]","status":"","closed":false,"frames":"[object Window]","length":0,"top":"[object Window]","opener":null,"parent":"[object Window]","frameElement":null,"navigator":"[object Navigator]","origin":"https://www.oyabarista.com","external":"[object External]","screen":"[object Screen]","innerWidth":1280,"innerHeight":897,"scrollX":0,"pageXOffset":0,"scrollY":0,"pageYOffset":0,"visualViewport":"[object VisualViewport]","screenX":0,"screenY":0,"outerWidth":1280,"outerHeight":984,"devicePixelRatio":1,"event":"[object Event]","clientInformation":"[object Navigator]","screenLeft":0,"screenTop":0,"styleMedia":"[object StyleMedia]","onsearch":null,"trustedTypes":"[object TrustedTypePolicyFactory]","performance":"[object Performance]","onappinstalled":null,"onbeforeinstallprompt":null,"crypto":"[object Crypto]","indexedDB":"[object IDBFactory]","sessionStorage":"[object Storage]","localStorage":"[object Storage]","onbeforexrselect":null,"onabort":null,"onbeforeinput":null,"onbeforematch":null,"onbeforetoggle":null,"onblur":null,"oncancel":null,"oncanplay":null,"oncanplaythrough":null,"onchange":null,"onclick":null,"onclose":null,"oncontentvisibilityautostatechange":null,"oncontextlost":null,"oncontextmenu":null,"oncontextrestored":null,"oncuechange":null,"ondblclick":null,"ondrag":null,"ondragend":null,"ondragenter":null,"ondragleave":null,"ondragover":null,"ondragstart":null,"ondrop":null,"ondurationchange":null,"onemptied":null,"onended":null,"onerror":null,"onfocus":null,"onformdata":null,"oninput":null,"oninvalid":null,"onkeydown":null,"onkeypress":null,"onkeyup":null,"onload":null,"onloadeddata":null,"onloadedmetadata":null,"onloadstart":null,"onmousedown":null,"onmouseenter":null,"onmouseleave":null,"onmousemove":null,"onmouseout":null,"onmouseover":null,"onmouseup":null,"onmousewheel":null,"onpause":null,"onplay":null,"onplaying":null,"onprogress":null,"onratechange":null,"onreset":null,"onresize":null,"onscroll":null,"onsecuritypolicyviolation":null,"onseeked":null,"onseeking":null,"onselect":null,"onslotch

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

HTTP Parser: Number of links: 0

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

HTTP Parser: Base64 decoded: (function(){var e=[],b={};try{function c(a){if("object"===typeof a&&null!==a){var f={};function n(l){try{var k=a[l];switch(typeof k){case "object":if(null===k)break;case "function":k=k.toString()}f[l]=k}catch(t){e.push(t.message)}}for(var d in a)n(d);try{...

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

HTTP Parser: Title: Authenticating ... does not match URL

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

HTTP Parser: Invalid link: Forgot password?

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: Invalid link: Terms of use
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: Invalid link: Privacy & cookies
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: Invalid link: Terms of use
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: Invalid link: Privacy & cookies
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: Invalid link: Terms of use
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: Invalid link: Privacy & cookies

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

HTTP Parser: HTML title missing

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

Sample URL: PII: N0123Ninfo@kostal.com

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

HTTP Parser: <input type="password" .../> found

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No favicon
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No favicon
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No favicon
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No favicon

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No <meta name="author".. found
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No <meta name="author".. found
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No <meta name="author".. found
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No <meta name="author".. found

Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No <meta name="copyright".. found
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No <meta name="copyright".. found
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No <meta name="copyright".. found
Source: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.5:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.5:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.44.201.164:443 -> 192.168.2.5:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.168.73.27:443 -> 192.168.2.5:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.5:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.209.72.31:443 -> 192.168.2.5:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.168.189:443 -> 192.168.2.5:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.64.80.1:443 -> 192.168.2.5:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.64.80.1:443 -> 192.168.2.5:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.64.80.1:443 -> 192.168.2.5:49769 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49830 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49852 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49877 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49901 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49907 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49930 version: TLS 1.2

Networking

Suricata IDS alerts for network traffic

Source: Network traffic

Suricata IDS: 2057333 - Severity 1 - ET PHISHING MAMBA Credential Phish Landing Page 2024-11-08 : 192.168.2.5:49727 -> 104.21.70.232:443

Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49732 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49773 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49830 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49808 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49819 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49889 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49774 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49841 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49930 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49907 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49785 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49797 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49863 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49877 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49918 -> 104.21.70.232:443
Source: Network traffic	Suricata IDS: 2056643 - Severity 2 - ET PHISHING Javascript Browser Fingerprinting POST Request : 192.168.2.5:49852 -> 104.21.70.232:443

Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.14
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknown	TCP traffic detected without corresponding DNS query: 208.89.73.27
Source: unknown	TCP traffic detected without corresponding DNS query: 208.89.73.27
Source: unknown	TCP traffic detected without corresponding DNS query: 208.89.73.27
Source: unknown	TCP traffic detected without corresponding DNS query: 208.89.73.27
Source: unknown	TCP traffic detected without corresponding DNS query: 208.89.73.27
Source: unknown	TCP traffic detected without corresponding DNS query: 208.89.73.27
Source: unknown	TCP traffic detected without corresponding DNS query: 208.89.73.27
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.227
Source: unknown	TCP traffic detected without corresponding DNS query: 23.44.203.68
Source: unknown	TCP traffic detected without corresponding DNS query: 23.203.176.221
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.227
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com HTTP/1.1Host: www.oyabarista.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /files/images/Logo.png HTTP/1.1Host: www.oyabarista.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/6.1.1/css/all.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /w3css/4/w3.css HTTP/1.1Host: www.w3schools.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4.7.5/socket.io.min.js HTTP/1.1Host: cdn.socket.ioConnection: keep-aliveOrigin: https://www.oyabarista.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.oyabarista.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1Host: www.oyabarista.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1Host: www.oyabarista.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNraPW HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=3KIffrGciGku9LcFAAe0 HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: ZtPFtoZ2x84UMtBW0Hft2g==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNraPW HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNraio&sid=3KIffrGciGku9LcFAAe0 HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrail&sid=3KIffrGciGku9LcFAAe0 HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNraio&sid=3KIffrGciGku9LcFAAe0 HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrbOF HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=ceGoATplRk4sAOILAAe3 HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: LFQPQHRj3K0Cy0BCzE3u+A==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrbOF HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrbdU&sid=ceGoATplRk4sAOILAAe3 HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrbdS&sid=ceGoATplRk4sAOILAAe3 HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrbdU&sid=ceGoATplRk4sAOILAAe3 HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrcEg HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=t010Hy5o6-DrcLMyAAe8 HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 6rSjHvMBQUC+Jb69+3Yxqw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrcEg HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrcTW&sid=t010Hy5o6-DrcLMyAAe8 HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrcTV&sid=t010Hy5o6-DrcLMyAAe8 HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrcTW&sid=t010Hy5o6-DrcLMyAAe8 HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrc-m HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=cDcq_6oiPpEKxHw5AAe_ HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: /O64MXq9NSX1GjEUOYIrXg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrc-m HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrdFK&sid=cDcq_6oiPpEKxHw5AAe_ HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrdFJ&sid=cDcq_6oiPpEKxHw5AAe_ HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrdFK&sid=cDcq_6oiPpEKxHw5AAe_ HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrdm- HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=tT5WNbS8nK_GmKtDAAfC HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: 5jfX6saXYEEcvpXSeai5fA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrdm- HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNre0C&sid=tT5WNbS8nK_GmKtDAAfC HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNre0A&sid=tT5WNbS8nK_GmKtDAAfC HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNre0C&sid=tT5WNbS8nK_GmKtDAAfC HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNreWw HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=1tT2ZYxP7eIgijzdAAfF HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: ZSPtxHVB7Jb3tq1ajYhNUQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNreWw HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrelO&sid=1tT2ZYxP7eIgijzdAAfF HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrelM&sid=1tT2ZYxP7eIgijzdAAfF HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrelO&sid=1tT2ZYxP7eIgijzdAAfF HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrfLw HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=F0YwhNqusdKEacySAAfI HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: JXZ1SmqkVejfaQvm9RzfwA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrfLw HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrfbC&sid=F0YwhNqusdKEacySAAfI HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrfbB&sid=F0YwhNqusdKEacySAAfI HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrfbC&sid=F0YwhNqusdKEacySAAfI HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrg8S HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=aHb_mt7ltpbxBIUjAAfL HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: ruzgv2+4Gy1MQ6jhsQClRQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrg8S HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrgMy&sid=aHb_mt7ltpbxBIUjAAfL HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrgMx&sid=aHb_mt7ltpbxBIUjAAfL HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrgMy&sid=aHb_mt7ltpbxBIUjAAfL HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrgxy HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrgxy HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=7qMH1QkTS0k0NzOqAAfQ HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: YyMTPNb80g+ImvIjL2M6NQ==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrhDU&sid=7qMH1QkTS0k0NzOqAAfQ HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrhC-&sid=7qMH1QkTS0k0NzOqAAfQ HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrhDU&sid=7qMH1QkTS0k0NzOqAAfQ HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrhrx HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrhrx HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=gGEhwn_6LXzjgi5BAAfT HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: IkGXZRifcEzix83902Kzjw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNri5n&sid=gGEhwn_6LXzjgi5BAAfT HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNri5g&sid=gGEhwn_6LXzjgi5BAAfT HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNri5n&sid=gGEhwn_6LXzjgi5BAAfT HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrikj HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrikj HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=2YiBHHEGh1iHOHKNAAfW HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: i7MMuKhMTQdx28PFiT3Pxw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrizQ&sid=2YiBHHEGh1iHOHKNAAfW HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrizO&sid=2YiBHHEGh1iHOHKNAAfW HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrizQ&sid=2YiBHHEGh1iHOHKNAAfW HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrjeo HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrjeo HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=sOtA6zh2FsG50UT0AAfZ HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: lbadGqHx4TXj+c3PC772EA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrjtl&sid=sOtA6zh2FsG50UT0AAfZ HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrjtk&sid=sOtA6zh2FsG50UT0AAfZ HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrjtl&sid=sOtA6zh2FsG50UT0AAfZ HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrkYN HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrkYN HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=EMzR_z9H-w08ZyAdAAfc HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: ZpHJrjbXD+JNGF3LbCtN4w==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrkmv&sid=EMzR_z9H-w08ZyAdAAfc HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrkmu&sid=EMzR_z9H-w08ZyAdAAfc HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrkmv&sid=EMzR_z9H-w08ZyAdAAfc HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrlUi HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrlUi HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrlkC&sid=LP9pboDna7Lg8G9ZAAfh HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=LP9pboDna7Lg8G9ZAAfh HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: X7uavfZo9qZLazeJs9Qkcg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrlkB&sid=LP9pboDna7Lg8G9ZAAfh HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrlkC&sid=LP9pboDna7Lg8G9ZAAfh HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrmGX HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrmGX HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrmWi&sid=p_0vHNI0wq1dN5-_AAfl HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrmWh&sid=p_0vHNI0wq1dN5-_AAfl HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=websocket&sid=p_0vHNI0wq1dN5-_AAfl HTTP/1.1Host: mssnet0nses.clickConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://www.oyabarista.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Sec-WebSocket-Key: ZSLh3OvhONTE4OrmLEX4xw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrmWi&sid=p_0vHNI0wq1dN5-_AAfl HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrnFW HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveAuth_UID: USER04032025U29030403Session_Email: info@kostal.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Origin: https://www.oyabarista.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.oyabarista.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /socket.io/?EIO=4&transport=polling&t=PNNrnFW HTTP/1.1Host: mssnet0nses.clickConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.oyabarista.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: cdn.socket.io
Source: global traffic	DNS traffic detected: DNS query: www.w3schools.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: mssnet0nses.click

Source: unknown

HTTP traffic detected: POST /n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com HTTP/1.1Host: www.oyabarista.comConnection: keep-aliveContent-Length: 147028Cache-Control: max-age=0sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Origin: https://www.oyabarista.comContent-Type: application/x-www-form-urlencodedUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.comAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 27 Mar 2025 13:41:19 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeExpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: max-age=14400, must-revalidateLink: <https://www.oyabarista.com/wp-json/>; rel="https://api.w.org/"CF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1U%2Bk9gUniMBmSCvMHGoFCfN3uCbfV2pr7qw8OajNonIyprtF1UYWICfL7KCAAYXomRfuWcgjDJayA0yM0VupPPpSt20FjvJY16arwC%2FPXr4ho20eT6lp54qNsJB7abZW2qyAVDk%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 926f4df4ff2e4544-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=84156&min_rtt=84134&rtt_var=17781&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2831&recv_bytes=1277&delivery_rate=36304&cwnd=252&unsent_bytes=0&cid=772a18d1f93e208e&ts=2818&x=0"

Source: chromecache_119.6.dr	String found in binary or memory: https://fontawesome.com
Source: chromecache_119.6.dr	String found in binary or memory: https://fontawesome.com/license/free

Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 49903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 142.250.81.228:443 -> 192.168.2.5:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.17.24.14:443 -> 192.168.2.5:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.44.201.164:443 -> 192.168.2.5:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 3.168.73.27:443 -> 192.168.2.5:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.209.72.9:443 -> 192.168.2.5:49752 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.209.72.31:443 -> 192.168.2.5:49754 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.168.189:443 -> 192.168.2.5:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.64.80.1:443 -> 192.168.2.5:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.64.80.1:443 -> 192.168.2.5:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.64.80.1:443 -> 192.168.2.5:49769 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49785 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49808 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49830 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49852 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49877 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.190.80.1:443 -> 192.168.2.5:49901 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49907 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.21.70.232:443 -> 192.168.2.5:49930 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\scoped_dir2956_1019717835

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\scoped_dir2956_1019717835

Jump to behavior

Source: classification engine

Classification label: mal96.phis.win@23/47@24/11

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2052,i,12725820562715277993,14582703269513856104,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2080 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2052,i,12725820562715277993,14582703269513856104,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=5032 /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2052,i,12725820562715277993,14582703269513856104,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2080 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=printing.mojom.UnsandboxedPrintBackendHost --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2052,i,12725820562715277993,14582703269513856104,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=5032 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	1 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 File Deletion	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	0%	Avira URL Cloud	safe

Source	Detection	Scanner	Label
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=ceGoATplRk4sAOILAAe3	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrdFK&sid=cDcq_6oiPpEKxHw5AAe_	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=tT5WNbS8nK_GmKtDAAfC	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrizO&sid=2YiBHHEGh1iHOHKNAAfW	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrizQ&sid=2YiBHHEGh1iHOHKNAAfW	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=3KIffrGciGku9LcFAAe0	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrjtk&sid=sOtA6zh2FsG50UT0AAfZ	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=LP9pboDna7Lg8G9ZAAfh	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrcEg	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNraio&sid=3KIffrGciGku9LcFAAe0	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrhDU&sid=7qMH1QkTS0k0NzOqAAfQ	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNre0C&sid=tT5WNbS8nK_GmKtDAAfC	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrdFJ&sid=cDcq_6oiPpEKxHw5AAe_	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrc-m	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrkmv&sid=EMzR_z9H-w08ZyAdAAfc	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNre0A&sid=tT5WNbS8nK_GmKtDAAfC	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=7qMH1QkTS0k0NzOqAAfQ	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=F0YwhNqusdKEacySAAfI	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrfbC&sid=F0YwhNqusdKEacySAAfI	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrfbB&sid=F0YwhNqusdKEacySAAfI	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrhC-&sid=7qMH1QkTS0k0NzOqAAfQ	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrkmu&sid=EMzR_z9H-w08ZyAdAAfc	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=aHb_mt7ltpbxBIUjAAfL	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrjtl&sid=sOtA6zh2FsG50UT0AAfZ	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrail&sid=3KIffrGciGku9LcFAAe0	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrmGX	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNreWw	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=cDcq_6oiPpEKxHw5AAe_	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrlUi	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=gGEhwn_6LXzjgi5BAAfT	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNri5n&sid=gGEhwn_6LXzjgi5BAAfT	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=2YiBHHEGh1iHOHKNAAfW	100%	Avira URL Cloud	malware
https://www.oyabarista.com/favicon.ico	0%	Avira URL Cloud	safe
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrfLw	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrbdS&sid=ceGoATplRk4sAOILAAe3	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrgMx&sid=aHb_mt7ltpbxBIUjAAfL	100%	Avira URL Cloud	malware
https://www.oyabarista.com/files/images/Logo.png	0%	Avira URL Cloud	safe
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrjeo	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrikj	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=sOtA6zh2FsG50UT0AAfZ	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrnFW	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrmWi&sid=p_0vHNI0wq1dN5-_AAfl	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrgMy&sid=aHb_mt7ltpbxBIUjAAfL	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrkYN	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrg8S	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=t010Hy5o6-DrcLMyAAe8	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrbdU&sid=ceGoATplRk4sAOILAAe3	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrdm-	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrbOF	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrcTV&sid=t010Hy5o6-DrcLMyAAe8	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrhrx	100%	Avira URL Cloud	malware
https://www.oyabarista.com/wp-includes/images/w-logo-blue-white-bg.png	0%	Avira URL Cloud	safe
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrlkB&sid=LP9pboDna7Lg8G9ZAAfh	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNri5g&sid=gGEhwn_6LXzjgi5BAAfT	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=p_0vHNI0wq1dN5-_AAfl	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrmWh&sid=p_0vHNI0wq1dN5-_AAfl	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrcTW&sid=t010Hy5o6-DrcLMyAAe8	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNraPW	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrgxy	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrlkC&sid=LP9pboDna7Lg8G9ZAAfh	100%	Avira URL Cloud	malware
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=EMzR_z9H-w08ZyAdAAfc	100%	Avira URL Cloud	malware

