hxxp://invesco2021tf[.]q4web[.]com/sec-filings/sec-filings-details/default[.]aspx?FilingId=16784646

Analysis

max time kernel
300s
max time network
298s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
11/07/2023, 17:09 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133335689640483109"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
2704	chrome.exe
2704	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe
Token: SeShutdownPrivilege	896	chrome.exe
Token: SeCreatePagefilePrivilege	896	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe
896	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 896 wrote to memory of 3808	896	chrome.exe	75
PID 896 wrote to memory of 3808	896	chrome.exe	75
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 1996	896	chrome.exe	88
PID 896 wrote to memory of 2544	896	chrome.exe	89
PID 896 wrote to memory of 2544	896	chrome.exe	89
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90
PID 896 wrote to memory of 880	896	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa45869758,0x7ffa45869768,0x7ffa45869778
  2⤵
  PID:3808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:2
  2⤵
  PID:1996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:8
  2⤵
  PID:2544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2248 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:8
  2⤵
  PID:880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3008 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:1
  2⤵
  PID:696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3048 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:1
  2⤵
  PID:3168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4688 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:1
  2⤵
  PID:3508
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4520 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:1
  2⤵
  PID:2216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5144 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:1
  2⤵
  PID:4340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --pdf-renderer --disable-gpu-compositing --lang=en-US --js-flags=--jitless --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5328 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:1
  2⤵
  PID:2020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5768 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:8
  2⤵
  PID:1300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5948 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:8
  2⤵
  PID:3328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:8
  2⤵
  PID:860
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4504 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:8
  2⤵
  PID:644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3272 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:8
  2⤵
  PID:4660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5540 --field-trial-handle=1888,i,12976839470119414425,5265611150800322321,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2704

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2916

Network

DNS

assets.msn.com

Remote address:

8.8.8.8:53

Request

assets.msn.com

IN A

Response

assets.msn.com

IN CNAME

assets.msn.com.edgekey.net

assets.msn.com.edgekey.net

IN CNAME

e28578.d.akamaiedge.net

e28578.d.akamaiedge.net

IN A

104.126.36.114

e28578.d.akamaiedge.net

IN A

104.126.36.97

e28578.d.akamaiedge.net

IN A

104.126.36.88

e28578.d.akamaiedge.net

IN A

104.126.36.81

e28578.d.akamaiedge.net

IN A

104.126.36.106

e28578.d.akamaiedge.net

IN A

104.126.36.80

e28578.d.akamaiedge.net

IN A

104.126.36.96

e28578.d.akamaiedge.net

IN A

104.126.36.90

e28578.d.akamaiedge.net

IN A

104.126.36.89
DNS

114.36.126.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

114.36.126.104.in-addr.arpa

IN PTR

Response

114.36.126.104.in-addr.arpa

IN PTR

a104-126-36-114deploystaticakamaitechnologiescom
DNS

126.133.241.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

126.133.241.8.in-addr.arpa

IN PTR

Response
DNS

invesco2021tf.q4web.com

chrome.exe

Remote address:

8.8.8.8:53

Request

invesco2021tf.q4web.com

IN A

Response

invesco2021tf.q4web.com

IN CNAME

webfarm-31002.q4web.com

webfarm-31002.q4web.com

IN CNAME

webfarm-300.q4web.com

webfarm-300.q4web.com

IN CNAME

cloudflare.cdn.web.prd.q4inc.com

cloudflare.cdn.web.prd.q4inc.com

IN CNAME

cloudflare.cdn.web.prd.q4inc.com.cdn.cloudflare.net

cloudflare.cdn.web.prd.q4inc.com.cdn.cloudflare.net

IN A

162.159.130.11

cloudflare.cdn.web.prd.q4inc.com.cdn.cloudflare.net

IN A

162.159.129.11
DNS

208.194.73.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

208.194.73.20.in-addr.arpa

IN PTR

Response
GET

http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646

chrome.exe

Remote address:

162.159.130.11:80

Request

GET /sec-filings/sec-filings-details/default.aspx?FilingId=16784646 HTTP/1.1
Host: invesco2021tf.q4web.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Tue, 11 Jul 2023 17:09:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 25478
Connection: keep-alive
CF-Ray: 7e52a7409e17b791-AMS
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Cache-Control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
Content-Encoding: gzip
ETag: 4b4fb190e4cd57e27139b04a461d184d
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=83LLWmXEvutNfdE8lssp3oUIioTLRqmZra9h..D5nFo-1689095357-0-AZ+kpLaKTPDW7gzCZzaJmtbqhWNSShhQVqyrbH4UYYG0oUo7Hx5lMJ7dYxRe3DjmVEHRAD5taXvOR1fi6thX00I=; path=/; expires=Tue, 11-Jul-23 17:39:17 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; SameSite=None
Server: cloudflare
GET

http://invesco2021tf.q4web.com/js/typescript/dist/index.js

chrome.exe

Remote address:

162.159.130.11:80

Request

GET /js/typescript/dist/index.js HTTP/1.1
Host: invesco2021tf.q4web.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Tue, 11 Jul 2023 17:09:17 GMT
Content-Type: application/javascript
Content-Length: 30630
Connection: keep-alive
CF-Ray: 7e52a7420f5fb791-AMS
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Cache-Control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
Content-Encoding: gzip
ETag: 7859582e7333db59c132c672e4286215
Last-Modified: Wed, 28 Jun 2023 16:22:04 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=4o7HNqVWpbelnAj5MrmfQOyTeG7fI.nBwDRAE6iBvE0-1689095357-0-AQr4YRRppDqrw/k+U77jSJqE3M7kAE7tFY7ewN/f+Q2w2J25WlIEazi0gd+LmPyJ4KzPumGwniWqw9RPwwNvWLc=; path=/; expires=Tue, 11-Jul-23 17:39:17 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; SameSite=None
Server: cloudflare
GET

http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/GlobalBranding.ashx

chrome.exe

Remote address:

162.159.130.11:80

Request

GET /sec-filings/sec-filings-details/GlobalBranding.ashx HTTP/1.1
Host: invesco2021tf.q4web.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Tue, 11 Jul 2023 17:09:19 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 2794
Connection: keep-alive
CF-Ray: 7e52a74a3ed8b791-AMS
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Cache-Control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
Content-Encoding: gzip
ETag: 45b234205c68b2eafcc671df80c644c4
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=NFZEn6zVJpfoBfH9_hqz595FxkEQem45KFypwOie1F4-1689095359-0-AYQeMpz/RQLSR5Ws9/HLeIlpcA6ATki9DwMkMeVnaKW4TKjxcY9k+rVsVyuoTe99d21X2rexVzVts6fzAdH5Pkg=; path=/; expires=Tue, 11-Jul-23 17:39:19 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; SameSite=None
Server: cloudflare
GET

http://invesco2021tf.q4web.com/css/evergreen/evergreen.1.0.0.min.css

chrome.exe

Remote address:

162.159.130.11:80

Request

GET /css/evergreen/evergreen.1.0.0.min.css HTTP/1.1
Host: invesco2021tf.q4web.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Tue, 11 Jul 2023 17:09:19 GMT
Content-Type: text/css
Content-Length: 13153
Connection: keep-alive
CF-Ray: 7e52a74a3e920c1d-AMS
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Cache-Control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
Content-Encoding: gzip
ETag: 7e9ee5a2dc29ce2df8d12b9e4e820cb8
Last-Modified: Wed, 28 Jun 2023 16:21:58 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=bf94UYA1wdzhUVE.xN.5pzP7Ikfs1JwkIIxIHm4k9rI-1689095359-0-ASHUh+Ole6jEFV9CPE+/rGeAxP34zoKu6tWTIiKqOXzWnIJOt7hF2Kjjkf2XG/oMvLlYf+SZHQEzJgfJHIIgKK0=; path=/; expires=Tue, 11-Jul-23 17:39:19 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; SameSite=None
Server: cloudflare
DNS

11.130.159.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.130.159.162.in-addr.arpa

IN PTR

Response
DNS

202.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.179.250.142.in-addr.arpa

IN PTR

Response

202.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f101e100net
DNS

131.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.179.250.142.in-addr.arpa

IN PTR

Response

131.179.250.142.in-addr.arpa

IN PTR

ams17s10-in-f31e100net
GET

http://invesco2021tf.q4web.com/js/module/widgets/dist/dependencies/evergreen.core.1.0.0.min.js

chrome.exe

Remote address:

162.159.130.11:80

Request

GET /js/module/widgets/dist/dependencies/evergreen.core.1.0.0.min.js HTTP/1.1
Host: invesco2021tf.q4web.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Tue, 11 Jul 2023 17:09:19 GMT
Content-Type: application/javascript
Content-Length: 203547
Connection: keep-alive
CF-Ray: 7e52a74a5ef7b90f-AMS
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Cache-Control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
Content-Encoding: gzip
ETag: c4f9bd6478afb637162a7bd79d5a6415
Last-Modified: Wed, 28 Jun 2023 16:22:02 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=tmWtiESTDQkbQDnjt5vKIWDltzW89OZ1xoxwCvoSEO4-1689095359-0-Ac8o5MTM922E0zFvEMaDlBRN/qOtmLepZsnonCKJrcufW71nWWxWqrn4x5hX402AOV6x5qbEX5Ohts69f+SprCo=; path=/; expires=Tue, 11-Jul-23 17:39:19 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; SameSite=None
Server: cloudflare
GET

http://invesco2021tf.q4web.com/js/module/widgets/dist/dependencies/evergreen.app.1.0.0.min.js

chrome.exe

Remote address:

162.159.130.11:80

Request

GET /js/module/widgets/dist/dependencies/evergreen.app.1.0.0.min.js HTTP/1.1
Host: invesco2021tf.q4web.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Tue, 11 Jul 2023 17:09:20 GMT
Content-Type: application/javascript
Content-Length: 10972
Connection: keep-alive
CF-Ray: 7e52a74f6c35b90f-AMS
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Cache-Control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
Content-Encoding: gzip
ETag: b5a4e676ede00591823cfd9face98830
Last-Modified: Wed, 28 Jun 2023 16:22:02 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=smanRGgvUaD7ZcCxSlf.DJWBt1wrOv2SqynoetkQks8-1689095360-0-AViQWZDUMyjWUlvlUOSNzLUd3qv5lj/q6HhzNKChx3wqrvy3dRZZ/+ERB7PonVaNAWgS6WhkGdJKey8ojG6OYtw=; path=/; expires=Tue, 11-Jul-23 17:39:20 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; SameSite=None
Server: cloudflare
GET

http://invesco2021tf.q4web.com/js/module/widgets/dist/latest/evergreen.q4Api.min.js

chrome.exe

Remote address:

162.159.130.11:80

Request

GET /js/module/widgets/dist/latest/evergreen.q4Api.min.js HTTP/1.1
Host: invesco2021tf.q4web.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Tue, 11 Jul 2023 17:09:20 GMT
Content-Type: application/javascript
Content-Length: 5638
Connection: keep-alive
CF-Ray: 7e52a7509daab90f-AMS
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Cache-Control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
Content-Encoding: gzip
ETag: 1f17d7f73d2a3f2076dc7c78ee9e2e8c
Last-Modified: Wed, 28 Jun 2023 16:22:02 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=plQwvU_Fp4dTlCMBO2KKPi8iJmaMg3voD8nYaoxtDj8-1689095360-0-AYPoJvqKuzQMamMQZsvNzYq0mqf5YF1R0oScM6X0FRIY1O24YvlyUZFlrdiCL4HEZgx4a7X3t/N4vwlNcZxITUI=; path=/; expires=Tue, 11-Jul-23 17:39:20 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; SameSite=None
Server: cloudflare
GET

http://invesco2021tf.q4web.com/js/module/widgets/dist/latest/evergreen.q4Pager.min.js

chrome.exe

Remote address:

