hxxps://cF4Rq04[.]na1[.]hubspotlinks[.]com/Ctc/T+113/cF4Rq04/VX538d3Qm58jW4Vqc117zM69KW861hN752DsxKN8tN9CF3pyd0W7lCdLW6lZ3pFW2J1Lpf3_qX2JW7rbhkz2TBDSCN2xTYvN57jR5W2-zHCk6TKQ09W8DSC0N6lMp38W4FXYsX2f2jmkW1sJ3S7997_F1W7tDPdv27Nmv8W2cPSj-52Xb1CN7tx_1fRzQGFW52P94B7pvSdFW6MBkdt4hxXnYW3RR5V_4JRnJ6W248d-11YV47vW7lPgJK1bNr5NN12KMNPFh9nxN6NZ5sH1qZnpW4s1NFd77mJc-M93cHzR4_9xN4QfprxwDm0cW28-Hpn786_l-W1kQyb09m5T8fW4Qch7j3SL_LHW59xqSY3ZFpRxf7QbhZF04

Analysis

max time kernel
149s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
25/08/2023, 08:16 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cF4Rq04.na1.hubspotlinks.com/Ctc/T+113/cF4Rq04/VX538d3Qm58jW4Vqc117zM69KW861hN752DsxKN8tN9CF3pyd0W7lCdLW6lZ3pFW2J1Lpf3_qX2JW7rbhkz2TBDSCN2xTYvN57jR5W2-zHCk6TKQ09W8DSC0N6lMp38W4FXYsX2f2jmkW1sJ3S7997_F1W7tDPdv27Nmv8W2cPSj-52Xb1CN7tx_1fRzQGFW52P94B7pvSdFW6MBkdt4hxXnYW3RR5V_4JRnJ6W248d-11YV47vW7lPgJK1bNr5NN12KMNPFh9nxN6NZ5sH1qZnpW4s1NFd77mJc-M93cHzR4_9xN4QfprxwDm0cW28-Hpn786_l-W1kQyb09m5T8fW4Qch7j3SL_LHW59xqSY3ZFpRxf7QbhZF04

Score

1^/10

Malware Config

Signatures

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133374249829775397"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4892	chrome.exe
4892	chrome.exe
3900	chrome.exe
3900	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe
Token: SeShutdownPrivilege	4892	chrome.exe
Token: SeCreatePagefilePrivilege	4892	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe
4892	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4892 wrote to memory of 4336	4892	chrome.exe	80
PID 4892 wrote to memory of 4336	4892	chrome.exe	80
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 3136	4892	chrome.exe	83
PID 4892 wrote to memory of 2796	4892	chrome.exe	84
PID 4892 wrote to memory of 2796	4892	chrome.exe	84
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85
PID 4892 wrote to memory of 4072	4892	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffae299758,0x7fffae299768,0x7fffae299778
1⤵
PID:4336

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://cF4Rq04.na1.hubspotlinks.com/Ctc/T+113/cF4Rq04/VX538d3Qm58jW4Vqc117zM69KW861hN752DsxKN8tN9CF3pyd0W7lCdLW6lZ3pFW2J1Lpf3_qX2JW7rbhkz2TBDSCN2xTYvN57jR5W2-zHCk6TKQ09W8DSC0N6lMp38W4FXYsX2f2jmkW1sJ3S7997_F1W7tDPdv27Nmv8W2cPSj-52Xb1CN7tx_1fRzQGFW52P94B7pvSdFW6MBkdt4hxXnYW3RR5V_4JRnJ6W248d-11YV47vW7lPgJK1bNr5NN12KMNPFh9nxN6NZ5sH1qZnpW4s1NFd77mJc-M93cHzR4_9xN4QfprxwDm0cW28-Hpn786_l-W1kQyb09m5T8fW4Qch7j3SL_LHW59xqSY3ZFpRxf7QbhZF04
1⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1728 --field-trial-handle=1872,i,15121904425679412468,10663323804919569923,131072 /prefetch:2
  2⤵
  PID:3136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2024 --field-trial-handle=1872,i,15121904425679412468,10663323804919569923,131072 /prefetch:8
  2⤵
  PID:2796
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1872,i,15121904425679412468,10663323804919569923,131072 /prefetch:8
  2⤵
  PID:4072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=1872,i,15121904425679412468,10663323804919569923,131072 /prefetch:1
  2⤵
  PID:2488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3112 --field-trial-handle=1872,i,15121904425679412468,10663323804919569923,131072 /prefetch:1
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4576 --field-trial-handle=1872,i,15121904425679412468,10663323804919569923,131072 /prefetch:1
  2⤵
  PID:1836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4780 --field-trial-handle=1872,i,15121904425679412468,10663323804919569923,131072 /prefetch:8
  2⤵
  PID:4020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4776 --field-trial-handle=1872,i,15121904425679412468,10663323804919569923,131072 /prefetch:8
  2⤵
  PID:3252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2756 --field-trial-handle=1872,i,15121904425679412468,10663323804919569923,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3900

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4444

Network

DNS

146.78.124.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

146.78.124.51.in-addr.arpa

IN PTR

Response
DNS

cf4rq04.na1.hubspotlinks.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cf4rq04.na1.hubspotlinks.com

IN A

Response

cf4rq04.na1.hubspotlinks.com

IN A

172.64.150.210

cf4rq04.na1.hubspotlinks.com

IN A

104.18.37.46
GET

https://cf4rq04.na1.hubspotlinks.com/Ctc/T+113/cF4Rq04/VX538d3Qm58jW4Vqc117zM69KW861hN752DsxKN8tN9CF3pyd0W7lCdLW6lZ3pFW2J1Lpf3_qX2JW7rbhkz2TBDSCN2xTYvN57jR5W2-zHCk6TKQ09W8DSC0N6lMp38W4FXYsX2f2jmkW1sJ3S7997_F1W7tDPdv27Nmv8W2cPSj-52Xb1CN7tx_1fRzQGFW52P94B7pvSdFW6MBkdt4hxXnYW3RR5V_4JRnJ6W248d-11YV47vW7lPgJK1bNr5NN12KMNPFh9nxN6NZ5sH1qZnpW4s1NFd77mJc-M93cHzR4_9xN4QfprxwDm0cW28-Hpn786_l-W1kQyb09m5T8fW4Qch7j3SL_LHW59xqSY3ZFpRxf7QbhZF04

chrome.exe

Remote address:

172.64.150.210:443

Request

GET /Ctc/T+113/cF4Rq04/VX538d3Qm58jW4Vqc117zM69KW861hN752DsxKN8tN9CF3pyd0W7lCdLW6lZ3pFW2J1Lpf3_qX2JW7rbhkz2TBDSCN2xTYvN57jR5W2-zHCk6TKQ09W8DSC0N6lMp38W4FXYsX2f2jmkW1sJ3S7997_F1W7tDPdv27Nmv8W2cPSj-52Xb1CN7tx_1fRzQGFW52P94B7pvSdFW6MBkdt4hxXnYW3RR5V_4JRnJ6W248d-11YV47vW7lPgJK1bNr5NN12KMNPFh9nxN6NZ5sH1qZnpW4s1NFd77mJc-M93cHzR4_9xN4QfprxwDm0cW28-Hpn786_l-W1kQyb09m5T8fW4Qch7j3SL_LHW59xqSY3ZFpRxf7QbhZF04 HTTP/2.0
host: cf4rq04.na1.hubspotlinks.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:19 GMT
content-type: text/html;charset=utf-8
x-robots-tag: none
referrer-policy: no-referrer
vary: origin
access-control-allow-credentials: false
x-content-type-options: nosniff
x-envoy-upstream-service-time: 8
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-7b77464955-5wxgd
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 04bb190d-7829-4d07-a978-c6e4a262a258
x-request-id: 04bb190d-7829-4d07-a978-c6e4a262a258
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7fc2646769670b73-AMS
content-encoding: br
GET

https://cf4rq04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/T+113/cF4Rq04/VX538d3Qm58jW4Vqc117zM69KW861hN752DsxKN8tN9CF3pyd0W7lCdLW6lZ3pFW2J1Lpf3_qX2JW7rbhkz2TBDSCN2xTYvN57jR5W2-zHCk6TKQ09W8DSC0N6lMp38W4FXYsX2f2jmkW1sJ3S7997_F1W7tDPdv27Nmv8W2cPSj-52Xb1CN7tx_1fRzQGFW52P94B7pvSdFW6MBkdt4hxXnYW3RR5V_4JRnJ6W248d-11YV47vW7lPgJK1bNr5NN12KMNPFh9nxN6NZ5sH1qZnpW4s1NFd77mJc-M93cHzR4_9xN4QfprxwDm0cW28-Hpn786_l-W1kQyb09m5T8fW4Qch7j3SL_LHW59xqSY3ZFpRxf7QbhZF04?_ud=19b264c1-55e6-4ed0-a96c-c622d04c6ad7&_jss=1&_fl=8&_pl=5&_hc=8&_lg=en-US,en&_plt=Win32&_scr=1280,720

chrome.exe

Remote address:

172.64.150.210:443

Request

GET /events/public/v1/encoded/track/tc/T+113/cF4Rq04/VX538d3Qm58jW4Vqc117zM69KW861hN752DsxKN8tN9CF3pyd0W7lCdLW6lZ3pFW2J1Lpf3_qX2JW7rbhkz2TBDSCN2xTYvN57jR5W2-zHCk6TKQ09W8DSC0N6lMp38W4FXYsX2f2jmkW1sJ3S7997_F1W7tDPdv27Nmv8W2cPSj-52Xb1CN7tx_1fRzQGFW52P94B7pvSdFW6MBkdt4hxXnYW3RR5V_4JRnJ6W248d-11YV47vW7lPgJK1bNr5NN12KMNPFh9nxN6NZ5sH1qZnpW4s1NFd77mJc-M93cHzR4_9xN4QfprxwDm0cW28-Hpn786_l-W1kQyb09m5T8fW4Qch7j3SL_LHW59xqSY3ZFpRxf7QbhZF04?_ud=19b264c1-55e6-4ed0-a96c-c622d04c6ad7&_jss=1&_fl=8&_pl=5&_hc=8&_lg=en-US,en&_plt=Win32&_scr=1280,720 HTTP/2.0
host: cf4rq04.na1.hubspotlinks.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

date: Fri, 25 Aug 2023 08:16:19 GMT
location: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
x-robots-tag: none
link: <https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email>; rel="canonical"
referrer-policy: no-referrer
access-control-allow-credentials: false
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 28
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-7b77464955-m47v9
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: a10bd238-80b3-4a45-8a12-4ad8a4fc5c56
x-request-id: a10bd238-80b3-4a45-8a12-4ad8a4fc5c56
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7fc2646a2cde0b73-AMS
DNS

210.150.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.150.64.172.in-addr.arpa

IN PTR

Response
DNS

info.randstad.in

chrome.exe

Remote address:

8.8.8.8:53

Request

info.randstad.in

IN A

Response

info.randstad.in

IN CNAME

5367838.group38.sites.hubspot.net

5367838.group38.sites.hubspot.net

IN CNAME

group38.sites.hscoscdn30.net

group38.sites.hscoscdn30.net

IN A

199.60.103.227

group38.sites.hscoscdn30.net

IN A

199.60.103.29
GET

https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email

chrome.exe

Remote address:

199.60.103.227:443

Request

GET /equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email HTTP/2.0
host: info.randstad.in
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:20 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=10800, max-age=0
etag: W/"c0e0950a7a5fbccf751ffaa1c0ad1721"
last-modified: Fri, 25 Aug 2023 08:00:16 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-130728022796,P-5367838,PGS-ALL,SW-3,TS-118071170660
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: MISS
x-hs-content-id: 130728022796
x-hs-https-only: worker
x-hs-hub-id: 5367838
x-hs-prerendered: Fri, 25 Aug 2023 08:00:16 GMT
set-cookie: __cf_bm=U0pXegr.Kdb_KEVD4SAkgOGZ8hShfLNF6M_YdL.QitQ-1692951380-0-AS1T7POORKZSeDZFdfQaSQi7QW0Wpk2f6n66czop67ztxeS/0CsqqCrkJSuibv8zylYHpagfBaDcgd/SICYTRTw=; path=/; expires=Fri, 25-Aug-23 08:46:20 GMT; domain=.info.randstad.in; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBCv55ZQ%2BwuNMNmvd%2FAftpDwcDGsFPE9T41kRqkzrLZQ6%2Fbyc5%2By1EFqkxCXh0XFntLmcDlHcvShxU19uRIokrCOVuvnO%2BVISfChh7W%2F%2FhDB8z%2FmVSr7fuVxjoRZrzisrTI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cfruid=88a129b2a01f4b0c96190f3008d38bf92678541a-1692951380; path=/; domain=.info.randstad.in; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7fc2646b9b860b57-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

cdn2.hubspot.net

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn2.hubspot.net

IN A

Response

cdn2.hubspot.net

IN A

104.16.111.209

cdn2.hubspot.net

IN A

104.16.108.209

cdn2.hubspot.net

IN A

104.16.110.209

cdn2.hubspot.net

IN A

104.16.112.209

cdn2.hubspot.net

IN A

104.16.109.209
GET

https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1692732882383/hubspot/compass_theme/assets/css/main.min.css

chrome.exe

Remote address:

104.16.111.209:443

Request

GET /hub/7052064/hub_generated/template_assets/1692732882383/hubspot/compass_theme/assets/css/main.min.css HTTP/2.0
host: cdn2.hubspot.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:20 GMT
content-type: text/css
cf-ray: 7fc2646e28611c8d-AMS
cf-cache-status: HIT
access-control-allow-origin: *
age: 216002
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: W/"649eda7d7f00d6c931e7268f2e103cf3"
last-modified: Tue, 22 Aug 2023 19:34:44 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1692732883130
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 189
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-nn77m
x-evy-trace-virtual-host: all
x-hs-alternate-content-type: text/plain
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
x-hubspot-correlation-id: 8abf8e92-b37f-40d3-a639-afab31c6f36e
x-request-id: 8abf8e92-b37f-40d3-a639-afab31c6f36e
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBmyOLYVKQj4IHpGHCqGWv2LkppuCjMjWlfAOK3b1F5qaPoLOYz5T1kCgpzaGlW%2B5eFNiJskk5D%2BcRIZMtTj3Sem4A401naXe7kFUML01y1%2BxSbL2LhGW3A%2FTcF9R4Fhegc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-9362205/1692733189236/module_-9362205_Follow_Me_-_LP.min.css

chrome.exe

Remote address:

104.16.111.209:443

Request

GET /hub/-1/hub_generated/module_assets/-9362205/1692733189236/module_-9362205_Follow_Me_-_LP.min.css HTTP/2.0
host: cdn2.hubspot.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:20 GMT
content-type: text/css
cf-ray: 7fc2646e28631c8d-AMS
cf-cache-status: HIT
access-control-allow-origin: *
age: 217310
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: W/"fb2955d4d2084cd16cf2b5784b174923"
last-modified: Tue, 22 Aug 2023 19:39:50 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-cf-pop: IAD89-C1
x-amz-meta-created-unix-time-millis: 1692733189236
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 169
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-nn77m
x-evy-trace-virtual-host: all
x-hs-alternate-content-type: text/plain
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
x-hubspot-correlation-id: 332aae97-f08f-45a9-8ad6-6f6960be217f
x-request-id: 332aae97-f08f-45a9-8ad6-6f6960be217f
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BKkfv7QVt9nTRUKSTTl7cSuPaaR0BRVbw4bdx8HncyFZCmhQ8H5gy2tUABngaNjt00nxy%2BYn%2FN0qhjPy5KEY%2FQTXXvn%2FmyFmUyYS8UlzbjCacyRt0eJZgYE7s5RyEytAK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

static.hsappstatic.net

chrome.exe

Remote address:

8.8.8.8:53

Request

static.hsappstatic.net

IN A

Response

static.hsappstatic.net

IN A

104.17.192.96

static.hsappstatic.net

IN A

104.18.79.253

static.hsappstatic.net

IN A

104.18.95.253

static.hsappstatic.net

IN A

104.18.176.93

static.hsappstatic.net

IN A

104.16.224.93
GET

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

chrome.exe

Remote address:

104.17.192.96:443

Request

GET /content-cwv-embed/static-1.388/embed.js HTTP/2.0
host: static.hsappstatic.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:20 GMT
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Aug 2023 19:48:57 GMT
etag: W/"8741985292d64b839be39c64b14f3783"
x-amz-server-side-encryption: AES256
x-amz-version-id: GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 fe106b75368b4a44b0461d7e712cd360.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: rUFtZj_RKc58fVbTdDdz8ShvHb8rR59ZpmNv6ulT58u131WCL6_7zw==
age: 756191
cf-cache-status: HIT
expires: Sat, 24 Aug 2024 08:16:20 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzRANuIdz6Z7GRzFe5QRuXbt85dzcxvgmDOPvlUhimjKndAi%2BSpnadNUUD22LbqTqi9u1oMCzeSKFmcshWQ7uGX9nDdFY8U%2BTkr3fnClylHiX7kRehFlOV8a12LIPZlkaWGR27sBxGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7fc2646f3afbb918-AMS
content-encoding: br
DNS

227.103.60.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.103.60.199.in-addr.arpa

IN PTR

Response
DNS

209.111.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.111.16.104.in-addr.arpa

IN PTR

Response
DNS

200.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.179.250.142.in-addr.arpa

IN PTR

Response

200.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f81e100net
DNS

app.hubspot.com

chrome.exe

Remote address:

8.8.8.8:53

Request

app.hubspot.com

IN A

Response

app.hubspot.com

IN A

104.19.155.83

app.hubspot.com

IN A

104.19.154.83
GET

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=5367838&callback=jsonpHandler

chrome.exe

Remote address:

104.19.155.83:443

Request

GET /content-tools-menu/api/v1/tools-menu/has-permission?portalId=5367838&callback=jsonpHandler HTTP/2.0
host: app.hubspot.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Fri, 25 Aug 2023 08:16:20 GMT
cf-ray: 7fc26471b802b8e8-AMS
cf-cache-status: DYNAMIC
cache-control: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=7fc26471b802b8e8&resource=unknown"
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-6vqnb
x-evy-trace-virtual-host: all
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 1c2b81ea-c1b5-4d5f-95f5-bf54d63f046d
x-request-id: 1c2b81ea-c1b5-4d5f-95f5-bf54d63f046d
x-trace: 2B112210632955F24E41A1A641F18D6BEC2CC09136000000000000000000
set-cookie: __cf_bm=uXmp_OatOm3mvoMYKMk_qTE0EVhl9c4qNCxviZEXw4A-1692951380-0-AefKODAdh5nosGLRyylILChzxCJSmV+E6K9n++1zhKA1qwBkIlpcktKpGDlatLyiJzFyS325dl7ZdcdNOt3kd1Q=; path=/; expires=Fri, 25-Aug-23 08:46:20 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
GET

https://track.hubspot.com/__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4219251101&v=1.1&a=5367838&pi=130728022796&ct=landing-page&ccu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&cpi=130728022796&lpi=130728022796&lvi=130728022796&pu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&t=ED%26I+event+registration+-+Landing+Page&cts=1692951380625&vi=9aa3b46f3ad1ad579e960949c00ecee5&nc=true&u=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&b=219351302.1.1692951380616&cc=15

chrome.exe

Remote address:

104.19.155.83:443

Request

GET /__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4219251101&v=1.1&a=5367838&pi=130728022796&ct=landing-page&ccu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&cpi=130728022796&lpi=130728022796&lvi=130728022796&pu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&t=ED%26I+event+registration+-+Landing+Page&cts=1692951380625&vi=9aa3b46f3ad1ad579e960949c00ecee5&nc=true&u=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&b=219351302.1.1692951380616&cc=15 HTTP/2.0
host: track.hubspot.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=uXmp_OatOm3mvoMYKMk_qTE0EVhl9c4qNCxviZEXw4A-1692951380-0-AefKODAdh5nosGLRyylILChzxCJSmV+E6K9n++1zhKA1qwBkIlpcktKpGDlatLyiJzFyS325dl7ZdcdNOt3kd1Q=

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:22 GMT
content-type: image/gif
content-length: 45
cf-ray: 7fc2647a79d4b8e8-AMS
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-content-type-options: nosniff
x-envoy-upstream-service-time: 10
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-jpkw5
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 5540e55a-02d4-4196-b0d7-4809b1c24cd1
x-request-id: 5540e55a-02d4-4196-b0d7-4809b1c24cd1
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyhKGtyYRwY%2FD4Awj7Z7L1QdolQb96QfDdyW3C121nOHhZoc9c9edTYdYlzbIVlCLOt8oq8QxZhUWOAc7v3K5nzhlB2eZoUZ%2FVeRVP6m4zA05KNRF0c%2FzXFehafEHuJ4tea0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
GET

https://track.hubspot.com/__ptq.gif?k=17&fi=1551258a-cf4f-492a-8b97-104925b324c4&fci=860774d3-8c21-4ea5-b404-42ff2e82d0d0&ft=0&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4219251101&v=1.1&a=5367838&pi=130728022796&ct=landing-page&ccu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&cpi=130728022796&lpi=130728022796&lvi=130728022796&pu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&t=ED%26I+event+registration+-+Landing+Page&cts=1692951380633&vi=9aa3b46f3ad1ad579e960949c00ecee5&nc=true&u=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&b=219351302.1.1692951380616&cc=15

chrome.exe

Remote address:

104.19.155.83:443

Request

GET /__ptq.gif?k=17&fi=1551258a-cf4f-492a-8b97-104925b324c4&fci=860774d3-8c21-4ea5-b404-42ff2e82d0d0&ft=0&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4219251101&v=1.1&a=5367838&pi=130728022796&ct=landing-page&ccu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&cpi=130728022796&lpi=130728022796&lvi=130728022796&pu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&t=ED%26I+event+registration+-+Landing+Page&cts=1692951380633&vi=9aa3b46f3ad1ad579e960949c00ecee5&nc=true&u=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&b=219351302.1.1692951380616&cc=15 HTTP/2.0
host: track.hubspot.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=uXmp_OatOm3mvoMYKMk_qTE0EVhl9c4qNCxviZEXw4A-1692951380-0-AefKODAdh5nosGLRyylILChzxCJSmV+E6K9n++1zhKA1qwBkIlpcktKpGDlatLyiJzFyS325dl7ZdcdNOt3kd1Q=

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:22 GMT
content-type: image/gif
content-length: 45
cf-ray: 7fc2647a79d1b8e8-AMS
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-content-type-options: nosniff
x-envoy-upstream-service-time: 10
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-krkn8
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 3ab5a768-95d5-4ada-a6db-508f9352f1ea
x-request-id: 3ab5a768-95d5-4ada-a6db-508f9352f1ea
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpzlSw38haQBYZwM40X4oz9mxn%2FS%2FVVcuwmtay5Y39cWoVsxRrS3QdmoxG%2ByK7mFKIJCQgRCsxGc5I8Ism5MNj1Xse%2FsuZzE5mEoCVZRdb8vpQ4PAqBcNmHrY0%2Fx%2BAA63bkY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
GET

https://track.hubspot.com/__ptq.gif?k=15&fi=1551258a-cf4f-492a-8b97-104925b324c4&fci=860774d3-8c21-4ea5-b404-42ff2e82d0d0&ft=0&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4219251101&v=1.1&a=5367838&pi=130728022796&ct=landing-page&ccu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&cpi=130728022796&lpi=130728022796&lvi=130728022796&pu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&t=ED%26I+event+registration+-+Landing+Page&cts=1692951380628&vi=9aa3b46f3ad1ad579e960949c00ecee5&nc=true&u=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&b=219351302.1.1692951380616&cc=15

chrome.exe

Remote address:

104.19.155.83:443

Request

GET /__ptq.gif?k=15&fi=1551258a-cf4f-492a-8b97-104925b324c4&fci=860774d3-8c21-4ea5-b404-42ff2e82d0d0&ft=0&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4219251101&v=1.1&a=5367838&pi=130728022796&ct=landing-page&ccu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&cpi=130728022796&lpi=130728022796&lvi=130728022796&pu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&t=ED%26I+event+registration+-+Landing+Page&cts=1692951380628&vi=9aa3b46f3ad1ad579e960949c00ecee5&nc=true&u=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&b=219351302.1.1692951380616&cc=15 HTTP/2.0
host: track.hubspot.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=uXmp_OatOm3mvoMYKMk_qTE0EVhl9c4qNCxviZEXw4A-1692951380-0-AefKODAdh5nosGLRyylILChzxCJSmV+E6K9n++1zhKA1qwBkIlpcktKpGDlatLyiJzFyS325dl7ZdcdNOt3kd1Q=

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:22 GMT
content-type: image/gif
content-length: 45
cf-ray: 7fc2647a79cdb8e8-AMS
cf-cache-status: DYNAMIC
cache-control: no-cache, no-store, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-content-type-options: nosniff
x-envoy-upstream-service-time: 15
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-fmrhj
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 9a3e07c6-3787-4d01-8ad2-423bb8c38a97
x-request-id: 9a3e07c6-3787-4d01-8ad2-423bb8c38a97
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ngIyTyzX%2BfPYyjfModmA8Sp71NMGPWgs00HREavM0zIVVCyVOhjq1KoWZRwtj3eBndKpsdQDWYkqPUFe4gbWLjWjvUnCxYCB06M43aAQ5p3pDilsj1NaGQzJzlSNnWQLUlx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
DNS

js.usemessages.com

chrome.exe

Remote address:

8.8.8.8:53

Request

js.usemessages.com

IN A

Response

js.usemessages.com

IN A

104.17.250.168

js.usemessages.com

IN A

104.17.248.168

js.usemessages.com

IN A

104.17.249.168

js.usemessages.com

IN A

104.17.251.168

js.usemessages.com

IN A

104.17.247.168
DNS

js.hsadspixel.net

chrome.exe

Remote address:

8.8.8.8:53

Request

js.hsadspixel.net

IN A

Response

js.hsadspixel.net

IN A

104.17.228.163

js.hsadspixel.net

IN A

104.17.231.163

js.hsadspixel.net

IN A

104.17.229.163

js.hsadspixel.net

IN A

104.17.230.163

js.hsadspixel.net

IN A

104.17.227.163
DNS

js.hs-banner.com

chrome.exe

Remote address:

8.8.8.8:53

Request

js.hs-banner.com

IN A

Response

js.hs-banner.com

IN A

104.18.34.229

js.hs-banner.com

IN A

172.64.153.27
DNS

js.hscollectedforms.net

chrome.exe

Remote address:

8.8.8.8:53

Request

js.hscollectedforms.net

IN A

Response

js.hscollectedforms.net

IN A

104.17.87.154

js.hscollectedforms.net

IN A

104.17.88.154

js.hscollectedforms.net

IN A

104.17.89.154

js.hscollectedforms.net

IN A

104.17.91.154

js.hscollectedforms.net

IN A

104.17.90.154
DNS

js.hs-analytics.net

chrome.exe

Remote address:

8.8.8.8:53

Request

js.hs-analytics.net

IN A

Response

js.hs-analytics.net

IN A

104.16.76.186

js.hs-analytics.net

IN A

104.16.77.186

js.hs-analytics.net

IN A

104.16.78.186

js.hs-analytics.net

IN A

104.16.79.186

js.hs-analytics.net

IN A

104.16.80.186
DNS

js.hsleadflows.net

chrome.exe

Remote address:

8.8.8.8:53

Request

js.hsleadflows.net

IN A

Response

js.hsleadflows.net

IN A

104.18.125.12

js.hsleadflows.net

IN A

104.18.123.12

js.hsleadflows.net

IN A

104.18.124.12

js.hsleadflows.net

IN A

104.18.126.12

js.hsleadflows.net

IN A

104.18.122.12
GET

https://js.hsleadflows.net/leadflows.js

chrome.exe

Remote address:

104.18.125.12:443

Request

GET /leadflows.js HTTP/2.0
host: js.hsleadflows.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://info.randstad.in
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:20 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Aug 2023 01:17:49 UTC
etag: W/"039461df2d1d43031520c7d3a853f79e"
x-amz-server-side-encryption: AES256
x-amz-version-id: RIqU3aMZg9szNHjfbC8NSxVkuKgO4.TB
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: hqYryjN9O1gpNdfJweN6t18WDRsEedQ-76ytjfCRBDeNypCY7Ls9Vg==
age: 6646
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1232/bundle/main/lead-flows-release.js&cfRay=7fc1c22d88130e14-AMS
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1232/bundle/main/lead-flows-release.js
x-content-type-options: nosniff
x-hs-cache-status: MISS
x-envoy-upstream-service-time: 6
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-p2dkf
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 504e028a-1b8c-499c-81a0-8cb6fe9137d6
x-request-id: 504e028a-1b8c-499c-81a0-8cb6fe9137d6
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 7fc264720af20e3c-AMS
content-encoding: br
GET

https://js.hsadspixel.net/fb.js

chrome.exe

Remote address:

104.17.228.163:443

Request

GET /fb.js HTTP/2.0
host: js.hsadspixel.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:20 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 07 Aug 2023 08:57:08 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: jPXu6qi.g7uxBjG4s6uCQIhIPiNAy8nk
etag: W/"c80164a2fdf0ea90248ff107d11fb350"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: YSKg3a3lBLPJo-utdj7oY6VBxdZ_wfKxdAmdFi9XTstgvWsq1d9S-w==
age: 318
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.396/bundles/pixels-release.js&cfRay=7fc25caa4dec0eb1-AMS
cache-control: max-age=600
x-hs-target-asset: adsscriptloaderstatic/static-1.396/bundles/pixels-release.js
x-content-type-options: nosniff
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 0
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-fs8rm
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 92c196c0-805f-44d4-8312-d0c9e30f1e8a
x-request-id: 92c196c0-805f-44d4-8312-d0c9e30f1e8a
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 7fc264721fc90e08-AMS
content-encoding: br
GET

https://js.hs-banner.com/5367838.js

chrome.exe

Remote address:

104.18.34.229:443

Request

GET /5367838.js HTTP/2.0
host: js.hs-banner.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:20 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: k3kJUh+a1oai9wtku9+zgy240BBfHWA2Ph97u7RO6cwAeKkrfCiKy9vQa6D4nkn66HyZyqEf+Cs=
x-amz-request-id: TFT14B8VECCSS7KD
last-modified: Mon, 17 Apr 2023 15:36:20 GMT
etag: W/"c0c3e54be1fbfda9d6ec425172eca543"
x-amz-server-side-encryption: AES256
cache-control: max-age=300,public
x-amz-version-id: 0OWkpDVDLA.GxDShNs3PoDe.aoG_RQ0P
access-control-allow-origin: https://www.randstad.in
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Fri, 25 Aug 2023 08:21:20 GMT
x-envoy-upstream-service-time: 72
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-fznd8
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 4af8b4ad-c841-433c-9c67-ed68af0da640
x-request-id: 4af8b4ad-c841-433c-9c67-ed68af0da640
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7fc264721fa70ea7-AMS
content-encoding: br
GET

https://js.hs-analytics.net/analytics/1692951300000/5367838.js

chrome.exe

Remote address:

104.16.76.186:443

Request

GET /analytics/1692951300000/5367838.js HTTP/2.0
host: js.hs-analytics.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:20 GMT
content-type: text/javascript
x-amz-id-2: WuwNjY7Lt/30ps74ix7/Ly4nzbE9VfYaRmk281ZzgBUHZFOlqMWBcUTfk9SkOr3ubu48drh3ZZ0=
x-amz-request-id: 357WT047M9DZCTJY
last-modified: Mon, 14 Aug 2023 15:35:38 GMT
etag: W/"44199fa4d78c2772fbeacdf3550cb2b0"
x-amz-server-side-encryption: AES256
cache-control: max-age=300,public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Fri, 25 Aug 2023 08:21:20 GMT
x-envoy-upstream-service-time: 18
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-wrchw
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 16f6d28f-c575-4c48-b26d-a64644de17f0
x-request-id: 16f6d28f-c575-4c48-b26d-a64644de17f0
cf-cache-status: MISS
server: cloudflare
cf-ray: 7fc264721ad4b779-AMS
content-encoding: br
GET

https://js.usemessages.com/conversations-embed.js

chrome.exe

Remote address:

104.17.250.168:443

Request

GET /conversations-embed.js HTTP/2.0
host: js.usemessages.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:20 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 23 Aug 2023 02:48:58 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: G1jwIt6bVkEDEnfUjwKjWJwoMKSCPoJL
etag: W/"4d30bb46d9e67baa74eca1312aaec601"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: D3cxAm8Ph3NvXXGgjatdD9DJMy27yF2salCPLY8p2MDlbwlv_sFMjw==
age: 103
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13860/bundles/project.js&cfRay=7fc261e96c0ab8df-AMS
cache-control: max-age=600
x-hs-target-asset: conversations-embed/static-1.13860/bundles/project.js
x-content-type-options: nosniff
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 2
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-ftklr
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 1950770c-60a6-44fe-8d65-2cbc8180c4f2
x-request-id: 1950770c-60a6-44fe-8d65-2cbc8180c4f2
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 7fc264721b32b8e5-AMS
content-encoding: br
GET

https://js.hscollectedforms.net/collectedforms.js

chrome.exe

Remote address:

104.17.87.154:443

Request

GET /collectedforms.js HTTP/2.0
host: js.hscollectedforms.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://info.randstad.in
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:21 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Aug 2023 09:05:38 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: EcjZkyUfgxNGQ.xnv1Vqq9Oda2f1T.dE
etag: W/"6fb5b8aa66d730f2a49b41a9c712ffa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: Q6FYsVKUP3dt-H5GM8--TZlchRnqOdsKg9ZTcULT-bhaHPQqjY4D9Q==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.394/bundles/project.js&cfRay=7fc2647218600c65-AMS
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.394/bundles/project.js
x-content-type-options: nosniff
access-control-allow-origin: *
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 1
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-lhvpx
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 90746248-468f-4883-a975-2a4b39af8c32
x-request-id: 90746248-468f-4883-a975-2a4b39af8c32
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: MISS
server: cloudflare
cf-ray: 7fc2647218600c65-AMS
content-encoding: br
GET

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=5367838&utk=

chrome.exe

Remote address:

104.17.87.154:443

Request

GET /collected-forms/v1/config/json?portalId=5367838&utk= HTTP/2.0
host: forms.hscollectedforms.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
accept: application/json, text/plain, */*
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
origin: https://info.randstad.in
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:21 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
access-control-allow-origin: https://info.randstad.in
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
x-envoy-upstream-service-time: 3
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-4skbg
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: d6e3cf50-f288-486c-b156-6455bf6b02d0
x-request-id: d6e3cf50-f288-486c-b156-6455bf6b02d0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7fc264765a5e0c65-AMS
content-encoding: br
DNS

forms.hsforms.com

chrome.exe

Remote address:

8.8.8.8:53

Request

forms.hsforms.com

IN A

Response

forms.hsforms.com

IN A

104.18.176.125

forms.hsforms.com

IN A

104.18.160.125

forms.hsforms.com

IN A

104.17.207.249

forms.hsforms.com

IN A

104.17.239.249

forms.hsforms.com

IN A

104.18.192.125
GET

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

chrome.exe

Remote address:

104.18.176.125:443

Request

GET /embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 HTTP/1.1
Host: forms.hsforms.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Fri, 25 Aug 2023 08:16:21 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
X-Trace: 2BD09334323BAE9F7593D6F7C5D825C173203F7471000000000000000000
Cache-Control: max-age=0, no-cache, no-store
Vary: origin
Access-Control-Allow-Credentials: false
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-Origin-Hublet
X-Robots-Tag: none
x-envoy-upstream-service-time: 6
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-2dtzq
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
X-HubSpot-Correlation-Id: db5e4c77-dc54-4cdb-a077-30147299f272
x-request-id: db5e4c77-dc54-4cdb-a077-30147299f272
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 7fc264738a230e9c-AMS
alt-svc: h3=":443"; ma=86400
DNS

forms-na1.hsforms.com

chrome.exe

Remote address:

8.8.8.8:53

Request

forms-na1.hsforms.com

IN A

Response

forms-na1.hsforms.com

IN A

104.17.207.249

forms-na1.hsforms.com

IN A

104.17.239.249

forms-na1.hsforms.com

IN A

104.18.192.125

forms-na1.hsforms.com

IN A

104.18.160.125

forms-na1.hsforms.com

IN A

104.18.176.125
GET

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

chrome.exe

Remote address:

104.17.207.249:443

Request

GET /embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 HTTP/1.1
Host: forms-na1.hsforms.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Fri, 25 Aug 2023 08:16:21 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
X-Trace: 2B3D0C336D50832218BB2549A608A70F607B62D1AE000000000000000000
Cache-Control: max-age=0, no-cache, no-store
Vary: origin
Access-Control-Allow-Credentials: false
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-Origin-Hublet
X-Robots-Tag: none
x-envoy-upstream-service-time: 1
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-m2kqt
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
X-HubSpot-Correlation-Id: 3d02d9fa-ee6a-418d-8ac7-40e357951fc4
x-request-id: 3d02d9fa-ee6a-418d-8ac7-40e357951fc4
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 7fc26474bb1fb752-AMS
alt-svc: h3=":443"; ma=86400
DNS

api.hubapi.com

chrome.exe

Remote address:

8.8.8.8:53

Request

api.hubapi.com

IN A

Response

api.hubapi.com

IN A

104.17.201.204

api.hubapi.com

IN A

104.17.200.204

api.hubapi.com

IN A

104.17.202.204

api.hubapi.com

IN A

104.17.203.204

api.hubapi.com

IN A

104.17.204.204
GET

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5367838

chrome.exe

Remote address:

104.17.201.204:443

Request

GET /hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5367838 HTTP/2.0
host: api.hubapi.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://info.randstad.in
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:21 GMT
content-type: application/json;charset=utf-8
cf-ray: 7fc264756f1fb92c-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: https://info.randstad.in
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-92rgm
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 99d9cd50-cf6f-47fb-b31a-d7a5fbd7f8af
x-request-id: 99d9cd50-cf6f-47fb-b31a-d7a5fbd7f8af
x-trace: 2B9DD5C3E03DB963E2E1BCFCF235BF06DFE6B863BA000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzfQUqURN%2FJh%2FIC311D7SRZCHqFR76JCtGpCzBJvOUyyf9sj3J06YkqdsjkD8isHMPYtLv0zr%2BcYNnPNxYJpD1GbjJ6HzdDPszF0QE4pVxLCmSJzHR6MiSZb%2B0N0rvx1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

96.192.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

96.192.17.104.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

83.155.19.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.155.19.104.in-addr.arpa

IN PTR

Response
DNS

12.125.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

12.125.18.104.in-addr.arpa

IN PTR

Response
DNS

163.228.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.228.17.104.in-addr.arpa

IN PTR

Response
DNS

186.76.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

186.76.16.104.in-addr.arpa

IN PTR

Response
DNS

168.250.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

168.250.17.104.in-addr.arpa

IN PTR

Response
DNS

229.34.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

229.34.18.104.in-addr.arpa

IN PTR

Response
DNS

154.87.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.87.17.104.in-addr.arpa

IN PTR

Response
DNS

206.23.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.23.217.172.in-addr.arpa

IN PTR

Response

206.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f141e100net

206.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f206�I

206.23.217.172.in-addr.arpa

IN PTR

ams16s37-in-f14�I
DNS

125.176.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

125.176.18.104.in-addr.arpa

IN PTR

Response
DNS

249.207.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

249.207.17.104.in-addr.arpa

IN PTR

Response
DNS

forms.hscollectedforms.net

chrome.exe

Remote address:

8.8.8.8:53

Request

forms.hscollectedforms.net

IN A

Response

forms.hscollectedforms.net

IN A

104.17.89.154

forms.hscollectedforms.net

IN A

104.17.87.154

forms.hscollectedforms.net

IN A

104.17.88.154

forms.hscollectedforms.net

IN A

104.17.90.154

forms.hscollectedforms.net

IN A

104.17.91.154
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

142.250.179.138

content-autofill.googleapis.com

IN A

142.251.36.42

content-autofill.googleapis.com

IN A

172.217.168.234

content-autofill.googleapis.com

IN A

142.250.179.170

content-autofill.googleapis.com

IN A

142.250.179.202

content-autofill.googleapis.com

IN A

142.251.36.10

content-autofill.googleapis.com

IN A

142.251.39.106

content-autofill.googleapis.com

IN A

172.217.168.202

content-autofill.googleapis.com

IN A

172.217.23.202

content-autofill.googleapis.com

IN A

216.58.208.106

content-autofill.googleapis.com

IN A

216.58.214.10
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSTwkrH2uRw5W99BIFDXrhT-ASBQ2cTkrQEgUNg6hbPRIFDRIP_GoSBQ1GZxV9EgUNkgVUzhIFDefoasoSBQ0T0WVMEgUNJF0mQhIFDdOGTV0=?alt=proto

chrome.exe

Remote address:

142.250.179.138:443

Request

GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSTwkrH2uRw5W99BIFDXrhT-ASBQ2cTkrQEgUNg6hbPRIFDRIP_GoSBQ1GZxV9EgUNkgVUzhIFDefoasoSBQ0T0WVMEgUNJF0mQhIFDdOGTV0=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CL+PywE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

stats.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

142.250.102.157

stats.g.doubleclick.net

IN A

142.250.102.155

stats.g.doubleclick.net

IN A

142.250.102.156

stats.g.doubleclick.net

IN A

142.250.102.154
POST

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-60194223-1&cid=984885156.1692951379&jid=619949368&gjid=2064665768&_gid=196176287.1692951380&_u=IADAAEAAAAAAACAAI~&z=1948096599

chrome.exe

Remote address:

142.250.102.157:443

Request

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-60194223-1&cid=984885156.1692951379&jid=619949368&gjid=2064665768&_gid=196176287.1692951380&_u=IADAAEAAAAAAACAAI~&z=1948096599 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://info.randstad.in
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

cdn.cookielaw.org

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.cookielaw.org

IN A

Response

cdn.cookielaw.org

IN A

104.18.130.236

cdn.cookielaw.org

IN A

104.18.131.236
GET

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

chrome.exe

Remote address:

104.18.130.236:443

Request

GET /scripttemplates/otSDKStub.js HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:21 GMT
content-type: application/javascript
content-length: 6837
content-encoding: gzip
content-md5: X1C0PY0lSDg1JSpsyFxfYA==
last-modified: Wed, 23 Aug 2023 03:26:30 GMT
etag: 0x8DBA388BDFFAADC
x-ms-request-id: 3ecb945a-b01e-0048-37fa-d524b4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 47723
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7fc264775d300a58-AMS
GET

https://cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js

chrome.exe

Remote address:

104.18.130.236:443

Request

GET /scripttemplates/6.33.0/otBannerSdk.js HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:22 GMT
content-type: application/javascript
content-length: 81354
content-encoding: gzip
content-md5: snqI9a2h7X2bbSiony0guw==
last-modified: Wed, 13 Apr 2022 01:38:27 GMT
etag: 0x8DA1CEE4EF01A44
x-ms-request-id: 8ea6e09d-301e-0173-59e1-5aee70000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 14474
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7fc264798fcf0a58-AMS
GET

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

chrome.exe

Remote address:

104.18.130.236:443

Request

GET /logos/static/poweredBy_ot_logo.svg HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:22 GMT
content-type: image/svg+xml
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Wed, 23 Aug 2023 03:26:36 GMT
x-ms-request-id: 957cb945-e01e-0018-290c-d6e6e4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 60854
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7fc2647bba7d0a58-AMS
content-encoding: gzip
DNS

googleads.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

172.217.23.194
GET

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/882227598/?random=1692951380390&cv=11&fst=1692951380390&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1280&u_h=720&url=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&hn=www.googleadservices.com&frm=0&tiba=ED%26I%20event%20registration%20-%20Landing%20Page&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1975529842.1692951380&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

chrome.exe

Remote address:

172.217.23.194:443

Request

GET /pagead/viewthroughconversion/882227598/?random=1692951380390&cv=11&fst=1692951380390&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1280&u_h=720&url=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&hn=www.googleadservices.com&frm=0&tiba=ED%26I%20event%20registration%20-%20Landing%20Page&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1975529842.1692951380&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1036472264.1692951380&url=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&gtm=45be38n0&auid=1975529842.1692951380&did=dZTQ1Zm&gdid=dZTQ1Zm

chrome.exe

Remote address:

172.217.23.194:443

Request

GET /pagead/landing?gcs=G111&gcd=G100&rnd=1036472264.1692951380&url=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&gtm=45be38n0&auid=1975529842.1692951380&did=dZTQ1Zm&gdid=dZTQ1Zm HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cdn.cookielaw.org/consent/34f4dc1c-8118-4509-87ce-9991bad5cd91/34f4dc1c-8118-4509-87ce-9991bad5cd91.json

chrome.exe

Remote address:

104.18.130.236:443

Request

GET /consent/34f4dc1c-8118-4509-87ce-9991bad5cd91/34f4dc1c-8118-4509-87ce-9991bad5cd91.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://info.randstad.in
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:21 GMT
content-type: application/x-javascript
content-length: 1327
cf-ray: 7fc264794cdab788-AMS
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 4489
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DA1C63D0167447
expires: Sat, 26 Aug 2023 08:16:21 GMT
last-modified: Tue, 12 Apr 2022 09:07:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: dQA7/1FxmF75ARd2K5pcWA==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 2be8e029-401e-0073-0ff7-d66110000000
x-ms-version: 2009-09-19
server: cloudflare
GET

https://cdn.cookielaw.org/consent/34f4dc1c-8118-4509-87ce-9991bad5cd91/b17176f9-a99a-4b47-bc8e-d7c16048113c/en.json

chrome.exe

Remote address:

104.18.130.236:443

Request

GET /consent/34f4dc1c-8118-4509-87ce-9991bad5cd91/b17176f9-a99a-4b47-bc8e-d7c16048113c/en.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://info.randstad.in
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:22 GMT
content-type: application/x-javascript
content-length: 14167
cf-ray: 7fc26479fd56b788-AMS
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 4489
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DA1C63D094E130
expires: Sat, 26 Aug 2023 08:16:22 GMT
last-modified: Tue, 12 Apr 2022 09:07:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: XSn61QhU1PGWJUj8WXeTVg==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: a6af9f4c-001e-003f-76f7-d6f120000000
x-ms-version: 2009-09-19
server: cloudflare
GET

https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otFlat.json

chrome.exe

Remote address:

104.18.130.236:443

Request

GET /scripttemplates/6.33.0/assets/otFlat.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://info.randstad.in
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:22 GMT
content-type: application/json
content-length: 11627
content-encoding: gzip
content-md5: bANqBAaG5LxlStWRgKEy2g==
last-modified: Wed, 13 Apr 2022 01:38:20 GMT
etag: 0x8DA1CEE4A6394DD
x-ms-request-id: 9664ca40-f01e-0004-56f7-d6b484000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 4489
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7fc2647a9de7b788-AMS
GET

https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/v2/otPcCenter.json

chrome.exe

Remote address:

104.18.130.236:443

Request

GET /scripttemplates/6.33.0/assets/v2/otPcCenter.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://info.randstad.in
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:22 GMT
content-type: application/json
content-length: 2959
content-encoding: gzip
content-md5: sKd74iX+eTxIn9FxDVtzyw==
last-modified: Wed, 13 Apr 2022 01:38:17 GMT
etag: 0x8DA1CEE4903C133
x-ms-request-id: 5fe95527-601e-0074-27f7-d60d73000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 4489
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7fc2647a9de6b788-AMS
GET

https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCookieSettingsButton.json

chrome.exe

Remote address:

104.18.130.236:443

Request

GET /scripttemplates/6.33.0/assets/otCookieSettingsButton.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://info.randstad.in
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:22 GMT
content-type: application/json
content-length: 1780
content-encoding: gzip
content-md5: 1SSwYSVOrM1BQMnnGszv8A==
last-modified: Wed, 13 Apr 2022 01:38:19 GMT
etag: 0x8DA1CEE4A1901CB
x-ms-request-id: b79533ae-901e-002d-5518-d78af0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 4489
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7fc2647a9deab788-AMS
GET

https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCommonStyles.css

chrome.exe

Remote address:

104.18.130.236:443

Request

GET /scripttemplates/6.33.0/assets/otCommonStyles.css HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://info.randstad.in
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:22 GMT
content-type: text/css
content-md5: SHFDtZO2nDZuiPDW83p1IQ==
last-modified: Wed, 13 Apr 2022 01:38:32 GMT
x-ms-request-id: 8104b202-a01e-007b-4ef7-d67b1f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 4489
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7fc2647a9debb788-AMS
content-encoding: gzip
DNS

track.hubspot.com

chrome.exe

Remote address:

8.8.8.8:53

Request

track.hubspot.com

IN A

Response

track.hubspot.com

IN A

104.19.155.83

track.hubspot.com

IN A

104.19.154.83
DNS

forms.hubspot.com

chrome.exe

Remote address:

8.8.8.8:53

Request

forms.hubspot.com

IN A

Response

forms.hubspot.com

IN A

104.19.154.83

forms.hubspot.com

IN A

104.19.155.83
GET

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5367838&utk=9aa3b46f3ad1ad579e960949c00ecee5&__hstc=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&__hssc=219351302.1.1692951380616&contentId=130728022796&currentUrl=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email

chrome.exe

Remote address:

104.19.154.83:443

Request

GET /lead-flows-config/v1/config/json?portalId=5367838&utk=9aa3b46f3ad1ad579e960949c00ecee5&__hstc=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&__hssc=219351302.1.1692951380616&contentId=130728022796&currentUrl=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email HTTP/2.0
host: forms.hubspot.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://info.randstad.in
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Fri, 25 Aug 2023 08:16:22 GMT
content-type: application/json;charset=utf-8
vary: origin
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-allow-origin: https://info.randstad.in
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-max-age: 180
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
x-envoy-upstream-service-time: 15
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-6fhst
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 006068fd-e9ab-442b-a8c7-077d194de545
x-request-id: 006068fd-e9ab-442b-a8c7-077d194de545
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=gSDpfRXDQQ2pCorYOnsXG4AB33mLgtrDjqYXbR3oCqU-1692951382-0-AZtQm/IXKV8e/LUhNEJj5JSLlRuJYHg7hS2OyOiEmuitjGihjYhnYkxcIPLJiQPion+mS3hMDYsv6cPgazORzfM=; path=/; expires=Fri, 25-Aug-23 08:46:22 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89xGhLE4NtOvDtgoJlKZOchPCrCuNqdyF2gFz833lH90r2pa6YOGH%2BM6UMtjLPSSo8w4HqwP9EPULG6A8o1B5zuQd12Lx1pRkyhv7PwYXDsWBMm%2B%2FPTUXz86ueEpM6k1V8aR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7fc2647abee80e30-AMS
content-encoding: br
DNS

204.201.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

204.201.17.104.in-addr.arpa

IN PTR

Response
DNS

138.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

138.179.250.142.in-addr.arpa

IN PTR

Response

138.179.250.142.in-addr.arpa

IN PTR

ams17s10-in-f101e100net
DNS

157.102.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.102.250.142.in-addr.arpa

IN PTR

Response

157.102.250.142.in-addr.arpa

IN PTR

rb-in-f1571e100net
DNS

236.130.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

236.130.18.104.in-addr.arpa

IN PTR

Response
DNS

196.168.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.168.217.172.in-addr.arpa

IN PTR

Response

196.168.217.172.in-addr.arpa

IN PTR

ams16s32-in-f41e100net
DNS

194.23.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.23.217.172.in-addr.arpa

IN PTR

Response

194.23.217.172.in-addr.arpa

IN PTR

ams16s37-in-f21e100net

194.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f194�H

194.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f2�H
DNS

83.154.19.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

83.154.19.104.in-addr.arpa

IN PTR

Response
DNS

59.128.231.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.128.231.4.in-addr.arpa

IN PTR

Response
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

240.81.21.72.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.81.21.72.in-addr.arpa

IN PTR

Response
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

210.143.182.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.143.182.52.in-addr.arpa

IN PTR

Response

172.64.150.210:443

https://cf4rq04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/T+113/cF4Rq04/VX538d3Qm58jW4Vqc117zM69KW861hN752DsxKN8tN9CF3pyd0W7lCdLW6lZ3pFW2J1Lpf3_qX2JW7rbhkz2TBDSCN2xTYvN57jR5W2-zHCk6TKQ09W8DSC0N6lMp38W4FXYsX2f2jmkW1sJ3S7997_F1W7tDPdv27Nmv8W2cPSj-52Xb1CN7tx_1fRzQGFW52P94B7pvSdFW6MBkdt4hxXnYW3RR5V_4JRnJ6W248d-11YV47vW7lPgJK1bNr5NN12KMNPFh9nxN6NZ5sH1qZnpW4s1NFd77mJc-M93cHzR4_9xN4QfprxwDm0cW28-Hpn786_l-W1kQyb09m5T8fW4Qch7j3SL_LHW59xqSY3ZFpRxf7QbhZF04?_ud=19b264c1-55e6-4ed0-a96c-c622d04c6ad7&_jss=1&_fl=8&_pl=5&_hc=8&_lg=en-US,en&_plt=Win32&_scr=1280,720

tls, http2

chrome.exe

2.7kB
7.0kB
17
18

HTTP Request

GET https://cf4rq04.na1.hubspotlinks.com/Ctc/T+113/cF4Rq04/VX538d3Qm58jW4Vqc117zM69KW861hN752DsxKN8tN9CF3pyd0W7lCdLW6lZ3pFW2J1Lpf3_qX2JW7rbhkz2TBDSCN2xTYvN57jR5W2-zHCk6TKQ09W8DSC0N6lMp38W4FXYsX2f2jmkW1sJ3S7997_F1W7tDPdv27Nmv8W2cPSj-52Xb1CN7tx_1fRzQGFW52P94B7pvSdFW6MBkdt4hxXnYW3RR5V_4JRnJ6W248d-11YV47vW7lPgJK1bNr5NN12KMNPFh9nxN6NZ5sH1qZnpW4s1NFd77mJc-M93cHzR4_9xN4QfprxwDm0cW28-Hpn786_l-W1kQyb09m5T8fW4Qch7j3SL_LHW59xqSY3ZFpRxf7QbhZF04

HTTP Response

200

HTTP Request

GET https://cf4rq04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/T+113/cF4Rq04/VX538d3Qm58jW4Vqc117zM69KW861hN752DsxKN8tN9CF3pyd0W7lCdLW6lZ3pFW2J1Lpf3_qX2JW7rbhkz2TBDSCN2xTYvN57jR5W2-zHCk6TKQ09W8DSC0N6lMp38W4FXYsX2f2jmkW1sJ3S7997_F1W7tDPdv27Nmv8W2cPSj-52Xb1CN7tx_1fRzQGFW52P94B7pvSdFW6MBkdt4hxXnYW3RR5V_4JRnJ6W248d-11YV47vW7lPgJK1bNr5NN12KMNPFh9nxN6NZ5sH1qZnpW4s1NFd77mJc-M93cHzR4_9xN4QfprxwDm0cW28-Hpn786_l-W1kQyb09m5T8fW4Qch7j3SL_LHW59xqSY3ZFpRxf7QbhZF04?_ud=19b264c1-55e6-4ed0-a96c-c622d04c6ad7&_jss=1&_fl=8&_pl=5&_hc=8&_lg=en-US,en&_plt=Win32&_scr=1280,720

HTTP Response

307
199.60.103.227:443

https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email

tls, http2

chrome.exe

2.2kB
16.4kB
20
27

HTTP Request

GET https://info.randstad.in/equitywork-webinar?utm_campaign=EDIB&utm_medium=email&_hsmi=271701800&_hsenc=p2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488&utm_content=271701800&utm_source=hs_email

HTTP Response

200
104.16.111.209:443

https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-9362205/1692733189236/module_-9362205_Follow_Me_-_LP.min.css

tls, http2

chrome.exe

2.3kB
10.4kB
19
23

HTTP Request

GET https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1692732882383/hubspot/compass_theme/assets/css/main.min.css

HTTP Request

GET https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-9362205/1692733189236/module_-9362205_Follow_Me_-_LP.min.css

HTTP Response

200

HTTP Response

200
104.16.111.209:443

cdn2.hubspot.net

tls, http2

chrome.exe

943 B
2.9kB
8
6
104.17.192.96:443

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

tls, http2

chrome.exe

2.0kB
9.6kB
16
18

HTTP Request

GET https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

HTTP Response

200
104.19.155.83:443

https://track.hubspot.com/__ptq.gif?k=15&fi=1551258a-cf4f-492a-8b97-104925b324c4&fci=860774d3-8c21-4ea5-b404-42ff2e82d0d0&ft=0&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4219251101&v=1.1&a=5367838&pi=130728022796&ct=landing-page&ccu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&cpi=130728022796&lpi=130728022796&lvi=130728022796&pu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&t=ED%26I+event+registration+-+Landing+Page&cts=1692951380628&vi=9aa3b46f3ad1ad579e960949c00ecee5&nc=true&u=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&b=219351302.1.1692951380616&cc=15

tls, http2

chrome.exe

4.4kB
6.2kB
21
21

HTTP Request

GET https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=5367838&callback=jsonpHandler

HTTP Response

204

HTTP Request

GET https://track.hubspot.com/__ptq.gif?k=1&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4219251101&v=1.1&a=5367838&pi=130728022796&ct=landing-page&ccu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&cpi=130728022796&lpi=130728022796&lvi=130728022796&pu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&t=ED%26I+event+registration+-+Landing+Page&cts=1692951380625&vi=9aa3b46f3ad1ad579e960949c00ecee5&nc=true&u=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&b=219351302.1.1692951380616&cc=15

HTTP Request

GET https://track.hubspot.com/__ptq.gif?k=17&fi=1551258a-cf4f-492a-8b97-104925b324c4&fci=860774d3-8c21-4ea5-b404-42ff2e82d0d0&ft=0&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4219251101&v=1.1&a=5367838&pi=130728022796&ct=landing-page&ccu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&cpi=130728022796&lpi=130728022796&lvi=130728022796&pu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&t=ED%26I+event+registration+-+Landing+Page&cts=1692951380633&vi=9aa3b46f3ad1ad579e960949c00ecee5&nc=true&u=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&b=219351302.1.1692951380616&cc=15

HTTP Request

GET https://track.hubspot.com/__ptq.gif?k=15&fi=1551258a-cf4f-492a-8b97-104925b324c4&fci=860774d3-8c21-4ea5-b404-42ff2e82d0d0&ft=0&sd=1280x720&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4219251101&v=1.1&a=5367838&pi=130728022796&ct=landing-page&ccu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&cpi=130728022796&lpi=130728022796&lvi=130728022796&pu=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&t=ED%26I+event+registration+-+Landing+Page&cts=1692951380628&vi=9aa3b46f3ad1ad579e960949c00ecee5&nc=true&u=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&b=219351302.1.1692951380616&cc=15

HTTP Response

200

HTTP Response

200

HTTP Response

200
104.18.125.12:443

https://js.hsleadflows.net/leadflows.js

tls, http2

chrome.exe

3.8kB
95.8kB
56
97

HTTP Request

GET https://js.hsleadflows.net/leadflows.js

HTTP Response

200
104.17.228.163:443

https://js.hsadspixel.net/fb.js

tls, http2

chrome.exe

1.9kB
7.0kB
14
16

HTTP Request

GET https://js.hsadspixel.net/fb.js

HTTP Response

200
104.18.34.229:443

https://js.hs-banner.com/5367838.js

tls, http2

chrome.exe

2.2kB
20.9kB
21
29

HTTP Request

GET https://js.hs-banner.com/5367838.js

HTTP Response

200
104.16.76.186:443

https://js.hs-analytics.net/analytics/1692951300000/5367838.js

tls, http2

chrome.exe

2.3kB
26.0kB
22
30

HTTP Request

GET https://js.hs-analytics.net/analytics/1692951300000/5367838.js

HTTP Response

200
104.17.250.168:443

https://js.usemessages.com/conversations-embed.js

tls, http2

chrome.exe

2.4kB
27.2kB
25
36

HTTP Request

GET https://js.usemessages.com/conversations-embed.js

HTTP Response

200
104.17.87.154:443

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=5367838&utk=

tls, http2

chrome.exe

2.6kB
31.0kB
27
38

HTTP Request

GET https://js.hscollectedforms.net/collectedforms.js

HTTP Response

200

HTTP Request

GET https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=5367838&utk=

HTTP Response

200
104.18.176.125:443

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

tls, http

chrome.exe

1.9kB
4.1kB
10
10

HTTP Request

GET https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

HTTP Response

200
104.17.207.249:443

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

tls, http

chrome.exe

1.9kB
4.1kB
10
10

HTTP Request

GET https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

HTTP Response

200
104.17.201.204:443

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5367838

tls, http2

chrome.exe

1.9kB
4.4kB
14
13

HTTP Request

GET https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5367838

HTTP Response

200
142.250.179.138:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSTwkrH2uRw5W99BIFDXrhT-ASBQ2cTkrQEgUNg6hbPRIFDRIP_GoSBQ1GZxV9EgUNkgVUzhIFDefoasoSBQ0T0WVMEgUNJF0mQhIFDdOGTV0=?alt=proto

tls, http2

chrome.exe

1.9kB
7.0kB
15
16

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSTwkrH2uRw5W99BIFDXrhT-ASBQ2cTkrQEgUNg6hbPRIFDRIP_GoSBQ1GZxV9EgUNkgVUzhIFDefoasoSBQ0T0WVMEgUNJF0mQhIFDdOGTV0=?alt=proto
142.250.102.157:443

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-60194223-1&cid=984885156.1692951379&jid=619949368&gjid=2064665768&_gid=196176287.1692951380&_u=IADAAEAAAAAAACAAI~&z=1948096599

tls, http2

chrome.exe

2.1kB
6.9kB
15
17

HTTP Request

POST https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-60194223-1&cid=984885156.1692951379&jid=619949368&gjid=2064665768&_gid=196176287.1692951380&_u=IADAAEAAAAAAACAAI~&z=1948096599
104.18.130.236:443

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

tls, http2

chrome.exe

4.0kB
98.4kB
56
94

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

HTTP Response

200
172.217.23.194:443

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1036472264.1692951380&url=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&gtm=45be38n0&auid=1975529842.1692951380&did=dZTQ1Zm&gdid=dZTQ1Zm

tls, http2

chrome.exe

3.0kB
9.3kB
20
23

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/viewthroughconversion/882227598/?random=1692951380390&cv=11&fst=1692951380390&bg=ffffff&guid=ON&async=1&gtm=45be38n0&u_w=1280&u_h=720&url=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email&hn=www.googleadservices.com&frm=0&tiba=ED%26I%20event%20registration%20-%20Landing%20Page&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1975529842.1692951380&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uap=Windows&uapv=10.0.0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1036472264.1692951380&url=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar&gtm=45be38n0&auid=1975529842.1692951380&did=dZTQ1Zm&gdid=dZTQ1Zm
104.18.130.236:443

https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCommonStyles.css

tls, http2

chrome.exe

3.8kB
44.1kB
44
67

HTTP Request

GET https://cdn.cookielaw.org/consent/34f4dc1c-8118-4509-87ce-9991bad5cd91/34f4dc1c-8118-4509-87ce-9991bad5cd91.json

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/consent/34f4dc1c-8118-4509-87ce-9991bad5cd91/b17176f9-a99a-4b47-bc8e-d7c16048113c/en.json

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otFlat.json

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/v2/otPcCenter.json

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCookieSettingsButton.json

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCommonStyles.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
104.19.154.83:443

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5367838&utk=9aa3b46f3ad1ad579e960949c00ecee5&__hstc=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&__hssc=219351302.1.1692951380616&contentId=130728022796&currentUrl=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email

tls, http2

chrome.exe

2.2kB
4.7kB
13
13

HTTP Request

GET https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5367838&utk=9aa3b46f3ad1ad579e960949c00ecee5&__hstc=219351302.9aa3b46f3ad1ad579e960949c00ecee5.1692951380615.1692951380615.1692951380615.1&__hssc=219351302.1.1692951380616&contentId=130728022796&currentUrl=https%3A%2F%2Finfo.randstad.in%2Fequitywork-webinar%3Futm_campaign%3DEDIB%26utm_medium%3Demail%26_hsmi%3D271701800%26_hsenc%3Dp2ANqtz-85yzsX5BSZgdUWt8_1J3w4BeVA6taorS_7riDyJEil-Jr3EdfrrpgTXMupAiFNz8IGay6GRt-Whgww-IS7eoFR-D3yl8LxWDBQEIJEw1C9d4Vr488%26utm_content%3D271701800%26utm_source%3Dhs_email

HTTP Response

200

8.8.8.8:53

146.78.124.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

146.78.124.51.in-addr.arpa
8.8.8.8:53

cf4rq04.na1.hubspotlinks.com

dns

chrome.exe

74 B
106 B
1
1

DNS Request

cf4rq04.na1.hubspotlinks.com

DNS Response

172.64.150.210

104.18.37.46
8.8.8.8:53

210.150.64.172.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

210.150.64.172.in-addr.arpa
8.8.8.8:53

info.randstad.in

dns

chrome.exe

62 B
180 B
1
1

DNS Request

info.randstad.in

DNS Response

199.60.103.227

199.60.103.29
199.60.103.227:443

info.randstad.in

https

chrome.exe

17.5kB
293.4kB
98
310
8.8.8.8:53

cdn2.hubspot.net

dns

chrome.exe

62 B
142 B
1
1

DNS Request

cdn2.hubspot.net

DNS Response

104.16.111.209

104.16.108.209

104.16.110.209

104.16.112.209

104.16.109.209
8.8.8.8:53

static.hsappstatic.net

dns

chrome.exe

68 B
148 B
1
1

DNS Request

static.hsappstatic.net

DNS Response

104.17.192.96

104.18.79.253

104.18.95.253

104.18.176.93

104.16.224.93
8.8.8.8:53

227.103.60.199.in-addr.arpa

dns

73 B
132 B
1
1

DNS Request

227.103.60.199.in-addr.arpa
8.8.8.8:53

209.111.16.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

209.111.16.104.in-addr.arpa
8.8.8.8:53

200.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

200.179.250.142.in-addr.arpa
8.8.8.8:53

app.hubspot.com

dns

chrome.exe

61 B
93 B
1
1

DNS Request

app.hubspot.com

DNS Response

104.19.155.83

104.19.154.83
8.8.8.8:53

js.usemessages.com

dns

chrome.exe

64 B
144 B
1
1

DNS Request

js.usemessages.com

DNS Response

104.17.250.168

104.17.248.168

104.17.249.168

104.17.251.168

104.17.247.168
8.8.8.8:53

js.hsadspixel.net

dns

chrome.exe

63 B
143 B
1
1

DNS Request

js.hsadspixel.net

DNS Response

104.17.228.163

104.17.231.163

104.17.229.163

104.17.230.163

104.17.227.163
8.8.8.8:53

js.hs-banner.com

dns

chrome.exe

62 B
94 B
1
1

DNS Request

js.hs-banner.com

DNS Response

104.18.34.229

172.64.153.27
8.8.8.8:53

js.hscollectedforms.net

dns

chrome.exe

69 B
149 B
1
1

DNS Request

js.hscollectedforms.net

DNS Response

104.17.87.154

104.17.88.154

104.17.89.154

104.17.91.154

104.17.90.154
8.8.8.8:53

js.hs-analytics.net

dns

chrome.exe

65 B
145 B
1
1

DNS Request

js.hs-analytics.net

DNS Response

104.16.76.186

104.16.77.186

104.16.78.186

104.16.79.186

104.16.80.186
8.8.8.8:53

js.hsleadflows.net

dns

chrome.exe

64 B
144 B
1
1

DNS Request

js.hsleadflows.net

DNS Response

104.18.125.12

104.18.123.12

104.18.124.12

104.18.126.12

104.18.122.12
8.8.8.8:53

forms.hsforms.com

dns

chrome.exe

63 B
143 B
1
1

DNS Request

forms.hsforms.com

DNS Response

104.18.176.125

104.18.160.125

104.17.207.249

104.17.239.249

104.18.192.125
8.8.8.8:53

forms-na1.hsforms.com

dns

chrome.exe

67 B
147 B
1
1

DNS Request

forms-na1.hsforms.com

DNS Response

104.17.207.249

104.17.239.249

104.18.192.125

104.18.160.125

104.18.176.125
8.8.8.8:53

api.hubapi.com

dns

chrome.exe

60 B
140 B
1
1

DNS Request

api.hubapi.com

DNS Response

104.17.201.204

104.17.200.204

104.17.202.204

104.17.203.204

104.17.204.204
8.8.8.8:53

96.192.17.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

96.192.17.104.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

83.155.19.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

83.155.19.104.in-addr.arpa
8.8.8.8:53

12.125.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

12.125.18.104.in-addr.arpa
8.8.8.8:53

163.228.17.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

163.228.17.104.in-addr.arpa
8.8.8.8:53

186.76.16.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

186.76.16.104.in-addr.arpa
8.8.8.8:53

168.250.17.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

168.250.17.104.in-addr.arpa
8.8.8.8:53

229.34.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

229.34.18.104.in-addr.arpa
8.8.8.8:53

154.87.17.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

154.87.17.104.in-addr.arpa
8.8.8.8:53

206.23.217.172.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

206.23.217.172.in-addr.arpa
8.8.8.8:53

125.176.18.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

125.176.18.104.in-addr.arpa
8.8.8.8:53

249.207.17.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

249.207.17.104.in-addr.arpa
8.8.8.8:53

forms.hscollectedforms.net

dns

chrome.exe

72 B
152 B
1
1

DNS Request

forms.hscollectedforms.net

DNS Response

104.17.89.154

104.17.87.154

104.17.88.154

104.17.90.154

104.17.91.154
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
253 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

142.250.179.138

142.251.36.42

172.217.168.234

142.250.179.170

142.250.179.202

142.251.36.10

142.251.39.106

172.217.168.202

172.217.23.202

216.58.208.106

216.58.214.10
8.8.8.8:53

stats.g.doubleclick.net

dns

chrome.exe

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

142.250.102.157

142.250.102.155

142.250.102.156

142.250.102.154
8.8.8.8:53

cdn.cookielaw.org

dns

chrome.exe

63 B
95 B
1
1

DNS Request

cdn.cookielaw.org

DNS Response

104.18.130.236

104.18.131.236
104.18.176.125:443

forms-na1.hsforms.com

https

chrome.exe

4.0kB
6.0kB
11
11
8.8.8.8:53

googleads.g.doubleclick.net

dns

chrome.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

172.217.23.194
142.250.102.157:443

stats.g.doubleclick.net

https

chrome.exe

3.7kB
6.9kB
8
11
8.8.8.8:53

track.hubspot.com

dns

chrome.exe

63 B
95 B
1
1

DNS Request

track.hubspot.com

DNS Response

104.19.155.83

104.19.154.83
8.8.8.8:53

forms.hubspot.com

dns

chrome.exe

63 B
95 B
1
1

DNS Request

forms.hubspot.com

DNS Response

104.19.154.83

104.19.155.83
8.8.8.8:53

204.201.17.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

204.201.17.104.in-addr.arpa
8.8.8.8:53

138.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

138.179.250.142.in-addr.arpa
8.8.8.8:53

157.102.250.142.in-addr.arpa

dns

74 B
108 B
1
1

DNS Request

157.102.250.142.in-addr.arpa
8.8.8.8:53

236.130.18.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

236.130.18.104.in-addr.arpa
8.8.8.8:53

196.168.217.172.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.168.217.172.in-addr.arpa
8.8.8.8:53

194.23.217.172.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

194.23.217.172.in-addr.arpa
142.250.179.138:443

content-autofill.googleapis.com

https

chrome.exe

4.3kB
8.6kB
12
14
8.8.8.8:53

83.154.19.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

83.154.19.104.in-addr.arpa
224.0.0.251:5353

chrome.exe

204 B
3
8.8.8.8:53

59.128.231.4.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

59.128.231.4.in-addr.arpa
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

240.81.21.72.in-addr.arpa

dns

71 B
142 B
1
1

DNS Request

240.81.21.72.in-addr.arpa
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

11.227.111.52.in-addr.arpa
8.8.8.8:53

210.143.182.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

210.143.182.52.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
bcaf1558f43a57c5205672723cdf4bd5

SHA1
612c517e882bef229aa8a4618e264b4f441dd970

SHA256
825baf41754c292d07df03a207440205c43271f21269b5d16023b09688b37ab3

SHA512
0def4f5242b25cc060094652bb00efaaf5ae81e7b74d342d1f8ddae1ff98f7097efe19d3793d4be220c97e3ac603443ce0f4ff6750edb86747a5d7d62805f3b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
647277a2f85d3c44c975dafe9461850b

SHA1
a538bf902ee609204eb0ff6bd62217d099af2ad5

SHA256
704a1e6bb2af3b849671c64d29697c4aa9971735e78745b8957fb3a8d9451ba2

SHA512
29491e3523bf1f9015c77c6167437d5c49407cd6369af4dbbc0f4821da59a48f299484c335a61fef7c82a24bf823f5654fdadea95526b2199cc7abe802e66db5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
94358136c45ef94ae43a204e19f1ed36

SHA1
cf23000afc4afed720451e680b385240e9a9d777

SHA256
0bdd7bba3a46d196adf0e12d98af5fc85d20b4afde92377af71c2ab531c0bb8d

SHA512
f37ace468c6c835997954376d8cb4659abc64c3a93f2e071367d8890c94f9ea0ff2c380d0b8bd51d6a84ccaa911e3992fb0ab24e1d5f30f52f540bd0e131c21a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
40c028e628c99942e82aae4cd79a8ef8

SHA1
edbdf4bc427a56dda09e887501910072ae394daf

SHA256
d730585007e25e9651a75f91c6e3512ee82092a4a3146adbd50cc40ccd79ea31

SHA512
5619fe3ab2edb0ebe7aa2dd18696ddbf02dac21f6709bb9aa37afda4f48b84f5ab66ebc441993b11fd3e1b9ea42755dc74fb301b6157b88d9f68e8a7d30e0acd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
26489ff5339d896f3beb25907ffeb8da

SHA1
581a2ef69336d737788014a04a2cd3c173211886

SHA256
a2ed03504c78209badb2b40dcbf9fc870635cea357b3531835117dbf50b76eb1

SHA512
39129666ac61cde69906664b398f0fca886ba73f94b0b9c94c39328982b284a38906cdf7b2a276736b13bb2f6dca6ed7aa3049603d839bf5083a8863ba92ec90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
4f13d86d1f5ec53db64682cd400916f0

SHA1
a1f22c67f7bb8d288f3f4cf14b910d4f085b0b80

SHA256
576c20fa4bf066ba6c2ee9051a47beac2cbe8c208fd1d2438f1d9fc0a2719875

SHA512
7c4a962e655c72c9abdee4d2a5a339a369a58958ab5d8e9aac3dc41eb8df994eef3ac878f1142a5d790cb2f148908167bfdd92ad008da7b25d652ffbb3aba2ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a27f28091137a971e6807cba6f9d0106

SHA1
73c8c3d7760aad8519e49a2542a7016cac0aa144

SHA256
89180c4b55731dc96e343ce59bdcd940c93c87fbb6ca840eb91da433c9854fc4

SHA512
087ff9b45a36b3c32c93abf27419dad607046095c2a857cd5603d205990b138f5f1293deb64fe0ffbee47dd49b135db03425f114c27dfb4a5d479f745deb53bd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
84e991f2c7a4b62ca58d9c4aaa7553c0

SHA1
d5720c3aceff52090d1c9ef13819d7b75142160b

SHA256
bf0f9cb43c5fa3df6afb5d21fe89fbf8656f08f8f98f4ffb156e4ea926b7516b

SHA512
edc5ff9d7717a0c5d11c548246504c8fbbd7a854334f8d53f3815e75643ba6b082c5414d6ef8131402cbef1e698d42c1b25b92e94c262bc8888732370565c365

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request