Domains and IPs

Download Network PCAP: filtered – full

Contacted Domains

Name	IP	Active	Malicious	Reputation
a.nel.cloudflare.com	35.190.80.1	true	false	high
e329293.dscd.akamaiedge.net	23.209.72.9	true	false	high
mssnet0nses.click	172.64.80.1	true	false	high
d2vgu95hoyrpkh.cloudfront.net	3.168.73.27	true	false	high
cdnjs.cloudflare.com	104.17.24.14	true	false	high
www.oyabarista.com	104.21.70.232	true	true	unknown
s-part-0013.t-0009.t-msedge.net	13.107.246.41	true	false	high
www.google.com	142.250.81.228	true	false	high
a1400.dscb.akamai.net	23.44.201.164	true	false	high
aadcdn.msftauth.net	unknown	unknown	false	high
www.w3schools.com	unknown	unknown	false	high
cdn.socket.io	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrizO&sid=2YiBHHEGh1iHOHKNAAfW	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=3KIffrGciGku9LcFAAe0	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=ceGoATplRk4sAOILAAe3	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=tT5WNbS8nK_GmKtDAAfC	false	Avira URL Cloud: malware	unknown
https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com	true		unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrjtk&sid=sOtA6zh2FsG50UT0AAfZ	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrcEg	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=LP9pboDna7Lg8G9ZAAfh	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNraio&sid=3KIffrGciGku9LcFAAe0	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrizQ&sid=2YiBHHEGh1iHOHKNAAfW	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrdFK&sid=cDcq_6oiPpEKxHw5AAe_	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrhDU&sid=7qMH1QkTS0k0NzOqAAfQ	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNre0C&sid=tT5WNbS8nK_GmKtDAAfC	false	Avira URL Cloud: malware	unknown
https://a.nel.cloudflare.com/report/v4?s=7GSZgEejbSUHi88UdClQe%2F%2BV1T9BBLhcl6EwBLshMTGr1xYwdAasGxVAeuUdMEdgXJzIIicf1tjqtZYkolmtGSnd%2BVFWyZuQicstyr7sWNmue3C6s0Gn%2FPK31C5CEkXTZINEFA%3D%3D	false		high
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrc-m	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=7qMH1QkTS0k0NzOqAAfQ	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrdFJ&sid=cDcq_6oiPpEKxHw5AAe_	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrfbC&sid=F0YwhNqusdKEacySAAfI	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNre0A&sid=tT5WNbS8nK_GmKtDAAfC	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrfbB&sid=F0YwhNqusdKEacySAAfI	false	Avira URL Cloud: malware	unknown
https://a.nel.cloudflare.com/report/v4?s=zbxkUsvSYnfAHmNjZJnAMVTbfcKnJhj9G%2BrrqpVAkJpY78q48K5R0ZkIcyJjZ5KeyfZu4FMpwYwVkKKnYPmUyWpoLIcv1WEvXvUpi%2BuOhpYUjo9ajlOIASFP2HVNK%2B4KoDbVMIo%3D	false		high
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=F0YwhNqusdKEacySAAfI	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrkmv&sid=EMzR_z9H-w08ZyAdAAfc	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrhC-&sid=7qMH1QkTS0k0NzOqAAfQ	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrkmu&sid=EMzR_z9H-w08ZyAdAAfc	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrail&sid=3KIffrGciGku9LcFAAe0	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrjtl&sid=sOtA6zh2FsG50UT0AAfZ	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrmGX	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=cDcq_6oiPpEKxHw5AAe_	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=aHb_mt7ltpbxBIUjAAfL	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrlUi	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNreWw	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=gGEhwn_6LXzjgi5BAAfT	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=2YiBHHEGh1iHOHKNAAfW	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNri5n&sid=gGEhwn_6LXzjgi5BAAfT	false	Avira URL Cloud: malware	unknown
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css	false		high
https://www.w3schools.com/w3css/4/w3.css	false		high
https://www.oyabarista.com/favicon.ico	true	Avira URL Cloud: safe	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrbdS&sid=ceGoATplRk4sAOILAAe3	false	Avira URL Cloud: malware	unknown
https://www.oyabarista.com/files/images/Logo.png	true	Avira URL Cloud: safe	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrfLw	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrjeo	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=sOtA6zh2FsG50UT0AAfZ	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrgMx&sid=aHb_mt7ltpbxBIUjAAfL	false	Avira URL Cloud: malware	unknown
https://cdn.socket.io/4.7.5/socket.io.min.js	false		high
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrikj	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrmWi&sid=p_0vHNI0wq1dN5-_AAfl	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrnFW	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrgMy&sid=aHb_mt7ltpbxBIUjAAfL	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrkYN	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrbdU&sid=ceGoATplRk4sAOILAAe3	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=t010Hy5o6-DrcLMyAAe8	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrg8S	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrdm-	false	Avira URL Cloud: malware	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg	false		high
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrbOF	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrcTV&sid=t010Hy5o6-DrcLMyAAe8	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrhrx	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrlkB&sid=LP9pboDna7Lg8G9ZAAfh	false	Avira URL Cloud: malware	unknown
https://www.oyabarista.com/wp-includes/images/w-logo-blue-white-bg.png	true	Avira URL Cloud: safe	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNri5g&sid=gGEhwn_6LXzjgi5BAAfT	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrmWh&sid=p_0vHNI0wq1dN5-_AAfl	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=p_0vHNI0wq1dN5-_AAfl	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNraPW	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrcTW&sid=t010Hy5o6-DrcLMyAAe8	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrgxy	false	Avira URL Cloud: malware	unknown
https://mssnet0nses.click/socket.io/?EIO=4&transport=polling&t=PNNrlkC&sid=LP9pboDna7Lg8G9ZAAfh	false	Avira URL Cloud: malware	unknown
https://a.nel.cloudflare.com/report/v4?s=1U%2Bk9gUniMBmSCvMHGoFCfN3uCbfV2pr7qw8OajNonIyprtF1UYWICfL7KCAAYXomRfuWcgjDJayA0yM0VupPPpSt20FjvJY16arwC%2FPXr4ho20eT6lp54qNsJB7abZW2qyAVDk%3D	false		high
https://mssnet0nses.click/socket.io/?EIO=4&transport=websocket&sid=EMzR_z9H-w08ZyAdAAfc	false	Avira URL Cloud: malware	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://fontawesome.com/license/free	chromecache_119.6.dr	false		high
https://fontawesome.com	chromecache_119.6.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
23.209.72.9	e329293.dscd.akamaiedge.net	United States	20940	AKAMAI-ASN1EU	false
172.67.168.189	unknown	United States	13335	CLOUDFLARENETUS	false
104.21.70.232	www.oyabarista.com	United States	13335	CLOUDFLARENETUS	true
142.250.81.228	www.google.com	United States	15169	GOOGLEUS	false
23.44.201.164	a1400.dscb.akamai.net	United States	20940	AKAMAI-ASN1EU	false
3.168.73.27	d2vgu95hoyrpkh.cloudfront.net	United States	16509	AMAZON-02US	false
172.64.80.1	mssnet0nses.click	United States	13335	CLOUDFLARENETUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
23.209.72.31	unknown	United States	20940	AKAMAI-ASN1EU	false

Private

IP
192.168.2.5

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1650178
Start date and time:	2025-03-27 14:40:12 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 13s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	18
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal96.phis.win@23/47@24/11
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, audiodg.exe, BackgroundTransferHost.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 23.9.183.29, 142.250.65.206, 142.251.32.99, 172.253.62.84, 142.250.80.46, 142.251.35.163, 142.250.81.234, 142.251.32.106, 142.251.35.170, 142.251.40.106, 142.251.40.138, 142.251.40.170, 142.250.80.74, 142.250.80.106, 142.250.176.202, 142.251.40.202, 142.251.40.234, 142.251.41.10, 172.217.165.138, 142.250.65.170, 142.250.65.202, 142.250.65.234, 142.251.40.195, 34.104.35.123, 20.109.210.53, 23.96.180.189, 150.171.27.10, 23.44.203.87, 13.107.246.41
Excluded domains from analysis (whitelisted): logincdn.msauth.net, lgincdnmsftuswe2.azureedge.net, slscr.update.microsoft.com, clientservices.googleapis.com, g.bing.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, e16604.dscf.akamaiedge.net, arc.msn.com, clients2.google.com, redirector.gvt1.com, update.googleapis.com, www.gstatic.com, prod.fs.microsoft.com.akadns.net, www.bing.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, aadcdnoriginwus2.azureedge.net, aadcdn.msauth.net, firstparty-azurefd-prod.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, aadcdnoriginwus2.afd.azureedge.net, lgincdnmsftuswe2.afd.azureedge.net, clients.l.google.com
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtOpenFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	41
Entropy (8bit):	4.180365114215879
Encrypted:	false
SSDEEP:	3:YGKhIWANmq6LFHYn:YGKhCNU4
MD5:	64E1C1EB9F4CAF0CF0E7484D7AFCEDB9
SHA1:	69E40D8C48A866A84046FD8BD17AF47FF02B79A4
SHA-256:	8ACAC48BC106C4EAE580C08071597F9DAFAB96D959DEFF65BEC44514DA907B1D
SHA-512:	F109767D57E85127D18B1AD2030A48C0EAD69F79A15C4008712407B1F62691654B74C9D6E225FFDC4A922847EABB928DC7520A656C7081B585124CF678B54E59
Malicious:	false
Reputation:	low
Preview:	{"code":1,"message":"Session ID unknown"}

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Mar 27, 2025 14:41:11.292300940 CET	53	64275	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:11.429172039 CET	53	52355	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:11.863379955 CET	53	53216	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:12.014601946 CET	53	55719	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:15.223923922 CET	54815	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:15.224250078 CET	61301	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:15.307034969 CET	53	54815	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:15.307059050 CET	53	61301	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:16.473262072 CET	52708	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:16.473496914 CET	64855	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:16.570664883 CET	53	52708	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:16.574084044 CET	53	64855	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:19.566155910 CET	53157	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:19.566472054 CET	62754	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:19.648933887 CET	53	53157	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:19.649183989 CET	53	62754	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:25.332910061 CET	51428	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:25.333416939 CET	53207	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:25.333631992 CET	62668	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:25.333631992 CET	58131	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:25.333971977 CET	51312	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:25.335000038 CET	64644	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:25.416240931 CET	53	51428	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:25.416585922 CET	53	62668	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:25.416599989 CET	53	58131	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:25.416613102 CET	53	51312	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:25.418090105 CET	53	64644	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:25.430932045 CET	53	53207	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:26.225919008 CET	50875	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:26.226366997 CET	61064	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:26.308700085 CET	53	50875	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:26.309103966 CET	53	61064	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:26.309703112 CET	53	52173	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:26.446652889 CET	53	54201	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:26.708713055 CET	60133	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:26.708931923 CET	49373	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:26.791951895 CET	53	60133	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:26.791977882 CET	53	49373	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:26.794902086 CET	53	55396	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:28.716505051 CET	50924	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:28.716548920 CET	52145	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:28.799396038 CET	53	50924	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:28.799417973 CET	53	52145	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:29.103301048 CET	53	58758	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:40.001887083 CET	49675	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:40.002119064 CET	60931	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:40.091831923 CET	53	60931	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:40.104636908 CET	53	49675	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:41.228094101 CET	56302	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:41.228270054 CET	52948	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:41:41.312186003 CET	53	56302	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:41.312200069 CET	53	52948	1.1.1.1	192.168.2.5
Mar 27, 2025 14:41:47.308549881 CET	53	63039	162.159.36.2	192.168.2.5
Mar 27, 2025 14:41:47.823303938 CET	53	52909	1.1.1.1	192.168.2.5
Mar 27, 2025 14:42:05.990773916 CET	138	138	192.168.2.5	192.168.2.255
Mar 27, 2025 14:42:10.562284946 CET	53	49359	1.1.1.1	192.168.2.5
Mar 27, 2025 14:42:11.139764071 CET	53	51917	1.1.1.1	192.168.2.5
Mar 27, 2025 14:42:19.569606066 CET	50717	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:42:19.570063114 CET	49946	53	192.168.2.5	1.1.1.1
Mar 27, 2025 14:42:19.652960062 CET	53	50717	1.1.1.1	192.168.2.5
Mar 27, 2025 14:42:19.653486967 CET	53	49946	1.1.1.1	192.168.2.5

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:16 UTC	764	OUT	GET /n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com HTTP/1.1 Host: www.oyabarista.com Connection: keep-alive sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:18 UTC	801	IN	HTTP/1.1 200 OK Date: Thu, 27 Mar 2025 13:41:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VP0gL7Zsmm%2BrNUP9n9BF%2BxW6RR%2FAU2vVlUyh%2B4dm3Mu4wNU6jJ9vev6LRp%2FoV2Y%2FbiPPhCxhI9NdgYudex0T9sR8qvvPz5kxDBJL10KHr6dV9ZFwOElgmZmKJc1mzk3KkB4ckZE%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4decb8174339-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=83627&min_rtt=83534&rtt_var=17707&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2833&recv_bytes=1336&delivery_rate=36584&cwnd=252&unsent_bytes=0&cid=0a62dfc20dae8e0e&ts=1417&x=0"
2025-03-27 13:41:18 UTC	568	IN	Data Raw: 62 33 63 0d 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 45 64 67 65 22 3e 0a 20 20 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 64 69 76 20 69 64 3d 22 72 6f 6f 74 22 3e 0a 20 20 20 20 20 20 3c 69 6d 67 Data Ascii: b3c<!DOCTYPE html><html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta http-equiv="X-UA-Compatible" content="IE=Edge"> </head> <body> <div id="root"> <img
2025-03-27 13:41:18 UTC	1369	IN	Data Raw: 31 6a 59 58 52 6a 61 43 68 30 4b 58 74 6c 4c 6e 42 31 63 32 67 6f 64 43 35 74 5a 58 4e 7a 59 57 64 6c 4b 58 31 39 5a 6d 39 79 4b 48 5a 68 63 69 42 6b 49 47 6c 75 49 47 45 70 62 69 68 6b 4b 54 74 30 63 6e 6c 37 64 6d 46 79 49 47 63 39 54 32 4a 71 5a 57 4e 30 4c 6d 64 6c 64 45 39 33 62 6c 42 79 62 33 42 6c 63 6e 52 35 54 6d 46 74 5a 58 4d 6f 59 53 6b 37 5a 6d 39 79 4b 47 51 39 4d 44 74 6b 50 47 63 75 62 47 56 75 5a 33 52 6f 4f 79 73 72 5a 43 6c 75 4b 47 64 62 5a 46 30 70 4f 32 5a 62 49 69 45 68 49 6c 30 39 5a 33 31 6a 59 58 52 6a 61 43 68 73 4b 58 74 6c 4c 6e 42 31 63 32 67 6f 62 43 35 74 5a 58 4e 7a 59 57 64 6c 4b 58 31 79 5a 58 52 31 63 6d 34 67 5a 6e 31 39 59 69 35 7a 59 33 4a 6c 5a 57 34 39 59 79 68 33 61 57 35 6b 62 33 63 75 63 32 4e 79 5a 57 56 75 4b Data Ascii: 1jYXRjaCh0KXtlLnB1c2godC5tZXNzYWdlKX19Zm9yKHZhciBkIGluIGEpbihkKTt0cnl7dmFyIGc9T2JqZWN0LmdldE93blByb3BlcnR5TmFtZXMoYSk7Zm9yKGQ9MDtkPGcubGVuZ3RoOysrZCluKGdbZF0pO2ZbIiEhIl09Z31jYXRjaChsKXtlLnB1c2gobC5tZXNzYWdlKX1yZXR1cm4gZn19Yi5zY3JlZW49Yyh3aW5kb3cuc2NyZWVuK
2025-03-27 13:41:18 UTC	946	IN	Data Raw: 6b 62 33 49 36 62 53 35 6e 5a 58 52 51 59 58 4a 68 62 57 56 30 5a 58 49 6f 63 69 35 56 54 6b 31 42 55 30 74 46 52 46 39 57 52 55 35 45 54 31 4a 66 56 30 56 43 52 30 77 70 4c 48 4a 6c 62 6d 52 6c 63 6d 56 79 4f 6d 30 75 5a 32 56 30 55 47 46 79 59 57 31 6c 64 47 56 79 4b 48 49 75 56 55 35 4e 51 56 4e 4c 52 55 52 66 55 6b 56 4f 52 45 56 53 52 56 4a 66 56 30 56 43 52 30 77 70 66 58 31 6a 59 58 52 6a 61 43 68 68 4b 58 74 6c 4c 6e 42 31 63 32 67 6f 59 53 35 74 5a 58 4e 7a 59 57 64 6c 4b 58 31 6d 64 57 35 6a 64 47 6c 76 62 69 42 6f 4b 47 45 73 5a 69 78 6b 4b 58 74 32 59 58 49 67 5a 7a 31 68 4c 6e 42 79 62 33 52 76 64 48 6c 77 5a 56 74 6d 58 54 74 68 4c 6e 42 79 62 33 52 76 64 48 6c 77 5a 56 74 6d 58 54 31 6d 64 57 35 6a 64 47 6c 76 62 69 67 70 65 32 49 75 63 48 Data Ascii: kb3I6bS5nZXRQYXJhbWV0ZXIoci5VTk1BU0tFRF9WRU5ET1JfV0VCR0wpLHJlbmRlcmVyOm0uZ2V0UGFyYW1ldGVyKHIuVU5NQVNLRURfUkVOREVSRVJfV0VCR0wpfX1jYXRjaChhKXtlLnB1c2goYS5tZXNzYWdlKX1mdW5jdGlvbiBoKGEsZixkKXt2YXIgZz1hLnByb3RvdHlwZVtmXTthLnByb3RvdHlwZVtmXT1mdW5jdGlvbigpe2IucH
2025-03-27 13:41:18 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:18 UTC	705	OUT	GET /files/images/Logo.png HTTP/1.1 Host: www.oyabarista.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:19 UTC	958	IN	HTTP/1.1 404 Not Found Date: Thu, 27 Mar 2025 13:41:19 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Expires: Wed, 11 Jan 1984 05:00:00 GMT Cache-Control: max-age=14400, must-revalidate Link: <https://www.oyabarista.com/wp-json/>; rel="https://api.w.org/" CF-Cache-Status: EXPIRED Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1U%2Bk9gUniMBmSCvMHGoFCfN3uCbfV2pr7qw8OajNonIyprtF1UYWICfL7KCAAYXomRfuWcgjDJayA0yM0VupPPpSt20FjvJY16arwC%2FPXr4ho20eT6lp54qNsJB7abZW2qyAVDk%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4df4ff2e4544-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=84156&min_rtt=84134&rtt_var=17781&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2831&recv_bytes=1277&delivery_rate=36304&cwnd=252&unsent_bytes=0&cid=772a18d1f93e208e&ts=2818&x=0"
2025-03-27 13:41:19 UTC	411	IN	Data Raw: 37 37 65 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 09 09 09 09 0a 09 09 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 75 72 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 6f 79 61 62 61 72 69 73 74 61 2e 63 6f 6d 2f 66 69 6c 65 73 2f 69 6d 61 67 65 73 2f 4c 6f 67 6f 2e 70 6e 67 22 2f 3e 0a 09 09 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 61 72 74 69 63 6c 65 22 2f 3e 0a 09 09 09 3c 6d 65 74 61 20 70 72 6f 70 65 72 74 79 3d 22 6f 67 3a 74 69 74 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 4f 26 23 30 33 39 3b 59 41 20 42 41 52 49 53 54 41 22 2f 3e 0a 09 09 09 3c 6d 65 74 61 20 Data Ascii: 77eb<!DOCTYPE html><html lang="en"><head><meta property="og:url" content="https://www.oyabarista.com/files/images/Logo.png"/><meta property="og:type" content="article"/><meta property="og:title" content="O'YA BARISTA"/><meta
2025-03-27 13:41:19 UTC	1369	IN	Data Raw: 74 69 76 65 2e 63 6f 6d 2f 77 70 2d 63 6f 6e 74 65 6e 74 2f 75 70 6c 6f 61 64 73 2f 32 30 31 39 2f 30 34 2f 6f 70 65 6e 5f 67 72 61 70 68 2e 6a 70 67 22 2f 3e 0a 09 09 0a 09 09 09 09 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 2f 3e 0a 09 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 72 6f 66 69 6c 65 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 6d 70 67 2e 6f 72 67 2f 78 66 6e 2f 31 31 22 20 2f 3e 0a 09 09 09 0a 09 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 79 65 73 22 3e 0a 09 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 Data Ascii: tive.com/wp-content/uploads/2019/04/open_graph.jpg"/><meta charset="UTF-8"/><link rel="profile" href="https://gmpg.org/xfn/11" /><meta name="viewport" content="width=device-width,initial-scale=1,user-scalable=yes"><title>Page not
2025-03-27 13:41:19 UTC	1369	IN	Data Raw: 74 61 29 2c 72 3d 28 65 2e 63 6c 65 61 72 52 65 63 74 28 30 2c 30 2c 65 2e 63 61 6e 76 61 73 2e 77 69 64 74 68 2c 65 2e 63 61 6e 76 61 73 2e 68 65 69 67 68 74 29 2c 65 2e 66 69 6c 6c 54 65 78 74 28 6e 2c 30 2c 30 29 2c 6e 65 77 20 55 69 6e 74 33 32 41 72 72 61 79 28 65 2e 67 65 74 49 6d 61 67 65 44 61 74 61 28 30 2c 30 2c 65 2e 63 61 6e 76 61 73 2e 77 69 64 74 68 2c 65 2e 63 61 6e 76 61 73 2e 68 65 69 67 68 74 29 2e 64 61 74 61 29 29 3b 72 65 74 75 72 6e 20 74 2e 65 76 65 72 79 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 65 3d 3d 3d 72 5b 74 5d 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 75 28 65 2c 74 2c 6e 29 7b 73 77 69 74 63 68 28 74 29 7b 63 61 73 65 22 66 6c 61 67 22 3a 72 65 74 75 72 6e 20 6e 28 65 2c 22 5c 75 64 38 33 63 5c 75 64 66 Data Ascii: ta),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udf
2025-03-27 13:41:19 UTC	1369	IN	Data Raw: 7b 76 61 72 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 72 79 7b 76 61 72 20 65 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 6f 29 29 3b 69 66 28 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 65 2e 74 69 6d 65 73 74 61 6d 70 26 26 28 6e 65 77 20 44 61 74 65 29 2e 76 61 6c 75 65 4f 66 28 29 3c 65 2e 74 69 6d 65 73 74 61 6d 70 2b 36 30 34 38 30 30 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 2e 73 75 70 70 6f 72 74 54 65 73 74 73 29 72 65 74 75 72 6e 20 65 2e 73 75 70 70 6f 72 74 54 65 73 74 73 7d 63 61 74 63 68 28 65 29 7b 7d 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 28 29 3b 69 66 28 21 6e 29 7b 69 66 28 22 75 6e 64 65 66 Data Ascii: {var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undef
2025-03-27 13:41:19 UTC	1369	IN	Data Raw: 64 65 72 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 62 6f 78 2d 73 68 61 64 6f 77 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 68 65 69 67 68 74 3a 20 31 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 77 69 64 74 68 3a 20 31 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 6d 61 72 67 69 6e 3a 20 30 20 30 2e 30 37 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 2d 30 2e 31 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 6e 6f 6e 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 7d 0a 3c 2f 73 74 79 6c 65 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 Data Ascii: der: none !important;box-shadow: none !important;height: 1em !important;width: 1em !important;margin: 0 0.07em !important;vertical-align: -0.1em !important;background: none !important;padding: 0 !important;}</style><link rel='stylesheet'
2025-03-27 13:41:19 UTC	1369	IN	Data Raw: 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 76 69 76 69 64 2d 63 79 61 6e 2d 62 6c 75 65 2d 74 6f 2d 76 69 76 69 64 2d 70 75 72 70 6c 65 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 61 28 36 2c 31 34 37 2c 32 32 37 2c 31 29 20 30 25 2c 72 67 62 28 31 35 35 2c 38 31 2c 32 32 34 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 74 6f 2d 76 69 76 69 64 2d 67 72 65 65 6e 2d 63 79 61 6e 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 31 32 32 2c 32 32 30 2c 31 38 30 29 20 30 25 2c 72 67 62 28 30 2c 32 30 38 2c 31 33 30 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 Data Ascii: --gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--grad
2025-03-27 13:41:19 UTC	1369	IN	Data Raw: 34 38 2c 31 32 38 29 20 30 25 2c 72 67 62 28 31 31 33 2c 32 30 36 2c 31 32 36 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 67 72 61 64 69 65 6e 74 2d 2d 6d 69 64 6e 69 67 68 74 3a 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 31 33 35 64 65 67 2c 72 67 62 28 32 2c 33 2c 31 32 39 29 20 30 25 2c 72 67 62 28 34 30 2c 31 31 36 2c 32 35 32 29 20 31 30 30 25 29 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 73 6d 61 6c 6c 3a 20 31 33 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6d 65 64 69 75 6d 3a 20 32 30 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 66 6f 6e 74 2d 73 69 7a 65 2d 2d 6c 61 72 67 65 3a 20 33 36 70 78 3b 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d Data Ascii: 48,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--
2025-03-27 13:41:19 UTC	1369	IN	Data Raw: 67 68 74 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 73 74 61 72 74 3a 20 32 65 6d 3b 6d 61 72 67 69 6e 2d 69 6e 6c 69 6e 65 2d 65 6e 64 3a 20 30 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 2e 61 6c 69 67 6e 63 65 6e 74 65 72 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 20 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 62 6f 64 79 20 2e 69 73 2d 6c 61 79 6f 75 74 2d 63 6f 6e 73 74 72 61 69 6e 65 64 20 3e 20 3a 77 68 65 72 65 28 3a 6e 6f 74 28 2e 61 6c 69 67 6e 6c 65 66 74 29 3a 6e 6f 74 28 2e 61 6c 69 67 6e 72 69 67 68 74 29 3a 6e 6f 74 28 2e 61 6c 69 67 6e 66 75 6c 6c 29 29 7b 6d 61 78 2d 77 69 64 74 68 3a 20 76 61 Data Ascii: ght;margin-inline-start: 2em;margin-inline-end: 0;}body .is-layout-constrained > .aligncenter{margin-left: auto !important;margin-right: auto !important;}body .is-layout-constrained > :where(:not(.alignleft):not(.alignright):not(.alignfull)){max-width: va
2025-03-27 13:41:19 UTC	1369	IN	Data Raw: 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 75 6d 69 6e 6f 75 73 2d 76 69 76 69 64 2d 61 6d 62 65 72 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 6c 69 67 68 74 2d 67 72 65 65 6e 2d 63 79 61 6e 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 67 72 65 65 6e 2d 63 79 61 6e 2d 63 6f 6c 6f 72 7b 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 67 72 65 65 6e 2d 63 79 61 6e 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 Data Ascii: color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.ha
2025-03-27 13:41:19 UTC	1369	IN	Data Raw: 61 6e 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 76 69 76 69 64 2d 67 72 65 65 6e 2d 63 79 61 6e 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 70 61 6c 65 2d 63 79 61 6e 2d 62 6c 75 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 76 61 72 28 2d 2d 77 70 2d 2d 70 72 65 73 65 74 2d 2d 63 6f 6c 6f 72 2d 2d 70 61 6c 65 2d 63 79 61 6e 2d 62 6c 75 65 29 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 2e 68 61 73 2d 76 69 76 69 64 2d 63 79 61 6e 2d 62 6c 75 65 2d 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 Data Ascii: an-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:19 UTC	1021	OUT	POST /n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com HTTP/1.1 Host: www.oyabarista.com Connection: keep-alive Content-Length: 147028 Cache-Control: max-age=0 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Origin: https://www.oyabarista.com Content-Type: application/x-www-form-urlencoded Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Referer: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:19 UTC	16384	OUT	Data Raw: 64 61 74 61 3d 25 37 42 25 32 32 73 63 72 65 65 6e 25 32 32 25 33 41 25 37 42 25 32 32 61 76 61 69 6c 57 69 64 74 68 25 32 32 25 33 41 31 32 38 30 25 32 43 25 32 32 61 76 61 69 6c 48 65 69 67 68 74 25 32 32 25 33 41 39 38 34 25 32 43 25 32 32 77 69 64 74 68 25 32 32 25 33 41 31 32 38 30 25 32 43 25 32 32 68 65 69 67 68 74 25 32 32 25 33 41 31 30 32 34 25 32 43 25 32 32 63 6f 6c 6f 72 44 65 70 74 68 25 32 32 25 33 41 32 34 25 32 43 25 32 32 70 69 78 65 6c 44 65 70 74 68 25 32 32 25 33 41 32 34 25 32 43 25 32 32 61 76 61 69 6c 4c 65 66 74 25 32 32 25 33 41 30 25 32 43 25 32 32 61 76 61 69 6c 54 6f 70 25 32 32 25 33 41 30 25 32 43 25 32 32 6f 72 69 65 6e 74 61 74 69 6f 6e 25 32 32 25 33 41 25 32 32 25 35 42 6f 62 6a 65 63 74 2b 53 63 72 65 65 6e 4f 72 69 65 Data Ascii: data=%7B%22screen%22%3A%7B%22availWidth%22%3A1280%2C%22availHeight%22%3A984%2C%22width%22%3A1280%2C%22height%22%3A1024%2C%22colorDepth%22%3A24%2C%22pixelDepth%22%3A24%2C%22availLeft%22%3A0%2C%22availTop%22%3A0%2C%22orientation%22%3A%22%5Bobject+ScreenOrie
2025-03-27 13:41:19 UTC	16384	OUT	Data Raw: 32 43 25 32 32 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 58 4d 4c 44 6f 63 75 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 58 4d 4c 44 6f 63 75 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 57 72 69 74 61 62 6c 65 53 74 72 65 61 6d 44 65 66 61 75 6c 74 57 72 69 74 65 72 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 57 72 69 74 61 62 6c 65 53 74 72 65 61 6d 44 65 66 61 75 6c 74 57 72 69 74 65 72 25 32 38 25 32 39 2b 25 37 42 Data Ascii: 2C%22XMLHttpRequest%22%3A%22function+XMLHttpRequest%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22XMLDocument%22%3A%22function+XMLDocument%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22WritableStreamDefaultWriter%22%3A%22function+WritableStreamDefaultWriter%28%29+%7B
2025-03-27 13:41:19 UTC	16384	OUT	Data Raw: 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 53 56 47 41 6e 69 6d 61 74 65 64 53 74 72 69 6e 67 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 53 56 47 41 6e 69 6d 61 74 65 64 53 74 72 69 6e 67 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 53 56 47 41 6e 69 6d 61 74 65 64 52 65 63 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 53 56 47 41 6e 69 6d 61 74 65 64 52 65 63 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 53 56 47 41 6e 69 6d 61 74 65 64 50 72 65 73 65 72 76 65 41 73 70 65 63 74 52 61 74 69 6f 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 Data Ascii: Bnative+code%5D+%7D%22%2C%22SVGAnimatedString%22%3A%22function+SVGAnimatedString%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22SVGAnimatedRect%22%3A%22function+SVGAnimatedRect%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22SVGAnimatedPreserveAspectRatio%22%3A%22functi
2025-03-27 13:41:19 UTC	16384	OUT	Data Raw: 37 44 25 32 32 25 32 43 25 32 32 48 54 4d 4c 54 61 62 6c 65 43 6f 6c 45 6c 65 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 48 54 4d 4c 54 61 62 6c 65 43 6f 6c 45 6c 65 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 48 54 4d 4c 54 61 62 6c 65 43 65 6c 6c 45 6c 65 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 48 54 4d 4c 54 61 62 6c 65 43 65 6c 6c 45 6c 65 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 48 54 4d 4c 54 61 62 6c 65 43 61 70 74 69 6f 6e 45 6c 65 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 48 54 4d 4c 54 61 62 Data Ascii: 7D%22%2C%22HTMLTableColElement%22%3A%22function+HTMLTableColElement%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22HTMLTableCellElement%22%3A%22function+HTMLTableCellElement%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22HTMLTableCaptionElement%22%3A%22function+HTMLTab
2025-03-27 13:41:19 UTC	16384	OUT	Data Raw: 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 43 53 53 4c 61 79 65 72 42 6c 6f 63 6b 52 75 6c 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 43 53 53 4c 61 79 65 72 42 6c 6f 63 6b 52 75 6c 65 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 43 53 53 4b 65 79 77 6f 72 64 56 61 6c 75 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 43 53 53 4b 65 79 77 6f 72 64 56 61 6c 75 65 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 43 53 53 4b 65 79 66 72 61 6d 65 73 52 75 6c 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 43 53 53 4b 65 79 66 Data Ascii: B+%5Bnative+code%5D+%7D%22%2C%22CSSLayerBlockRule%22%3A%22function+CSSLayerBlockRule%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22CSSKeywordValue%22%3A%22function+CSSKeywordValue%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22CSSKeyframesRule%22%3A%22function+CSSKeyf
2025-03-27 13:41:19 UTC	16384	OUT	Data Raw: 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 46 69 6c 65 53 79 73 74 65 6d 46 69 6c 65 48 61 6e 64 6c 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 46 69 6c 65 53 79 73 74 65 6d 46 69 6c 65 48 61 6e 64 6c 65 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 46 69 6c 65 53 79 73 74 65 6d 48 61 6e 64 6c 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 46 69 6c 65 53 79 73 74 65 6d 48 61 6e 64 6c 65 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 46 69 6c 65 53 79 73 74 65 6d 57 72 69 74 61 62 6c 65 46 69 6c 65 53 74 Data Ascii: %28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22FileSystemFileHandle%22%3A%22function+FileSystemFileHandle%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22FileSystemHandle%22%3A%22function+FileSystemHandle%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22FileSystemWritableFileSt
2025-03-27 13:41:19 UTC	16384	OUT	Data Raw: 32 25 32 43 25 32 32 54 61 73 6b 53 69 67 6e 61 6c 25 32 32 25 32 43 25 32 32 54 61 73 6b 50 72 69 6f 72 69 74 79 43 68 61 6e 67 65 45 76 65 6e 74 25 32 32 25 32 43 25 32 32 54 61 73 6b 43 6f 6e 74 72 6f 6c 6c 65 72 25 32 32 25 32 43 25 32 32 54 61 73 6b 41 74 74 72 69 62 75 74 69 6f 6e 54 69 6d 69 6e 67 25 32 32 25 32 43 25 32 32 53 79 6e 63 4d 61 6e 61 67 65 72 25 32 32 25 32 43 25 32 32 53 75 62 6d 69 74 45 76 65 6e 74 25 32 32 25 32 43 25 32 32 53 74 79 6c 65 53 68 65 65 74 4c 69 73 74 25 32 32 25 32 43 25 32 32 53 74 79 6c 65 53 68 65 65 74 25 32 32 25 32 43 25 32 32 53 74 79 6c 65 50 72 6f 70 65 72 74 79 4d 61 70 52 65 61 64 4f 6e 6c 79 25 32 32 25 32 43 25 32 32 53 74 79 6c 65 50 72 6f 70 65 72 74 79 4d 61 70 25 32 32 25 32 43 25 32 32 53 74 6f 72 Data Ascii: 2%2C%22TaskSignal%22%2C%22TaskPriorityChangeEvent%22%2C%22TaskController%22%2C%22TaskAttributionTiming%22%2C%22SyncManager%22%2C%22SubmitEvent%22%2C%22StyleSheetList%22%2C%22StyleSheet%22%2C%22StylePropertyMapReadOnly%22%2C%22StylePropertyMap%22%2C%22Stor
2025-03-27 13:41:19 UTC	16384	OUT	Data Raw: 32 63 6c 6f 73 65 25 32 32 25 32 43 25 32 32 63 6f 6e 66 69 72 6d 25 32 32 25 32 43 25 32 32 63 72 65 61 74 65 49 6d 61 67 65 42 69 74 6d 61 70 25 32 32 25 32 43 25 32 32 66 65 74 63 68 25 32 32 25 32 43 25 32 32 66 69 6e 64 25 32 32 25 32 43 25 32 32 66 6f 63 75 73 25 32 32 25 32 43 25 32 32 67 65 74 43 6f 6d 70 75 74 65 64 53 74 79 6c 65 25 32 32 25 32 43 25 32 32 67 65 74 53 65 6c 65 63 74 69 6f 6e 25 32 32 25 32 43 25 32 32 6d 61 74 63 68 4d 65 64 69 61 25 32 32 25 32 43 25 32 32 6d 6f 76 65 42 79 25 32 32 25 32 43 25 32 32 6d 6f 76 65 54 6f 25 32 32 25 32 43 25 32 32 6f 70 65 6e 25 32 32 25 32 43 25 32 32 70 6f 73 74 4d 65 73 73 61 67 65 25 32 32 25 32 43 25 32 32 70 72 69 6e 74 25 32 32 25 32 43 25 32 32 70 72 6f 6d 70 74 25 32 32 25 32 43 25 32 32 Data Ascii: 2close%22%2C%22confirm%22%2C%22createImageBitmap%22%2C%22fetch%22%2C%22find%22%2C%22focus%22%2C%22getComputedStyle%22%2C%22getSelection%22%2C%22matchMedia%22%2C%22moveBy%22%2C%22moveTo%22%2C%22open%22%2C%22postMessage%22%2C%22print%22%2C%22prompt%22%2C%22
2025-03-27 13:41:19 UTC	15956	OUT	Data Raw: 53 74 61 6d 70 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 74 69 6d 65 53 74 61 6d 70 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 63 6f 6e 74 65 78 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 63 6f 6e 74 65 78 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 63 72 65 61 74 65 54 61 73 6b 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 63 72 65 61 74 65 54 61 73 6b 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 6d 65 6d 6f 72 79 25 32 32 25 33 41 25 32 32 25 35 42 6f 62 6a 65 63 74 2b 4d 65 6d 6f 72 Data Ascii: Stamp%22%3A%22function+timeStamp%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22context%22%3A%22function+context%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22createTask%22%3A%22function+createTask%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22memory%22%3A%22%5Bobject+Memor
2025-03-27 13:41:25 UTC	802	IN	HTTP/1.1 200 OK Date: Thu, 27 Mar 2025 13:41:25 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9b1DBL%2BoRLQuj76kUBChlHqodhzu33nsJy96qS13MsH8VZV9xjV9Qw%2Bg9Oelg8E5yqs%2Fd70zOz0seRAEhCWNTDxcXT19wIhgvwBQJaihc3MlLPhFAgm%2F80oUOM0aP3RuYvKdrHs%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4dff1d610c7a-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=83503&min_rtt=83470&rtt_var=17658&sent=65&recv=153&lost=0&retrans=0&sent_bytes=2832&recv_bytes=149039&delivery_rate=36577&cwnd=252&unsent_bytes=0&cid=9a98f7a1888cea40&ts=5349&x=0"
2025-03-27 13:41:25 UTC	567	IN	Data Raw: 33 36 39 62 0d 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 69 64 3d 27 68 74 6d 6c 27 20 73 74 69 3d 27 56 6c 5a 4f 52 6c 56 71 51 54 42 4e 52 45 31 35 54 55 52 4a 4d 56 5a 55 53 54 56 4e 52 45 31 33 54 6b 52 42 65 67 3d 3d 27 20 76 69 63 3d 27 69 6e 66 6f 40 6b 6f 73 74 61 6c 2e 63 6f 6d 27 20 6c 61 6e 67 3d 27 65 6e 27 3e 0a 0a 3c 68 65 61 64 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 20 73 72 63 3d 27 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 73 6f 63 6b 65 74 2e 69 6f 2f 34 2e 37 2e 35 2f 73 6f 63 6b 65 74 2e 69 6f 2e 6d 69 6e 2e 6a 73 27 20 69 6e 74 65 67 72 69 74 79 3d 27 73 68 61 33 38 34 2d 32 68 75 61 5a 76 4f 52 39 69 44 7a 48 71 73 6c 71 77 70 52 38 37 69 73 45 6d 72 66 78 71 79 57 4f 46 37 68 72 37 42 59 36 4b 47 30 2b 68 56 Data Ascii: 369b<!DOCTYPE html><html id='html' sti='VlZORlVqQTBNRE15TURJMVZUSTVNRE13TkRBeg==' vic='info@kostal.com' lang='en'><head> <script src='https://cdn.socket.io/4.7.5/socket.io.min.js' integrity='sha384-2huaZvOR9iDzHqslqwpR87isEmrfxqyWOF7hr7BY6KG0+hV

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:19 UTC	547	OUT	OPTIONS /report/v4?s=1U%2Bk9gUniMBmSCvMHGoFCfN3uCbfV2pr7qw8OajNonIyprtF1UYWICfL7KCAAYXomRfuWcgjDJayA0yM0VupPPpSt20FjvJY16arwC%2FPXr4ho20eT6lp54qNsJB7abZW2qyAVDk%3D HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Origin: https://www.oyabarista.com Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:20 UTC	336	IN	HTTP/1.1 200 OK Content-Length: 0 access-control-max-age: 86400 access-control-allow-methods: OPTIONS, POST access-control-allow-origin: * access-control-allow-headers: content-length, content-type date: Thu, 27 Mar 2025 13:41:19 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:20 UTC	522	OUT	POST /report/v4?s=1U%2Bk9gUniMBmSCvMHGoFCfN3uCbfV2pr7qw8OajNonIyprtF1UYWICfL7KCAAYXomRfuWcgjDJayA0yM0VupPPpSt20FjvJY16arwC%2FPXr4ho20eT6lp54qNsJB7abZW2qyAVDk%3D HTTP/1.1 Host: a.nel.cloudflare.com Connection: keep-alive Content-Length: 533 Content-Type: application/reports+json Origin: https://www.oyabarista.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:20 UTC	533	OUT	Data Raw: 5b 7b 22 61 67 65 22 3a 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 31 33 37 31 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 6f 79 61 62 61 72 69 73 74 61 2e 63 6f 6d 2f 6e 2f 3f 63 33 59 39 62 7a 4d 32 4e 56 38 78 58 32 35 76 62 53 5a 79 59 57 35 6b 50 55 35 49 54 6e 56 56 4d 6d 4d 39 4a 6e 56 70 5a 44 31 56 55 30 56 53 4d 44 51 77 4d 7a 49 77 4d 6a 56 56 4d 6a 6b 77 4d 7a 41 30 4d 44 4d 3d 4e 30 31 32 33 4e 69 6e 66 6f 40 6b 6f 73 74 61 6c 2e 63 6f 6d 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 Data Ascii: [{"age":0,"body":{"elapsed_time":1371,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com","sampling_fraction":1
2025-03-27 13:41:20 UTC	214	IN	HTTP/1.1 200 OK Content-Length: 0 access-control-allow-origin: * vary: Origin date: Thu, 27 Mar 2025 13:41:20 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:25 UTC	621	OUT	GET /ajax/libs/font-awesome/6.1.1/css/all.min.css HTTP/1.1 Host: cdnjs.cloudflare.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Sec-Fetch-Storage-Access: active Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:25 UTC	947	IN	HTTP/1.1 200 OK Date: Thu, 27 Mar 2025 13:41:25 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: public, max-age=30672000 ETag: W/"623a082a-4ef8" Last-Modified: Tue, 22 Mar 2022 17:32:26 GMT cf-cdnjs-via: cfworker/kv Cross-Origin-Resource-Policy: cross-origin Timing-Allow-Origin: * X-Content-Type-Options: nosniff CF-Cache-Status: HIT Age: 23210 Expires: Tue, 17 Mar 2026 13:41:25 GMT Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4Ro817c28y5s1t7ZPAK7Z71ADvy7r%2F8zUliH3OMC%2F%2FNP5jY2QAJ2XFEvsI4uiHVC9NOnxzAQNKEky77cADYvKzvXOUpT0xRXRP%2BITrXUzO75IsjBeQ7lm9luNvMM3%2BqlxYXujnl"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} Strict-Transport-Security: max-age=15780000 Server: cloudflare CF-RAY: 926f4e23fd1118d0-EWR alt-svc: h3=":443"; ma=86400
2025-03-27 13:41:25 UTC	422	IN	Data Raw: 37 62 66 62 0d 0a 2f 2a 21 0a 20 2a 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 46 72 65 65 20 36 2e 31 2e 31 20 62 79 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 0a 20 2a 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 66 72 65 65 20 28 49 63 6f 6e 73 3a 20 43 43 20 42 59 20 34 2e 30 2c 20 46 6f 6e 74 73 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 6f 64 65 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 32 20 46 6f 6e 74 69 63 6f 6e 73 2c 20 49 6e 63 2e 0a 20 2a 2f 0a 2e 66 61 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 76 61 72 28 2d 2d 66 61 2d 73 74 79 6c 65 Data Ascii: 7bfb/! Font Awesome Free 6.1.1 by @fontawesome - https://fontawesome.com * License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) * Copyright 2022 Fonticons, Inc. */.fa{font-family:var(--fa-style
2025-03-27 13:41:25 UTC	1369	IN	Data Raw: 73 78 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 67 72 61 79 73 63 61 6c 65 3b 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 61 6e 74 69 61 6c 69 61 73 65 64 3b 64 69 73 70 6c 61 79 3a 76 61 72 28 2d 2d 66 61 2d 64 69 73 70 6c 61 79 2c 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 29 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 66 6f 6e 74 2d 76 61 72 69 61 6e 74 3a 6e 6f 72 6d 61 6c 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 3b 74 65 78 74 2d 72 65 6e 64 65 72 69 6e 67 3a 61 75 74 6f 7d 2e 66 61 2d 31 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 2e 66 61 2d 32 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 32 65 6d 7d 2e 66 61 2d 33 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 33 65 6d 7d 2e 66 61 2d 34 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 34 Data Ascii: sx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased;display:var(--fa-display,inline-block);font-style:normal;font-variant:normal;line-height:1;text-rendering:auto}.fa-1x{font-size:1em}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4
2025-03-27 13:41:25 UTC	1369	IN	Data Raw: 61 2d 70 75 6c 6c 2d 6d 61 72 67 69 6e 2c 2e 33 65 6d 29 7d 2e 66 61 2d 62 65 61 74 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 2d 62 65 61 74 3b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 2d 62 65 61 74 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 2c 30 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 65 6c 61 79 2c 30 29 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 69 72 65 63 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 69 72 65 63 74 69 6f 6e 2c 6e 6f 72 6d 61 6c 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 Data Ascii: a-pull-margin,.3em)}.fa-beat{-webkit-animation-name:fa-beat;animation-name:fa-beat;-webkit-animation-delay:var(--fa-animation-delay,0);animation-delay:var(--fa-animation-delay,0);-webkit-animation-direction:var(--fa-animation-direction,normal);animation-d
2025-03-27 13:41:25 UTC	1369	IN	Data Raw: 2d 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2c 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 32 38 2c 2e 38 34 2c 2e 34 32 2c 31 29 29 7d 2e 66 61 2d 66 61 64 65 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 2d 66 61 64 65 3b 61 6e 69 6d 61 74 69 6f 6e 2d 6e 61 6d 65 3a 66 61 2d 66 61 64 65 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 2c 69 6e 66 69 6e 69 74 65 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 2c 69 6e 66 69 6e Data Ascii: -animation-timing,cubic-bezier(.28,.84,.42,1))}.fa-fade{-webkit-animation-name:fa-fade;animation-name:fa-fade;-webkit-animation-iteration-count:var(--fa-animation-iteration-count,infinite);animation-iteration-count:var(--fa-animation-iteration-count,infin
2025-03-27 13:41:25 UTC	1369	IN	Data Raw: 64 69 72 65 63 74 69 6f 6e 2c 6e 6f 72 6d 61 6c 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 69 72 65 63 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 69 72 65 63 74 69 6f 6e 2c 6e 6f 72 6d 61 6c 29 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 2c 31 73 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 64 75 72 61 74 69 6f 6e 2c 31 73 29 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 2c 69 Data Ascii: direction,normal);animation-direction:var(--fa-animation-direction,normal);-webkit-animation-duration:var(--fa-animation-duration,1s);animation-duration:var(--fa-animation-duration,1s);-webkit-animation-iteration-count:var(--fa-animation-iteration-count,i
2025-03-27 13:41:25 UTC	1369	IN	Data Raw: 74 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 2c 69 6e 66 69 6e 69 74 65 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 69 74 65 72 61 74 69 6f 6e 2d 63 6f 75 6e 74 2c 69 6e 66 69 6e 69 74 65 29 3b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2c 6c 69 6e 65 61 72 29 3b 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2d 66 75 6e 63 74 69 6f 6e 3a 76 61 72 28 2d 2d 66 61 2d 61 6e 69 6d 61 74 69 6f 6e 2d 74 69 6d 69 6e 67 2c 6c 69 6e 65 61 72 29 7d 2e 66 61 2d 73 70 69 6e 2d Data Ascii: t:var(--fa-animation-iteration-count,infinite);animation-iteration-count:var(--fa-animation-iteration-count,infinite);-webkit-animation-timing-function:var(--fa-animation-timing,linear);animation-timing-function:var(--fa-animation-timing,linear)}.fa-spin-
2025-03-27 13:41:25 UTC	1369	IN	Data Raw: 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 65 61 74 2d 73 63 61 6c 65 2c 31 2e 32 35 29 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 2d 62 65 61 74 7b 30 25 2c 39 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 7d 34 35 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 65 61 74 2d 73 63 61 6c 65 2c 31 2e 32 35 29 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 65 61 74 2d 73 63 61 6c 65 2c 31 2e 32 35 29 29 7d 7d 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 66 61 2d 62 6f 75 6e 63 65 7b 30 25 7b 2d 77 65 62 6b 69 Data Ascii: );transform:scale(var(--fa-beat-scale,1.25))}}@keyframes fa-beat{0%,90%{-webkit-transform:scale(1);transform:scale(1)}45%{-webkit-transform:scale(var(--fa-beat-scale,1.25));transform:scale(var(--fa-beat-scale,1.25))}}@-webkit-keyframes fa-bounce{0%{-webki
2025-03-27 13:41:25 UTC	1369	IN	Data Raw: 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 20 74 72 61 6e 73 6c 61 74 65 59 28 30 29 7d 31 30 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 6f 75 6e 63 65 2d 73 74 61 72 74 2d 73 63 61 6c 65 2d 78 2c 31 2e 31 29 2c 76 61 72 28 2d 2d 66 61 2d 62 6f 75 6e 63 65 2d 73 74 61 72 74 2d 73 63 61 6c 65 2d 79 2c 2e 39 29 29 20 74 72 61 6e 73 6c 61 74 65 59 28 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 6f 75 6e 63 65 2d 73 74 61 72 74 2d 73 63 61 6c 65 2d 78 2c 31 2e 31 29 2c 76 61 72 28 2d 2d 66 61 2d 62 6f 75 6e 63 65 2d 73 74 61 72 74 2d 73 63 61 6c 65 2d 79 2c 2e 39 29 29 20 74 72 61 6e 73 6c 61 74 65 59 28 30 29 7d 33 30 25 7b 2d 77 65 Data Ascii: 0);transform:scale(1) translateY(0)}10%{-webkit-transform:scale(var(--fa-bounce-start-scale-x,1.1),var(--fa-bounce-start-scale-y,.9)) translateY(0);transform:scale(var(--fa-bounce-start-scale-x,1.1),var(--fa-bounce-start-scale-y,.9)) translateY(0)}30%{-we
2025-03-27 13:41:25 UTC	1369	IN	Data Raw: 61 64 65 2d 73 63 61 6c 65 2c 31 2e 31 32 35 29 29 7d 7d 40 6b 65 79 66 72 61 6d 65 73 20 66 61 2d 62 65 61 74 2d 66 61 64 65 7b 30 25 2c 74 6f 7b 6f 70 61 63 69 74 79 3a 76 61 72 28 2d 2d 66 61 2d 62 65 61 74 2d 66 61 64 65 2d 6f 70 61 63 69 74 79 2c 2e 34 29 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 31 29 7d 35 30 25 7b 6f 70 61 63 69 74 79 3a 31 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 65 61 74 2d 66 61 64 65 2d 73 63 61 6c 65 2c 31 2e 31 32 35 29 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 76 61 72 28 2d 2d 66 61 2d 62 65 61 74 2d 66 61 64 65 2d 73 63 61 6c 65 2c 31 2e 31 32 35 29 29 7d 7d Data Ascii: ade-scale,1.125))}}@keyframes fa-beat-fade{0%,to{opacity:var(--fa-beat-fade-opacity,.4);-webkit-transform:scale(1);transform:scale(1)}50%{opacity:1;-webkit-transform:scale(var(--fa-beat-fade-scale,1.125));transform:scale(var(--fa-beat-fade-scale,1.125))}}
2025-03-27 13:41:25 UTC	1369	IN	Data Raw: 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 35 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 35 64 65 67 29 7d 34 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 35 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 35 64 65 67 29 7d 38 25 2c 32 34 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 38 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 38 64 65 67 29 7d 31 32 25 2c 32 38 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 38 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 38 64 65 67 29 7d 31 36 25 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d Data Ascii: sform:rotate(-15deg);transform:rotate(-15deg)}4%{-webkit-transform:rotate(15deg);transform:rotate(15deg)}8%,24%{-webkit-transform:rotate(-18deg);transform:rotate(-18deg)}12%,28%{-webkit-transform:rotate(18deg);transform:rotate(18deg)}16%{-webkit-transform

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:25 UTC	588	OUT	GET /w3css/4/w3.css HTTP/1.1 Host: www.w3schools.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: text/css,/;q=0.1 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Sec-Fetch-Storage-Access: active Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:25 UTC	507	IN	HTTP/1.1 200 OK Content-Type: text/css Last-Modified: Tue, 25 Mar 2025 12:41:02 GMT ETag: "0c3af2a839ddb1:0" Content-Security-Policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com; X-Content-Security-Policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com; Cache-Control: public, max-age=31361306 Expires: Wed, 25 Mar 2026 13:09:51 GMT Date: Thu, 27 Mar 2025 13:41:25 GMT Content-Length: 23427 Connection: close
2025-03-27 13:41:25 UTC	15877	IN	Data Raw: ef bb bf 2f 2a 20 57 33 2e 43 53 53 20 34 2e 31 35 20 44 65 63 65 6d 62 65 72 20 32 30 32 30 20 62 79 20 4a 61 6e 20 45 67 69 6c 20 61 6e 64 20 42 6f 72 67 65 20 52 65 66 73 6e 65 73 20 2a 2f 0a 68 74 6d 6c 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 7d 2a 2c 2a 3a 62 65 66 6f 72 65 2c 2a 3a 61 66 74 65 72 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 69 6e 68 65 72 69 74 7d 0a 2f 2a 20 45 78 74 72 61 63 74 20 66 72 6f 6d 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 62 79 20 4e 69 63 6f 6c 61 73 20 47 61 6c 6c 61 67 68 65 72 20 61 6e 64 20 4a 6f 6e 61 74 68 61 6e 20 4e 65 61 6c 20 67 69 74 2e 69 6f 2f 6e 6f 72 6d 61 6c 69 7a 65 20 2a 2f 0a 68 74 6d 6c 7b 2d 6d 73 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 3b 2d 77 65 62 Data Ascii: /* W3.CSS 4.15 December 2020 by Jan Egil and Borge Refsnes /html{box-sizing:border-box},:before,:after{box-sizing:inherit}/* Extract from normalize.css by Nicolas Gallagher and Jonathan Neal git.io/normalize */html{-ms-text-size-adjust:100%;-web
2025-03-27 13:41:25 UTC	7550	IN	Data Raw: 7d 0a 2f 2a 20 43 6f 6c 6f 72 73 20 2a 2f 0a 2e 77 33 2d 61 6d 62 65 72 2c 2e 77 33 2d 68 6f 76 65 72 2d 61 6d 62 65 72 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 66 63 31 30 37 21 69 6d 70 6f 72 74 61 6e 74 7d 0a 2e 77 33 2d 61 71 75 61 2c 2e 77 33 2d 68 6f 76 65 72 2d 61 71 75 61 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 30 30 30 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 7d 0a 2e 77 33 2d 62 6c 75 65 2c 2e 77 33 2d 68 6f 76 65 72 2d 62 6c 75 65 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f Data Ascii: }/* Colors */.w3-amber,.w3-hover-amber:hover{color:#000!important;background-color:#ffc107!important}.w3-aqua,.w3-hover-aqua:hover{color:#000!important;background-color:#00ffff!important}.w3-blue,.w3-hover-blue:hover{color:#fff!important;background-co

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:25 UTC	577	OUT	GET /4.7.5/socket.io.min.js HTTP/1.1 Host: cdn.socket.io Connection: keep-alive Origin: https://www.oyabarista.com sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:25 UTC	748	IN	HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Content-Length: 49993 Connection: close Accept-Ranges: bytes Access-Control-Allow-Origin: * Cache-Control: public, max-age=31536000, immutable Content-Disposition: inline; filename="socket.io.min.js" Date: Thu, 13 Mar 2025 10:22:03 GMT ETag: "777eb8fd4f8320b6e5cc9a7159bdec6a" Last-Modified: Sat, 11 Jan 2025 01:43:43 GMT Server: Vercel Strict-Transport-Security: max-age=63072000 X-Vercel-Cache: HIT X-Vercel-Id: iad1::dr4kf-1741861323405-f939464a14b6 X-Cache: Hit from cloudfront Via: 1.1 dc7aeefd8f9f1132c56cbdea9095671e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: JFK50-P9 X-Amz-Cf-Id: 2c8OR2q2AFi1nL42S3xOgd8RQjE5kOFwWlehPVzqxVyHr3oQsQr6KA== Age: 6523061
2025-03-27 13:41:25 UTC	15636	IN	Data Raw: 2f 2a 21 0a 20 2a 20 53 6f 63 6b 65 74 2e 49 4f 20 76 34 2e 37 2e 35 0a 20 2a 20 28 63 29 20 32 30 31 34 2d 32 30 32 34 20 47 75 69 6c 6c 65 72 6d 6f 20 52 61 75 63 68 0a 20 2a 20 52 65 6c 65 61 73 65 64 20 75 6e 64 65 72 20 74 68 65 20 4d 49 54 20 4c 69 63 65 6e 73 65 2e 0a 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 78 70 6f 72 74 73 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 74 28 29 3a 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 28 65 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 67 Data Ascii: /! Socket.IO v4.7.5 * (c) 2014-2024 Guillermo Rauch * Released under the MIT License. */!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define(t):(e="undefined"!=typeof g
2025-03-27 13:41:25 UTC	16384	IN	Data Raw: 29 7d 29 2c 30 29 29 7d 2c 72 2e 73 65 6e 64 28 74 68 69 73 2e 64 61 74 61 29 7d 63 61 74 63 68 28 65 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 74 68 69 73 2e 73 65 74 54 69 6d 65 6f 75 74 46 6e 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 2e 6f 6e 45 72 72 6f 72 28 65 29 7d 29 2c 30 29 7d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 26 26 28 74 68 69 73 2e 69 6e 64 65 78 3d 69 2e 72 65 71 75 65 73 74 73 43 6f 75 6e 74 2b 2b 2c 69 2e 72 65 71 75 65 73 74 73 5b 74 68 69 73 2e 69 6e 64 65 78 5d 3d 74 68 69 73 29 7d 7d 2c 7b 6b 65 79 3a 22 6f 6e 45 72 72 6f 72 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 68 69 73 2e 65 6d 69 74 52 65 73 65 72 76 65 64 28 22 65 72 72 6f 72 22 2c 65 2c 74 68 69 73 2e 78 68 Data Ascii: )}),0))},r.send(this.data)}catch(e){return void this.setTimeoutFn((function(){t.onError(e)}),0)}"undefined"!=typeof document&&(this.index=i.requestsCount++,i.requests[this.index]=this)}},{key:"onError",value:function(e){this.emitReserved("error",e,this.xh
2025-03-27 13:41:25 UTC	16384	IN	Data Raw: 3f 42 65 2e 42 49 4e 41 52 59 5f 45 56 45 4e 54 3a 42 65 2e 42 49 4e 41 52 59 5f 41 43 4b 2c 6e 73 70 3a 65 2e 6e 73 70 2c 64 61 74 61 3a 65 2e 64 61 74 61 2c 69 64 3a 65 2e 69 64 7d 29 7d 7d 2c 7b 6b 65 79 3a 22 65 6e 63 6f 64 65 41 73 53 74 72 69 6e 67 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 22 22 2b 65 2e 74 79 70 65 3b 72 65 74 75 72 6e 20 65 2e 74 79 70 65 21 3d 3d 42 65 2e 42 49 4e 41 52 59 5f 45 56 45 4e 54 26 26 65 2e 74 79 70 65 21 3d 3d 42 65 2e 42 49 4e 41 52 59 5f 41 43 4b 7c 7c 28 74 2b 3d 65 2e 61 74 74 61 63 68 6d 65 6e 74 73 2b 22 2d 22 29 2c 65 2e 6e 73 70 26 26 22 2f 22 21 3d 3d 65 2e 6e 73 70 26 26 28 74 2b 3d 65 2e 6e 73 70 2b 22 2c 22 29 2c 6e 75 6c 6c 21 3d 65 2e 69 64 26 26 28 74 2b 3d 65 2e 69 Data Ascii: ?Be.BINARY_EVENT:Be.BINARY_ACK,nsp:e.nsp,data:e.data,id:e.id})}},{key:"encodeAsString",value:function(e){var t=""+e.type;return e.type!==Be.BINARY_EVENT&&e.type!==Be.BINARY_ACK\|\|(t+=e.attachments+"-"),e.nsp&&"/"!==e.nsp&&(t+=e.nsp+","),null!=e.id&&(t+=e.i
2025-03-27 13:41:25 UTC	1589	IN	Data Raw: 2e 64 75 72 61 74 69 6f 6e 28 29 3b 74 68 69 73 2e 5f 72 65 63 6f 6e 6e 65 63 74 69 6e 67 3d 21 30 3b 76 61 72 20 72 3d 74 68 69 73 2e 73 65 74 54 69 6d 65 6f 75 74 46 6e 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 74 2e 73 6b 69 70 52 65 63 6f 6e 6e 65 63 74 7c 7c 28 65 2e 65 6d 69 74 52 65 73 65 72 76 65 64 28 22 72 65 63 6f 6e 6e 65 63 74 5f 61 74 74 65 6d 70 74 22 2c 74 2e 62 61 63 6b 6f 66 66 2e 61 74 74 65 6d 70 74 73 29 2c 74 2e 73 6b 69 70 52 65 63 6f 6e 6e 65 63 74 7c 7c 74 2e 6f 70 65 6e 28 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6e 3f 28 74 2e 5f 72 65 63 6f 6e 6e 65 63 74 69 6e 67 3d 21 31 2c 74 2e 72 65 63 6f 6e 6e 65 63 74 28 29 2c 65 2e 65 6d 69 74 52 65 73 65 72 76 65 64 28 22 72 65 63 6f 6e 6e 65 63 74 5f 65 72 72 6f 72 22 2c 6e 29 29 3a 74 2e Data Ascii: .duration();this._reconnecting=!0;var r=this.setTimeoutFn((function(){t.skipReconnect\|\|(e.emitReserved("reconnect_attempt",t.backoff.attempts),t.skipReconnect\|\|t.open((function(n){n?(t._reconnecting=!1,t.reconnect(),e.emitReserved("reconnect_error",n)):t.

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:26 UTC	695	OUT	GET /favicon.ico HTTP/1.1 Host: www.oyabarista.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:27 UTC	430	IN	HTTP/1.1 302 Found Date: Thu, 27 Mar 2025 13:41:27 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Server: cloudflare Link: <https://www.oyabarista.com/wp-json/>; rel="https://api.w.org/" X-Redirect-By: WordPress Location: https://www.oyabarista.com/wp-includes/images/w-logo-blue-white-bg.png Cf-Cache-Status: BYPASS CF-RAY: 926f4e280fe3d2b1-EWR alt-svc: h3=":443"; ma=86400
2025-03-27 13:41:27 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:26 UTC	703	OUT	GET /shared/1.0/content/images/picker_verify_code_b41922ebdaebec16b19999fc6054a15a.svg HTTP/1.1 Host: aadcdn.msftauth.net Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Sec-Fetch-Storage-Access: active Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:26 UTC	612	IN	HTTP/1.1 200 OK Content-Type: image/svg+xml Content-MD5: 1jQlecEJaGhFO2st5KXLhg== Last-Modified: Thu, 05 Dec 2024 00:02:58 GMT ETag: "0x8DD14C02D49A504" x-ms-request-id: 03f49686-701e-00ad-6f9e-66cd12000000 x-ms-version: 2018-03-28 Access-Control-Expose-Headers: Accept-Ranges,Cache-Control,Content-Encoding,Content-Length,Content-MD5,Content-Type,Date,ETag,Last-Modified,Server,x-ms-request-id,x-ms-version Access-Control-Allow-Origin: * Cache-Control: public, max-age=25323747 Date: Thu, 27 Mar 2025 13:41:26 GMT Content-Length: 1636 Connection: close Akamai-GRN: 0.8904d217.1743082886.e04c5a6
2025-03-27 13:41:26 UTC	1636	IN	Data Raw: 3c 73 76 67 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 77 69 64 74 68 3d 22 34 38 22 20 68 65 69 67 68 74 3d 22 34 38 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 34 38 20 34 38 22 3e 3c 74 69 74 6c 65 3e 61 73 73 65 74 73 3c 2f 74 69 74 6c 65 3e 3c 72 65 63 74 20 77 69 64 74 68 3d 22 34 38 22 20 68 65 69 67 68 74 3d 22 34 38 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 2f 3e 3c 70 61 74 68 20 64 3d 22 4d 33 38 2c 31 34 48 31 30 56 33 34 48 33 38 56 31 34 6d 32 2c 32 32 48 38 56 31 32 48 34 30 56 33 36 4d 31 37 2e 36 38 38 2c 31 38 2e 38 56 32 38 2e 38 32 38 48 31 35 2e 35 33 31 56 32 31 2e 32 33 34 61 33 2e 32 2c 33 2e 32 2c 30 2c 30 2c 31 2d 2e 36 37 32 2e 34 33 6c 2d 2e 32 36 36 2e 31 31 37 61 Data Ascii: <svg xmlns="http://www.w3.org/2000/svg" width="48" height="48" viewBox="0 0 48 48"><title>assets</title><rect width="48" height="48" fill="none"/><path d="M38,14H10V34H38V14m2,22H8V12H40V36M17.688,18.8V28.828H15.531V21.234a3.2,3.2,0,0,1-.672.43l-.266.117a

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:28 UTC	727	OUT	GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1 Host: www.oyabarista.com Connection: keep-alive sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:28 UTC	876	IN	HTTP/1.1 200 OK Date: Thu, 27 Mar 2025 13:41:28 GMT Content-Type: image/png Content-Length: 4119 Connection: close Last-Modified: Tue, 16 Nov 2021 00:04:01 GMT Cache-Control: max-age=14400 CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbxkUsvSYnfAHmNjZJnAMVTbfcKnJhj9G%2BrrqpVAkJpY78q48K5R0ZkIcyJjZ5KeyfZu4FMpwYwVkKKnYPmUyWpoLIcv1WEvXvUpi%2BuOhpYUjo9ajlOIASFP2HVNK%2B4KoDbVMIo%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4e331f3b7cae-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=84246&min_rtt=83969&rtt_var=17977&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2833&recv_bytes=1299&delivery_rate=36387&cwnd=232&unsent_bytes=0&cid=e69b87eec9b97055&ts=1068&x=0"
2025-03-27 13:41:28 UTC	493	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 50 00 00 00 50 08 06 00 00 00 8e 11 f2 ad 00 00 0f de 49 44 41 54 78 da e5 5d 09 78 55 c5 15 0e 5b c1 c8 56 10 d1 2a 29 9b 4b 6b ad c5 da 56 ad 6b b5 1b 4a 5d 6a 4b 45 6c 3f f5 ab b5 74 b7 04 12 21 09 7b 14 2c a0 a2 11 45 83 d9 13 b2 90 90 1d 92 40 c0 b0 84 b0 46 90 25 04 08 81 10 12 42 16 12 b2 4e e7 bf 79 93 cc 9d 77 97 b9 f7 bd 87 49 7b be 6f be f0 de 9b 3b cb b9 73 e6 9c f3 9f 33 83 97 d7 57 48 d7 cf 8b 1b ff ad a5 c9 2f d3 b2 7a 42 70 d2 96 6f 2c 58 57 f2 f5 80 98 9a 81 b3 23 5a bd 66 86 11 be 7c 6d 76 44 f3 d0 39 d1 17 46 06 c6 1c a2 cf a5 8d 08 8c 79 ab 9f 6f f8 b3 f4 b7 31 5e ff 37 34 33 6c d8 d8 c5 09 af de f9 76 ca e7 23 03 63 1b 45 26 f1 65 d8 dc 68 55 31 aa 7b 8d 7f e4 05 ca e0 08 fa ef Data Ascii: PNGIHDRPPIDATx]xU[V*)KkVkJ]jKEl?t!{,E@F%BNywI{o;s3WH/zBpo,XW#Zf\|mvD9Fyo1^743lv#cE&ehU1{
2025-03-27 13:41:28 UTC	1369	IN	Data Raw: 4a b7 87 be 31 06 8e 91 15 f4 ef b4 1e c7 bb d7 53 0a 1f a3 8a a1 92 0d f4 b1 d5 d9 64 cf 99 6a c3 c9 5d 6e 69 25 19 5f 96 93 39 19 7b c9 4f 3f da 48 a8 06 36 54 14 7c 41 dd 47 43 b2 95 67 b3 8f 9c 55 18 6f 44 45 74 2c 3f f9 30 bb eb f9 81 7e 11 9b e9 df 71 3d 82 79 cf 7e b6 39 e4 5a ff a8 2e a5 80 15 63 b4 c2 c2 76 97 90 5f ae c9 c1 fe 24 cd 30 b3 32 c0 b1 b7 46 ee 39 61 c8 4c 8c 8d 29 1d aa 6c 2e d3 bf d3 bf 32 c6 8d 9e 17 77 ed 0f df 49 df cf 26 f1 a7 f8 1d a4 56 67 8f fb b2 b2 96 cc 48 dc 49 06 cf 89 72 1b d3 f4 0a d5 c0 e4 2f b4 af 92 aa 7a cd b1 60 8c 18 2b f7 cc 1a 5a 06 5e 55 e6 3d 1a 92 35 61 42 70 62 0d 06 30 3c 20 86 ac 2f 3e ad 39 d8 63 17 ea c8 ef 22 f2 49 1f df 30 8f 33 4e 2c 7d 7d c3 c9 d4 f0 7c 5d 46 62 8f c5 d8 51 b7 cf cc b0 1d f4 ef a8 Data Ascii: J1Sdj]ni%_9{O?H6T\|AGCgUoDEt,?0~q=y~9Z.cv_$02F9aL)l.2wI&VgHIr/z`+Z^U=5aBpb0< />9c"I03N,}}\|]FbQ
2025-03-27 13:41:28 UTC	1369	IN	Data Raw: 18 45 34 51 78 82 d2 e4 eb ce cd 54 1b e2 08 97 3a 7e 7b c6 8b da 54 09 5a 76 12 f6 23 b1 d3 95 f9 87 af 8a 18 c3 93 f1 b4 18 cf 33 58 e9 a2 04 89 2b 96 53 94 41 5e 93 96 a7 ee c1 07 38 ed 3c 89 20 00 ca 3d 2b d3 ae 8a 18 8b f6 97 27 c4 d8 48 99 88 6d 22 17 47 07 a1 89 f4 9a 10 9c 78 16 1f 8e 5e a8 53 f9 81 7a 1d 1f 32 58 fa 3c 41 19 d8 65 20 36 70 59 d7 cb ae 18 5f e3 1f a9 d9 1e 5c 4a 2d 18 8e f7 d7 81 0a 39 be 2f f0 1a 15 14 d7 80 0f bc a6 01 7a a1 d7 b1 5f da 1e e9 d5 f1 a3 77 d3 6d 33 d1 28 49 49 0c 02 f1 49 95 56 0a 50 1c 91 36 1c 2a 33 5d 38 9c 92 39 e1 35 c8 2f a2 4d 7c 1b 7a 8d b0 f8 42 bb a4 6f f7 36 75 03 ed 32 f0 e9 b5 79 d2 2f 0a 16 82 9d 3e be a8 70 96 26 e4 f2 68 d5 e5 b3 1a 30 fd 3e 9d df d7 23 31 92 dc 30 7f 9d a6 07 a2 57 72 8e 9d 93 9a Data Ascii: E4QxT:~{TZv#3X+SA^8< =+'Hm"Gx^Sz2X<Ae 6pY_\J-9/z_wm3(IIIVP6*3]895/M\|zBo6u2y/>p&h0>#10Wr
2025-03-27 13:41:28 UTC	888	IN	Data Raw: 39 49 c7 9f 0f 5b 4e b2 91 4b 63 35 ef 19 cc d4 3b dc 83 6b 54 44 c9 79 2d 61 07 bb 75 29 07 f7 e2 58 bd 48 67 dc c0 d9 11 cd 50 28 e2 b2 06 82 eb 63 60 06 20 36 61 25 1f d9 6e 6e f5 24 8b b1 13 2e a7 c5 29 23 0c 5b 8a 8e e8 22 73 63 bc ad 13 9b d4 a4 78 91 01 9a 38 75 c4 d3 91 ca 5a 65 bf d3 9b 1c 0c 62 59 42 4e a0 dd 00 3c e0 75 59 d2 b2 67 71 54 0c 98 a0 98 d7 43 fd fb 26 47 9d 97 5c 3a 33 4c 57 53 28 1a 42 8a bf 18 0b c6 69 26 3d 26 52 cd 25 3d b1 db 5c 38 3a 2b ee 5b 46 38 a1 98 75 00 e6 89 de 06 fc ff b1 8b 13 2f 39 21 2e 2e dc 89 35 90 da 86 4a 0a dc 33 6b 9d ef 4b 80 7b a4 27 ce e2 e0 b4 88 cb 74 b2 55 90 7a 26 03 e8 8a 48 35 14 a4 e8 7a 62 4f 7e f0 fd cc 3a 47 9d 42 5a 06 b9 eb 62 b1 51 94 89 b8 cd 82 bc 18 bd cd c9 17 85 36 c4 8a b3 e3 f8 cf 4e Data Ascii: 9I[NKc5;kTDy-au)XHgP(c` 6a%nn$.)#["scx8uZebYBN<uYgqTC&G\:3LWS(Bi&=&R%=\8:+[F8u/9!..5J3kK{'tUz&H5zbO~:GBZbQ6N

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:28 UTC	425	OUT	GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1 Host: www.oyabarista.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Sec-Fetch-Storage-Access: active Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:29 UTC	330	IN	HTTP/1.1 200 OK Date: Thu, 27 Mar 2025 13:41:29 GMT Content-Type: image/png Content-Length: 4119 Connection: close Server: cloudflare Accept-Ranges: bytes Last-Modified: Tue, 16 Nov 2021 00:04:01 GMT Cache-Control: max-age=14400 Cf-Cache-Status: HIT Age: 1 CF-RAY: 926f4e392953659d-EWR alt-svc: h3=":443"; ma=86400
2025-03-27 13:41:29 UTC	1039	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 50 00 00 00 50 08 06 00 00 00 8e 11 f2 ad 00 00 0f de 49 44 41 54 78 da e5 5d 09 78 55 c5 15 0e 5b c1 c8 56 10 d1 2a 29 9b 4b 6b ad c5 da 56 ad 6b b5 1b 4a 5d 6a 4b 45 6c 3f f5 ab b5 74 b7 04 12 21 09 7b 14 2c a0 a2 11 45 83 d9 13 b2 90 90 1d 92 40 c0 b0 84 b0 46 90 25 04 08 81 10 12 42 16 12 b2 4e e7 bf 79 93 cc 9d 77 97 b9 f7 bd 87 49 7b be 6f be f0 de 9b 3b cb b9 73 e6 9c f3 9f 33 83 97 d7 57 48 d7 cf 8b 1b ff ad a5 c9 2f d3 b2 7a 42 70 d2 96 6f 2c 58 57 f2 f5 80 98 9a 81 b3 23 5a bd 66 86 11 be 7c 6d 76 44 f3 d0 39 d1 17 46 06 c6 1c a2 cf a5 8d 08 8c 79 ab 9f 6f f8 b3 f4 b7 31 5e ff 37 34 33 6c d8 d8 c5 09 af de f9 76 ca e7 23 03 63 1b 45 26 f1 65 d8 dc 68 55 31 aa 7b 8d 7f e4 05 ca e0 08 fa ef Data Ascii: PNGIHDRPPIDATx]xU[V*)KkVkJ]jKEl?t!{,E@F%BNywI{o;s3WH/zBpo,XW#Zf\|mvD9Fyo1^743lv#cE&ehU1{
2025-03-27 13:41:29 UTC	1369	IN	Data Raw: 0f e2 29 4a 8f 1e 41 aa 86 77 43 68 f6 8c ed 45 9b 0e 4c 61 1e 46 ea a1 33 aa 0e aa 2e 5f 21 b7 be b5 be d7 30 0f 1a b8 ee 8a 35 20 23 b9 b8 8c 29 95 7a cb 6e 5f 50 d6 be be 77 af 48 55 0c 65 58 f5 e2 66 cb fb 95 bd a1 2c cd 2b b6 85 ec 70 1e 4b b6 35 ad bb 36 6f 39 db 6c 45 f4 63 56 6a 51 af 62 1e 0a 5c 49 3b 84 55 3b a6 7b 9b 92 43 71 ee 5a be 61 f8 c8 c0 58 05 04 4d 3b ac 16 5d 40 4a 66 6e 19 2c ff d1 f3 e3 14 11 87 5f aa 55 a7 1f f5 50 60 6c 0f 35 81 ea cd 0a 5c 31 99 7d f8 4a 6b 9b 6d 7c 11 6e aa a3 9d 33 52 78 e2 e3 ab b3 93 f0 00 10 13 91 0e 9d bf a4 30 91 15 68 34 40 ec d8 74 2b ea 9a 14 88 8a a7 33 97 2e 93 21 73 a2 9d 98 b7 ff ec 45 55 bd 9a c6 66 52 46 eb 42 ab a3 bd ad 27 ce 2b 5e 03 fc d5 ac 23 e5 4a 5f c0 f6 f0 1c 94 57 35 dd 83 db 39 dc 3f Data Ascii: )JAwChELaF3._!05 #)zn_PwHUeXf,+pK56o9lEcVjQb\I;U;{CqZaXM;]@Jfn,_UP`l5\1}Jkm\|n3Rx0h4@t+3.!sEUfRFB'+^#J_W59?
2025-03-27 13:41:29 UTC	1369	IN	Data Raw: d6 66 e2 cb f6 e2 7f 24 ef 92 3e 67 22 93 fd ff bd e5 a9 96 24 04 89 02 3a 3a 22 ca 8b 6e a6 61 5a 60 02 03 53 cd 0a 02 e1 ee 14 63 5e 7c a7 45 6e ed 8a 25 cb 46 ed 90 3d 6b d6 87 e8 4d 99 99 5a 38 f7 c2 d3 9b b9 c5 ec b7 79 5e 0f ac ca 98 81 0f 2f c5 aa 6d 3b 74 22 33 e1 d7 53 76 bb 55 8c 99 f8 62 4f e6 7d 52 31 43 cc 15 31 e6 63 3c c8 74 30 ab ef 9f be 47 f4 56 da bb e0 2c ba e4 7d f0 e1 f6 a5 c9 aa 4a 00 11 65 18 08 51 17 53 7e ed 8a 31 2f be 40 c0 ed 44 ed cc c4 18 40 05 3f 5e 19 d4 48 04 54 e9 9c 2f 3b 7e f3 51 50 e9 e1 01 31 75 e2 c6 0a 43 79 80 a4 59 20 03 91 cb 88 31 2f be a2 28 0e a4 4c 91 8d da 19 89 f1 0b 51 5b 55 75 ef 5a be c1 70 4c e8 97 cf 50 2b ef 4e 23 29 eb 8a 89 8c 5d 9c 90 81 2f c3 8b 4a 6c 61 6d cf 47 e6 bb 25 1c c9 c4 17 1a 4f 6b 15 Data Ascii: f$>g"$::"naZ`Sc^\|En%F=kMZ8y^/m;t"3SvUbO}R1C1c<t0GV,}JeQS~1/@D@?^HT/;~QP1uCyY 1/(LQ[UuZpLP+N#)]/JlamG%Ok
2025-03-27 13:41:29 UTC	342	IN	Data Raw: 71 1c 5d 8d 1b f9 fc 66 ad fc 63 9e b0 5a b1 0a 71 5e 03 47 4b 71 43 88 ec bd 80 b0 3b 11 6e 5c b8 f1 80 b2 7d 98 ad 7c e0 79 0f bc 9f 59 cf b5 93 d3 63 ae 00 15 18 39 cd 71 fb 99 92 84 0d 2c 4e 0c 0f 98 81 0b b8 d2 18 a7 c3 91 87 8d a4 46 94 dc e3 e7 14 8d 0d e8 ab c5 c2 c9 73 80 bb 93 d7 e4 f0 17 7e 97 2b a8 8a 65 60 e0 ea 32 d1 1b b7 5b 50 06 32 10 52 09 54 21 da a7 a5 09 dd 4d d8 e3 10 62 bd 67 65 1a 7f 9d 3c 5c b3 39 d2 78 5e 0f 61 e4 50 5c d0 d0 07 29 10 5d f6 5a 64 07 1c 7a 64 40 c8 9e bb 93 21 a0 43 30 63 a8 58 37 22 be cd 31 ee 8c 12 c3 10 63 b8 bd ec 2a f8 7e 8e 6b d9 e3 1d 27 bd 55 41 28 64 85 01 d7 83 3b 06 b3 c7 68 95 c2 70 c7 2d 1f 30 d6 91 bc 0e 8f 88 ee 87 cd c2 3e d9 ac 1c c9 ef ed 57 c1 eb 30 73 88 e3 3f 0c 58 eb b8 fd 42 3b a1 67 76 44 Data Ascii: q]fcZq^GKqC;n\}\|yYc9q,NFs~+e`2[P2RT!Mbge<\9x^aP\)]Zdzd@!C0cX7"1c*~k'UA(d;hp-0>W0s?XB;gvD

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:40 UTC	567	OUT	OPTIONS /socket.io/?EIO=4&transport=polling&t=PNNraPW HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive Accept: / Access-Control-Request-Method: GET Access-Control-Request-Headers: auth_uid,session_email Origin: https://www.oyabarista.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:40 UTC	375	IN	HTTP/1.1 204 No Content Date: Thu, 27 Mar 2025 13:41:40 GMT Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE Vary: Access-Control-Request-Headers Access-Control-Allow-Headers: auth_uid,session_email Cf-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 926f4e807dda438b-EWR alt-svc: h3=":443"; ma=86400

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:40 UTC	667	OUT	GET /socket.io/?EIO=4&transport=polling&t=PNNraPW HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive Auth_UID: USER04032025U29030403 Session_Email: info@kostal.com sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Origin: https://www.oyabarista.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:41 UTC	851	IN	HTTP/1.1 200 OK Date: Thu, 27 Mar 2025 13:41:41 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 118 Connection: close Access-Control-Allow-Origin: * cache-control: no-store cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2DgNLenMvYLtTg3wgQbx9HjBLRDEdXkGza3cLHlSfyRX%2Fy04YB0hS%2FWBr0v%2Bnz%2FpUpME6UweyQt8NH2w%2Frjbc0G41la7qk5pmM9QkcQ6iCNceCDYxyy94xN38ttWACdiJSQBQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4e838b9e0c88-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=84403&min_rtt=83166&rtt_var=18822&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2844&recv_bytes=1239&delivery_rate=36738&cwnd=242&unsent_bytes=0&cid=75204177d4b59c65&ts=307&x=0"
2025-03-27 13:41:41 UTC	118	IN	Data Raw: 30 7b 22 73 69 64 22 3a 22 33 4b 49 66 66 72 47 63 69 47 6b 75 39 4c 63 46 41 41 65 30 22 2c 22 75 70 67 72 61 64 65 73 22 3a 5b 22 77 65 62 73 6f 63 6b 65 74 22 5d 2c 22 70 69 6e 67 49 6e 74 65 72 76 61 6c 22 3a 32 35 30 30 30 2c 22 70 69 6e 67 54 69 6d 65 6f 75 74 22 3a 32 30 30 30 30 2c 22 6d 61 78 50 61 79 6c 6f 61 64 22 3a 31 30 30 30 30 30 30 7d Data Ascii: 0{"sid":"3KIffrGciGku9LcFAAe0","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":20000,"maxPayload":1000000}

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:41 UTC	566	OUT	GET /socket.io/?EIO=4&transport=websocket&sid=3KIffrGciGku9LcFAAe0 HTTP/1.1 Host: mssnet0nses.click Connection: Upgrade Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Upgrade: websocket Origin: https://www.oyabarista.com Sec-WebSocket-Version: 13 Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9 Sec-WebSocket-Key: ZtPFtoZ2x84UMtBW0Hft2g== Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
2025-03-27 13:41:41 UTC	833	IN	HTTP/1.1 400 Bad Request Date: Thu, 27 Mar 2025 13:41:41 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAA8Fzqxm75RDmQMD6ib0Sv%2BRaCfznaur6MYfyXTGvSifRwHJtF7mAPSV5%2FhKyPS28%2F7x%2BP9yLOGNf3gKNL2fDAzIcKLK5B9JY5lKi4NSNiF06SQD2X%2BJJyyvMa121h19LtF0g%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4e86cd714205-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=84809&min_rtt=83479&rtt_var=18969&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2842&recv_bytes=1121&delivery_rate=36589&cwnd=252&unsent_bytes=0&cid=87d67243953d9aa8&ts=314&x=0"
2025-03-27 13:41:41 UTC	40	IN	Data Raw: 32 32 0d 0a 7b 22 63 6f 64 65 22 3a 33 2c 22 6d 65 73 73 61 67 65 22 3a 22 42 61 64 20 72 65 71 75 65 73 74 22 7d 0d 0a Data Ascii: 22{"code":3,"message":"Bad request"}
2025-03-27 13:41:41 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:41 UTC	752	OUT	POST /socket.io/?EIO=4&transport=polling&t=PNNrail&sid=3KIffrGciGku9LcFAAe0 HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive Content-Length: 2 Auth_UID: USER04032025U29030403 Session_Email: info@kostal.com sec-ch-ua-platform: "Windows" sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / Content-type: text/plain;charset=UTF-8 Origin: https://www.oyabarista.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:41 UTC	2	OUT	Data Raw: 34 30 Data Ascii: 40
2025-03-27 13:41:42 UTC	291	IN	HTTP/1.1 200 OK Date: Thu, 27 Mar 2025 13:41:42 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cache-Control: no-store Cf-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 926f4e89c9abc331-EWR alt-svc: h3=":443"; ma=86400
2025-03-27 13:41:42 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2025-03-27 13:41:42 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:42 UTC	1041	OUT	POST /n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com HTTP/1.1 Host: www.oyabarista.com Connection: keep-alive Content-Length: 147028 Cache-Control: max-age=0 sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Origin: https://www.oyabarista.com Content-Type: application/x-www-form-urlencoded Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:42 UTC	16384	OUT	Data Raw: 64 61 74 61 3d 25 37 42 25 32 32 73 63 72 65 65 6e 25 32 32 25 33 41 25 37 42 25 32 32 61 76 61 69 6c 57 69 64 74 68 25 32 32 25 33 41 31 32 38 30 25 32 43 25 32 32 61 76 61 69 6c 48 65 69 67 68 74 25 32 32 25 33 41 39 38 34 25 32 43 25 32 32 77 69 64 74 68 25 32 32 25 33 41 31 32 38 30 25 32 43 25 32 32 68 65 69 67 68 74 25 32 32 25 33 41 31 30 32 34 25 32 43 25 32 32 63 6f 6c 6f 72 44 65 70 74 68 25 32 32 25 33 41 32 34 25 32 43 25 32 32 70 69 78 65 6c 44 65 70 74 68 25 32 32 25 33 41 32 34 25 32 43 25 32 32 61 76 61 69 6c 4c 65 66 74 25 32 32 25 33 41 30 25 32 43 25 32 32 61 76 61 69 6c 54 6f 70 25 32 32 25 33 41 30 25 32 43 25 32 32 6f 72 69 65 6e 74 61 74 69 6f 6e 25 32 32 25 33 41 25 32 32 25 35 42 6f 62 6a 65 63 74 2b 53 63 72 65 65 6e 4f 72 69 65 Data Ascii: data=%7B%22screen%22%3A%7B%22availWidth%22%3A1280%2C%22availHeight%22%3A984%2C%22width%22%3A1280%2C%22height%22%3A1024%2C%22colorDepth%22%3A24%2C%22pixelDepth%22%3A24%2C%22availLeft%22%3A0%2C%22availTop%22%3A0%2C%22orientation%22%3A%22%5Bobject+ScreenOrie
2025-03-27 13:41:42 UTC	16384	OUT	Data Raw: 32 43 25 32 32 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 58 4d 4c 44 6f 63 75 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 58 4d 4c 44 6f 63 75 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 57 72 69 74 61 62 6c 65 53 74 72 65 61 6d 44 65 66 61 75 6c 74 57 72 69 74 65 72 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 57 72 69 74 61 62 6c 65 53 74 72 65 61 6d 44 65 66 61 75 6c 74 57 72 69 74 65 72 25 32 38 25 32 39 2b 25 37 42 Data Ascii: 2C%22XMLHttpRequest%22%3A%22function+XMLHttpRequest%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22XMLDocument%22%3A%22function+XMLDocument%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22WritableStreamDefaultWriter%22%3A%22function+WritableStreamDefaultWriter%28%29+%7B
2025-03-27 13:41:42 UTC	16384	OUT	Data Raw: 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 53 56 47 41 6e 69 6d 61 74 65 64 53 74 72 69 6e 67 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 53 56 47 41 6e 69 6d 61 74 65 64 53 74 72 69 6e 67 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 53 56 47 41 6e 69 6d 61 74 65 64 52 65 63 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 53 56 47 41 6e 69 6d 61 74 65 64 52 65 63 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 53 56 47 41 6e 69 6d 61 74 65 64 50 72 65 73 65 72 76 65 41 73 70 65 63 74 52 61 74 69 6f 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 Data Ascii: Bnative+code%5D+%7D%22%2C%22SVGAnimatedString%22%3A%22function+SVGAnimatedString%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22SVGAnimatedRect%22%3A%22function+SVGAnimatedRect%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22SVGAnimatedPreserveAspectRatio%22%3A%22functi
2025-03-27 13:41:42 UTC	16384	OUT	Data Raw: 37 44 25 32 32 25 32 43 25 32 32 48 54 4d 4c 54 61 62 6c 65 43 6f 6c 45 6c 65 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 48 54 4d 4c 54 61 62 6c 65 43 6f 6c 45 6c 65 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 48 54 4d 4c 54 61 62 6c 65 43 65 6c 6c 45 6c 65 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 48 54 4d 4c 54 61 62 6c 65 43 65 6c 6c 45 6c 65 6d 65 6e 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 48 54 4d 4c 54 61 62 6c 65 43 61 70 74 69 6f 6e 45 6c 65 6d 65 6e 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 48 54 4d 4c 54 61 62 Data Ascii: 7D%22%2C%22HTMLTableColElement%22%3A%22function+HTMLTableColElement%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22HTMLTableCellElement%22%3A%22function+HTMLTableCellElement%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22HTMLTableCaptionElement%22%3A%22function+HTMLTab
2025-03-27 13:41:42 UTC	16384	OUT	Data Raw: 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 43 53 53 4c 61 79 65 72 42 6c 6f 63 6b 52 75 6c 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 43 53 53 4c 61 79 65 72 42 6c 6f 63 6b 52 75 6c 65 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 43 53 53 4b 65 79 77 6f 72 64 56 61 6c 75 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 43 53 53 4b 65 79 77 6f 72 64 56 61 6c 75 65 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 43 53 53 4b 65 79 66 72 61 6d 65 73 52 75 6c 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 43 53 53 4b 65 79 66 Data Ascii: B+%5Bnative+code%5D+%7D%22%2C%22CSSLayerBlockRule%22%3A%22function+CSSLayerBlockRule%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22CSSKeywordValue%22%3A%22function+CSSKeywordValue%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22CSSKeyframesRule%22%3A%22function+CSSKeyf
2025-03-27 13:41:42 UTC	16384	OUT	Data Raw: 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 46 69 6c 65 53 79 73 74 65 6d 46 69 6c 65 48 61 6e 64 6c 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 46 69 6c 65 53 79 73 74 65 6d 46 69 6c 65 48 61 6e 64 6c 65 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 46 69 6c 65 53 79 73 74 65 6d 48 61 6e 64 6c 65 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 46 69 6c 65 53 79 73 74 65 6d 48 61 6e 64 6c 65 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 46 69 6c 65 53 79 73 74 65 6d 57 72 69 74 61 62 6c 65 46 69 6c 65 53 74 Data Ascii: %28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22FileSystemFileHandle%22%3A%22function+FileSystemFileHandle%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22FileSystemHandle%22%3A%22function+FileSystemHandle%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22FileSystemWritableFileSt
2025-03-27 13:41:42 UTC	16384	OUT	Data Raw: 32 25 32 43 25 32 32 54 61 73 6b 53 69 67 6e 61 6c 25 32 32 25 32 43 25 32 32 54 61 73 6b 50 72 69 6f 72 69 74 79 43 68 61 6e 67 65 45 76 65 6e 74 25 32 32 25 32 43 25 32 32 54 61 73 6b 43 6f 6e 74 72 6f 6c 6c 65 72 25 32 32 25 32 43 25 32 32 54 61 73 6b 41 74 74 72 69 62 75 74 69 6f 6e 54 69 6d 69 6e 67 25 32 32 25 32 43 25 32 32 53 79 6e 63 4d 61 6e 61 67 65 72 25 32 32 25 32 43 25 32 32 53 75 62 6d 69 74 45 76 65 6e 74 25 32 32 25 32 43 25 32 32 53 74 79 6c 65 53 68 65 65 74 4c 69 73 74 25 32 32 25 32 43 25 32 32 53 74 79 6c 65 53 68 65 65 74 25 32 32 25 32 43 25 32 32 53 74 79 6c 65 50 72 6f 70 65 72 74 79 4d 61 70 52 65 61 64 4f 6e 6c 79 25 32 32 25 32 43 25 32 32 53 74 79 6c 65 50 72 6f 70 65 72 74 79 4d 61 70 25 32 32 25 32 43 25 32 32 53 74 6f 72 Data Ascii: 2%2C%22TaskSignal%22%2C%22TaskPriorityChangeEvent%22%2C%22TaskController%22%2C%22TaskAttributionTiming%22%2C%22SyncManager%22%2C%22SubmitEvent%22%2C%22StyleSheetList%22%2C%22StyleSheet%22%2C%22StylePropertyMapReadOnly%22%2C%22StylePropertyMap%22%2C%22Stor
2025-03-27 13:41:42 UTC	16384	OUT	Data Raw: 32 63 6c 6f 73 65 25 32 32 25 32 43 25 32 32 63 6f 6e 66 69 72 6d 25 32 32 25 32 43 25 32 32 63 72 65 61 74 65 49 6d 61 67 65 42 69 74 6d 61 70 25 32 32 25 32 43 25 32 32 66 65 74 63 68 25 32 32 25 32 43 25 32 32 66 69 6e 64 25 32 32 25 32 43 25 32 32 66 6f 63 75 73 25 32 32 25 32 43 25 32 32 67 65 74 43 6f 6d 70 75 74 65 64 53 74 79 6c 65 25 32 32 25 32 43 25 32 32 67 65 74 53 65 6c 65 63 74 69 6f 6e 25 32 32 25 32 43 25 32 32 6d 61 74 63 68 4d 65 64 69 61 25 32 32 25 32 43 25 32 32 6d 6f 76 65 42 79 25 32 32 25 32 43 25 32 32 6d 6f 76 65 54 6f 25 32 32 25 32 43 25 32 32 6f 70 65 6e 25 32 32 25 32 43 25 32 32 70 6f 73 74 4d 65 73 73 61 67 65 25 32 32 25 32 43 25 32 32 70 72 69 6e 74 25 32 32 25 32 43 25 32 32 70 72 6f 6d 70 74 25 32 32 25 32 43 25 32 32 Data Ascii: 2close%22%2C%22confirm%22%2C%22createImageBitmap%22%2C%22fetch%22%2C%22find%22%2C%22focus%22%2C%22getComputedStyle%22%2C%22getSelection%22%2C%22matchMedia%22%2C%22moveBy%22%2C%22moveTo%22%2C%22open%22%2C%22postMessage%22%2C%22print%22%2C%22prompt%22%2C%22
2025-03-27 13:41:42 UTC	15956	OUT	Data Raw: 53 74 61 6d 70 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 74 69 6d 65 53 74 61 6d 70 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 63 6f 6e 74 65 78 74 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 63 6f 6e 74 65 78 74 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 63 72 65 61 74 65 54 61 73 6b 25 32 32 25 33 41 25 32 32 66 75 6e 63 74 69 6f 6e 2b 63 72 65 61 74 65 54 61 73 6b 25 32 38 25 32 39 2b 25 37 42 2b 25 35 42 6e 61 74 69 76 65 2b 63 6f 64 65 25 35 44 2b 25 37 44 25 32 32 25 32 43 25 32 32 6d 65 6d 6f 72 79 25 32 32 25 33 41 25 32 32 25 35 42 6f 62 6a 65 63 74 2b 4d 65 6d 6f 72 Data Ascii: Stamp%22%3A%22function+timeStamp%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22context%22%3A%22function+context%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22createTask%22%3A%22function+createTask%28%29+%7B+%5Bnative+code%5D+%7D%22%2C%22memory%22%3A%22%5Bobject+Memor

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:43 UTC	450	OUT	GET /socket.io/?EIO=4&transport=polling&t=PNNraio&sid=3KIffrGciGku9LcFAAe0 HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Sec-Fetch-Storage-Access: active Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:43 UTC	282	IN	HTTP/1.1 400 Bad Request Date: Thu, 27 Mar 2025 13:41:43 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * Cf-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 926f4e92d9740f43-EWR alt-svc: h3=":443"; ma=86400
2025-03-27 13:41:43 UTC	47	IN	Data Raw: 32 39 0d 0a 7b 22 63 6f 64 65 22 3a 31 2c 22 6d 65 73 73 61 67 65 22 3a 22 53 65 73 73 69 6f 6e 20 49 44 20 75 6e 6b 6e 6f 77 6e 22 7d 0d 0a Data Ascii: 29{"code":1,"message":"Session ID unknown"}
2025-03-27 13:41:43 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:44 UTC	567	OUT	OPTIONS /socket.io/?EIO=4&transport=polling&t=PNNrbOF HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive Accept: / Access-Control-Request-Method: GET Access-Control-Request-Headers: auth_uid,session_email Origin: https://www.oyabarista.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:44 UTC	375	IN	HTTP/1.1 204 No Content Date: Thu, 27 Mar 2025 13:41:44 GMT Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE Vary: Access-Control-Request-Headers Access-Control-Allow-Headers: auth_uid,session_email Cf-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 926f4e983ca641f9-EWR alt-svc: h3=":443"; ma=86400

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Threatname: Mamba2FA

Yara Signatures

HTML

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 100

Chrome Cache Entry: 101

Chrome Cache Entry: 102

Chrome Cache Entry: 103

Chrome Cache Entry: 104

Chrome Cache Entry: 105

Chrome Cache Entry: 106

Chrome Cache Entry: 107

Chrome Cache Entry: 108

Chrome Cache Entry: 109

Chrome Cache Entry: 110

Chrome Cache Entry: 111

Chrome Cache Entry: 112

Chrome Cache Entry: 113

Chrome Cache Entry: 114

Chrome Cache Entry: 115

Chrome Cache Entry: 116

Chrome Cache Entry: 117

Chrome Cache Entry: 118

Chrome Cache Entry: 119

Chrome Cache Entry: 120

Chrome Cache Entry: 121

Chrome Cache Entry: 122

Chrome Cache Entry: 123

Chrome Cache Entry: 124

Chrome Cache Entry: 125

Windows Analysis Report
https://www.oyabarista.com/n/?c3Y9bzM2NV8xX25vbSZyYW5kPU5ITnVVMmM9JnVpZD1VU0VSMDQwMzIwMjVVMjkwMzA0MDM=N0123Ninfo@kostal.com

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:45 UTC	566	OUT	GET /socket.io/?EIO=4&transport=websocket&sid=ceGoATplRk4sAOILAAe3 HTTP/1.1 Host: mssnet0nses.click Connection: Upgrade Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Upgrade: websocket Origin: https://www.oyabarista.com Sec-WebSocket-Version: 13 Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9 Sec-WebSocket-Key: LFQPQHRj3K0Cy0BCzE3u+A== Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
2025-03-27 13:41:45 UTC	829	IN	HTTP/1.1 400 Bad Request Date: Thu, 27 Mar 2025 13:41:45 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=12N8ZOMJT1wMdsAcHrIdoKJroyna1T6hWoo%2FxepsMtYzBW1iwTlGdSGfw3UhgSYwtgyGHC7JcrVM%2BoTplGq%2FqV1JqZHAvy9S5sV7DSBr5Pd8NY8gB1jmtdmYJRHGOPdIE7p17Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4e9e49b718ea-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=84012&min_rtt=83582&rtt_var=18282&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2844&recv_bytes=1121&delivery_rate=35997&cwnd=250&unsent_bytes=0&cid=c0db6269752177b0&ts=304&x=0"
2025-03-27 13:41:45 UTC	40	IN	Data Raw: 32 32 0d 0a 7b 22 63 6f 64 65 22 3a 33 2c 22 6d 65 73 73 61 67 65 22 3a 22 42 61 64 20 72 65 71 75 65 73 74 22 7d 0d 0a Data Ascii: 22{"code":3,"message":"Bad request"}
2025-03-27 13:41:45 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:45 UTC	692	OUT	GET /socket.io/?EIO=4&transport=polling&t=PNNrbdU&sid=ceGoATplRk4sAOILAAe3 HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive Auth_UID: USER04032025U29030403 Session_Email: info@kostal.com sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Origin: https://www.oyabarista.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:46 UTC	841	IN	HTTP/1.1 200 OK Date: Thu, 27 Mar 2025 13:41:46 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 1 Connection: close Access-Control-Allow-Origin: * cache-control: no-store cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fN1sJB8h5tb4thyHSudxwa9ixnhtF7H1BL4XMILRDThYBB5Ty%2BhIn1TNbOKx63BulVN6na6DAyhGGu4y1Zm29KfaaAPtIfcTY7p6BHGN8I49QNzqkAoiMo7BcLGvsZA79pTyrg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4ea309e843ec-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=83983&min_rtt=83940&rtt_var=17737&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2843&recv_bytes=1264&delivery_rate=36405&cwnd=252&unsent_bytes=0&cid=4d77ec5ea1f7fa59&ts=802&x=0"
2025-03-27 13:41:46 UTC	1	IN	Data Raw: 31 Data Ascii: 1

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:46 UTC	450	OUT	GET /socket.io/?EIO=4&transport=polling&t=PNNrbdU&sid=ceGoATplRk4sAOILAAe3 HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Sec-Fetch-Storage-Access: active Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:47 UTC	835	IN	HTTP/1.1 400 Bad Request Date: Thu, 27 Mar 2025 13:41:47 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=smo%2F5ygmTfULf6o5Z69gnXOBJgqCfhpziQkj0cR9i%2F9l7nkXuA0t%2BuIeOwfpd7BhCyadYdEci73QmlVtf6Q4xfjpn9zh3yD%2FEU0QX2swT83mgOGF%2F9%2FXnqLJ5oi9LKbQiDVZeA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4ea98a80de9a-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=83294&min_rtt=83262&rtt_var=17612&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2844&recv_bytes=1022&delivery_rate=36670&cwnd=252&unsent_bytes=0&cid=86136adf858c4f68&ts=258&x=0"
2025-03-27 13:41:47 UTC	47	IN	Data Raw: 32 39 0d 0a 7b 22 63 6f 64 65 22 3a 31 2c 22 6d 65 73 73 61 67 65 22 3a 22 53 65 73 73 69 6f 6e 20 49 44 20 75 6e 6b 6e 6f 77 6e 22 7d 0d 0a Data Ascii: 29{"code":1,"message":"Session ID unknown"}
2025-03-27 13:41:47 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:48 UTC	667	OUT	GET /socket.io/?EIO=4&transport=polling&t=PNNrcEg HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive Auth_UID: USER04032025U29030403 Session_Email: info@kostal.com sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Origin: https://www.oyabarista.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:48 UTC	849	IN	HTTP/1.1 200 OK Date: Thu, 27 Mar 2025 13:41:48 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 118 Connection: close Access-Control-Allow-Origin: * cache-control: no-store cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KoWDRA%2BgvsjWrqGIZQTViFDaks1EqF%2FWJ%2BAker9mPyowOu82ra01ReX4xOQLNgE8V39Lio2%2FtXxbzFWegHgz0mKw1hTZZuZ49BvoEcYoCiIm5sPaqfatUrKLrxxKjsvM30sIBw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4eb0ed988c5f-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=84165&min_rtt=83941&rtt_var=17927&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2842&recv_bytes=1239&delivery_rate=36407&cwnd=245&unsent_bytes=0&cid=51ea2279b1bfeb1f&ts=334&x=0"
2025-03-27 13:41:48 UTC	118	IN	Data Raw: 30 7b 22 73 69 64 22 3a 22 74 30 31 30 48 79 35 6f 36 2d 44 72 63 4c 4d 79 41 41 65 38 22 2c 22 75 70 67 72 61 64 65 73 22 3a 5b 22 77 65 62 73 6f 63 6b 65 74 22 5d 2c 22 70 69 6e 67 49 6e 74 65 72 76 61 6c 22 3a 32 35 30 30 30 2c 22 70 69 6e 67 54 69 6d 65 6f 75 74 22 3a 32 30 30 30 30 2c 22 6d 61 78 50 61 79 6c 6f 61 64 22 3a 31 30 30 30 30 30 30 7d Data Ascii: 0{"sid":"t010Hy5o6-DrcLMyAAe8","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":20000,"maxPayload":1000000}

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:49 UTC	752	OUT	POST /socket.io/?EIO=4&transport=polling&t=PNNrcTV&sid=t010Hy5o6-DrcLMyAAe8 HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive Content-Length: 2 Auth_UID: USER04032025U29030403 Session_Email: info@kostal.com sec-ch-ua-platform: "Windows" sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / Content-type: text/plain;charset=UTF-8 Origin: https://www.oyabarista.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:49 UTC	2	OUT	Data Raw: 34 30 Data Ascii: 40
2025-03-27 13:41:49 UTC	836	IN	HTTP/1.1 200 OK Date: Thu, 27 Mar 2025 13:41:49 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * cache-control: no-store cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TygiMU8iWjURome1XjD%2FPdnnMjNzRKSRd4SFR1U6onQtRRYBP4R9xI6EAx3vEzc9WdYMv0yJdW51bpM%2BMGLaQC3It6Pxa7NlFCcPwWkIFU66fpN8POk2HVw90Zj1huXelE856w%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4eb6ecbccdf0-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=83812&min_rtt=83775&rtt_var=17687&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2843&recv_bytes=1348&delivery_rate=36472&cwnd=252&unsent_bytes=0&cid=8b596bea33e95132&ts=308&x=0"
2025-03-27 13:41:49 UTC	7	IN	Data Raw: 32 0d 0a 6f 6b 0d 0a Data Ascii: 2ok
2025-03-27 13:41:49 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:50 UTC	450	OUT	GET /socket.io/?EIO=4&transport=polling&t=PNNrcTW&sid=t010Hy5o6-DrcLMyAAe8 HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Sec-Fetch-Storage-Access: active Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:50 UTC	827	IN	HTTP/1.1 400 Bad Request Date: Thu, 27 Mar 2025 13:41:50 GMT Content-Type: application/json Transfer-Encoding: chunked Connection: close Access-Control-Allow-Origin: * cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HF41bli%2BX9cDflLyNBmnuq65m2TyMVMNZdd05UIycGLqxPuvIKMqqZPOUe0RxtEU9esL%2FMqQ3WPBSXExlqA6dfEoltdjVAWvuAs6CS000k6ajQkDqJhAYw2Ymdwa89sHxa5Dtg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4ebceffd7611-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=83897&min_rtt=83876&rtt_var=17727&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2843&recv_bytes=1022&delivery_rate=36411&cwnd=252&unsent_bytes=0&cid=75ffffa11eb32052&ts=266&x=0"
2025-03-27 13:41:50 UTC	47	IN	Data Raw: 32 39 0d 0a 7b 22 63 6f 64 65 22 3a 31 2c 22 6d 65 73 73 61 67 65 22 3a 22 53 65 73 73 69 6f 6e 20 49 44 20 75 6e 6b 6e 6f 77 6e 22 7d 0d 0a Data Ascii: 29{"code":1,"message":"Session ID unknown"}
2025-03-27 13:41:50 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:50 UTC	567	OUT	OPTIONS /socket.io/?EIO=4&transport=polling&t=PNNrc-m HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive Accept: / Access-Control-Request-Method: GET Access-Control-Request-Headers: auth_uid,session_email Origin: https://www.oyabarista.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:51 UTC	375	IN	HTTP/1.1 204 No Content Date: Thu, 27 Mar 2025 13:41:51 GMT Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE Vary: Access-Control-Request-Headers Access-Control-Allow-Headers: auth_uid,session_email Cf-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 926f4ec1df478c15-EWR alt-svc: h3=":443"; ma=86400

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:51 UTC	593	OUT	OPTIONS /socket.io/?EIO=4&transport=polling&t=PNNrdFJ&sid=cDcq_6oiPpEKxHw5AAe_ HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive Accept: / Access-Control-Request-Method: POST Access-Control-Request-Headers: auth_uid,session_email Origin: https://www.oyabarista.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:52 UTC	947	IN	HTTP/1.1 204 No Content Date: Thu, 27 Mar 2025 13:41:52 GMT Content-Length: 0 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE Vary: Access-Control-Request-Headers Access-Control-Allow-Headers: auth_uid,session_email cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FTxL6P7ZIKQil%2BzI0QYDytK%2FiWq0d7mZluzlawSKQSAX%2FPHf%2BcR26syDyp5GtSDRKPEd7bqDL4oJpD0i5hS1pGArs3akisc3wm2r1elee0SCzmB8Kvkkt%2BqwECmMcnfV8cmA9Q%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4ec7d8884f4e-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=83818&min_rtt=83806&rtt_var=17698&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2843&recv_bytes=1165&delivery_rate=36457&cwnd=252&unsent_bytes=0&cid=ac03708f350380de&ts=306&x=0"

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:52 UTC	692	OUT	GET /socket.io/?EIO=4&transport=polling&t=PNNrdFK&sid=cDcq_6oiPpEKxHw5AAe_ HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive Auth_UID: USER04032025U29030403 Session_Email: info@kostal.com sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Accept: / sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134" sec-ch-ua-mobile: ?0 Origin: https://www.oyabarista.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:53 UTC	298	IN	HTTP/1.1 200 OK Date: Thu, 27 Mar 2025 13:41:53 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 1 Connection: close Access-Control-Allow-Origin: * Cache-Control: no-store Cf-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 926f4ecad92d5ed0-EWR alt-svc: h3=":443"; ma=86400
2025-03-27 13:41:53 UTC	1	IN	Data Raw: 31 Data Ascii: 1

Timestamp	Bytes transferred	Direction	Data
2025-03-27 13:41:53 UTC	567	OUT	OPTIONS /socket.io/?EIO=4&transport=polling&t=PNNrdm- HTTP/1.1 Host: mssnet0nses.click Connection: keep-alive Accept: / Access-Control-Request-Method: GET Access-Control-Request-Headers: auth_uid,session_email Origin: https://www.oyabarista.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Sec-Fetch-Dest: empty Referer: https://www.oyabarista.com/ Accept-Encoding: gzip, deflate, br, zstd Accept-Language: en-US,en;q=0.9
2025-03-27 13:41:54 UTC	939	IN	HTTP/1.1 204 No Content Date: Thu, 27 Mar 2025 13:41:54 GMT Content-Length: 0 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE Vary: Access-Control-Request-Headers Access-Control-Allow-Headers: auth_uid,session_email cf-cache-status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1VB279vkCw1toBJfNPJ3RfxxzjgVL84rXuohaQ3IDftBESwbMPzMECz0FUYCcT52bIlVHpkh0xKzE7uo%2FTl90lueYhcG7UelfncBm8S3W29nj%2Fn9Mqcvo9v5sXmsNHZpDatSw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 926f4ed54ed3f5f8-EWR alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=TCP&rtt=83584&min_rtt=83569&rtt_var=17653&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2843&recv_bytes=1139&delivery_rate=36556&cwnd=252&unsent_bytes=0&cid=8bbc7331f32d3490&ts=315&x=0"