Source: global traffic | HTTP traffic detected: GET /presentation/d/e/2PACX-1vQ7Dkd_WRbgSfshqD4oLNlUmDxTYPUSUb2tLr0qsjIwZ7fwYeWMIoyLCuLiIiL3T8QaBj2et0IIqqkz/pub?start=false&loop=false&delayms=3000 HTTP/1.1Host: docs.google.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2025X-Browser-Validation: wTKGXmLo+sPWz1JKKbFzUyHly1Q=X-Browser-Copyright: Copyright 2025 Google LLC. All rights reserved.X-Client-Data: CO6MywE=Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /static/presentation/client/css/4105792792-viewer_css_ltr.css HTTP/1.1Host: docs.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1X-Client-Data: CO6MywE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://docs.google.com/presentation/d/e/2PACX-1vQ7Dkd_WRbgSfshqD4oLNlUmDxTYPUSUb2tLr0qsjIwZ7fwYeWMIoyLCuLiIiL3T8QaBj2et0IIqqkz/pub?start=false&loop=false&delayms=3000Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=JLEqbqBzyEKyaFeMjriwHG0jyctQIODOa69zzL-GqkCCAV77XkzhK73WM-GrFqNFu9GXYOrB_Cq0fyWgNFw71PUfDyA1jcOh1sghls_Ypkqn2v2-EU0tBDm1nuR2tuljWZA72G-mtsLlJZ5FqRTDUbBd4HJOZCHhfKN6fjTs56ce1rKDO8X1tCJ8yrnifKF7rUNdOp4; GFE_RTT=224 |
Source: global traffic | HTTP traffic detected: GET /slidesz/AGV_vUdJaErXIJ55hdglvmfjSbJPFW0UxlncOXEIeukK-lpE_5EJ5uh5BaYVcdj_q3_TnTKD5vNdF46nR-OTR94Q5CLCKQzl6Xf2hHM67TsVRaoPZt4GNZxhtsR6gY_0XQ6UqZk=s2048?key=0T76xXlufg2HBrV9SVPofq1l HTTP/1.1Host: lh7-rt.googleusercontent.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CO6MywE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://docs.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /static/presentation/client/js/1573492039-viewer_integrated_core.js HTTP/1.1Host: docs.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*X-Client-Data: CO6MywE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docs.google.com/presentation/d/e/2PACX-1vQ7Dkd_WRbgSfshqD4oLNlUmDxTYPUSUb2tLr0qsjIwZ7fwYeWMIoyLCuLiIiL3T8QaBj2et0IIqqkz/pub?start=false&loop=false&delayms=3000Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=JLEqbqBzyEKyaFeMjriwHG0jyctQIODOa69zzL-GqkCCAV77XkzhK73WM-GrFqNFu9GXYOrB_Cq0fyWgNFw71PUfDyA1jcOh1sghls_Ypkqn2v2-EU0tBDm1nuR2tuljWZA72G-mtsLlJZ5FqRTDUbBd4HJOZCHhfKN6fjTs56ce1rKDO8X1tCJ8yrnifKF7rUNdOp4; GFE_RTT=224 |
Source: global traffic | HTTP traffic detected: GET /slidesz/AGV_vUdJaErXIJ55hdglvmfjSbJPFW0UxlncOXEIeukK-lpE_5EJ5uh5BaYVcdj_q3_TnTKD5vNdF46nR-OTR94Q5CLCKQzl6Xf2hHM67TsVRaoPZt4GNZxhtsR6gY_0XQ6UqZk=s2048?key=0T76xXlufg2HBrV9SVPofq1l HTTP/1.1Host: lh7-rt.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CO6MywE=Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /static/presentation/client/js/1568806778-punch_viewer_worker_binary_viewercore.js HTTP/1.1Host: docs.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*X-Client-Data: CO6MywE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=JLEqbqBzyEKyaFeMjriwHG0jyctQIODOa69zzL-GqkCCAV77XkzhK73WM-GrFqNFu9GXYOrB_Cq0fyWgNFw71PUfDyA1jcOh1sghls_Ypkqn2v2-EU0tBDm1nuR2tuljWZA72G-mtsLlJZ5FqRTDUbBd4HJOZCHhfKN6fjTs56ce1rKDO8X1tCJ8yrnifKF7rUNdOp4 |
Source: global traffic | HTTP traffic detected: GET /static/presentation/client/js/907711159-viewer_integrated_secondary.js HTTP/1.1Host: docs.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*X-Client-Data: CO6MywE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docs.google.com/presentation/d/e/2PACX-1vQ7Dkd_WRbgSfshqD4oLNlUmDxTYPUSUb2tLr0qsjIwZ7fwYeWMIoyLCuLiIiL3T8QaBj2et0IIqqkz/pub?start=false&loop=false&delayms=3000&slide=id.pAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=JLEqbqBzyEKyaFeMjriwHG0jyctQIODOa69zzL-GqkCCAV77XkzhK73WM-GrFqNFu9GXYOrB_Cq0fyWgNFw71PUfDyA1jcOh1sghls_Ypkqn2v2-EU0tBDm1nuR2tuljWZA72G-mtsLlJZ5FqRTDUbBd4HJOZCHhfKN6fjTs56ce1rKDO8X1tCJ8yrnifKF7rUNdOp4 |
