I am trying to recreate an HTTP request through Python Requests but it looks like there are headers being added to the Ajax Request on the page that is validated server-side.
Here is the website I am trying to login to.
I was able to find the code that sends the POST request:
var b = "/entreg/json/AuthenticateAction";var a;var c = { username: d.username, password: d.password, newPassword: d.newPassword, retypeNewPassword: d.retypeNewPassword};$.ajax({ url: b, cache: false, type: "post", data: $("#loginForm").serialize()})Even when I run this code by itself, it sends the request and adds the headers (all prefixed with X-jFuguZWB-). It looks like there is some obfuscated code that runs something like $.ajaxSetup({headers: {"X-jFuguZWB-Z": "test-value"}}) to attach that header to all requests.
My question is, which part of the page is adding these headers and is there any way to recreate the headers when I make my own POST request via Python?
I did find some obfuscated javascript in the <!-- Google Tag Manager --> section of the page but I am unable to tell what it is doing.