162.159.130.11:80

Request

GET /js/module/widgets/dist/latest/evergreen.q4Pager.min.js HTTP/1.1
Host: invesco2021tf.q4web.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Tue, 11 Jul 2023 17:09:20 GMT
Content-Type: application/javascript
Content-Length: 1885
Connection: keep-alive
CF-Ray: 7e52a751aeb8b90f-AMS
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Cache-Control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
Content-Encoding: gzip
ETag: 01e821a9dbad9466e92afc406a706e8e
Last-Modified: Wed, 28 Jun 2023 16:22:02 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=ppZAXrb1ouNQEU09fVKOO8fIKSoQ2y8lIORhKu8BRQc-1689095360-0-Aa7Qrm/GgBw9ofb3gocCSQerowJNi5dknzNuXkwuA+8idBPj7Rd/7THN7CTykQV5xdwsjAOjs4zrn2eDFtBtjPU=; path=/; expires=Tue, 11-Jul-23 17:39:20 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; SameSite=None
Server: cloudflare
GET

http://invesco2021tf.q4web.com/js/module/widgets/dist/latest/evergreen.q4Slideshow.min.js

chrome.exe

Remote address:

162.159.130.11:80

Request

GET /js/module/widgets/dist/latest/evergreen.q4Slideshow.min.js HTTP/1.1
Host: invesco2021tf.q4web.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Tue, 11 Jul 2023 17:09:20 GMT
Content-Type: application/javascript
Content-Length: 1365
Connection: keep-alive
CF-Ray: 7e52a752cff9b90f-AMS
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Cache-Control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
Content-Encoding: gzip
ETag: 1b400e7695d2af13ca873cc89f6ff599
Last-Modified: Wed, 28 Jun 2023 16:22:02 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=Emg_vb.ci7NXcAJXcdM45U7qvT16kEGY4u5fvMMdGVU-1689095360-0-AdYjawyQZWWqs02HHIL88rjrR3aEjTLeBNKWchSHpR5o+jIqSWdI3UrroKBSWqjfDslVM7mavjkuovHn3GoKX4M=; path=/; expires=Tue, 11-Jul-23 17:39:20 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; SameSite=None
Server: cloudflare
GET

http://invesco2021tf.q4web.com/js/anti-csrf.js

chrome.exe

Remote address:

162.159.130.11:80

Request

GET /js/anti-csrf.js HTTP/1.1
Host: invesco2021tf.q4web.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Tue, 11 Jul 2023 17:09:20 GMT
Content-Type: application/javascript
Content-Length: 822
Connection: keep-alive
CF-Ray: 7e52a7548a48b90f-AMS
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Cache-Control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
Content-Encoding: gzip
ETag: debe5294aa812352941ba74d7f255c5c
Last-Modified: Wed, 28 Jun 2023 16:22:00 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=3rw69eHWoxgbzdukPUtGNbKWVT7G.1BNpZc3rXkEB2U-1689095360-0-ARGjsI45PTFi8+jVXGW0SWOaZxX3ip9ABQXC9etUz8O1AwvuM5Civ1n5p1EtWxMcoqXoJ9jDwadm7p+ddeI2um4=; path=/; expires=Tue, 11-Jul-23 17:39:20 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; SameSite=None
Server: cloudflare
GET

http://invesco2021tf.q4web.com/q4logincallback.aspx

chrome.exe

Remote address:

162.159.130.11:80

Request

GET /q4logincallback.aspx HTTP/1.1
Host: invesco2021tf.q4web.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: _ga=GA1.2.1657431935.1689095359; _gid=GA1.2.828254608.1689095359; _gat_Client=1

Response

HTTP/1.1 200 OK

Date: Tue, 11 Jul 2023 17:09:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 19893
Connection: keep-alive
CF-Ray: 7e52a759afd6b90f-AMS
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Cache-Control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
Content-Encoding: gzip
ETag: f6ee8e655fa53bd30a0e8dc42455b273
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: __cf_bm=qHlbs75bRGOHUVmYWl27kHuqWsqres9XrLARUGvAxfY-1689095361-0-AV2WcYlRagFB2DpliBn66TbByu3AmfwLpetaI/o8Kg73qEjF3ftcLKjtyhsSUgTMnuLMMvK3iPODQjGC+oR8pmI=; path=/; expires=Tue, 11-Jul-23 17:39:21 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; SameSite=None
Server: cloudflare
DNS

s29.q4cdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

s29.q4cdn.com

IN A

Response

s29.q4cdn.com

IN CNAME

s29clientfiles-1e4b.kxcdn.com

s29clientfiles-1e4b.kxcdn.com

IN CNAME

a-us00.kxcdn.com

a-us00.kxcdn.com

IN A

68.70.205.4

a-us00.kxcdn.com

IN A

68.70.205.1

a-us00.kxcdn.com

IN A

68.70.205.2

a-us00.kxcdn.com

IN A

68.70.205.3
GET

http://s29.q4cdn.com/253383189/files/css/global.css?v=33714

chrome.exe

Remote address:

68.70.205.4:80

Request

GET /253383189/files/css/global.css?v=33714 HTTP/1.1
Host: s29.q4cdn.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: keycdn-engine
Date: Tue, 11 Jul 2023 17:09:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 3XeuoZrYMF8KB+H4Ul30XEZNAKlmlP7xuiz+i4tz0Pmm5np9lkNl0lNmiA28dKmStYrdcKfqwYE=
x-amz-request-id: C0YY80XMEKQZ2PWP
Last-Modified: Fri, 04 Mar 2022 22:29:10 GMT
ETag: W/"d404b63bbd966c82d841e1f218fb92fa"
Expires: Tue, 11 Jul 2023 18:09:19 GMT
Cache-Control: max-age=3600
X-Cache: HIT
X-Edge-Location: nlam
Access-Control-Allow-Origin: *
Content-Encoding: gzip
GET

http://s29.q4cdn.com/253383189/files/js/q4.core.1.1.8.min.js

chrome.exe

Remote address:

68.70.205.4:80

Request

GET /253383189/files/js/q4.core.1.1.8.min.js HTTP/1.1
Host: s29.q4cdn.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: keycdn-engine
Date: Tue, 11 Jul 2023 17:09:19 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: G9DwAaZ79F5X96cmE/FX7dA9Xo4EtLofXyEXl27Nmfd4/lNqJjQv9U2iJJZJsNyH4V0BiT/hBD8=
x-amz-request-id: C0YHWNDNF0WGWR34
Last-Modified: Fri, 19 Nov 2021 18:02:21 GMT
ETag: W/"c92d3f3b1088a46a69e8d2b2f0141751"
Expires: Tue, 11 Jul 2023 18:09:19 GMT
Cache-Control: max-age=3600
X-Cache: HIT
X-Edge-Location: nlam
Access-Control-Allow-Origin: *
Content-Encoding: gzip
GET

http://s29.q4cdn.com/253383189/files/js/q4.app.1.1.8.min.js

chrome.exe

Remote address:

68.70.205.4:80

Request

GET /253383189/files/js/q4.app.1.1.8.min.js HTTP/1.1
Host: s29.q4cdn.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: keycdn-engine
Date: Tue, 11 Jul 2023 17:09:19 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: H0ZGReh3i6X57K0STgxXPlGAiqudwg1Y0l6XeV0FypgQoD8otvwgYjvtxiL8Ke7jYEOqkokO2mo=
x-amz-request-id: HADAFMHR5XMW4KSC
Last-Modified: Fri, 19 Nov 2021 18:02:20 GMT
ETag: W/"2c5b50d7483178eb922c502d3b6e2b7c"
Expires: Tue, 11 Jul 2023 18:09:19 GMT
Cache-Control: max-age=3600
X-Cache: HIT
X-Edge-Location: nlam
Access-Control-Allow-Origin: *
Content-Encoding: gzip
GET

http://s29.q4cdn.com/253383189/files/favicon.ico

chrome.exe

Remote address:

68.70.205.4:80

Request

GET /253383189/files/favicon.ico HTTP/1.1
Host: s29.q4cdn.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: keycdn-engine
Date: Tue, 11 Jul 2023 17:09:21 GMT
Content-Type: application/octet-stream
Content-Length: 1406
Connection: keep-alive
x-amz-id-2: ea2Axrp1jnzVR5U1b3a4ICJVa6y6fpGNNNS58BK2hglLa6tUMIHrI5puBnYF2lfUVPXhroVbw4w=
x-amz-request-id: WK30PF1TDK896GHC
Last-Modified: Wed, 15 Dec 2021 13:45:09 GMT
ETag: "4df64835badbad0c09cc94c012712b1d"
Expires: Tue, 11 Jul 2023 18:09:21 GMT
Cache-Control: max-age=3600
X-Cache: HIT
X-Edge-Location: nlam
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
GET

http://s29.q4cdn.com/253383189/files/css/print.css

chrome.exe

Remote address:

68.70.205.4:80

Request

GET /253383189/files/css/print.css HTTP/1.1
Host: s29.q4cdn.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: keycdn-engine
Date: Tue, 11 Jul 2023 17:09:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: X+jl7TmN7QJlQN98xZN+M50MV78FmfmplodeP2rLPcRT0D+LkuBpkMnbMSku0SqM02mdJ0i36Rk=
x-amz-request-id: C0YXYEGG753PM3QR
Last-Modified: Fri, 19 Nov 2021 18:00:36 GMT
ETag: W/"9e71dfea1584fe67a0710304c0c70c40"
Expires: Tue, 11 Jul 2023 18:09:19 GMT
Cache-Control: max-age=3600
X-Cache: HIT
X-Edge-Location: nlam
Access-Control-Allow-Origin: *
Content-Encoding: gzip
GET

http://s29.q4cdn.com/253383189/files/css/client.css?v=33770

chrome.exe

Remote address:

68.70.205.4:80

Request

GET /253383189/files/css/client.css?v=33770 HTTP/1.1
Host: s29.q4cdn.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: keycdn-engine
Date: Tue, 11 Jul 2023 17:09:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: hHT7KrFlB774R3oEMLHSUmZbn44nQVN8vB8Cro/+AxTNMrB9UDGH/e7MgZWY9RaKaffk7qao/5Q=
x-amz-request-id: ZM0S6FQJY5TAPM4C
Last-Modified: Thu, 24 Mar 2022 15:34:57 GMT
ETag: W/"2dd3929cfbb0ede9eb84cdb902454cd6"
Expires: Tue, 11 Jul 2023 18:09:19 GMT
Cache-Control: max-age=3600
X-Cache: HIT
X-Edge-Location: nlam
Access-Control-Allow-Origin: *
Content-Encoding: gzip
DNS

106.208.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

106.208.58.216.in-addr.arpa

IN PTR

Response

106.208.58.216.in-addr.arpa

IN PTR

ams17s08-in-f101e100net

106.208.58.216.in-addr.arpa

IN PTR

sof01s11-in-f106�I
DNS

4.205.70.68.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.205.70.68.in-addr.arpa

IN PTR

Response
DNS

widgets.q4app.com

chrome.exe

Remote address:

8.8.8.8:53

Request

widgets.q4app.com

IN A

Response

widgets.q4app.com

IN A

108.156.60.95

widgets.q4app.com

IN A

108.156.60.68

widgets.q4app.com

IN A

108.156.60.126

widgets.q4app.com

IN A

108.156.60.57
GET

https://widgets.q4app.com/widgets/q4.api.1.13.5.min.js

chrome.exe

Remote address:

108.156.60.95:443

Request

GET /widgets/q4.api.1.13.5.min.js HTTP/2.0
host: widgets.q4app.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 19787
last-modified: Wed, 19 Jan 2022 00:06:47 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 11 Jul 2023 16:53:16 GMT
etag: "86b75f71eb36547a763d3271411abc6c"
x-cache: Hit from cloudfront
via: 1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: shcv9veyURTHoqFrD8JwqPcMcYhqwqvrh08cKy56Ez-TUZSaTscnuA==
age: 964
GET

https://widgets.q4app.com/widgets/requireslib/pym.v1.min.js

chrome.exe

Remote address:

108.156.60.95:443

Request

GET /widgets/requireslib/pym.v1.min.js HTTP/2.0
host: widgets.q4app.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript
content-length: 9034
last-modified: Fri, 09 Jun 2023 15:49:10 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 11 Jul 2023 16:29:50 GMT
etag: "d4257b34abdd55b0b5b4459db41c2c1c"
x-cache: Hit from cloudfront
via: 1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: dY4kTyTpIygf8EvWbsEtE9RjxzZLCJ1d764s4P_ADRZ-w0w2gMDnVA==
age: 2442
GET

http://widgets.q4app.com/widgets/requireslib/pym.v1.min.js

chrome.exe

Remote address:

108.156.60.95:80

Request

GET /widgets/requireslib/pym.v1.min.js HTTP/1.1
Host: widgets.q4app.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: CloudFront
Date: Tue, 11 Jul 2023 17:09:19 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://widgets.q4app.com/widgets/requireslib/pym.v1.min.js
X-Cache: Redirect from cloudfront
Via: 1.1 1b575b46b9e4dd6b829accb4ea728b00.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-P2
X-Amz-Cf-Id: 4eWIB6k9N3_Dy93IUcLVHZgqQ4wINvPfr8ka2MRdQUqa33i709z4-Q==
DNS

95.60.156.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.60.156.108.in-addr.arpa

IN PTR

Response

95.60.156.108.in-addr.arpa

IN PTR

server-108-156-60-95ams1r cloudfrontnet
DNS

189.211.227.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

189.211.227.13.in-addr.arpa

IN PTR

Response

189.211.227.13.in-addr.arpa

IN PTR

server-13-227-211-189ams54r cloudfrontnet
DNS

4.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.159.190.20.in-addr.arpa

IN PTR

Response
DNS

pro.ip-api.com

chrome.exe

Remote address:

8.8.8.8:53

Request

pro.ip-api.com

IN A

Response

pro.ip-api.com

IN A

208.95.112.2
GET

http://www.google-analytics.com/analytics.js

chrome.exe

Remote address:

172.217.23.206:80

Request

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20994
Date: Tue, 11 Jul 2023 15:40:47 GMT
Expires: Tue, 11 Jul 2023 17:40:47 GMT
Cache-Control: public, max-age=7200
Age: 5313
Last-Modified: Mon, 12 Jun 2023 18:23:07 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
GET

http://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=2141194327&t=event&ni=0&_s=2&dl=http%3A%2F%2Finvesco2021tf.q4web.com%2Fsec-filings%2Fsec-filings-details%2Fdefault.aspx%3FFilingId%3D16784646&ul=en-us&de=UTF-8&dt=Invesco%20Ltd.%20-%20SEC%20Filings%20-%20SEC%20Filings%20Details&sd=24-bit&sr=1280x720&vp=1263x609&je=0&ec=download&ea=download&el=d18rn0p25nwr6d.cloudfront.net%2Fcik-0000914208%2Fe0dc659a-e7a2-42ac-bfaf-b1655229295c.pdf&ev=0&_u=aEBAAEABEAAAACAAI~&jid=&gjid=&cid=1657431935.1689095359&tid=UA-11111111-1&_gid=828254608.1689095359&z=577346249

chrome.exe

Remote address:

172.217.23.206:80

Request

GET /collect?v=1&_v=j101&aip=1&a=2141194327&t=event&ni=0&_s=2&dl=http%3A%2F%2Finvesco2021tf.q4web.com%2Fsec-filings%2Fsec-filings-details%2Fdefault.aspx%3FFilingId%3D16784646&ul=en-us&de=UTF-8&dt=Invesco%20Ltd.%20-%20SEC%20Filings%20-%20SEC%20Filings%20Details&sd=24-bit&sr=1280x720&vp=1263x609&je=0&ec=download&ea=download&el=d18rn0p25nwr6d.cloudfront.net%2Fcik-0000914208%2Fe0dc659a-e7a2-42ac-bfaf-b1655229295c.pdf&ev=0&_u=aEBAAEABEAAAACAAI~&jid=&gjid=&cid=1657431935.1689095359&tid=UA-11111111-1&_gid=828254608.1689095359&z=577346249 HTTP/1.1
Host: www.google-analytics.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Mon, 10 Jul 2023 17:17:45 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 85898
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
GET

http://s29.q4cdn.com/253383189/files/fonts/InvescoEditor-Regular.otf

chrome.exe

Remote address:

68.70.205.4:80

Request

GET /253383189/files/fonts/InvescoEditor-Regular.otf HTTP/1.1
Host: s29.q4cdn.com
Connection: keep-alive
Origin: http://invesco2021tf.q4web.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://s29.q4cdn.com/253383189/files/css/client.css?v=33770
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: keycdn-engine
Date: Tue, 11 Jul 2023 17:09:20 GMT
Content-Type: application/octet-stream
Content-Length: 45104
Connection: keep-alive
x-amz-id-2: r816SXlXakR4eFSqPfSL9tkskjOW8YMSKyfQDUiAfxf2hCdQhXpUbdykmC9CYTlqIH5wTLy/TZU=
x-amz-request-id: SAXMV670KSPVY16A
Last-Modified: Tue, 14 Dec 2021 21:27:42 GMT
ETag: "615ce765a8997beb9a7caee00bc23ed5"
Expires: Tue, 11 Jul 2023 18:09:20 GMT
Cache-Control: max-age=3600
X-Cache: HIT
X-Edge-Location: nlam
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
GET

http://s29.q4cdn.com/253383189/files/fonts/Graphik-Regular-Web.woff

chrome.exe

Remote address:

68.70.205.4:80

Request

GET /253383189/files/fonts/Graphik-Regular-Web.woff HTTP/1.1
Host: s29.q4cdn.com
Connection: keep-alive
Origin: http://invesco2021tf.q4web.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Referer: http://s29.q4cdn.com/253383189/files/css/client.css?v=33770
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: keycdn-engine
Date: Tue, 11 Jul 2023 17:09:20 GMT
Content-Type: application/octet-stream
Content-Length: 48539
Connection: keep-alive
x-amz-id-2: OVVpvQEnQmpXQ09KH+66syXgzC053AEU447d7YbcexR9WovIqamtFxVrmdSayRzrgqoX0DRMACs=
x-amz-request-id: SAXTTZN0JV9RJ3JR
Last-Modified: Tue, 14 Dec 2021 21:08:14 GMT
ETag: "77c10fd459b20100e0be64deb2ecd46e"
Expires: Tue, 11 Jul 2023 18:09:20 GMT
Cache-Control: max-age=3600
X-Cache: HIT
X-Edge-Location: nlam
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
DNS

d1azc1qln24ryf.cloudfront.net

chrome.exe

Remote address:

8.8.8.8:53

Request

d1azc1qln24ryf.cloudfront.net

IN A

Response

d1azc1qln24ryf.cloudfront.net

IN A

108.156.61.8

d1azc1qln24ryf.cloudfront.net

IN A

108.156.61.109

d1azc1qln24ryf.cloudfront.net

IN A

108.156.61.95

d1azc1qln24ryf.cloudfront.net

IN A

108.156.61.32
DNS

slscr.update.microsoft.com

chrome.exe

Remote address:

8.8.8.8:53

Request

slscr.update.microsoft.com

IN A

Response

slscr.update.microsoft.com

IN CNAME

sls.update.microsoft.com

sls.update.microsoft.com

IN CNAME

glb.sls.prod.dcat.dsp.trafficmanager.net

glb.sls.prod.dcat.dsp.trafficmanager.net

IN A

20.114.59.183
DNS

d18rn0p25nwr6d.cloudfront.net

chrome.exe

Remote address:

8.8.8.8:53

Request

d18rn0p25nwr6d.cloudfront.net

IN A

Response

d18rn0p25nwr6d.cloudfront.net

IN A

13.227.211.114

d18rn0p25nwr6d.cloudfront.net

IN A

13.227.211.26

d18rn0p25nwr6d.cloudfront.net

IN A

13.227.211.171

d18rn0p25nwr6d.cloudfront.net

IN A

13.227.211.94
GET

https://d1azc1qln24ryf.cloudfront.net/50912/_Q4BlankTemplate/q4-icons.woff2?k4mfa9

chrome.exe

Remote address:

108.156.61.8:443

Request

GET /50912/_Q4BlankTemplate/q4-icons.woff2?k4mfa9 HTTP/2.0
host: d1azc1qln24ryf.cloudfront.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: http://invesco2021tf.q4web.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: http://s29.q4cdn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: CloudFront
date: Tue, 11 Jul 2023 17:09:20 GMT
content-length: 0
location: https://cdn.icomoon.io/50912/_Q4BlankTemplate/q4-icons.woff2
x-cache: FunctionGeneratedResponse from cloudfront
via: 1.1 3bdef981159de9c713020c64476ba0e4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JWj756krLWLTKWQ9jds8MJi5c6gqIJ6EetZjhaLiM_t9GGgGPGeZnA==
access-control-allow-origin: *
OPTIONS

https://invesco2021tf.q4web.com/x0k461/e6c1b/xc9

chrome.exe

Remote address:

162.159.130.11:443

Request

OPTIONS /x0k461/e6c1b/xc9 HTTP/2.0
host: invesco2021tf.q4web.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: http://invesco2021tf.q4web.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jul 2023 17:09:21 GMT
content-length: 0
cf-ray: 7e52a7559c471c8f-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
set-cookie: __cf_bm=73kvvd1CCve8LaWzvoa_wSuhXvZmvos_gQs4JX8Ylqs-1689095361-0-AVH9j9DenTY57qmtQMMT29uTd5fkYpe9dWQNQFlRl5vpk46q39I7ABqKJhhx5+KgWOpHxxYgQN5CIx0EDjqlH1k=; path=/; expires=Tue, 11-Jul-23 17:39:21 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
DNS

cdn.icomoon.io

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.icomoon.io

IN A

Response

cdn.icomoon.io

IN CNAME

icomoon.b-cdn.net

icomoon.b-cdn.net

IN A

138.199.24.209
GET

https://cdn.icomoon.io/50912/_Q4BlankTemplate/q4-icons.woff2

chrome.exe

Remote address:

138.199.24.209:443

Request

GET /50912/_Q4BlankTemplate/q4-icons.woff2 HTTP/2.0
host: cdn.icomoon.io
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: null
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: http://s29.q4cdn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jul 2023 17:09:21 GMT
content-type: application/font-woff2
content-length: 9572
server: BunnyCDN-SG1-747
cdn-pullzone: 1460617
cdn-uid: dd4aa74a-23b0-4a02-a963-0a23a001f729
cdn-requestcountrycode: IN
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-methods: GET
cache-control: public, max-age=31919000
etag: "57f14c7f7f284a4c2f37cad218ec0be1"
last-modified: Fri, 07 May 2021 09:25:28 GMT
cdn-cachedat: 06/13/2023 16:08:54
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 989
cdn-status: 200
cdn-requestid: 068b3216adc549ccf0e35910d6c302bb
cdn-cache: HIT
accept-ranges: bytes
DNS

login.q4inc.com

chrome.exe

Remote address:

8.8.8.8:53

Request

login.q4inc.com

IN A

Response

login.q4inc.com

IN A

18.65.39.56

login.q4inc.com

IN A

18.65.39.98

login.q4inc.com

IN A

18.65.39.19

login.q4inc.com

IN A

18.65.39.88
GET

https://login.q4inc.com/authorize?client_id=gKrDY1E9BUSWfU7DGuW2CO4rjdskiNg7&scope=openid+profile+email&response_type=code&response_mode=query&nonce=QWD9yCnrK5JuRznQCb4D3YscM&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwOi8vaW52ZXNjbzIwMjF0Zi5xNHdlYi5jb20vcTRsb2dpbmNhbGxiYWNrLmFzcHgiLCJleHAiOjE2OTQzNTQ5NDUuMCwiaWF0IjoxNjg5MDk1MzQ1LjAsImlzcyI6IlE0LldlYi5QdWJsaWMuU2l0ZSIsImF1ZCI6InVwc3RyZWFtLmNkbi53ZWIucHJkLnE0aW5jLmNvbSJ9.MMHkOOtkxSxIeTSVejrMIIvXIWnmLpM7omTm3TeGVEo&redirect_uri=https%3a%2f%2fauth.platform.q4inc.com%2fauth%2fpublicAuthRedirect&prompt=none

chrome.exe

Remote address:

18.65.39.56:443

Request

GET /authorize?client_id=gKrDY1E9BUSWfU7DGuW2CO4rjdskiNg7&scope=openid+profile+email&response_type=code&response_mode=query&nonce=QWD9yCnrK5JuRznQCb4D3YscM&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwOi8vaW52ZXNjbzIwMjF0Zi5xNHdlYi5jb20vcTRsb2dpbmNhbGxiYWNrLmFzcHgiLCJleHAiOjE2OTQzNTQ5NDUuMCwiaWF0IjoxNjg5MDk1MzQ1LjAsImlzcyI6IlE0LldlYi5QdWJsaWMuU2l0ZSIsImF1ZCI6InVwc3RyZWFtLmNkbi53ZWIucHJkLnE0aW5jLmNvbSJ9.MMHkOOtkxSxIeTSVejrMIIvXIWnmLpM7omTm3TeGVEo&redirect_uri=https%3a%2f%2fauth.platform.q4inc.com%2fauth%2fpublicAuthRedirect&prompt=none HTTP/2.0
host: login.q4inc.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-type: text/html; charset=utf-8
content-length: 1034
location: https://auth.platform.q4inc.com/auth/publicAuthRedirect?error=login_required&error_description=Login%20required&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwOi8vaW52ZXNjbzIwMjF0Zi5xNHdlYi5jb20vcTRsb2dpbmNhbGxiYWNrLmFzcHgiLCJleHAiOjE2OTQzNTQ5NDUuMCwiaWF0IjoxNjg5MDk1MzQ1LjAsImlzcyI6IlE0LldlYi5QdWJsaWMuU2l0ZSIsImF1ZCI6InVwc3RyZWFtLmNkbi53ZWIucHJkLnE0aW5jLmNvbSJ9.MMHkOOtkxSxIeTSVejrMIIvXIWnmLpM7omTm3TeGVEo
date: Tue, 11 Jul 2023 17:09:21 GMT
cf-ray: 7e52a7567f948fca-FRA
cf-cache-status: DYNAMIC
cache-control: no-store, max-age=0, no-transform
set-cookie: did=s%3Av0%3Aad736a70-200d-11ee-a704-77554daae29f.b%2BGJ%2BsX9DANz2FnKQWJ23kOczO2EuDaPo%2FPHPVL4VIE; Max-Age=31557600; Path=/; Expires=Wed, 10 Jul 2024 23:09:21 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000
ot-baggage-auth0-request-id: 7e52a7567f948fca
ot-tracer-sampled: true
ot-tracer-spanid: 5a05298b05fbf182
ot-tracer-traceid: 0050383060765a40
pragma: no-cache
set-cookie: did_compat=s%3Av0%3Aad736a70-200d-11ee-a704-77554daae29f.b%2BGJ%2BsX9DANz2FnKQWJ23kOczO2EuDaPo%2FPHPVL4VIE; Max-Age=31557600; Path=/; Expires=Wed, 10 Jul 2024 23:09:21 GMT; HttpOnly; Secure
traceparent: 00-00000000000000000050383060765a40-5a05298b05fbf182-01
tracestate: auth0-request-id=7e52a7567f948fca,auth0=true
x-auth0-requestid: 50fda72188d5a38ce225
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1689095362
server: cloudflare
vary: Accept,Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5de5e66003332bec09dff893114ac06c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: uElLc31hLf3sj2K7WTBCb8u-jj-aWvf_mGFTjHcoqtZYMmsZKnl3HQ==
POST

https://invesco2021tf.q4web.com/x0k461/e6c1b/xc9

chrome.exe

Remote address:

162.159.130.11:443

Request

POST /x0k461/e6c1b/xc9 HTTP/2.0
host: invesco2021tf.q4web.com
content-length: 1562
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json; charset=UTF-8
accept: */*
origin: http://invesco2021tf.q4web.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 11 Jul 2023 17:09:21 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
cf-ray: 7e52a756bf4c0e68-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: http://invesco2021tf.q4web.com
set-cookie: sp=c2f43a73-4b44-495e-9e56-4a7151179bd3; Expires=Wed, 10 Jul 2024 17:09:21 GMT; Domain=; Path=/; Secure; HttpOnly; SameSite=Lax
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
set-cookie: __cf_bm=QTmVcEjKTF.oEjzGSSwFGmM8RuflxIJ3rlXfV8CMPt0-1689095361-0-AScJsDj2AT5pyhqyJtmqN4R/DRE/8NHJNC/oMT//zV/55ux4V2r0iwpI7Fu3dce7Weu4BaAlHKQyHWdowySgn0Y=; path=/; expires=Tue, 11-Jul-23 17:39:21 GMT; domain=.invesco2021tf.q4web.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
POST

https://invesco2021tf.q4web.com/x0k461/e6c1b/xc9

chrome.exe

Remote address:

162.159.130.11:443

Request

POST /x0k461/e6c1b/xc9 HTTP/2.0
host: invesco2021tf.q4web.com
content-length: 2054
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json; charset=UTF-8
accept: */*
origin: http://invesco2021tf.q4web.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=QTmVcEjKTF.oEjzGSSwFGmM8RuflxIJ3rlXfV8CMPt0-1689095361-0-AScJsDj2AT5pyhqyJtmqN4R/DRE/8NHJNC/oMT//zV/55ux4V2r0iwpI7Fu3dce7Weu4BaAlHKQyHWdowySgn0Y=

Response

HTTP/2.0 200

date: Tue, 11 Jul 2023 17:09:23 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
cf-ray: 7e52a764ab090e68-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: http://invesco2021tf.q4web.com
set-cookie: sp=13bf87ae-258e-404f-94a5-3679a03f3d9e; Expires=Wed, 10 Jul 2024 17:09:23 GMT; Domain=; Path=/; Secure; HttpOnly; SameSite=Lax
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
vary: Accept-Encoding
server: cloudflare
POST

https://invesco2021tf.q4web.com/x0k461/e6c1b/xc9

chrome.exe

Remote address:

162.159.130.11:443

Request

POST /x0k461/e6c1b/xc9 HTTP/2.0
host: invesco2021tf.q4web.com
content-length: 1562
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json; charset=UTF-8
accept: */*
origin: http://invesco2021tf.q4web.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __cf_bm=QTmVcEjKTF.oEjzGSSwFGmM8RuflxIJ3rlXfV8CMPt0-1689095361-0-AScJsDj2AT5pyhqyJtmqN4R/DRE/8NHJNC/oMT//zV/55ux4V2r0iwpI7Fu3dce7Weu4BaAlHKQyHWdowySgn0Y=

Response

HTTP/2.0 200

date: Tue, 11 Jul 2023 17:09:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
cf-ray: 7e52a811baeb0e68-AMS
cf-cache-status: DYNAMIC
access-control-allow-origin: http://invesco2021tf.q4web.com
set-cookie: sp=c2bfceb6-37e3-4a73-aeac-c6e0a1d15c5d; Expires=Wed, 10 Jul 2024 17:09:51 GMT; Domain=; Path=/; Secure; HttpOnly; SameSite=Lax
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
vary: Accept-Encoding
server: cloudflare
DNS

apps.identrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

2.18.121.76

a1952.dscq.akamai.net

IN A

2.18.121.68
DNS

auth.platform.q4inc.com

chrome.exe

Remote address:

8.8.8.8:53

Request

auth.platform.q4inc.com

IN A

Response

auth.platform.q4inc.com

IN CNAME

d3m31p7qnmj7sv.cloudfront.net

d3m31p7qnmj7sv.cloudfront.net

IN A

18.65.39.120

d3m31p7qnmj7sv.cloudfront.net

IN A

18.65.39.33

d3m31p7qnmj7sv.cloudfront.net

IN A

18.65.39.84

d3m31p7qnmj7sv.cloudfront.net

IN A

18.65.39.63
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

chrome.exe

Remote address:

2.18.121.76:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
ETag: "37d-5f433188daa00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Tue, 11 Jul 2023 18:09:21 GMT
Date: Tue, 11 Jul 2023 17:09:21 GMT
Connection: keep-alive
GET

https://auth.platform.q4inc.com/auth/publicAuthRedirect?error=login_required&error_description=Login%20required&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwOi8vaW52ZXNjbzIwMjF0Zi5xNHdlYi5jb20vcTRsb2dpbmNhbGxiYWNrLmFzcHgiLCJleHAiOjE2OTQzNTQ5NDUuMCwiaWF0IjoxNjg5MDk1MzQ1LjAsImlzcyI6IlE0LldlYi5QdWJsaWMuU2l0ZSIsImF1ZCI6InVwc3RyZWFtLmNkbi53ZWIucHJkLnE0aW5jLmNvbSJ9.MMHkOOtkxSxIeTSVejrMIIvXIWnmLpM7omTm3TeGVEo

chrome.exe

Remote address:

18.65.39.120:443

Request

GET /auth/publicAuthRedirect?error=login_required&error_description=Login%20required&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwOi8vaW52ZXNjbzIwMjF0Zi5xNHdlYi5jb20vcTRsb2dpbmNhbGxiYWNrLmFzcHgiLCJleHAiOjE2OTQzNTQ5NDUuMCwiaWF0IjoxNjg5MDk1MzQ1LjAsImlzcyI6IlE0LldlYi5QdWJsaWMuU2l0ZSIsImF1ZCI6InVwc3RyZWFtLmNkbi53ZWIucHJkLnE0aW5jLmNvbSJ9.MMHkOOtkxSxIeTSVejrMIIvXIWnmLpM7omTm3TeGVEo HTTP/2.0
host: auth.platform.q4inc.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

content-type: application/json
content-length: 0
location: http://invesco2021tf.q4web.com/q4logincallback.aspx#error=400
date: Tue, 11 Jul 2023 17:09:21 GMT
x-amzn-requestid: 25234d66-2fc2-4c6e-aa0a-40f544fe28a4
x-amz-apigw-id: H6LuREevoAMFZ4A=
x-amzn-trace-id: Root=1-64ad8cc1-6313b78943105f182354fb01;Sampled=0;lineage=5c4bdb31:0
x-cache: Miss from cloudfront
via: 1.1 1a89beee9d72657437f5e91f57220804.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: uplTqe4qpJJxaFM63vME4uyIgv2uckH2kjsgwUTecvap0JpgrZ83PQ==
DNS

206.23.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.23.217.172.in-addr.arpa

IN PTR

Response

206.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f2061e100net

206.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f14�J

206.23.217.172.in-addr.arpa

IN PTR

ams16s37-in-f14�J
DNS

2.112.95.208.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.112.95.208.in-addr.arpa

IN PTR

Response
DNS

8.61.156.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.61.156.108.in-addr.arpa

IN PTR

Response

8.61.156.108.in-addr.arpa

IN PTR

server-108-156-61-8ams1r cloudfrontnet
DNS

55.36.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

55.36.223.20.in-addr.arpa

IN PTR

Response
DNS

56.39.65.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.39.65.18.in-addr.arpa

IN PTR

Response

56.39.65.18.in-addr.arpa

IN PTR

server-18-65-39-56ams1r cloudfrontnet
DNS

209.24.199.138.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.24.199.138.in-addr.arpa

IN PTR

Response

209.24.199.138.in-addr.arpa

IN PTR

138-199-24-209 bunnyinfranet
DNS

js-agent.newrelic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

js-agent.newrelic.com

IN A

Response

js-agent.newrelic.com

IN CNAME

k.sni.global.fastly.net

k.sni.global.fastly.net

IN A

151.101.2.137

k.sni.global.fastly.net

IN A

151.101.66.137

k.sni.global.fastly.net

IN A

151.101.130.137

k.sni.global.fastly.net

IN A

151.101.194.137
GET

https://js-agent.newrelic.com/async-api.30bd804e-1.236.0.min.js

chrome.exe

Remote address:

151.101.2.137:443

Request

GET /async-api.30bd804e-1.236.0.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: j2xJhYCF5TtOlphHLiqIdXSRgwUHeyZoLKI05tlWrsVeagh1UhJD0eLd1N8/GcCjn+1g4ZAELa0=
x-amz-request-id: 99J4JS9HEM1XV4VS
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
etag: "e43b565f398109176254b8a9394de5ba"
x-amz-server-side-encryption: AES256
x-amz-version-id: SNNZ70_ndPBZM4f5drSRay_oJEEp97f5
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Jul 2023 17:09:21 GMT
via: 1.1 varnish
x-served-by: cache-ams21045-AMS
x-cache: HIT
x-cache-hits: 2395
x-timer: S1689095362.960787,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 435
GET

https://js-agent.newrelic.com/lazy-feature-loader.2f55ce66-1.236.0.min.js

chrome.exe

Remote address:

151.101.2.137:443

Request

GET /lazy-feature-loader.2f55ce66-1.236.0.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: JbvhcdF1r300Y/nir2jXLPOt0ruBAekeq+McI0pV1ThxCAYEq5JbkPn10KLBbSb8UbZeZq0B5sU=
x-amz-request-id: BV7QMSYJTNCV04RQ
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
etag: "ce1527db8799a0ba1913b5c7b7f666aa"
x-amz-server-side-encryption: AES256
x-amz-version-id: 366JrVMQzTPfkja9KvKWB.1FAlNj2g2u
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Jul 2023 17:09:21 GMT
via: 1.1 varnish
x-served-by: cache-ams21045-AMS
x-cache: HIT
x-cache-hits: 15325
x-timer: S1689095362.960805,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 1418
GET

https://js-agent.newrelic.com/148.1a20d5fe-1.236.0.min.js

chrome.exe

Remote address:

151.101.2.137:443

Request

GET /148.1a20d5fe-1.236.0.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: reycrMEZLrEvI4rjIrXZM7Q9lbRZuAhRpsiJw5sVU4nOcbCPLoUaOG5NAlBqNc7PcuPVCrgka9o=
x-amz-request-id: T93W2BA3MHFFQZ96
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
etag: "bed1f74897d091a7dfc2b06e8a1e29a3"
x-amz-server-side-encryption: AES256
x-amz-version-id: ScUpW5z6XcbV4AsRwaGpjCwUtY9KtEdV
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Jul 2023 17:09:22 GMT
via: 1.1 varnish
x-served-by: cache-ams21045-AMS
x-cache: HIT
x-cache-hits: 2374
x-timer: S1689095362.009132,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 3249
GET

https://js-agent.newrelic.com/page_view_event-aggregate.06482edd-1.236.0.min.js

chrome.exe

Remote address:

151.101.2.137:443

Request

GET /page_view_event-aggregate.06482edd-1.236.0.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: RMHbdyVGy71XeuKR3Mw4W2md2oXZR8pu+/e14h6VqhIabgigZpHx/v2bL2eb1G2+1eHQa5syfZU=
x-amz-request-id: MY3WWV1C39YSCE9G
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
etag: "553d27144d4f9fbe7e31b802107a2071"
x-amz-server-side-encryption: AES256
x-amz-version-id: olBWVnN3KrZD.7AbCiVQ_LmF1ZBKIJEh
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Jul 2023 17:09:22 GMT
via: 1.1 varnish
x-served-by: cache-ams21045-AMS
x-cache: HIT
x-cache-hits: 3833
x-timer: S1689095362.009413,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 4102
GET

https://js-agent.newrelic.com/860.03a8b7a5-1.236.0.min.js

chrome.exe

Remote address:

151.101.2.137:443

Request

GET /860.03a8b7a5-1.236.0.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: 1Mt58aIMNqAxDpHBAU1gyyTxtbSd0Wzqp8F0twYB/MoJ/Lt8w9xaRAELP9t3qQ2Vya5rF7juaN0=
x-amz-request-id: T93Y2JWBKDA71518
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
etag: "01e96e9ff5c360298d13581ad38e60a8"
x-amz-server-side-encryption: AES256
x-amz-version-id: 9W2va1QLSUaCTJ3OoHH2ZOYSIAKsuvOr
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Jul 2023 17:09:22 GMT
via: 1.1 varnish
x-served-by: cache-ams21045-AMS
x-cache: HIT
x-cache-hits: 2366
x-timer: S1689095362.011000,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 5367
GET

https://js-agent.newrelic.com/page_view_timing-aggregate.bd6de33a-1.236.0.min.js

chrome.exe

Remote address:

151.101.2.137:443

Request

GET /page_view_timing-aggregate.bd6de33a-1.236.0.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: KhA5hgdNSeUj9EV+1MDDubnGLega2oGuw4R9mJHATbEx/in3DUGT2zlLm0CyJb6OKh3Z3XbHOIg=
x-amz-request-id: 99J80VBC4Q0CKE93
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
etag: "5c2d33afe15ef1ea0f7dfd3d77677165"
x-amz-server-side-encryption: AES256
x-amz-version-id: iJSI6dlO2Ys6eX3e0ReqL6kXFai6YRCl
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Jul 2023 17:09:22 GMT
via: 1.1 varnish
x-served-by: cache-ams21045-AMS
x-cache: HIT
x-cache-hits: 2389
x-timer: S1689095362.011017,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 5273
GET

https://js-agent.newrelic.com/metrics-aggregate.3dc53903-1.236.0.min.js

chrome.exe

Remote address:

151.101.2.137:443

Request

GET /metrics-aggregate.3dc53903-1.236.0.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: xywiFN9eHrQWhRxcqtuYcR4wxZeNAcQy9aweHDa5dXAaQ1Bp8lZKEITcjNAjOOukwRaFELP07P4=
x-amz-request-id: NRK77J1CXD180Q2C
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
etag: "a912f1cb80b2d3cf15f10d9d022b6188"
x-amz-server-side-encryption: AES256
x-amz-version-id: Z8jxLQfOXuFmYqpMJ60TDp7HscNrmk8O
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Jul 2023 17:09:22 GMT
via: 1.1 varnish
x-served-by: cache-ams21045-AMS
x-cache: HIT
x-cache-hits: 9251
x-timer: S1689095362.010968,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 2880
GET

https://js-agent.newrelic.com/jserrors-aggregate.49e41428-1.236.0.min.js

chrome.exe

Remote address:

151.101.2.137:443

Request

GET /jserrors-aggregate.49e41428-1.236.0.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: Qla9IYjdHt+6lwR0j8wfG0ZJj+EnrAVgdroi9F2Am3XotXNTfH5Y5Mtw9PyfNnogWpoOndN2OXA=
x-amz-request-id: T93NA55926WQ22TR
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
etag: "ea0f213ac446fa34c085f244b9573b9d"
x-amz-server-side-encryption: AES256
x-amz-version-id: .ACjr0HqA7HhCmbDNUQuLIwun1cgXyhg
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Jul 2023 17:09:22 GMT
via: 1.1 varnish
x-served-by: cache-ams21045-AMS
x-cache: HIT
x-cache-hits: 1426
x-timer: S1689095362.011851,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 3611
GET

https://js-agent.newrelic.com/ajax-aggregate.998ef92b-1.236.0.min.js

chrome.exe

Remote address:

151.101.2.137:443

Request

GET /ajax-aggregate.998ef92b-1.236.0.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: 2axIpnJV1WhMqPmV76jWhsKXNR8W+1SBvOK8KxTwDbGY/0Ovt+QTiwEOA7YtxWgbW9/6Aduq1XI=
x-amz-request-id: WT3MPFZ3ARJSW6K6
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
etag: "07e3c83179c7da2e2f464a72b084aacf"
x-amz-server-side-encryption: AES256
x-amz-version-id: xVg3CmVvsRmAix36ZLYuy_uCZQf0TjpD
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Jul 2023 17:09:22 GMT
via: 1.1 varnish
x-served-by: cache-ams21045-AMS
x-cache: HIT
x-cache-hits: 8144
x-timer: S1689095362.011761,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 3002
GET

https://js-agent.newrelic.com/session_trace-aggregate.83105561-1.236.0.min.js

chrome.exe

Remote address:

151.101.2.137:443

Request

GET /session_trace-aggregate.83105561-1.236.0.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: tAMGdXK2EOIWI25x09rGVOmvVCfujjyybSrPWMpu2wnFZjXzVhp/UFssQKQ6y4pRL+F9itAPPug=
x-amz-request-id: T93XMC9H85F5M3GG
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
etag: "4ef8d054860549421e884b3d2d74b83e"
x-amz-server-side-encryption: AES256
x-amz-version-id: JP1nny3GAhH60lOAbY5zpQuuXGmtQF2W
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Jul 2023 17:09:22 GMT
via: 1.1 varnish
x-served-by: cache-ams21045-AMS
x-cache: HIT
x-cache-hits: 1421
x-timer: S1689095362.012516,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 4470
GET

https://js-agent.newrelic.com/page_action-aggregate.ac76d497-1.236.0.min.js

chrome.exe

Remote address:

151.101.2.137:443

Request

GET /page_action-aggregate.ac76d497-1.236.0.min.js HTTP/2.0
host: js-agent.newrelic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: http://invesco2021tf.q4web.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: 3TiwkBvWRI6V4pYMDwqLUzIrr5UL6vlCtW2XGTOqCuKDHZHTvzREnmloGS6mbkhVkGDpb5zINB4=
x-amz-request-id: T93RG793JRQ13A70
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
etag: "8862791debd0b259297a0ccf618932eb"
x-amz-server-side-encryption: AES256
x-amz-version-id: d39kPm7I27R6JP_9CC8D6A917GdgqR8V
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Jul 2023 17:09:22 GMT
via: 1.1 varnish
x-served-by: cache-ams21045-AMS
x-cache: HIT
x-cache-hits: 1426
x-timer: S1689095362.012474,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=300
content-length: 1854
DNS

bam.nr-data.net

chrome.exe

Remote address:

8.8.8.8:53

Request

bam.nr-data.net

IN A

Response

bam.nr-data.net

IN CNAME

bam.cell.nr-data.net

bam.cell.nr-data.net

IN CNAME

fastly-tls12-bam.nr-data.net

fastly-tls12-bam.nr-data.net

IN A

162.247.243.29
POST

https://bam.nr-data.net/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=1146&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx&af=err,xhr,stn,ins&ap=32&be=787&fe=67&dc=63&perf=%7B%22timing%22:%7B%22of%22:1689095359494,%22n%22:0,%22f%22:626,%22dn%22:626,%22dne%22:626,%22c%22:626,%22ce%22:626,%22rq%22:624,%22rp%22:787,%22rpe%22:796,%22di%22:850,%22ds%22:850,%22de%22:850,%22dc%22:850,%22l%22:850,%22le%22:854%7D,%22navigation%22:%7B%7D%7D

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=1146&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx&af=err,xhr,stn,ins&ap=32&be=787&fe=67&dc=63&perf=%7B%22timing%22:%7B%22of%22:1689095359494,%22n%22:0,%22f%22:626,%22dn%22:626,%22dne%22:626,%22c%22:626,%22ce%22:626,%22rq%22:624,%22rp%22:787,%22rpe%22:796,%22di%22:850,%22ds%22:850,%22de%22:850,%22dc%22:850,%22l%22:850,%22le%22:854%7D,%22navigation%22:%7B%7D%7D HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 40
date: Tue, 11 Jul 2023 17:09:22 GMT
content-type: text/plain
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: http://invesco2021tf.q4web.com
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6177&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6177&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 1023
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:23 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=2515&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=2515&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 264
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:23 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=15738&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=15738&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 303
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:33 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=37749&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=37749&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 88
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:55 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=48743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=48743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 574
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:10:06 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=59743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=59743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 293
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:10:17 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=70742&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=70742&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 293
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:10:28 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=81741&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=81741&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 293
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:10:39 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=92741&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=92741&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 293
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:10:50 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=103742&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=103742&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 293
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:11:01 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=114742&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=114742&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: close
Content-Length: 24
date: Tue, 11 Jul 2023 17:11:12 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21025-AMS
POST

https://bam.nr-data.net/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=4822&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx&af=err,xhr,stn,ins&ap=390&be=453&fe=4074&dc=3225&perf=%7B%22timing%22:%7B%22of%22:1689095355825,%22n%22:0,%22f%22:47,%22dn%22:256,%22dne%22:256,%22c%22:256,%22ce%22:274,%22rq%22:274,%22rp%22:453,%22rpe%22:463,%22di%22:3665,%22ds%22:3665,%22de%22:3678,%22dc%22:4523,%22l%22:4524,%22le%22:4527%7D,%22navigation%22:%7B%7D%7D&fp=3469&fcp=3469

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=4822&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx&af=err,xhr,stn,ins&ap=390&be=453&fe=4074&dc=3225&perf=%7B%22timing%22:%7B%22of%22:1689095355825,%22n%22:0,%22f%22:47,%22dn%22:256,%22dne%22:256,%22c%22:256,%22ce%22:274,%22rq%22:274,%22rp%22:453,%22rpe%22:463,%22di%22:3665,%22ds%22:3665,%22de%22:3678,%22dc%22:4523,%22l%22:4524,%22le%22:4527%7D,%22navigation%22:%7B%7D%7D&fp=3469&fcp=3469 HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 40
date: Tue, 11 Jul 2023 17:09:22 GMT
content-type: text/plain
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: http://invesco2021tf.q4web.com
x-served-by: cache-ams21075-AMS
POST

https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6173&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6173&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 259
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:23 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21075-AMS
DNS

76.121.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

76.121.18.2.in-addr.arpa

IN PTR

Response

76.121.18.2.in-addr.arpa

IN PTR

a2-18-121-76deploystaticakamaitechnologiescom
DNS

137.2.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.2.101.151.in-addr.arpa

IN PTR

Response
DNS

226.21.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.21.18.104.in-addr.arpa

IN PTR

Response
DNS

120.39.65.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

120.39.65.18.in-addr.arpa

IN PTR

Response

120.39.65.18.in-addr.arpa

IN PTR

server-18-65-39-120ams1r cloudfrontnet
GET

https://d18rn0p25nwr6d.cloudfront.net/CIK-0000914208/e0dc659a-e7a2-42ac-bfaf-b1655229295c.pdf

chrome.exe

Remote address:

13.227.211.114:443

Request

GET /CIK-0000914208/e0dc659a-e7a2-42ac-bfaf-b1655229295c.pdf HTTP/1.1
Host: d18rn0p25nwr6d.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/pdf
Content-Length: 113071
Connection: keep-alive
Date: Tue, 11 Jul 2023 17:09:24 GMT
Last-Modified: Tue, 11 Jul 2023 12:04:12 GMT
ETag: "9db726acab3c978680679dad535487a1"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: 2I7s47eFXFppFFP4BdvnlTvoiJze1DxdbjbtTRA9ufJwRoZcRkTbcQ==
GET

https://d18rn0p25nwr6d.cloudfront.net/favicon.ico

chrome.exe

Remote address:

13.227.211.114:443

Request

GET /favicon.ico HTTP/1.1
Host: d18rn0p25nwr6d.cloudfront.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://d18rn0p25nwr6d.cloudfront.net/CIK-0000914208/e0dc659a-e7a2-42ac-bfaf-b1655229295c.pdf
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 403 Forbidden

Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 11 Jul 2023 17:09:24 GMT
Server: AmazonS3
X-Cache: Error from cloudfront
Via: 1.1 4fa61644a4cc2dfcb32e66f7e29f0076.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: xqr2x5mgH-W1ir4Lq1kJyt5okjg5PzfQtUdyDSwgM0aIsuU3N-icrA==
DNS

29.243.247.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

29.243.247.162.in-addr.arpa

IN PTR

Response
POST

https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=2513&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=2513&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 34
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:23 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21027-AMS
POST

https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=15747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=15747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 88
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:33 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21027-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=26746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=26746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 574
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:44 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21027-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=37749&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=37749&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 588
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:55 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21027-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=124743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=124743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:11:22 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21027-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=134743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=134743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:11:32 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21027-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=144743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=144743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:11:42 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21027-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=154744&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=154744&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: close
Content-Length: 24
date: Tue, 11 Jul 2023 17:11:52 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21027-AMS
POST

https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6181&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6181&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 248
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:23 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21077-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6179&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6179&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 1223
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:23 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21036-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=2514&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=2514&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 813
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:09:23 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=164744&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=164744&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:12:02 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=174744&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=174744&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:12:12 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=184745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=184745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:12:22 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=194745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=194745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:12:32 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=204747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=204747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:12:42 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=214762&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=214762&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:12:52 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=225746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=225746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:13:03 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=236745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=236745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:13:14 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=247745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=247745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:13:25 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=258746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=258746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:13:36 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=269746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=269746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:13:47 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=280747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=280747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:13:58 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
POST

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=291747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

chrome.exe

Remote address:

162.247.243.29:443

Request

POST /jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=291747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx HTTP/1.1
Host: bam.nr-data.net
Connection: keep-alive
Content-Length: 294
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
Accept: */*
Origin: http://invesco2021tf.q4web.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: http://invesco2021tf.q4web.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 24
date: Tue, 11 Jul 2023 17:14:09 GMT
content-type: image/gif
access-control-allow-origin: http://invesco2021tf.q4web.com
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
x-served-by: cache-ams21080-AMS
DNS

114.211.227.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

114.211.227.13.in-addr.arpa

IN PTR

Response

114.211.227.13.in-addr.arpa

IN PTR

server-13-227-211-114ams54r cloudfrontnet
DNS

clients2.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

clients2.google.com

IN A

Response

clients2.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

142.251.36.46
DNS

108.211.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

108.211.229.192.in-addr.arpa

IN PTR

Response
DNS

46.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.36.251.142.in-addr.arpa

IN PTR

Response

46.36.251.142.in-addr.arpa

IN PTR

ams17s12-in-f141e100net
DNS

59.128.231.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.128.231.4.in-addr.arpa

IN PTR

Response
DNS

1.77.109.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.77.109.52.in-addr.arpa

IN PTR

Response
DNS

90.65.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

90.65.42.20.in-addr.arpa

IN PTR

Response

104.126.36.114:443

assets.msn.com

tls

2.7kB
11.1kB
21
19
162.159.130.11:80

http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/GlobalBranding.ashx

http

chrome.exe

3.0kB
63.6kB
35
57

HTTP Request

GET http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx?FilingId=16784646

HTTP Response

200

HTTP Request

GET http://invesco2021tf.q4web.com/js/typescript/dist/index.js

HTTP Response

200

HTTP Request

GET http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/GlobalBranding.ashx

HTTP Response

200
162.159.130.11:80

http://invesco2021tf.q4web.com/css/evergreen/evergreen.1.0.0.min.css

http

chrome.exe

1.1kB
14.8kB
15
19

HTTP Request

GET http://invesco2021tf.q4web.com/css/evergreen/evergreen.1.0.0.min.css

HTTP Response

200
162.159.130.11:80

http://invesco2021tf.q4web.com/q4logincallback.aspx

http

chrome.exe

8.3kB
258.0kB
112
207

HTTP Request

GET http://invesco2021tf.q4web.com/js/module/widgets/dist/dependencies/evergreen.core.1.0.0.min.js

HTTP Response

200

HTTP Request

GET http://invesco2021tf.q4web.com/js/module/widgets/dist/dependencies/evergreen.app.1.0.0.min.js

HTTP Response

200

HTTP Request

GET http://invesco2021tf.q4web.com/js/module/widgets/dist/latest/evergreen.q4Api.min.js

HTTP Response

200

HTTP Request

GET http://invesco2021tf.q4web.com/js/module/widgets/dist/latest/evergreen.q4Pager.min.js

HTTP Response

200

HTTP Request

GET http://invesco2021tf.q4web.com/js/module/widgets/dist/latest/evergreen.q4Slideshow.min.js

HTTP Response

200

HTTP Request

GET http://invesco2021tf.q4web.com/js/anti-csrf.js

HTTP Response

200

HTTP Request

GET http://invesco2021tf.q4web.com/q4logincallback.aspx

HTTP Response

200
68.70.205.4:80

http://s29.q4cdn.com/253383189/files/favicon.ico

http

chrome.exe

6.1kB
259.8kB
102
195

HTTP Request

GET http://s29.q4cdn.com/253383189/files/css/global.css?v=33714

HTTP Response

200

HTTP Request

GET http://s29.q4cdn.com/253383189/files/js/q4.core.1.1.8.min.js

HTTP Response

200

HTTP Request

GET http://s29.q4cdn.com/253383189/files/js/q4.app.1.1.8.min.js

HTTP Response

200

HTTP Request

GET http://s29.q4cdn.com/253383189/files/favicon.ico

HTTP Response

200
68.70.205.4:80

http://s29.q4cdn.com/253383189/files/css/print.css

http

chrome.exe

628 B
1.7kB
6
6

HTTP Request

GET http://s29.q4cdn.com/253383189/files/css/print.css

HTTP Response

200
68.70.205.4:80

http://s29.q4cdn.com/253383189/files/css/client.css?v=33770

http

chrome.exe

913 B
18.4kB
12
18

HTTP Request

GET http://s29.q4cdn.com/253383189/files/css/client.css?v=33770

HTTP Response

200
108.156.60.95:443

https://widgets.q4app.com/widgets/requireslib/pym.v1.min.js

tls, http2

chrome.exe

2.6kB
37.8kB
31
44

HTTP Request

GET https://widgets.q4app.com/widgets/q4.api.1.13.5.min.js

HTTP Response

200

HTTP Request

GET https://widgets.q4app.com/widgets/requireslib/pym.v1.min.js

HTTP Response

200
108.156.60.95:80

http://widgets.q4app.com/widgets/requireslib/pym.v1.min.js

http

chrome.exe

851 B
1.1kB
11
10

HTTP Request

GET http://widgets.q4app.com/widgets/requireslib/pym.v1.min.js

HTTP Response

301
172.217.23.206:80

http://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=2141194327&t=event&ni=0&_s=2&dl=http%3A%2F%2Finvesco2021tf.q4web.com%2Fsec-filings%2Fsec-filings-details%2Fdefault.aspx%3FFilingId%3D16784646&ul=en-us&de=UTF-8&dt=Invesco%20Ltd.%20-%20SEC%20Filings%20-%20SEC%20Filings%20Details&sd=24-bit&sr=1280x720&vp=1263x609&je=0&ec=download&ea=download&el=d18rn0p25nwr6d.cloudfront.net%2Fcik-0000914208%2Fe0dc659a-e7a2-42ac-bfaf-b1655229295c.pdf&ev=0&_u=aEBAAEABEAAAACAAI~&jid=&gjid=&cid=1657431935.1689095359&tid=UA-11111111-1&_gid=828254608.1689095359&z=577346249

http

chrome.exe

2.2kB
23.0kB
20
26

HTTP Request

GET http://www.google-analytics.com/analytics.js

HTTP Response

200

HTTP Request

GET http://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=2141194327&t=event&ni=0&_s=2&dl=http%3A%2F%2Finvesco2021tf.q4web.com%2Fsec-filings%2Fsec-filings-details%2Fdefault.aspx%3FFilingId%3D16784646&ul=en-us&de=UTF-8&dt=Invesco%20Ltd.%20-%20SEC%20Filings%20-%20SEC%20Filings%20Details&sd=24-bit&sr=1280x720&vp=1263x609&je=0&ec=download&ea=download&el=d18rn0p25nwr6d.cloudfront.net%2Fcik-0000914208%2Fe0dc659a-e7a2-42ac-bfaf-b1655229295c.pdf&ev=0&_u=aEBAAEABEAAAACAAI~&jid=&gjid=&cid=1657431935.1689095359&tid=UA-11111111-1&_gid=828254608.1689095359&z=577346249

HTTP Response

200
208.95.112.2:443

pro.ip-api.com

tls

chrome.exe

2.7kB
5.9kB
11
15
68.70.205.4:80

http://s29.q4cdn.com/253383189/files/fonts/InvescoEditor-Regular.otf

http

chrome.exe

1.4kB
47.2kB
22
38

HTTP Request

GET http://s29.q4cdn.com/253383189/files/fonts/InvescoEditor-Regular.otf

HTTP Response

200
68.70.205.4:80

http://s29.q4cdn.com/253383189/files/fonts/Graphik-Regular-Web.woff

http

chrome.exe

1.5kB
50.7kB
24
41

HTTP Request

GET http://s29.q4cdn.com/253383189/files/fonts/Graphik-Regular-Web.woff

HTTP Response

200
108.156.61.8:443

https://d1azc1qln24ryf.cloudfront.net/50912/_Q4BlankTemplate/q4-icons.woff2?k4mfa9

tls, http2

chrome.exe

2.1kB
7.5kB
21
21

HTTP Request

GET https://d1azc1qln24ryf.cloudfront.net/50912/_Q4BlankTemplate/q4-icons.woff2?k4mfa9

HTTP Response

302
162.159.130.11:443

https://invesco2021tf.q4web.com/x0k461/e6c1b/xc9

tls, http2

chrome.exe

1.8kB
3.7kB
16
14

HTTP Request

OPTIONS https://invesco2021tf.q4web.com/x0k461/e6c1b/xc9

HTTP Response

200
138.199.24.209:443

https://cdn.icomoon.io/50912/_Q4BlankTemplate/q4-icons.woff2

tls, http2

chrome.exe

2.1kB
16.7kB
21
26

HTTP Request

GET https://cdn.icomoon.io/50912/_Q4BlankTemplate/q4-icons.woff2

HTTP Response

200
18.65.39.56:443

https://login.q4inc.com/authorize?client_id=gKrDY1E9BUSWfU7DGuW2CO4rjdskiNg7&scope=openid+profile+email&response_type=code&response_mode=query&nonce=QWD9yCnrK5JuRznQCb4D3YscM&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwOi8vaW52ZXNjbzIwMjF0Zi5xNHdlYi5jb20vcTRsb2dpbmNhbGxiYWNrLmFzcHgiLCJleHAiOjE2OTQzNTQ5NDUuMCwiaWF0IjoxNjg5MDk1MzQ1LjAsImlzcyI6IlE0LldlYi5QdWJsaWMuU2l0ZSIsImF1ZCI6InVwc3RyZWFtLmNkbi53ZWIucHJkLnE0aW5jLmNvbSJ9.MMHkOOtkxSxIeTSVejrMIIvXIWnmLpM7omTm3TeGVEo&redirect_uri=https%3a%2f%2fauth.platform.q4inc.com%2fauth%2fpublicAuthRedirect&prompt=none

tls, http2

chrome.exe

2.5kB
9.7kB
19
23

HTTP Request

GET https://login.q4inc.com/authorize?client_id=gKrDY1E9BUSWfU7DGuW2CO4rjdskiNg7&scope=openid+profile+email&response_type=code&response_mode=query&nonce=QWD9yCnrK5JuRznQCb4D3YscM&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwOi8vaW52ZXNjbzIwMjF0Zi5xNHdlYi5jb20vcTRsb2dpbmNhbGxiYWNrLmFzcHgiLCJleHAiOjE2OTQzNTQ5NDUuMCwiaWF0IjoxNjg5MDk1MzQ1LjAsImlzcyI6IlE0LldlYi5QdWJsaWMuU2l0ZSIsImF1ZCI6InVwc3RyZWFtLmNkbi53ZWIucHJkLnE0aW5jLmNvbSJ9.MMHkOOtkxSxIeTSVejrMIIvXIWnmLpM7omTm3TeGVEo&redirect_uri=https%3a%2f%2fauth.platform.q4inc.com%2fauth%2fpublicAuthRedirect&prompt=none

HTTP Response

302
162.159.130.11:443

https://invesco2021tf.q4web.com/x0k461/e6c1b/xc9

tls, http2

chrome.exe

9.7kB
5.1kB
31
30

HTTP Request

POST https://invesco2021tf.q4web.com/x0k461/e6c1b/xc9

HTTP Response

200

HTTP Request

POST https://invesco2021tf.q4web.com/x0k461/e6c1b/xc9

HTTP Response

200

HTTP Request

POST https://invesco2021tf.q4web.com/x0k461/e6c1b/xc9

HTTP Response

200
2.18.121.76:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

chrome.exe

416 B
1.7kB
6
6

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
18.65.39.120:443

https://auth.platform.q4inc.com/auth/publicAuthRedirect?error=login_required&error_description=Login%20required&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwOi8vaW52ZXNjbzIwMjF0Zi5xNHdlYi5jb20vcTRsb2dpbmNhbGxiYWNrLmFzcHgiLCJleHAiOjE2OTQzNTQ5NDUuMCwiaWF0IjoxNjg5MDk1MzQ1LjAsImlzcyI6IlE0LldlYi5QdWJsaWMuU2l0ZSIsImF1ZCI6InVwc3RyZWFtLmNkbi53ZWIucHJkLnE0aW5jLmNvbSJ9.MMHkOOtkxSxIeTSVejrMIIvXIWnmLpM7omTm3TeGVEo

tls, http2

chrome.exe

2.4kB
7.5kB
18
19

HTTP Request

GET https://auth.platform.q4inc.com/auth/publicAuthRedirect?error=login_required&error_description=Login%20required&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwOi8vaW52ZXNjbzIwMjF0Zi5xNHdlYi5jb20vcTRsb2dpbmNhbGxiYWNrLmFzcHgiLCJleHAiOjE2OTQzNTQ5NDUuMCwiaWF0IjoxNjg5MDk1MzQ1LjAsImlzcyI6IlE0LldlYi5QdWJsaWMuU2l0ZSIsImF1ZCI6InVwc3RyZWFtLmNkbi53ZWIucHJkLnE0aW5jLmNvbSJ9.MMHkOOtkxSxIeTSVejrMIIvXIWnmLpM7omTm3TeGVEo

HTTP Response

301
151.101.2.137:443

https://js-agent.newrelic.com/page_action-aggregate.ac76d497-1.236.0.min.js

tls, http2

chrome.exe

3.8kB
47.6kB
42
60

HTTP Request

GET https://js-agent.newrelic.com/async-api.30bd804e-1.236.0.min.js

HTTP Request

GET https://js-agent.newrelic.com/lazy-feature-loader.2f55ce66-1.236.0.min.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://js-agent.newrelic.com/148.1a20d5fe-1.236.0.min.js

HTTP Request

GET https://js-agent.newrelic.com/page_view_event-aggregate.06482edd-1.236.0.min.js

HTTP Request

GET https://js-agent.newrelic.com/860.03a8b7a5-1.236.0.min.js

HTTP Request

GET https://js-agent.newrelic.com/page_view_timing-aggregate.bd6de33a-1.236.0.min.js

HTTP Request

GET https://js-agent.newrelic.com/metrics-aggregate.3dc53903-1.236.0.min.js

HTTP Request

GET https://js-agent.newrelic.com/jserrors-aggregate.49e41428-1.236.0.min.js

HTTP Request

GET https://js-agent.newrelic.com/ajax-aggregate.998ef92b-1.236.0.min.js

HTTP Request

GET https://js-agent.newrelic.com/session_trace-aggregate.83105561-1.236.0.min.js

HTTP Request

GET https://js-agent.newrelic.com/page_action-aggregate.ac76d497-1.236.0.min.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
151.101.2.137:443

js-agent.newrelic.com

tls

chrome.exe

989 B
5.5kB
9
10
162.247.243.29:443

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=114742&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

tls, http

chrome.exe

16.6kB
14.7kB
40
45

HTTP Request

POST https://bam.nr-data.net/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=1146&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx&af=err,xhr,stn,ins&ap=32&be=787&fe=67&dc=63&perf=%7B%22timing%22:%7B%22of%22:1689095359494,%22n%22:0,%22f%22:626,%22dn%22:626,%22dne%22:626,%22c%22:626,%22ce%22:626,%22rq%22:624,%22rp%22:787,%22rpe%22:796,%22di%22:850,%22ds%22:850,%22de%22:850,%22dc%22:850,%22l%22:850,%22le%22:854%7D,%22navigation%22:%7B%7D%7D

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6177&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=2515&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=15738&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=37749&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=48743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=59743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=70742&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=81741&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=92741&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=103742&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=114742&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200
162.247.243.29:443

https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6173&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

tls, http

chrome.exe

3.6kB
6.7kB
17
19

HTTP Request

POST https://bam.nr-data.net/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=4822&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx&af=err,xhr,stn,ins&ap=390&be=453&fe=4074&dc=3225&perf=%7B%22timing%22:%7B%22of%22:1689095355825,%22n%22:0,%22f%22:47,%22dn%22:256,%22dne%22:256,%22c%22:256,%22ce%22:274,%22rq%22:274,%22rp%22:453,%22rpe%22:463,%22di%22:3665,%22ds%22:3665,%22de%22:3678,%22dc%22:4523,%22l%22:4524,%22le%22:4527%7D,%22navigation%22:%7B%7D%7D&fp=3469&fcp=3469

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6173&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200
13.227.211.114:443

https://d18rn0p25nwr6d.cloudfront.net/CIK-0000914208/e0dc659a-e7a2-42ac-bfaf-b1655229295c.pdf

tls, http

chrome.exe

4.1kB
124.1kB
60
103

HTTP Request

GET https://d18rn0p25nwr6d.cloudfront.net/CIK-0000914208/e0dc659a-e7a2-42ac-bfaf-b1655229295c.pdf

HTTP Response

200
13.227.211.114:443

https://d18rn0p25nwr6d.cloudfront.net/favicon.ico

tls, http

chrome.exe

2.1kB
7.7kB
18
20

HTTP Request

GET https://d18rn0p25nwr6d.cloudfront.net/favicon.ico

HTTP Response

403
162.247.243.29:443

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=154744&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

tls, http

chrome.exe

12.4kB
11.4kB
32
34

HTTP Request

POST https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=2513&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=15747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=26746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=37749&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=124743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=134743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=144743&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=154744&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200
162.247.243.29:443

https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6181&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

tls, http

chrome.exe

2.2kB
1.8kB
12
13

HTTP Request

POST https://bam.nr-data.net/events/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6181&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200
162.247.243.29:443

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6179&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

tls, http

chrome.exe

3.3kB
1.8kB
13
13

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=6179&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200
162.247.243.29:443

https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=291747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

tls, http

chrome.exe

18.9kB
17.2kB
47
53

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTUdQWw0CWF5bWFgJUgNVDxkDFkFI&rst=2514&ck=0&s=0&ref=http://invesco2021tf.q4web.com/q4logincallback.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=164744&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=174744&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=184745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=194745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=204747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=214762&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=225746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=236745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=247745&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=258746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=269746&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=280747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200

HTTP Request

POST https://bam.nr-data.net/jserrors/1/4b6f7f959c?a=229922501&v=1.236.0&to=b1xWMUIDWBdWARFYX1YWdTZgTVIBUQMQXUQWWEcVSA%3D%3D&rst=291747&ck=0&s=0&ref=http://invesco2021tf.q4web.com/sec-filings/sec-filings-details/default.aspx

HTTP Response

200
142.251.36.46:443

clients2.google.com

tls, http2

chrome.exe

1.1kB
8.4kB
11
11

8.8.8.8:53

assets.msn.com

dns

60 B
278 B
1
1

DNS Request

assets.msn.com

DNS Response

104.126.36.114

104.126.36.97

104.126.36.88

104.126.36.81

104.126.36.106

104.126.36.80

104.126.36.96

104.126.36.90

104.126.36.89
8.8.8.8:53

114.36.126.104.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

114.36.126.104.in-addr.arpa
8.8.8.8:53

126.133.241.8.in-addr.arpa

dns

72 B
126 B
1
1

DNS Request

126.133.241.8.in-addr.arpa
8.8.8.8:53

invesco2021tf.q4web.com

dns

chrome.exe

69 B
263 B
1
1

DNS Request

invesco2021tf.q4web.com

DNS Response

162.159.130.11

162.159.129.11
8.8.8.8:53

208.194.73.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

208.194.73.20.in-addr.arpa
8.8.8.8:53

11.130.159.162.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

11.130.159.162.in-addr.arpa
8.8.8.8:53

202.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.179.250.142.in-addr.arpa
8.8.8.8:53

131.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

131.179.250.142.in-addr.arpa
8.8.8.8:53

s29.q4cdn.com

dns

chrome.exe

59 B
184 B
1
1

DNS Request

s29.q4cdn.com

DNS Response

68.70.205.4

68.70.205.1

68.70.205.2

68.70.205.3
8.8.8.8:53

106.208.58.216.in-addr.arpa

dns

73 B
143 B
1
1

DNS Request

106.208.58.216.in-addr.arpa
8.8.8.8:53

4.205.70.68.in-addr.arpa

dns

70 B
124 B
1
1

DNS Request

4.205.70.68.in-addr.arpa
8.8.8.8:53

widgets.q4app.com

dns

chrome.exe

63 B
127 B
1
1

DNS Request

widgets.q4app.com

DNS Response

108.156.60.95

108.156.60.68

108.156.60.126

108.156.60.57
8.8.8.8:53

95.60.156.108.in-addr.arpa

dns

72 B
128 B
1
1

DNS Request

95.60.156.108.in-addr.arpa
8.8.8.8:53

189.211.227.13.in-addr.arpa

dns

73 B
131 B
1
1

DNS Request

189.211.227.13.in-addr.arpa
8.8.8.8:53

4.159.190.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

4.159.190.20.in-addr.arpa
8.8.8.8:53

pro.ip-api.com

dns

chrome.exe

60 B
76 B
1
1

DNS Request

pro.ip-api.com

DNS Response

208.95.112.2
8.8.8.8:53

d1azc1qln24ryf.cloudfront.net

dns

chrome.exe

147 B
299 B
2
2

DNS Request

d1azc1qln24ryf.cloudfront.net

DNS Response

108.156.61.8

108.156.61.109

108.156.61.95

108.156.61.32

DNS Request

slscr.update.microsoft.com

DNS Response

20.114.59.183
8.8.8.8:53

d18rn0p25nwr6d.cloudfront.net

dns

chrome.exe

75 B
139 B
1
1

DNS Request

d18rn0p25nwr6d.cloudfront.net

DNS Response

13.227.211.114

13.227.211.26

13.227.211.171

13.227.211.94
8.8.8.8:53

cdn.icomoon.io

dns

chrome.exe

60 B
107 B
1
1

DNS Request

cdn.icomoon.io

DNS Response

138.199.24.209
8.8.8.8:53

login.q4inc.com

dns

chrome.exe

61 B
125 B
1
1

DNS Request

login.q4inc.com

DNS Response

18.65.39.56

18.65.39.98

18.65.39.19

18.65.39.88
8.8.8.8:53

apps.identrust.com

dns

chrome.exe

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

2.18.121.76

2.18.121.68
8.8.8.8:53

auth.platform.q4inc.com

dns

chrome.exe

69 B
176 B
1
1

DNS Request

auth.platform.q4inc.com

DNS Response

18.65.39.120

18.65.39.33

18.65.39.84

18.65.39.63
8.8.8.8:53

206.23.217.172.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

206.23.217.172.in-addr.arpa
8.8.8.8:53

2.112.95.208.in-addr.arpa

dns

71 B
144 B
1
1

DNS Request

2.112.95.208.in-addr.arpa
8.8.8.8:53

8.61.156.108.in-addr.arpa

dns

71 B
126 B
1
1

DNS Request

8.61.156.108.in-addr.arpa
8.8.8.8:53

55.36.223.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

55.36.223.20.in-addr.arpa
8.8.8.8:53

56.39.65.18.in-addr.arpa

dns

70 B
124 B
1
1

DNS Request

56.39.65.18.in-addr.arpa
8.8.8.8:53

209.24.199.138.in-addr.arpa

dns

73 B
116 B
1
1

DNS Request

209.24.199.138.in-addr.arpa
8.8.8.8:53

js-agent.newrelic.com

dns

chrome.exe

67 B
168 B
1
1

DNS Request

js-agent.newrelic.com

DNS Response

151.101.2.137

151.101.66.137

151.101.130.137

151.101.194.137
8.8.8.8:53

bam.nr-data.net

dns

chrome.exe

61 B
131 B
1
1

DNS Request

bam.nr-data.net

DNS Response

162.247.243.29
8.8.8.8:53

76.121.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

76.121.18.2.in-addr.arpa
8.8.8.8:53

137.2.101.151.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

137.2.101.151.in-addr.arpa
8.8.8.8:53

226.21.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

226.21.18.104.in-addr.arpa
8.8.8.8:53

120.39.65.18.in-addr.arpa

dns

71 B
126 B
1
1

DNS Request

120.39.65.18.in-addr.arpa
8.8.8.8:53

29.243.247.162.in-addr.arpa

dns

73 B
138 B
1
1

DNS Request

29.243.247.162.in-addr.arpa
8.8.8.8:53

114.211.227.13.in-addr.arpa

dns

73 B
131 B
1
1

DNS Request

114.211.227.13.in-addr.arpa
8.8.8.8:53

clients2.google.com

dns

chrome.exe

65 B
105 B
1
1

DNS Request

clients2.google.com

DNS Response

142.251.36.46
8.8.8.8:53

108.211.229.192.in-addr.arpa

dns

74 B
145 B
1
1

DNS Request

108.211.229.192.in-addr.arpa
142.251.36.46:443

clients2.google.com

https

chrome.exe

3.7kB
8.2kB
10
12
224.0.0.251:5353

chrome.exe

204 B
3
8.8.8.8:53

46.36.251.142.in-addr.arpa

dns

72 B
111 B
1
1

DNS Request

46.36.251.142.in-addr.arpa
8.8.8.8:53

59.128.231.4.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

59.128.231.4.in-addr.arpa
8.8.8.8:53

1.77.109.52.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

1.77.109.52.in-addr.arpa
8.8.8.8:53

90.65.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

90.65.42.20.in-addr.arpa

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
600B

MD5
29aff14f7f4ad7a10d0b09244cefb6c3

SHA1
622d8b4e9f1846a7a28068c95e2eaa6a420c2be8

SHA256
26f7466a7fed14a9e60da7ca198565490037426eab3bbb01931c923a5409ebe1

SHA512
b56e7efbaa00d240b394c695743a096a9bbe088b6b12ff1eee519af3ed3598881e760b10699a7f0502040dbea66ee844483e53f7a26d701c894bc4ac9e04980b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
093b17c30059c32769f61a80cffa4046

SHA1
25dabbfaf12a6d64d5cce3e22255c2e463916116

SHA256
46d7596fad0c26f5f2e440dc452e23f29665017491594bf934c0b58ea1a4954d

SHA512
ee6f0e41a0d571090a01ef158f0923cf2b67d9f1328f1bcded7a2f60c5bd5a296696d45e243f0f30ae08be5ca027bba631d12f05f6c8177b99c635ea9f49030d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
875B

MD5
480eae9586271b7a279f7bd43ba031e7

SHA1
7216feeb94e458c208b95a83b581d1da0fd871b9

SHA256
ca3ddd8a33bc31956e27140fb52621997d0760b14d0e8530edd6d066d04b1ebf

SHA512
c4cb782a2a6910c3927cde78f07fdc58f60ab669fe1e666447148e933d2985373ca49edbc6687a062d93d1d11a26fc02b6ebd25fb5d492304aff9e230f21122e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
5616139a966c4751a727b4ecfaacf9bb

SHA1
af1cd3df5bd5bc53116b626dc5147c92cfacc3e2

SHA256
313576881a5cb62dfbe818286f5baf5418b5b31ec5f0040f7c6a6ed3d9a019bd

SHA512
89cc212cdb8adbdfb18be1c6fd769a92e6b305f15ed876e4474057765e53c8e014d43ccf2e2feb7a855b3d17c99d83ab997ecb4e94c40a33da0902c423ae85e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
a6ef0873be1671bacb8557bfc0df0df6

SHA1
7eca72824da0ff36117ded0ea46ca506d34a6829

SHA256
a1e7d9899c8be21a477924df402fecd6d5bbfce16d6d78078ee4f2714b13f011

SHA512
44ab0ac70037893dc2bb040976c6059d7cd3f7dc59a94fc6a9c63aa8e74699b1e0fcefc91d3476f697bd433969a43ea3cf0f06795f8e3f4de2d82238b27be2db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
89KB

MD5
14d1f77ca06ac5e72fb4ed8e24289de9

SHA1
a090aff9a78bc97eb5c041127f174b2950a349cb

SHA256
1377c0b117fb4f8acbece45492a9b8cf6034b8db508d4f7cfe29f7912f8ac7c3

SHA512
0960a9c0b77da730abfbb40b402b3f7185f4e130111e634f3a34db89830751f2c0b9e32f8de978d050f0f1b63c29b25e05a256ed474ab95ab05ad8079e49d0f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
9531d051c0248575cbfd1d23ed3e9201

SHA1
defd81163c1bd4ce8ca343312c672c6a6fbdf945

SHA256
5ab2133a70d2d8276c6a3695f200dc45326f51cf6501dade986bf10e4b7aca64

SHA512
86ebe3030c90e608273659f6a07b7b5b6ca4f12bde146c8e7d910ed1b5acc652a265a03327b0bbb30ca36a816a30187c4ddbe15b9450bae5dbd014798e749252

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
174KB

MD5
42490f13936b3b0a5e6d18c9f8904036

SHA1
f3d8fbc73c7280bbd99d5e98d750b1e3540f5c43

SHA256
55156ee9c09f277f6f5075e630485295a3634d1da5d7a3e3ff38a0b892d27597

SHA512
f9474a93131abf31bc7bea2aff096ad655dbe656acac5849924a6ccaa598081eac67ceb8f3a5ef59f05adb23cb75310b9e60ae31b708cf1e29e9824ea1c27ea6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
194KB

MD5
7ca6d3d4ed7f4c006270f7c70872f4f0

SHA1
871b6e2819dd9ab192dbb942b13fc66239edebb9

SHA256
ea8d66c805e8a3e9384132137dc52d8d871e6fe3cca7b7824e1031d99d5cc23c

SHA512
9ed196503e31c01db943e908e7fc2e16ac824946c1f1ca6a3f0252a0bdefe5cf1b425d4c2ef9966965581ffa24924a9be6007e22b74a3c520159134776418aa8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request