Source: global traffic | HTTP traffic detected: GET /static/presentation/client/js/764277182-viewer_integrated_help.js HTTP/1.1Host: docs.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*X-Client-Data: CO6MywE=Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://docs.google.com/presentation/d/e/2PACX-1vQ7Dkd_WRbgSfshqD4oLNlUmDxTYPUSUb2tLr0qsjIwZ7fwYeWMIoyLCuLiIiL3T8QaBj2et0IIqqkz/pub?start=false&loop=false&delayms=3000&slide=id.pAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=bhb5wswndd5rkgRSravDVvW6lkZW7W6ficPF1LcfwWew60Y676Dkbbk0LouixBlVQAqog5wegSxGfF2GjeBjrMFgoRP_44_7Z8biOG2FCXIQ3J71CGQs2_KfyBu6rjJLWkqXZOXyhopQTQr53npagBXKevTUI1U3gykH6qnFMPAt9N6DfKdQe-R8FoKiLhGSX9TVwBntosJ1pzs |
Source: global traffic | HTTP traffic detected: GET /presentation/manifest.json HTTP/1.1Host: docs.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*X-Client-Data: CO6MywE=Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://docs.google.com/presentation/d/e/2PACX-1vQ7Dkd_WRbgSfshqD4oLNlUmDxTYPUSUb2tLr0qsjIwZ7fwYeWMIoyLCuLiIiL3T8QaBj2et0IIqqkz/pub?start=false&loop=false&delayms=3000&slide=id.pAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=bhb5wswndd5rkgRSravDVvW6lkZW7W6ficPF1LcfwWew60Y676Dkbbk0LouixBlVQAqog5wegSxGfF2GjeBjrMFgoRP_44_7Z8biOG2FCXIQ3J71CGQs2_KfyBu6rjJLWkqXZOXyhopQTQr53npagBXKevTUI1U3gykH6qnFMPAt9N6DfKdQe-R8FoKiLhGSX9TVwBntosJ1pzs |
Source: global traffic | HTTP traffic detected: GET /nrColMBN HTTP/1.1Host: meheff.wpym.xyzConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://docs.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://meheff.wpym.xyz/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /turnstile/v0/b/708f7a809116/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://meheff.wpym.xyz/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /1/api.js HTTP/1.1Host: js.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://meheff.wpym.xyz/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/r4wwa/0x4AAAAAAA2ptl9BKcGk2BB2/auto/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://meheff.wpym.xyz/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/r4wwa/0x4AAAAAAA2ptl9BKcGk2BB2/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=92a02388286d2361&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/r4wwa/0x4AAAAAAA2ptl9BKcGk2BB2/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /captcha/v1/c1e11bfffe54019b36ca486d59d75ea65128f510/static/hcaptcha.html HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://meheff.wpym.xyz/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: meheff.wpym.xyzConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://meheff.wpym.xyz/nrColMBNAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 68ba-73d6=5964312a968d5bf8b4112aeb76102c73361c8cf272c7006e3e95435506daf19e |
Source: global traffic | HTTP traffic detected: GET /c/5fef759e34a955dd56ceddd805e6a87d3f7d854c8c695bf797d43331bebfee3f/hsw.js HTTP/1.1Host: newassets.hcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://newassets.hcaptcha.com/captcha/v1/c1e11bfffe54019b36ca486d59d75ea65128f510/static/hcaptcha.htmlAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /checksiteconfig?v=c1e11bfffe54019b36ca486d59d75ea65128f510&host=meheff.wpym.xyz&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=1 HTTP/1.1Host: api.hcaptcha.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /owa/favicon.ico HTTP/1.1Host: meheff.wpym.xyzConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://meheff.wpym.xyz/nrColMBNAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 68ba-73d6=5964312a968d5bf8b4112aeb76102c73361c8cf272c7006e3e95435506daf19e |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1212442583:1743593607:vEnn6mwQ95ke5K7PKXFGNwLCtODIADibp6QTenEhzhc/92a02388286d2361/syp_.SEti7486WnCqG9gsMLBHxYvSA_rvMrkUrBK2Co-1743594942-1.1.1.1-hiZdP5cCpXDZqZ5jFX1duCsIUIGCXFylZ7JqyH8T8R3WvmVSUwC0qzbDeMX9EL9M HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/92a02388286d2361/1743594953422/F44c2OL12PSq6bA HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/r4wwa/0x4AAAAAAA2ptl9BKcGk2BB2/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/92a02388286d2361/1743594953422/F44c2OL12PSq6bA HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/92a02388286d2361/1743594953425/c8ded0a11fbdbd541bb4fe88002a6f25458edfbafd114552db4fe9412006050a/ZD5VGc0O47vH_tR HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/r4wwa/0x4AAAAAAA2ptl9BKcGk2BB2/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /owa/favicon.ico HTTP/1.1Host: meheff.wpym.xyzConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 68ba-73d6=5964312a968d5bf8b4112aeb76102c73361c8cf272c7006e3e95435506daf19e; ClientId=1F6FD9E23EA648BAA1B3CD86A897DC75; OIDC=1 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1212442583:1743593607:vEnn6mwQ95ke5K7PKXFGNwLCtODIADibp6QTenEhzhc/92a02388286d2361/syp_.SEti7486WnCqG9gsMLBHxYvSA_rvMrkUrBK2Co-1743594942-1.1.1.1-hiZdP5cCpXDZqZ5jFX1duCsIUIGCXFylZ7JqyH8T8R3WvmVSUwC0qzbDeMX9EL9M HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /nrColMBN?k=NXLG8A0 HTTP/1.1Host: meheff.wpym.xyzConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://meheff.wpym.xyz/nrColMBNAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 68ba-73d6=5964312a968d5bf8b4112aeb76102c73361c8cf272c7006e3e95435506daf19e; ClientId=1F6FD9E23EA648BAA1B3CD86A897DC75; OIDC=1 |
Source: global traffic | HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1212442583:1743593607:vEnn6mwQ95ke5K7PKXFGNwLCtODIADibp6QTenEhzhc/92a02388286d2361/syp_.SEti7486WnCqG9gsMLBHxYvSA_rvMrkUrBK2Co-1743594942-1.1.1.1-hiZdP5cCpXDZqZ5jFX1duCsIUIGCXFylZ7JqyH8T8R3WvmVSUwC0qzbDeMX9EL9M HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9 |
Source: global traffic | HTTP traffic detected: GET /owa/ HTTP/1.1Host: mejeff.wpym.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://meheff.wpym.xyz/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 68ba-73d6=5964312a968d5bf8b4112aeb76102c73361c8cf272c7006e3e95435506daf19e |
Source: global traffic | HTTP traffic detected: GET /common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=d3f010eb-0335-4544-92e3-80e46926cd37&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638791917658115408.98d69f9d-eb1e-4f52-a2fd-c0535c45e2c9&state=DctLFoAgCEBRrNNySFERWI75mTZs-zG4b_YCAJzucCF5QFpRMTKSxkrENeltOpttm7geWlg3Z-x5TxyJC4_KKw8L_l7x_Xr8AQ HTTP/1.1Host: xofu8.wpym.xyzConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://meheff.wpym.xyz/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 68ba-73d6=5964312a968d5bf8b4112aeb76102c73361c8cf272c7006e3e95435506daf19e |
Source: global traffic | HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_9810YxmrLqOR1rQ4anyNMg2.js HTTP/1.1Host: jrhte.wpym.xyzConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://xofu8.wpym.xyz/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 68ba-73d6=5964312a968d5bf8b4112aeb76102c73361c8cf272c7006e3e95435506daf19e |
Source: global traffic | HTTP traffic detected: GET /common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=d3f010eb-0335-4544-92e3-80e46926cd37&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638791917658115408.98d69f9d-eb1e-4f52-a2fd-c0535c45e2c9&state=DctLFoAgCEBRrNNySFERWI75mTZs-zG4b_YCAJzucCF5QFpRMTKSxkrENeltOpttm7geWlg3Z-x5TxyJC4_KKw8L_l7x_Xr8AQ&sso_reload=true HTTP/1.1Host: xofu8.wpym.xyzConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://xofu8.wpym.xyz/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=d3f010eb-0335-4544-92e3-80e46926cd37&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638791917658115408.98d69f9d-eb1e-4f52-a2fd-c0535c45e2c9&state=DctLFoAgCEBRrNNySFERWI75mTZs-zG4b_YCAJzucCF5QFpRMTKSxkrENeltOpttm7geWlg3Z-x5TxyJC4_KKw8L_l7x_Xr8AQAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: 68ba-73d6=5964312a968d5bf8b4112aeb76102c73361c8cf272c7006e3e95435506daf19e; esctx-85oIgnoPw48=AQABCQEAAABVrSpeuWamRam2jAF1XRQEX9GMKaQ6jbGYSngESuBwI3yclzH1AW8o80rTD5S7JSIsfKWkP0L_vHfLJ5KanzkJvW1ahNDqz6BTUlaV24l7GJMKyu6vfuK55DAQOpz-x3YKMX2w-22JjZ9iwiVDrVyd7rA8i3_7a0XFT16YM1mPxSAA; fpc=Al_Hmr0PvYNEokv2dfrKwy4; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEbFR-Sdsw57h_pTIto1pc51RTPZ2RvAgvOFMtgnkDjMAM2F9hOWBd3NhYdlTWwWPun-4yQlmF3oPrmnMeK21mmDcWtMKp9YiCIxl5tE5FCMjnxWu6ZEPMhOQcGR8g-PUydOW54amwmo2_yL5Xb23oheWB1xVYZg5hfyqIY50xGSsgAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOO |