Edit tour

Windows Analysis Report
https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42

Overview

General Information

Sample URL:	https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42
Analysis ID:	1520600
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Detected non-DNS traffic on DNS port

HTML body contains low number of good links

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5984 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 2228 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2004,i,13221287546496257904,3716479039099036390,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6392 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

HTTP traffic detected: POST /securereader/login.jsf HTTP/1.1Host: securemail.zionsbancorp.comConnection: keep-aliveContent-Length: 155Cache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1Origin: https://securemail.zionsbancorp.comContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==

Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: http://adomas.org/javascript-mouse-wheel/
Source: chromecache_73.2.dr	String found in binary or memory: http://api.jqueryui.com/category/theming/
Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: http://brandonaaron.net)
Source: chromecache_73.2.dr, chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_69.2.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: http://trentrichardson.com/examples/timepicker
Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: http://www.jacklmoore.com/autosize
Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: http://www.mathias-bank.de)
Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: https://github.com/carhartl/jquery-cookie
Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: https://github.com/furf/jquery-ui-touch-punch
Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: https://github.com/gabceb
Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: https://github.com/gabceb/jquery-browser-plugin
Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: https://github.com/jquery/jquery-color
Source: chromecache_93.2.dr, chromecache_69.2.dr	String found in binary or memory: https://github.com/markrian/jquery-ui-touch-punch-improved

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@16/40@6/4

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2004,i,13221287546496257904,3716479039099036390,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=2004,i,13221287546496257904,3716479039099036390,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: continue

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label
http://jquery.org/license	0%	URL Reputation	safe
http://jqueryui.com	0%	URL Reputation	safe
http://api.jqueryui.com/position/	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
uwdn2vu.impervadns.net	45.60.233.23	true	false	unknown
www.google.com	142.250.186.132	true	false	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	unknown
securemail.zionsbancorp.com	unknown	unknown	false	unknown

Contacted URLs

Name	Malicious	Reputation
https://securemail.zionsbancorp.com/securereader/javax.faces.resource/components.js.jsf?ln=primefaces&v=7.0.17	false	unknown
https://securemail.zionsbancorp.com/securereader/javax.faces.resource/messages/messages.png.jsf?ln=primefaces&v=7.0.17	false	unknown
https://securemail.zionsbancorp.com/securereader/fonts/sourcesanspro-regular.ttf.woff	false	unknown
https://securemail.zionsbancorp.com/formpostdir/Image?key=logo_image_key_1%40path&r=33a498e7-5de7-4716-8255-4d6eb41f7fe3	false	unknown
https://securemail.zionsbancorp.com/securereader/javax.faces.resource/theme.css.jsf?ln=primefaces-aristo	false	unknown
https://securemail.zionsbancorp.com/securereader/javax.faces.resource/jquery/jquery-plugins.js.jsf?ln=primefaces&v=7.0.17	false	unknown
https://securemail.zionsbancorp.com/formpostdir/fonts/sourcesanspro-regular.ttf.woff	false	unknown
https://securemail.zionsbancorp.com/_Incapsula_Resource?SWKMTFSR=1&e=0.2987383674441728	false	unknown
https://securemail.zionsbancorp.com/securereader/javax.faces.resource/components.css.jsf?ln=primefaces&v=7.0.17	false	unknown
https://securemail.zionsbancorp.com/securereader/javax.faces.resource/hotkey/hotkey.js.jsf?ln=primefaces&v=7.0.17	false	unknown
https://securemail.zionsbancorp.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1190947317	false	unknown
https://securemail.zionsbancorp.com/securereader/login.jsf	false	unknown
https://securemail.zionsbancorp.com/securereader/javax.faces.resource/jquery/jquery.js.jsf?ln=primefaces&v=7.0.17	false	unknown
https://securemail.zionsbancorp.com/securereader/javax.faces.resource/jsf.js.jsf?ln=javax.faces	false	unknown
https://securemail.zionsbancorp.com/securereader/javax.faces.resource/core.js.jsf?ln=primefaces&v=7.0.17	false	unknown
https://securemail.zionsbancorp.com/favicon.ico	false	unknown
https://securemail.zionsbancorp.com/securereader/Image?key=logo_image_key_1%40path&r=33a498e7-5de7-4716-8255-4d6eb41f7fe3	false	unknown
https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42	false	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://jquery.org/license	chromecache_73.2.dr, chromecache_93.2.dr, chromecache_69.2.dr	false	URL Reputation: safe	unknown
https://github.com/carhartl/jquery-cookie	chromecache_93.2.dr, chromecache_69.2.dr	false		unknown
http://adomas.org/javascript-mouse-wheel/	chromecache_93.2.dr, chromecache_69.2.dr	false		unknown
http://jqueryui.com	chromecache_69.2.dr	false	URL Reputation: safe	unknown
http://api.jqueryui.com/category/theming/	chromecache_73.2.dr	false		unknown
http://brandonaaron.net)	chromecache_93.2.dr, chromecache_69.2.dr	false		unknown
http://api.jqueryui.com/position/	chromecache_93.2.dr, chromecache_69.2.dr	false	URL Reputation: safe	unknown
https://github.com/jquery/jquery-color	chromecache_93.2.dr, chromecache_69.2.dr	false		unknown
https://github.com/markrian/jquery-ui-touch-punch-improved	chromecache_93.2.dr, chromecache_69.2.dr	false		unknown
https://github.com/gabceb/jquery-browser-plugin	chromecache_93.2.dr, chromecache_69.2.dr	false		unknown
http://www.mathias-bank.de)	chromecache_93.2.dr, chromecache_69.2.dr	false		unknown
https://github.com/furf/jquery-ui-touch-punch	chromecache_93.2.dr, chromecache_69.2.dr	false		unknown
https://github.com/gabceb	chromecache_93.2.dr, chromecache_69.2.dr	false		unknown
http://www.jacklmoore.com/autosize	chromecache_93.2.dr, chromecache_69.2.dr	false		unknown
http://trentrichardson.com/examples/timepicker	chromecache_93.2.dr, chromecache_69.2.dr	false		unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
239.255.255.250	unknown	Reserved	unknown	unknown	false
45.60.233.23	uwdn2vu.impervadns.net	United States	19551	INCAPSULAUS	false
142.250.186.132	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1520600
Start date and time:	2024-09-27 16:37:52 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 22s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean1.win@16/40@6/4
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.163, 172.217.16.206, 74.125.133.84, 34.104.35.123, 142.250.186.138, 216.58.206.74, 172.217.23.106, 216.58.212.170, 142.250.185.170, 142.250.186.42, 172.217.18.106, 142.250.186.106, 216.58.212.138, 142.250.186.74, 142.250.185.74, 172.217.18.10, 142.250.185.138, 142.250.74.202, 142.250.185.106, 172.217.16.202, 20.114.59.183, 88.221.110.91, 2.16.100.168, 52.165.164.15, 192.229.221.95, 13.85.23.206, 4.245.163.56, 216.58.206.67
Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, ocsp.edge.digicert.com, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42

Input	Output
URL: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 Model: jbxai	{ "brand":["Proofpoint Encryption"], "contains_trigger_text":true, "trigger_text":"Click here to view document", "prominent_buttonname":"Continue", "text_input_field_labels":["Email Address", "Password"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://securemail.zionsbancorp.com/securereader/login.jsf Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_buttonname":"Continue", "text_input_field_labels":["Email Address", "Password"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://securemail.zionsbancorp.com/securereader/login.jsf Model: jbxai	{ "brand":["Proofpoint Encryption"], "contains_trigger_text":true, "trigger_text":"Enter your password.", "prominent_buttonname":"Continue", "text_input_field_labels":["Email Address", "Password"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (19425)
Category:	dropped
Size (bytes):	267239
Entropy (8bit):	5.292248426826677
Encrypted:	false
SSDEEP:	6144:rFfwZqOMrqrJxaCg/qd/JsgciBjUZKziu1/:rFBE7eA
MD5:	540804DAC5A11DF20E7119A35D01E2F8
SHA1:	6D1AB351BC7568ACB90E29C6ABDF4570A907A431
SHA-256:	52D03B5EA1D204F7E6917075ECBB1C562F2FBE9029FE95C4BD25A70EDDDE2728
SHA-512:	F458CC926ECAB96EB1C771C7FE4DC643E0F217F8AA362DAECCDA719B2B8CC0059192E5BAEACF5969429AE1A2CA7B59B7773CD1F7A003C079FF871556DD52D9FD
Malicious:	false
Reputation:	low
Preview:	/! jQuery UI - v1.12.1 - 2017-08-09. http://jqueryui.com.* Includes: widget.js, position.js, data.js, disable-selection.js, focusable.js, form-reset-mixin.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/draggable.js, widgets/droppable.js, widgets/resizable.js, widgets/selectable.js, widgets/sortable.js, widgets/datepicker.js, widgets/mouse.js, widgets/slider.js, effect.js, effects/effect-blind.js, effects/effect-bounce.js, effects/effect-clip.js, effects/effect-drop.js, effects/effect-explode.js, effects/effect-fade.js, effects/effect-fold.js, effects/effect-highlight.js, effects/effect-puff.js, effects/effect-pulsate.js, effects/effect-scale.js, effects/effect-shake.js, effects/effect-size.js, effects/effect-slide.js, effects/effect-transfer.js.* Copyright jQuery Foundation and other contributors; Licensed MIT */.(function(a){if(typeof define==="function"&&define.amd){define(["jquery"],a)}else{a(jQuery)}}(function(K){K.ui=K.ui\|\|{};var Z=K.ui.version="

Source: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42	HTTP Parser: Number of links: 0
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: Number of links: 0

Source: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42	HTTP Parser: <input type="password" .../> found
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: <input type="password" .../> found

Source: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42	HTTP Parser: No favicon
Source: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42	HTTP Parser: No favicon
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No favicon
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No favicon
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No favicon
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No favicon

Source: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42	HTTP Parser: No <meta name="author".. found
Source: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42	HTTP Parser: No <meta name="author".. found
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No <meta name="author".. found
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No <meta name="author".. found
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No <meta name="author".. found
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No <meta name="author".. found

Source: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42	HTTP Parser: No <meta name="copyright".. found
Source: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42	HTTP Parser: No <meta name="copyright".. found
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No <meta name="copyright".. found
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No <meta name="copyright".. found
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No <meta name="copyright".. found
Source: https://securemail.zionsbancorp.com/securereader/login.jsf	HTTP Parser: No <meta name="copyright".. found

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	DNS traffic detected: DNS query: securemail.zionsbancorp.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 27, 2024 16:38:46.954083920 CEST	53	65465	1.1.1.1	192.168.2.4
Sep 27, 2024 16:38:46.954473972 CEST	53	54593	1.1.1.1	192.168.2.4
Sep 27, 2024 16:38:48.166085005 CEST	53	55603	1.1.1.1	192.168.2.4
Sep 27, 2024 16:38:48.846932888 CEST	60885	53	192.168.2.4	1.1.1.1
Sep 27, 2024 16:38:48.851469040 CEST	56120	53	192.168.2.4	1.1.1.1
Sep 27, 2024 16:38:48.854434013 CEST	53	60885	1.1.1.1	192.168.2.4
Sep 27, 2024 16:38:48.863101006 CEST	53	56120	1.1.1.1	192.168.2.4
Sep 27, 2024 16:38:50.669828892 CEST	64160	53	192.168.2.4	1.1.1.1
Sep 27, 2024 16:38:50.670522928 CEST	57440	53	192.168.2.4	1.1.1.1
Sep 27, 2024 16:38:50.677150965 CEST	53	64160	1.1.1.1	192.168.2.4
Sep 27, 2024 16:38:50.677371979 CEST	53	57440	1.1.1.1	192.168.2.4
Sep 27, 2024 16:38:55.177793980 CEST	59665	53	192.168.2.4	1.1.1.1
Sep 27, 2024 16:38:55.178216934 CEST	62429	53	192.168.2.4	1.1.1.1
Sep 27, 2024 16:38:55.189065933 CEST	53	59665	1.1.1.1	192.168.2.4
Sep 27, 2024 16:38:55.203645945 CEST	53	62429	1.1.1.1	192.168.2.4
Sep 27, 2024 16:38:57.687534094 CEST	53	59550	1.1.1.1	192.168.2.4
Sep 27, 2024 16:39:05.187835932 CEST	138	138	192.168.2.4	192.168.2.255
Sep 27, 2024 16:39:05.270340919 CEST	53	55526	1.1.1.1	192.168.2.4
Sep 27, 2024 16:39:24.072575092 CEST	53	51022	1.1.1.1	192.168.2.4
Sep 27, 2024 16:39:46.296592951 CEST	53	58578	1.1.1.1	192.168.2.4
Sep 27, 2024 16:39:46.795105934 CEST	53	57155	1.1.1.1	192.168.2.4

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:38:50 UTC	745	OUT	GET /formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-27 14:38:53 UTC	1384	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:38:53 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Set-Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; Path=/securereader; Secure; HttpOnly Set-Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; Path=/formpostdir; Secure; HttpOnly Set-Cookie: BID=995e7a42; Max-Age=28800; Expires=Fri, 27-Sep-2024 22:38:53 GMT; Path=/; Secure; HttpOnly Set-Cookie: BID=995e7a42; Max-Age=28800; Expires=Fri, 27-Sep-2024 22:38:53 GMT; Path=/; Secure; HttpOnly Pragma: no-cache Cache-Control: no-store, max-age=0 Expires: Thu, 30 Sep 2021 23:59:59 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Content-Type: text/html;charset=UTF-8 Set-Cookie: visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; expires=Sat, 27 Sep 2025 06:40:08 GMT; HttpOnly; path=/; Domain=.zionsbancorp.com Set-Cookie: incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==; path=/; Domain=.zionsbancorp.com X-CDN: Imperva Transfer-Encoding: chunked X-Iinfo: 13-43797294-43797347 NNNN CT(179 2865 0) RT(1727447929621 340) q(0 0 31 0) r(34 34) U24
2024-09-27 14:38:53 UTC	1452	IN	Data Raw: 31 66 66 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 20 69 64 3d 22 6a 5f 69 64 74 33 22 3e 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 65 63 75 72 65 72 65 61 64 65 72 2f 6a 61 76 61 78 2e 66 61 63 65 73 2e 72 65 73 6f 75 72 63 65 2f 74 68 65 6d 65 2e 63 73 73 2e 6a 73 66 3f 6c 6e 3d 70 72 69 6d 65 66 61 63 65 73 2d 61 72 69 73 74 6f 22 20 2f 3e 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 65 63 75 72 65 72 65 61 64 65 72 2f 6a 61 76 61 78 2e 66 61 63 65 73 2e 72 65 73 6f 75 72 63 65 2f Data Ascii: 1ff8<!DOCTYPE html><html lang="en"><head id="j_idt3"><link type="text/css" rel="stylesheet" href="/securereader/javax.faces.resource/theme.css.jsf?ln=primefaces-aristo" /><link type="text/css" rel="stylesheet" href="/securereader/javax.faces.resource/
2024-09-27 14:38:53 UTC	1452	IN	Data Raw: 61 74 69 6f 6e 2e 68 72 65 66 2e 65 6e 64 73 57 69 74 68 28 22 74 69 6d 65 6f 75 74 2e 6a 73 66 22 29 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 69 6d 65 20 3d 20 39 30 30 30 30 30 20 2b 20 35 30 30 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 66 70 74 54 69 6d 65 6f 75 74 2e 74 69 6d 65 6f 75 74 54 69 6d 65 72 20 3d 20 77 69 6e 64 6f 77 2e 73 65 74 54 69 6d 65 6f 75 74 28 74 69 6d 65 6f 75 74 43 61 6c 6c 62 61 63 6b 2c 20 74 69 6d 65 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 2f 2f 20 73 68 6f 77 20 74 69 6d 65 6f 75 74 20 64 69 61 6c 6f 67 20 32 30 20 73 65 63 6f 6e 64 73 20 62 65 66 6f 72 65 20 73 65 73 73 69 6f 6e 20 74 69 6d 65 6f 75 74 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 64 69 61 6c 6f 67 54 69 6d 65 20 3d 20 Data Ascii: ation.href.endsWith("timeout.jsf")) { var time = 900000 + 5000; pfptTimeout.timeoutTimer = window.setTimeout(timeoutCallback, time); // show timeout dialog 20 seconds before session timeout var dialogTime =
2024-09-27 14:38:53 UTC	1452	IN	Data Raw: 20 3d 20 77 69 6e 64 6f 77 2e 73 65 74 49 6e 74 65 72 76 61 6c 28 66 75 6e 63 74 69 6f 6e 28 29 20 7b 0a 20 20 20 20 20 20 20 20 69 66 20 28 72 65 6d 61 69 6e 69 6e 67 54 69 6d 65 20 3d 3d 3d 20 31 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 70 66 70 74 54 69 6d 65 6f 75 74 2e 75 70 64 61 74 65 44 69 61 6c 6f 67 49 6e 74 65 72 76 61 6c 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 75 70 64 61 74 65 54 69 6d 65 6f 75 74 4d 65 73 73 61 67 65 54 69 6d 65 28 2d 2d 72 65 6d 61 69 6e 69 6e 67 54 69 6d 65 29 3b 0a 20 20 20 20 7d 2c 20 31 30 30 30 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 75 70 64 61 74 65 54 69 6d 65 Data Ascii: = window.setInterval(function() { if (remainingTime === 1) { window.clearInterval(pfptTimeout.updateDialogInterval); return; } updateTimeoutMessageTime(--remainingTime); }, 1000);}function updateTime
2024-09-27 14:38:53 UTC	1452	IN	Data Raw: 73 69 6f 6e 28 29 20 7b 0a 20 20 20 20 24 2e 67 65 74 28 27 2f 73 65 63 75 72 65 72 65 61 64 65 72 2f 6d 61 6e 61 67 65 73 65 73 73 69 6f 6e 27 29 3b 0a 20 20 20 20 72 65 73 65 74 54 69 6d 65 6f 75 74 54 69 6d 65 72 28 29 3b 0a 20 20 20 20 63 6c 6f 73 65 54 69 6d 65 6f 75 74 4d 6f 64 61 6c 28 29 3b 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 63 6c 6f 73 65 54 69 6d 65 6f 75 74 4d 6f 64 61 6c 28 29 20 7b 0a 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 73 65 73 73 69 6f 6e 54 69 6d 65 4f 75 74 57 61 72 6e 69 6e 67 27 29 2e 73 74 79 6c 65 2e 64 69 73 70 6c 61 79 20 3d 20 27 6e 6f 6e 65 27 3b 0a 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 6b 65 79 64 6f 77 6e 27 2c Data Ascii: sion() { $.get('/securereader/managesession'); resetTimeoutTimer(); closeTimeoutModal();}function closeTimeoutModal() { document.getElementById('sessionTimeOutWarning').style.display = 'none'; document.removeEventListener('keydown',
2024-09-27 14:38:53 UTC	1452	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 76 65 6e 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 7d 20 65 6c 73 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 65 76 65 6e 74 2e 74 61 72 67 65 74 2e 69 64 20 3d 3d 3d 20 27 70 66 70 74 43 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 27 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 70 66 70 74 43 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 27 29 2e 66 6f 63 75 73 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 76 65 6e 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 0a 20 20 20 20 20 20 Data Ascii: event.preventDefault(); } } else { if (event.target.id === 'pfptContinueSessionBtn') { document.getElementById('pfptContinueSessionBtn').focus(); event.preventDefault();
2024-09-27 14:38:53 UTC	932	IN	Data Raw: 65 78 74 2f 63 73 73 22 3e 0a 2f 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 0a 53 74 79 6c 69 6e 67 20 66 6f 72 20 61 20 6d 6f 64 61 6c 20 74 6f 20 61 70 70 65 61 72 20 6f 6e 20 73 63 72 65 65 6e 0a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2f 0a 0a 2e 70 66 70 74 4d 6f 64 61 6c 20 7b 0a 20 20 20 20 70 6f 73 69 74 69 6f 6e 3a 20 66 69 78 65 64 3b 0a 20 20 20 20 64 69 73 70 6c 61 Data Ascii: ext/css">/****************************************************************************Styling for a modal to appear on screen****************************************************************************/.pfptModal { position: fixed; displa
2024-09-27 14:38:53 UTC	1452	IN	Data Raw: 33 62 61 38 0d 0a 65 6d 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 62 61 73 65 6c 69 6e 65 3b 0a 7d 0a 2e 70 66 70 74 4d 6f 64 61 6c 42 75 74 74 6f 6e 73 43 6f 6e 74 61 69 6e 65 72 20 2e 63 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 3a 68 6f 76 65 72 2c 20 2e 70 66 70 74 4d 6f 64 61 6c 42 75 74 74 6f 6e 73 43 6f 6e 74 61 69 6e 65 72 20 2e 63 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 3a 66 6f 63 75 73 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 35 35 43 36 46 45 3b 0a 7d 0a 2e 70 66 70 74 4d 6f 64 61 6c 42 75 74 74 6f 6e 73 43 6f 6e 74 61 69 6e 65 72 20 69 6e 70 75 74 5b 74 79 70 65 3d 22 73 75 62 6d 69 74 22 5d 2e 65 6e 64 53 Data Ascii: 3ba8em; padding: 10px; vertical-align: baseline;}.pfptModalButtonsContainer .continueSessionBtn:hover, .pfptModalButtonsContainer .continueSessionBtn:focus { background-color: #55C6FE;}.pfptModalButtonsContainer input[type="submit"].endS
2024-09-27 14:38:53 UTC	1452	IN	Data Raw: 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 22 20 6f 6e 63 6c 69 63 6b 3d 22 63 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 28 29 22 20 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 20 20 3c 2f 64 69 76 3e 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 2f 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 0a 20 2a 20 46 6c 6f 61 74 65 72 20 53 74 79 6c 65 3a 20 54 68 65 73 65 20 73 74 79 6c 65 73 20 73 75 70 70 6f 72 74 20 74 68 65 20 22 66 6c 6f 61 74 65 72 22 20 73 74 79 6c Data Ascii: ontinueSessionBtn" onclick="continueSession()" /> </div> </div> </div><style type="text/css">/****************************************************************************** * Floater Style: These styles support the "floater" styl
2024-09-27 14:38:53 UTC	1452	IN	Data Raw: 69 64 74 68 3a 32 35 65 6d 3b 0a 09 70 61 64 64 69 6e 67 3a 30 70 78 3b 0a 20 20 20 20 7a 2d 69 6e 64 65 78 3a 20 32 35 30 3b 0a 20 20 20 20 62 6f 72 64 65 72 3a 20 31 70 78 20 73 6f 6c 69 64 20 23 43 43 43 43 43 43 3b 0a 7d 0a 64 69 76 2e 66 6c 6f 61 74 69 6e 67 50 61 6e 65 6c 43 6f 6e 74 65 6e 74 73 0a 7b 0a 20 20 20 20 6d 61 72 67 69 6e 3a 20 32 2e 35 65 78 20 31 2e 30 65 6d 3b 0a 7d 0a 0a 64 69 76 2e 66 6c 6f 61 74 69 6e 67 50 61 6e 65 6c 43 6f 6e 74 65 6e 74 73 20 74 64 3a 66 69 72 73 74 2d 63 68 69 6c 64 0a 7b 0a 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 37 35 65 6d 3b 0a 7d 0a 0a 2e 66 6c 6f 61 74 69 6e 67 50 61 6e 65 6c 20 2e 6d 65 73 73 61 67 65 54 6f 6f 6c 62 61 72 0a 7b 0a 09 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 2d 77 69 64 74 68 3a 30 Data Ascii: idth:25em;padding:0px; z-index: 250; border: 1px solid #CCCCCC;}div.floatingPanelContents{ margin: 2.5ex 1.0em;}div.floatingPanelContents td:first-child{line-height: 1.75em;}.floatingPanel .messageToolbar{border-bottom-width:0
2024-09-27 14:38:53 UTC	1452	IN	Data Raw: 6c 6f 61 74 65 72 49 6e 70 75 74 46 69 65 6c 64 3a 64 69 73 61 62 6c 65 64 0a 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 44 44 44 44 44 44 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 33 33 33 33 33 33 3b 0a 7d 0a 0a 2e 70 6c 61 63 65 68 6f 6c 64 65 72 54 65 78 74 0a 7b 0a 20 20 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 69 74 61 6c 69 63 3b 0a 20 20 20 20 63 6f 6c 6f 72 3a 20 23 37 37 37 37 37 37 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 0a 7d 0a 0a 69 6e 70 75 74 5b 74 79 70 65 3d 27 73 75 62 6d 69 74 27 5d 2e 66 6c 6f 61 74 65 72 42 75 74 74 6f 6e 2c 20 62 75 74 74 6f 6e 5b 74 79 70 65 3d 27 73 75 62 6d 69 74 27 5d 2e 66 6c 6f 61 74 65 72 42 75 74 74 6f 6e 0a 7b 0a 20 20 20 20 68 65 69 67 68 74 3a 20 33 65 6d 3b 0a 20 20 20 20 Data Ascii: loaterInputField:disabled{ background-color: #DDDDDD; color: #333333;}.placeholderText{ font-style: italic; color: #777777 !important;}input[type='submit'].floaterButton, button[type='submit'].floaterButton{ height: 3em;

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:38:52 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-27 14:38:53 UTC	466	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=25938 Date: Fri, 27 Sep 2024 14:38:53 GMT Connection: close X-CID: 2

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (44333), with no line terminators
Category:	dropped
Size (bytes):	44333
Entropy (8bit):	5.2070457479068235
Encrypted:	false
SSDEEP:	768:6NoxuhiTYgEUtMNBQa89jYh07Owrk+6xbyUlbyUMEMMl6DaQykWkIkGPwhNrH8QL:ZIDUtMNBQZ9jk06wrl6xbyUlbyUMEMM+
MD5:	3E4F4050044D88C1DD0ED50742A7785D
SHA1:	188C5A4A665650BEFA953ACF5FEC87A8969BE5CA
SHA-256:	E905FFB004E884DECC0118B5596596FE6FB88FEFDE62113402F3F8E1AC3BBA8A
SHA-512:	B91470139A058C56A256D0314BEF77C88FFD7E08E9931E46740D91470EFB2DF4FB64C36DDA183BB48DBE8575FD80344AA328BB1715FAF965A9CCB9626B4AFA41
Malicious:	false
Reputation:	low
Preview:	if(typeof OpenAjax!=="undefined"&&typeof OpenAjax.hub.registerLibrary!=="undefined"){OpenAjax.hub.registerLibrary("jsf","www.sun.com","2.2",null)}if(!((jsf&&jsf.specversion&&jsf.specversion>=20000)&&(jsf.implversion&&jsf.implversion>=3))){var jsf={};jsf.ajax=function(){var eventListeners=[];var errorListeners=[];var delayHandler=null;var isIE=function isIE(){if(typeof isIECache!=="undefined"){return isIECache}isIECache=document.all&&window.ActiveXObject&&navigator.userAgent.toLowerCase().indexOf("msie")>-1&&navigator.userAgent.toLowerCase().indexOf("opera")==-1;return isIECache};var isIECache;var getIEVersion=function getIEVersion(){if(typeof IEVersionCache!=="undefined"){return IEVersionCache}if(/MSIE ([0-9]+)/.test(navigator.userAgent)){IEVersionCache=parseInt(RegExp.$1)}else{IEVersionCache=-1}return IEVersionCache};var IEVersionCache;var isAutoExec=function isAutoExec(){try{if(typeof isAutoExecCache!=="undefined"){return isAutoExecCache}var autoExecTestString="<script>var mojarra =

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (18546)
Category:	dropped
Size (bytes):	430302
Entropy (8bit):	5.112123976635055
Encrypted:	false
SSDEEP:	3072:6YyVvbIOc7M1WTzkfbpdZPND0mUw2d5wZ/nL8YIPDi2rGb:6Yqh1Ozkfj0mUw2drLi
MD5:	1EC2E61D03A4C0EF91BE8E321D07C5D8
SHA1:	31034A0F1087C879BB12D3E16D85D341783E3249
SHA-256:	A73D718DED1E36A2B0330EE5C0B5806AE9DA6306C406149EF0D4D7D0DB1670BA
SHA-512:	579CD2F97B2F40480B31C67FDDFF882CAD24D8CF26016084B7E9A86C605387281C5554E3607C567CDB19C30FEAD53ACEF1E8BC56B6DF8561525110CC37D63A68
Malicious:	false
Reputation:	low
Preview:	if(!PrimeFaces.dialog){PrimeFaces.dialog={};PrimeFaces.dialog.DialogHandler={openDialog:function(f){var h=this.findRootWindow(),k=f.sourceComponentId+"_dlg";if(h.document.getElementById(k)){return}var j=f.sourceComponentId.replace(/:/g,"_")+"_dlgwidget",d=f.options.styleClass\|\|"",e=$('<div id="'+k+'" class="ui-dialog ui-widget ui-widget-content ui-corner-all ui-shadow ui-hidden-container ui-overlay-hidden '+d+'" data-pfdlgcid="'+PrimeFaces.escapeHTML(f.pfdlgcid)+'" data-widget="'+j+'"></div>').append('<div class="ui-dialog-titlebar ui-widget-header ui-helper-clearfix ui-corner-top"><span id="'+k+'_title" class="ui-dialog-title"></span></div>');var g=e.children(".ui-dialog-titlebar");if(f.options.closable!==false){g.append('<a class="ui-dialog-titlebar-icon ui-dialog-titlebar-close ui-corner-all" href="#" role="button"><span class="ui-icon ui-icon-closethick"></span></a>')}if(f.options.minimizable){g.append('<a class="ui-dialog-titlebar-icon ui-dialog-titlebar-minimize ui-corner-all" hr

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (18546)
Category:	downloaded
Size (bytes):	430302
Entropy (8bit):	5.112123976635055
Encrypted:	false
SSDEEP:	3072:6YyVvbIOc7M1WTzkfbpdZPND0mUw2d5wZ/nL8YIPDi2rGb:6Yqh1Ozkfj0mUw2drLi
MD5:	1EC2E61D03A4C0EF91BE8E321D07C5D8
SHA1:	31034A0F1087C879BB12D3E16D85D341783E3249
SHA-256:	A73D718DED1E36A2B0330EE5C0B5806AE9DA6306C406149EF0D4D7D0DB1670BA
SHA-512:	579CD2F97B2F40480B31C67FDDFF882CAD24D8CF26016084B7E9A86C605387281C5554E3607C567CDB19C30FEAD53ACEF1E8BC56B6DF8561525110CC37D63A68
Malicious:	false
Reputation:	low
URL:	https://securemail.zionsbancorp.com/securereader/javax.faces.resource/components.js.jsf?ln=primefaces&v=7.0.17
Preview:	if(!PrimeFaces.dialog){PrimeFaces.dialog={};PrimeFaces.dialog.DialogHandler={openDialog:function(f){var h=this.findRootWindow(),k=f.sourceComponentId+"_dlg";if(h.document.getElementById(k)){return}var j=f.sourceComponentId.replace(/:/g,"_")+"_dlgwidget",d=f.options.styleClass\|\|"",e=$('<div id="'+k+'" class="ui-dialog ui-widget ui-widget-content ui-corner-all ui-shadow ui-hidden-container ui-overlay-hidden '+d+'" data-pfdlgcid="'+PrimeFaces.escapeHTML(f.pfdlgcid)+'" data-widget="'+j+'"></div>').append('<div class="ui-dialog-titlebar ui-widget-header ui-helper-clearfix ui-corner-top"><span id="'+k+'_title" class="ui-dialog-title"></span></div>');var g=e.children(".ui-dialog-titlebar");if(f.options.closable!==false){g.append('<a class="ui-dialog-titlebar-icon ui-dialog-titlebar-close ui-corner-all" href="#" role="button"><span class="ui-icon ui-icon-closethick"></span></a>')}if(f.options.minimizable){g.append('<a class="ui-dialog-titlebar-icon ui-dialog-titlebar-minimize ui-corner-all" hr

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:38:53 UTC	930	OUT	GET /securereader/javax.faces.resource/theme.css.jsf?ln=primefaces-aristo HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:38:54 UTC	680	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:38:54 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Expires: Fri, 04 Oct 2024 14:38:54 GMT Last-Modified: Fri, 03 Feb 2023 21:07:08 GMT ETag: W/"24683-1675458428000" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: text/css X-CDN: Imperva X-Iinfo: 13-43797296-43797688 NNNN CT(85 235 0) RT(1727447929623 4353) q(0 0 3 -1) r(4 4) U24
2024-09-27 14:38:54 UTC	772	IN	Data Raw: 31 66 66 38 0d 0a 61 7b 6f 75 74 6c 69 6e 65 3a 30 7d 2e 75 69 2d 77 69 64 67 65 74 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 2e 31 65 6d 7d 2e 75 69 2d 77 69 64 67 65 74 20 2e 75 69 2d 77 69 64 67 65 74 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 2e 75 69 2d 77 69 64 67 65 74 20 69 6e 70 75 74 2c 2e 75 69 2d 77 69 64 67 65 74 20 73 65 6c 65 63 74 2c 2e 75 69 2d 77 69 64 67 65 74 20 74 65 78 74 61 72 65 61 2c 2e 75 69 2d 77 69 64 67 65 74 20 62 75 74 74 6f 6e 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 65 6d 7d 2e 75 69 2d 77 69 64 67 65 74 2d 63 6f 6e 74 65 6e 74 7b 62 6f 72 64 65 72 3a 31 70 78 Data Ascii: 1ff8a{outline:0}.ui-widget{font-family:Arial,sans-serif;font-size:1.1em}.ui-widget .ui-widget{font-size:1em}.ui-widget input,.ui-widget select,.ui-widget textarea,.ui-widget button{font-family:Arial,sans-serif;font-size:1em}.ui-widget-content{border:1px
2024-09-27 14:38:54 UTC	1452	IN	Data Raw: 2c 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 30 2e 38 29 2c 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 30 29 29 3b 63 6f 6c 6f 72 3a 23 33 33 33 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 74 65 78 74 2d 73 68 61 64 6f 77 3a 30 20 31 70 78 20 30 20 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 30 2e 37 29 7d 2e 75 69 2d 77 69 64 67 65 74 2d 68 65 61 64 65 72 20 61 7b 63 6f 6c 6f 72 3a 23 34 66 34 66 34 66 7d 2e 75 69 2d 73 74 61 74 65 2d 64 65 66 61 75 6c 74 2c 2e 75 69 2d 77 69 64 67 65 74 2d 63 6f 6e 74 65 6e 74 20 2e 75 69 2d 73 74 61 74 65 2d 64 65 66 61 75 6c 74 2c 2e 75 69 2d 77 69 64 67 65 74 2d 68 65 61 64 65 72 20 2e 75 69 2d 73 74 61 74 65 2d 64 65 66 61 75 6c 74 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 Data Ascii: ,rgba(255,255,255,0.8),rgba(255,255,255,0));color:#333;font-weight:bold;text-shadow:0 1px 0 rgba(255,255,255,0.7)}.ui-widget-header a{color:#4f4f4f}.ui-state-default,.ui-widget-content .ui-state-default,.ui-widget-header .ui-state-default{border:1px solid
2024-09-27 14:38:54 UTC	1452	IN	Data Raw: 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 30 29 29 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 38 35 62 32 63 62 20 2d 77 65 62 6b 69 74 2d 67 72 61 64 69 65 6e 74 28 6c 69 6e 65 61 72 2c 6c 65 66 74 20 74 6f 70 2c 6c 65 66 74 20 62 6f 74 74 6f 6d 2c 66 72 6f 6d 28 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 30 2e 36 29 29 2c 74 6f 28 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 30 29 29 29 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 38 35 62 32 63 62 20 2d 6d 6f 7a 2d 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 30 2e 36 29 2c 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 30 29 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 63 6f 6c 6f 72 3a 23 33 31 33 31 33 31 Data Ascii: rgba(255,255,255,0));background:#85b2cb -webkit-gradient(linear,left top,left bottom,from(rgba(255,255,255,0.6)),to(rgba(255,255,255,0)));background:#85b2cb -moz-linear-gradient(top,rgba(255,255,255,0.6),rgba(255,255,255,0));font-weight:bold;color:#313131
2024-09-27 14:38:54 UTC	1452	IN	Data Raw: 65 74 20 30 20 31 70 78 20 30 20 23 66 66 66 7d 2e 75 69 2d 73 74 61 74 65 2d 68 69 67 68 6c 69 67 68 74 2c 2e 75 69 2d 77 69 64 67 65 74 2d 63 6f 6e 74 65 6e 74 20 2e 75 69 2d 73 74 61 74 65 2d 68 69 67 68 6c 69 67 68 74 2c 2e 75 69 2d 77 69 64 67 65 74 2d 68 65 61 64 65 72 20 2e 75 69 2d 73 74 61 74 65 2d 68 69 67 68 6c 69 67 68 74 7b 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 36 36 36 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 61 61 61 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 61 61 61 20 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 70 2c 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 32 35 29 2c 72 67 62 61 28 30 2c 30 2c 30 2c 30 29 29 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 61 61 61 20 2d 77 65 62 6b 69 74 2d 67 72 61 64 69 65 6e 74 28 6c 69 6e Data Ascii: et 0 1px 0 #fff}.ui-state-highlight,.ui-widget-content .ui-state-highlight,.ui-widget-header .ui-state-highlight{border:1px solid #666;background:#aaa;background:#aaa linear-gradient(top,rgba(0,0,0,0.25),rgba(0,0,0,0));background:#aaa -webkit-gradient(lin
2024-09-27 14:38:54 UTC	1452	IN	Data Raw: 70 72 69 6f 72 69 74 79 2d 73 65 63 6f 6e 64 61 72 79 2c 2e 75 69 2d 77 69 64 67 65 74 2d 63 6f 6e 74 65 6e 74 20 2e 75 69 2d 70 72 69 6f 72 69 74 79 2d 73 65 63 6f 6e 64 61 72 79 2c 2e 75 69 2d 77 69 64 67 65 74 2d 68 65 61 64 65 72 20 2e 75 69 2d 70 72 69 6f 72 69 74 79 2d 73 65 63 6f 6e 64 61 72 79 7b 6f 70 61 63 69 74 79 3a 2e 37 3b 66 69 6c 74 65 72 3a 41 6c 70 68 61 28 4f 70 61 63 69 74 79 3d 37 30 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 7d 2e 75 69 2d 73 74 61 74 65 2d 64 69 73 61 62 6c 65 64 2c 2e 75 69 2d 77 69 64 67 65 74 2d 63 6f 6e 74 65 6e 74 20 2e 75 69 2d 73 74 61 74 65 2d 64 69 73 61 62 6c 65 64 2c 2e 75 69 2d 77 69 64 67 65 74 2d 68 65 61 64 65 72 20 2e 75 69 2d 73 74 61 74 65 2d 64 69 73 61 62 6c 65 64 7b 6f 70 61 63 Data Ascii: priority-secondary,.ui-widget-content .ui-priority-secondary,.ui-widget-header .ui-priority-secondary{opacity:.7;filter:Alpha(Opacity=70);font-weight:normal}.ui-state-disabled,.ui-widget-content .ui-state-disabled,.ui-widget-header .ui-state-disabled{opac
2024-09-27 14:38:54 UTC	1043	IN	Data Raw: 2f 6a 61 76 61 78 2e 66 61 63 65 73 2e 72 65 73 6f 75 72 63 65 2f 69 6d 61 67 65 73 2f 75 69 2d 69 63 6f 6e 73 5f 63 64 30 61 30 61 5f 32 35 36 78 32 34 30 2e 70 6e 67 2e 6a 73 66 3f 6c 6e 3d 70 72 69 6d 65 66 61 63 65 73 2d 61 72 69 73 74 6f 22 29 7d 2e 75 69 2d 69 63 6f 6e 2d 63 61 72 61 74 2d 31 2d 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 30 7d 2e 75 69 2d 69 63 6f 6e 2d 63 61 72 61 74 2d 31 2d 6e 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 36 70 78 20 30 7d 2e 75 69 2d 69 63 6f 6e 2d 63 61 72 61 74 2d 31 2d 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 33 32 70 78 20 30 7d 2e 75 69 2d 69 63 6f 6e 2d 63 61 72 61 74 2d 31 2d 73 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f Data Ascii: /javax.faces.resource/images/ui-icons_cd0a0a_256x240.png.jsf?ln=primefaces-aristo")}.ui-icon-carat-1-n{background-position:0 0}.ui-icon-carat-1-ne{background-position:-16px 0}.ui-icon-carat-1-e{background-position:-32px 0}.ui-icon-carat-1-se{background-po
2024-09-27 14:38:54 UTC	567	IN	Data Raw: 78 20 2d 31 36 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 74 72 69 61 6e 67 6c 65 2d 32 2d 65 2d 77 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 34 34 70 78 20 2d 31 36 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 2d 31 2d 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 2d 33 32 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 2d 31 2d 6e 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 36 70 78 20 2d 33 32 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 2d 31 2d 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 33 32 70 78 20 2d 33 32 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 2d 31 2d 73 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a Data Ascii: x -16px}.ui-icon-triangle-2-e-w{background-position:-144px -16px}.ui-icon-arrow-1-n{background-position:0 -32px}.ui-icon-arrow-1-ne{background-position:-16px -32px}.ui-icon-arrow-1-e{background-position:-32px -32px}.ui-icon-arrow-1-se{background-position:
2024-09-27 14:38:54 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-09-27 14:38:54 UTC	1452	IN	Data Raw: 31 66 66 38 0d 0a 69 6f 6e 3a 2d 31 34 34 70 78 20 2d 33 32 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 2d 32 2d 65 2d 77 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 36 30 70 78 20 2d 33 32 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 2d 32 2d 73 65 2d 6e 77 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 37 36 70 78 20 2d 33 32 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 73 74 6f 70 2d 31 2d 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 31 39 32 70 78 20 2d 33 32 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 73 74 6f 70 2d 31 2d 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 32 30 38 70 78 20 2d 33 32 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 Data Ascii: 1ff8ion:-144px -32px}.ui-icon-arrow-2-e-w{background-position:-160px -32px}.ui-icon-arrow-2-se-nw{background-position:-176px -32px}.ui-icon-arrowstop-1-n{background-position:-192px -32px}.ui-icon-arrowstop-1-e{background-position:-208px -32px}.ui-icon-a
2024-09-27 14:38:54 UTC	1452	IN	Data Raw: 6f 73 69 74 69 6f 6e 3a 2d 33 32 70 78 20 2d 36 34 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 72 65 74 75 72 6e 74 68 69 63 6b 2d 31 2d 73 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 34 38 70 78 20 2d 36 34 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 72 65 74 75 72 6e 2d 31 2d 77 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 36 34 70 78 20 2d 36 34 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 72 65 74 75 72 6e 2d 31 2d 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 38 30 70 78 20 2d 36 34 70 78 7d 2e 75 69 2d 69 63 6f 6e 2d 61 72 72 6f 77 72 65 74 75 72 6e 2d 31 2d 65 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 2d 39 36 70 78 20 2d 36 34 70 78 7d 2e 75 Data Ascii: osition:-32px -64px}.ui-icon-arrowreturnthick-1-s{background-position:-48px -64px}.ui-icon-arrowreturn-1-w{background-position:-64px -64px}.ui-icon-arrowreturn-1-n{background-position:-80px -64px}.ui-icon-arrowreturn-1-e{background-position:-96px -64px}.u

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:38:53 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-27 14:38:54 UTC	514	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=26015 Date: Fri, 27 Sep 2024 14:38:54 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-27 14:38:54 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:38:54 UTC	937	OUT	GET /securereader/javax.faces.resource/components.css.jsf?ln=primefaces&v=7.0.17 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:38:55 UTC	679	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:38:55 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Expires: Fri, 04 Oct 2024 14:38:55 GMT Last-Modified: Fri, 03 Feb 2023 21:07:08 GMT ETag: W/"93422-1675458428000" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: text/css X-CDN: Imperva X-Iinfo: 14-53080559-53080625 NNNN CT(71 181 0) RT(1727447934241 333) q(0 0 3 -1) r(4 4) U24
2024-09-27 14:38:55 UTC	773	IN	Data Raw: 31 66 66 38 0d 0a 2e 75 69 2d 68 65 6c 70 65 72 2d 68 69 64 64 65 6e 2d 61 63 63 65 73 73 69 62 6c 65 20 69 6e 70 75 74 2c 2e 75 69 2d 68 65 6c 70 65 72 2d 68 69 64 64 65 6e 2d 61 63 63 65 73 73 69 62 6c 65 20 73 65 6c 65 63 74 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 29 3b 2d 6d 6f 7a 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 29 3b 2d 6d 73 2d 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 73 63 61 6c 65 28 30 29 7d 2e 75 69 2d 73 68 61 64 6f 77 7b 2d 6d 6f 7a 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 35 70 78 20 31 30 70 78 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 38 29 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 73 68 61 64 6f 77 3a 30 20 35 70 78 20 31 30 70 78 20 72 Data Ascii: 1ff8.ui-helper-hidden-accessible input,.ui-helper-hidden-accessible select{-webkit-transform:scale(0);-moz-transform:scale(0);-ms-transform:scale(0);transform:scale(0)}.ui-shadow{-moz-box-shadow:0 5px 10px rgba(0,0,0,0.8);-webkit-box-shadow:0 5px 10px r
2024-09-27 14:38:55 UTC	1452	IN	Data Raw: 69 2d 63 6f 6c 75 6d 6e 2d 70 2d 33 2c 74 68 2e 75 69 2d 63 6f 6c 75 6d 6e 2d 70 2d 32 2c 74 64 2e 75 69 2d 63 6f 6c 75 6d 6e 2d 70 2d 32 2c 74 68 2e 75 69 2d 63 6f 6c 75 6d 6e 2d 70 2d 31 2c 74 64 2e 75 69 2d 63 6f 6c 75 6d 6e 2d 70 2d 31 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 32 30 65 6d 29 7b 74 68 2e 75 69 2d 63 6f 6c 75 6d 6e 2d 70 2d 31 2c 74 64 2e 75 69 2d 63 6f 6c 75 6d 6e 2d 70 2d 31 7b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 2d 63 65 6c 6c 7d 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69 64 74 68 3a 33 30 65 6d 29 7b 74 68 2e 75 69 2d 63 6f 6c 75 6d 6e 2d 70 2d 32 2c 74 64 2e 75 69 2d 63 6f 6c 75 6d 6e 2d 70 2d 32 7b 64 69 Data Ascii: i-column-p-3,th.ui-column-p-2,td.ui-column-p-2,th.ui-column-p-1,td.ui-column-p-1{display:none}}@media screen and (min-width:20em){th.ui-column-p-1,td.ui-column-p-1{display:table-cell}}@media screen and (min-width:30em){th.ui-column-p-2,td.ui-column-p-2{di
2024-09-27 14:38:55 UTC	1452	IN	Data Raw: 63 65 73 73 69 62 6c 65 7b 62 6f 72 64 65 72 3a 30 3b 63 6c 69 70 3a 72 65 63 74 28 30 20 30 20 30 20 30 29 3b 68 65 69 67 68 74 3a 31 70 78 3b 6d 61 72 67 69 6e 3a 2d 31 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 61 64 64 69 6e 67 3a 30 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 77 69 64 74 68 3a 31 70 78 7d 2e 75 69 2d 68 65 6c 70 65 72 2d 72 65 73 65 74 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 3b 62 6f 72 64 65 72 3a 30 3b 6f 75 74 6c 69 6e 65 3a 30 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 2e 33 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 30 30 25 3b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 7d 2e 75 69 2d 68 65 6c 70 65 72 2d 63 6c 65 61 72 66 69 Data Ascii: cessible{border:0;clip:rect(0 0 0 0);height:1px;margin:-1px;overflow:hidden;padding:0;position:absolute;width:1px}.ui-helper-reset{margin:0;padding:0;border:0;outline:0;line-height:1.3;text-decoration:none;font-size:100%;list-style:none}.ui-helper-clearfi
2024-09-27 14:38:55 UTC	1452	IN	Data Raw: 70 78 7d 2e 75 69 2d 72 65 73 69 7a 61 62 6c 65 2d 73 77 7b 63 75 72 73 6f 72 3a 73 77 2d 72 65 73 69 7a 65 3b 77 69 64 74 68 3a 39 70 78 3b 68 65 69 67 68 74 3a 39 70 78 3b 6c 65 66 74 3a 2d 35 70 78 3b 62 6f 74 74 6f 6d 3a 2d 35 70 78 7d 2e 75 69 2d 72 65 73 69 7a 61 62 6c 65 2d 6e 77 7b 63 75 72 73 6f 72 3a 6e 77 2d 72 65 73 69 7a 65 3b 77 69 64 74 68 3a 39 70 78 3b 68 65 69 67 68 74 3a 39 70 78 3b 6c 65 66 74 3a 2d 35 70 78 3b 74 6f 70 3a 2d 35 70 78 7d 2e 75 69 2d 72 65 73 69 7a 61 62 6c 65 2d 6e 65 7b 63 75 72 73 6f 72 3a 6e 65 2d 72 65 73 69 7a 65 3b 77 69 64 74 68 3a 39 70 78 3b 68 65 69 67 68 74 3a 39 70 78 3b 72 69 67 68 74 3a 2d 35 70 78 3b 74 6f 70 3a 2d 35 70 78 7d 2e 75 69 2d 73 65 6c 65 63 74 61 62 6c 65 7b 2d 6d 73 2d 74 6f 75 63 68 2d 61 Data Ascii: px}.ui-resizable-sw{cursor:sw-resize;width:9px;height:9px;left:-5px;bottom:-5px}.ui-resizable-nw{cursor:nw-resize;width:9px;height:9px;left:-5px;top:-5px}.ui-resizable-ne{cursor:ne-resize;width:9px;height:9px;right:-5px;top:-5px}.ui-selectable{-ms-touch-a
2024-09-27 14:38:55 UTC	1452	IN	Data Raw: 69 2d 64 61 74 65 70 69 63 6b 65 72 20 74 68 7b 70 61 64 64 69 6e 67 3a 2e 37 65 6d 20 2e 33 65 6d 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 62 6f 72 64 65 72 3a 30 7d 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 20 74 64 7b 62 6f 72 64 65 72 3a 30 3b 70 61 64 64 69 6e 67 3a 31 70 78 7d 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 20 74 64 20 73 70 61 6e 2c 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 20 74 64 20 61 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 70 61 64 64 69 6e 67 3a 2e 32 65 6d 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 20 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d Data Ascii: i-datepicker th{padding:.7em .3em;text-align:center;font-weight:bold;border:0}.ui-datepicker td{border:0;padding:1px}.ui-datepicker td span,.ui-datepicker td a{display:block;padding:.2em;text-align:right;text-decoration:none}.ui-datepicker .ui-datepicker-
2024-09-27 14:38:55 UTC	1042	IN	Data Raw: 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 6e 65 78 74 3a 68 6f 76 65 72 7b 6c 65 66 74 3a 31 70 78 3b 72 69 67 68 74 3a 61 75 74 6f 7d 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 72 74 6c 20 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 62 75 74 74 6f 6e 70 61 6e 65 7b 63 6c 65 61 72 3a 72 69 67 68 74 7d 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 72 74 6c 20 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 62 75 74 74 6f 6e 70 61 6e 65 20 62 75 74 74 6f 6e 7b 66 6c 6f 61 74 3a 6c 65 66 74 7d 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 72 74 6c 20 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 62 75 74 74 6f 6e 70 61 6e 65 20 62 75 74 74 6f 6e 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 63 75 72 72 65 6e 74 2c 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d Data Ascii: .ui-datepicker-next:hover{left:1px;right:auto}.ui-datepicker-rtl .ui-datepicker-buttonpane{clear:right}.ui-datepicker-rtl .ui-datepicker-buttonpane button{float:left}.ui-datepicker-rtl .ui-datepicker-buttonpane button.ui-datepicker-current,.ui-datepicker-
2024-09-27 14:38:55 UTC	567	IN	Data Raw: 64 65 72 2d 68 6f 72 69 7a 6f 6e 74 61 6c 20 2e 75 69 2d 73 6c 69 64 65 72 2d 68 61 6e 64 6c 65 7b 74 6f 70 3a 2d 2e 33 65 6d 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 2e 36 65 6d 7d 2e 75 69 2d 73 6c 69 64 65 72 2d 68 6f 72 69 7a 6f 6e 74 61 6c 20 2e 75 69 2d 73 6c 69 64 65 72 2d 72 61 6e 67 65 7b 74 6f 70 3a 30 3b 68 65 69 67 68 74 3a 31 30 30 25 7d 2e 75 69 2d 73 6c 69 64 65 72 2d 68 6f 72 69 7a 6f 6e 74 61 6c 20 2e 75 69 2d 73 6c 69 64 65 72 2d 72 61 6e 67 65 2d 6d 69 6e 7b 6c 65 66 74 3a 30 7d 2e 75 69 2d 73 6c 69 64 65 72 2d 68 6f 72 69 7a 6f 6e 74 61 6c 20 2e 75 69 2d 73 6c 69 64 65 72 2d 72 61 6e 67 65 2d 6d 61 78 7b 72 69 67 68 74 3a 30 7d 2e 75 69 2d 73 6c 69 64 65 72 2d 76 65 72 74 69 63 61 6c 7b 77 69 64 74 68 3a 2e 38 65 6d 3b 68 65 69 67 68 Data Ascii: der-horizontal .ui-slider-handle{top:-.3em;margin-left:-.6em}.ui-slider-horizontal .ui-slider-range{top:0;height:100%}.ui-slider-horizontal .ui-slider-range-min{left:0}.ui-slider-horizontal .ui-slider-range-max{right:0}.ui-slider-vertical{width:.8em;heigh
2024-09-27 14:38:55 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-09-27 14:38:55 UTC	1452	IN	Data Raw: 31 66 66 38 0d 0a 72 2d 64 69 76 20 64 6c 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 64 69 76 20 64 6c 20 64 74 7b 66 6c 6f 61 74 3a 6c 65 66 74 3b 63 6c 65 61 72 3a 6c 65 66 74 3b 70 61 64 64 69 6e 67 3a 30 20 30 20 30 20 35 70 78 7d 2e 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 64 69 76 20 64 6c 20 64 64 7b 6d 61 72 67 69 6e 3a 30 20 31 30 70 78 20 31 30 70 78 20 34 30 25 7d 2e 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 64 69 76 20 74 64 7b 66 6f 6e 74 2d 73 69 7a 65 3a 39 30 25 7d 2e 75 69 2d 74 70 69 63 6b 65 72 2d 67 72 69 64 2d 6c 61 62 65 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 30 3b 62 6f 72 64 65 72 3a 30 3b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 2e 75 69 2d 74 69 6d 65 70 69 63 Data Ascii: 1ff8r-div dl{text-align:left}.ui-timepicker-div dl dt{float:left;clear:left;padding:0 0 0 5px}.ui-timepicker-div dl dd{margin:0 10px 10px 40%}.ui-timepicker-div td{font-size:90%}.ui-tpicker-grid-label{background:0;border:0;margin:0;padding:0}.ui-timepic
2024-09-27 14:38:55 UTC	1452	IN	Data Raw: 65 70 69 63 6b 65 72 2d 6f 6e 65 4c 69 6e 65 20 64 6c 20 64 64 2e 75 69 5f 74 70 69 63 6b 65 72 5f 6d 69 63 72 6f 73 65 63 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 27 2e 27 3b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 2e 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 64 69 76 2e 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 6f 6e 65 4c 69 6e 65 20 2e 75 69 5f 74 70 69 63 6b 65 72 5f 75 6e 69 74 5f 68 69 64 65 2c 2e 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 64 69 76 2e 75 69 2d 74 69 6d 65 70 69 63 6b 65 72 2d 6f 6e 65 4c 69 6e 65 20 2e 75 69 5f 74 70 69 63 6b 65 72 5f 75 6e 69 74 5f 68 69 64 65 3a 62 65 66 6f 72 65 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 0a 2e 75 69 2d 64 61 74 65 70 69 63 6b 65 72 2d 74 72 69 67 67 65 72 2e 75 69 2d Data Ascii: epicker-oneLine dl dd.ui_tpicker_microsec:before{content:'.';display:inline-block}.ui-timepicker-div.ui-timepicker-oneLine .ui_tpicker_unit_hide,.ui-timepicker-div.ui-timepicker-oneLine .ui_tpicker_unit_hide:before{display:none}.ui-datepicker-trigger.ui-

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:38:54 UTC	925	OUT	GET /securereader/javax.faces.resource/jquery/jquery.js.jsf?ln=primefaces&v=7.0.17 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:38:54 UTC	684	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:38:54 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Expires: Fri, 04 Oct 2024 14:38:54 GMT Last-Modified: Fri, 03 Feb 2023 21:07:08 GMT ETag: W/"89493-1675458428000" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: text/javascript X-CDN: Imperva X-Iinfo: 9-12355673-12355694 NNNN CT(75 89 0) RT(1727447934247 324) q(0 0 2 -1) r(3 3) U24
2024-09-27 14:38:54 UTC	768	IN	Data Raw: 31 66 66 38 0d 0a 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 35 2e 30 20 7c 20 28 63 29 20 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3f 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 3d 65 2e 64 6f 63 75 6d 65 6e 74 3f 74 28 65 2c 21 30 29 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 74 68 72 6f 77 20 6e 65 77 20 45 72 72 6f 72 28 22 6a Data Ascii: 1ff8/! jQuery v3.5.0 \| (c) JS Foundation and other contributors \| jquery.org/license /!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("j
2024-09-27 14:38:54 UTC	1452	IN	Data Raw: 30 7d 3b 66 75 6e 63 74 69 6f 6e 20 62 28 65 2c 74 2c 6e 29 7b 76 61 72 20 72 2c 69 2c 6f 3d 28 6e 3d 6e 7c 7c 45 29 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 3b 69 66 28 6f 2e 74 65 78 74 3d 65 2c 74 29 66 6f 72 28 72 20 69 6e 20 63 29 28 69 3d 74 5b 72 5d 7c 7c 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 26 26 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 72 29 29 26 26 6f 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 72 2c 69 29 3b 6e 2e 68 65 61 64 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 6f 29 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 6f 29 7d 66 75 6e 63 74 69 6f 6e 20 77 28 65 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 65 3f 65 2b 22 22 3a 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 65 7c Data Ascii: 0};function b(e,t,n){var r,i,o=(n=n\|\|E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]\|\|t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e\|
2024-09-27 14:38:54 UTC	1452	IN	Data Raw: 74 68 2c 6c 3d 21 31 3b 66 6f 72 28 22 62 6f 6f 6c 65 61 6e 22 3d 3d 74 79 70 65 6f 66 20 61 26 26 28 6c 3d 61 2c 61 3d 61 72 67 75 6d 65 6e 74 73 5b 73 5d 7c 7c 7b 7d 2c 73 2b 2b 29 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 61 7c 7c 6d 28 61 29 7c 7c 28 61 3d 7b 7d 29 2c 73 3d 3d 3d 75 26 26 28 61 3d 74 68 69 73 2c 73 2d 2d 29 3b 73 3c 75 3b 73 2b 2b 29 69 66 28 6e 75 6c 6c 21 3d 28 65 3d 61 72 67 75 6d 65 6e 74 73 5b 73 5d 29 29 66 6f 72 28 74 20 69 6e 20 65 29 72 3d 65 5b 74 5d 2c 22 5f 5f 70 72 6f 74 6f 5f 5f 22 21 3d 3d 74 26 26 61 21 3d 3d 72 26 26 28 6c 26 26 72 26 26 28 53 2e 69 73 50 6c 61 69 6e 4f 62 6a 65 63 74 28 72 29 7c 7c 28 69 3d 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 72 29 29 29 3f 28 6e 3d 61 5b 74 5d 2c 6f 3d 69 26 26 21 Data Ascii: th,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]\|\|{},s++),"object"==typeof a\|\|m(a)\|\|(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(S.isPlainObject(r)\|\|(i=Array.isArray(r)))?(n=a[t],o=i&&!
2024-09-27 14:38:54 UTC	1452	IN	Data Raw: 72 65 74 75 72 6e 20 67 28 61 29 7d 2c 67 75 69 64 3a 31 2c 73 75 70 70 6f 72 74 3a 79 7d 29 2c 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 26 26 28 53 2e 66 6e 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3d 74 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 29 2c 53 2e 65 61 63 68 28 22 42 6f 6f 6c 65 61 6e 20 4e 75 6d 62 65 72 20 53 74 72 69 6e 67 20 46 75 6e 63 74 69 6f 6e 20 41 72 72 61 79 20 44 61 74 65 20 52 65 67 45 78 70 20 4f 62 6a 65 63 74 20 45 72 72 6f 72 20 53 79 6d 62 6f 6c 22 2e 73 70 6c 69 74 28 22 20 22 29 2c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 6e 5b 22 5b 6f 62 6a 65 63 74 20 22 2b 74 2b 22 5d 22 5d 3d 74 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 7d 29 3b 76 61 72 20 64 3d 66 75 6e 63 74 69 Data Ascii: return g(a)},guid:1,support:y}),"function"==typeof Symbol&&(S.fn[Symbol.iterator]=t[Symbol.iterator]),S.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var d=functi
2024-09-27 14:38:54 UTC	1452	IN	Data Raw: 76 65 6e 7c 6f 64 64 7c 28 28 5b 2b 2d 5d 7c 29 28 5c 5c 64 2a 29 6e 7c 29 22 2b 4d 2b 22 2a 28 3f 3a 28 5b 2b 2d 5d 7c 29 22 2b 4d 2b 22 2a 28 5c 5c 64 2b 29 7c 29 29 22 2b 4d 2b 22 2a 5c 5c 29 7c 29 22 2c 22 69 22 29 2c 62 6f 6f 6c 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 28 3f 3a 22 2b 52 2b 22 29 24 22 2c 22 69 22 29 2c 6e 65 65 64 73 43 6f 6e 74 65 78 74 3a 6e 65 77 20 52 65 67 45 78 70 28 22 5e 22 2b 4d 2b 22 2a 5b 3e 2b 7e 5d 7c 3a 28 65 76 65 6e 7c 6f 64 64 7c 65 71 7c 67 74 7c 6c 74 7c 6e 74 68 7c 66 69 72 73 74 7c 6c 61 73 74 29 28 3f 3a 5c 5c 28 22 2b 4d 2b 22 2a 28 28 3f 3a 2d 5c 5c 64 29 3f 5c 5c 64 2a 29 22 2b 4d 2b 22 2a 5c 5c 29 7c 29 28 3f 3d 5b 5e 2d 5d 7c 24 29 22 2c 22 69 22 29 7d 2c 59 3d 2f 48 54 4d 4c 24 2f 69 2c 51 3d 2f 5e 28 3f Data Ascii: ven\|odd\|(([+-]\|)(\\d)n\|)"+M+"(?:([+-]\|)"+M+"(\\d+)\|))"+M+"\\)\|)","i"),bool:new RegExp("^(?:"+R+")$","i"),needsContext:new RegExp("^"+M+"[>+~]\|:(even\|odd\|eq\|gt\|lt\|nth\|first\|last)(?:\\("+M+"((?:-\\d)?\\d)"+M+"\\)\|)(?=[^-]\|$)","i")},Y=/HTML$/i,Q=/^(?
2024-09-27 14:38:54 UTC	1040	IN	Data Raw: 66 28 75 5b 32 5d 29 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 6e 2c 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 74 29 29 2c 6e 3b 69 66 28 28 69 3d 75 5b 33 5d 29 26 26 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 26 26 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 29 72 65 74 75 72 6e 20 48 2e 61 70 70 6c 79 28 6e 2c 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 28 69 29 29 2c 6e 7d 69 66 28 64 2e 71 73 61 26 26 21 4e 5b 74 2b 22 20 22 5d 26 26 28 21 76 7c 7c 21 76 2e 74 65 73 74 28 74 29 29 26 26 28 31 21 3d 3d 70 7c 7c 22 6f 62 6a 65 63 74 22 21 3d 3d 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 29 29 7b 69 66 28 63 3d Data Ascii: f(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!N[t+" "]&&(!v\|\|!v.test(t))&&(1!==p\|\|"object"!==e.nodeName.toLowerCase())){if(c=
2024-09-27 14:38:54 UTC	574	IN	Data Raw: 79 70 65 26 26 31 3d 3d 3d 74 2e 6e 6f 64 65 54 79 70 65 26 26 65 2e 73 6f 75 72 63 65 49 6e 64 65 78 2d 74 2e 73 6f 75 72 63 65 49 6e 64 65 78 3b 69 66 28 72 29 72 65 74 75 72 6e 20 72 3b 69 66 28 6e 29 77 68 69 6c 65 28 6e 3d 6e 2e 6e 65 78 74 53 69 62 6c 69 6e 67 29 69 66 28 6e 3d 3d 3d 74 29 72 65 74 75 72 6e 2d 31 3b 72 65 74 75 72 6e 20 65 3f 31 3a 2d 31 7d 66 75 6e 63 74 69 6f 6e 20 64 65 28 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 69 6e 70 75 74 22 3d 3d 3d 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 26 26 65 2e 74 79 70 65 3d 3d 3d 74 7d 7d 66 75 6e 63 74 69 6f 6e 20 68 65 28 6e 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 65 2e 6e 6f 64 Data Ascii: ype&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nod
2024-09-27 14:38:54 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-09-27 14:38:55 UTC	1452	IN	Data Raw: 31 66 66 38 0d 0a 74 69 6f 6e 20 76 65 28 61 29 7b 72 65 74 75 72 6e 20 6c 65 28 66 75 6e 63 74 69 6f 6e 28 6f 29 7b 72 65 74 75 72 6e 20 6f 3d 2b 6f 2c 6c 65 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 2c 72 3d 61 28 5b 5d 2c 65 2e 6c 65 6e 67 74 68 2c 6f 29 2c 69 3d 72 2e 6c 65 6e 67 74 68 3b 77 68 69 6c 65 28 69 2d 2d 29 65 5b 6e 3d 72 5b 69 5d 5d 26 26 28 65 5b 6e 5d 3d 21 28 74 5b 6e 5d 3d 65 5b 6e 5d 29 29 7d 29 7d 29 7d 66 75 6e 63 74 69 6f 6e 20 79 65 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 26 26 65 7d 66 6f 72 28 65 20 69 6e 20 64 3d 73 65 2e 73 75 70 70 6f 72 74 3d 7b 7d 2c 69 3d 73 65 2e 69 73 58 4d 4c Data Ascii: 1ff8tion ve(a){return le(function(o){return o=+o,le(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML
2024-09-27 14:38:55 UTC	1452	IN	Data Raw: 63 65 28 74 65 2c 6e 65 29 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 26 26 65 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 22 69 64 22 29 3b 72 65 74 75 72 6e 20 74 26 26 74 2e 76 61 6c 75 65 3d 3d 3d 6e 7d 7d 2c 62 2e 66 69 6e 64 2e 49 44 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 26 26 45 29 7b 76 61 72 20 6e 2c 72 2c 69 2c 6f 3d 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 65 29 3b 69 66 28 6f 29 7b 69 66 28 28 6e 3d 6f 2e 67 65 74 41 74 74 72 69 62 75 74 65 4e 6f 64 65 28 Data Ascii: ce(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode(

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:38:55 UTC	925	OUT	GET /securereader/javax.faces.resource/hotkey/hotkey.js.jsf?ln=primefaces&v=7.0.17 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:38:56 UTC	680	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:38:55 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Expires: Fri, 04 Oct 2024 14:38:55 GMT Last-Modified: Fri, 03 Feb 2023 21:07:08 GMT ETag: W/"2266-1675458428000" Content-Length: 2266 X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Content-Type: text/javascript X-CDN: Imperva X-Iinfo: 13-43797806-43797855 NNNN CT(176 173 0) RT(1727447934995 336) q(0 0 3 -1) r(5 5) U24
2024-09-27 14:38:56 UTC	772	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 62 29 7b 62 2e 68 6f 74 6b 65 79 73 3d 7b 76 65 72 73 69 6f 6e 3a 22 30 2e 32 2e 30 22 2c 73 70 65 63 69 61 6c 4b 65 79 73 3a 7b 38 3a 22 62 61 63 6b 73 70 61 63 65 22 2c 39 3a 22 74 61 62 22 2c 31 30 3a 22 72 65 74 75 72 6e 22 2c 31 33 3a 22 72 65 74 75 72 6e 22 2c 31 36 3a 22 73 68 69 66 74 22 2c 31 37 3a 22 63 74 72 6c 22 2c 31 38 3a 22 61 6c 74 22 2c 31 39 3a 22 70 61 75 73 65 22 2c 32 30 3a 22 63 61 70 73 6c 6f 63 6b 22 2c 32 37 3a 22 65 73 63 22 2c 33 32 3a 22 73 70 61 63 65 22 2c 33 33 3a 22 70 61 67 65 75 70 22 2c 33 34 3a 22 70 61 67 65 64 6f 77 6e 22 2c 33 35 3a 22 65 6e 64 22 2c 33 36 3a 22 68 6f 6d 65 22 2c 33 37 3a 22 6c 65 66 74 22 2c 33 38 3a 22 75 70 22 2c 33 39 3a 22 72 69 67 68 74 22 2c 34 30 3a 22 64 6f 77 Data Ascii: (function(b){b.hotkeys={version:"0.2.0",specialKeys:{8:"backspace",9:"tab",10:"return",13:"return",16:"shift",17:"ctrl",18:"alt",19:"pause",20:"capslock",27:"esc",32:"space",33:"pageup",34:"pagedown",35:"end",36:"home",37:"left",38:"up",39:"right",40:"dow
2024-09-27 14:38:56 UTC	1452	IN	Data Raw: 3a 27 22 27 2c 22 2c 22 3a 22 3c 22 2c 22 2e 22 3a 22 3e 22 2c 22 2f 22 3a 22 3f 22 2c 22 5c 5c 22 3a 22 7c 22 7d 2c 74 65 78 74 41 63 63 65 70 74 69 6e 67 49 6e 70 75 74 54 79 70 65 73 3a 5b 22 74 65 78 74 22 2c 22 70 61 73 73 77 6f 72 64 22 2c 22 6e 75 6d 62 65 72 22 2c 22 65 6d 61 69 6c 22 2c 22 75 72 6c 22 2c 22 72 61 6e 67 65 22 2c 22 64 61 74 65 22 2c 22 6d 6f 6e 74 68 22 2c 22 77 65 65 6b 22 2c 22 74 69 6d 65 22 2c 22 64 61 74 65 74 69 6d 65 22 2c 22 64 61 74 65 74 69 6d 65 2d 6c 6f 63 61 6c 22 2c 22 73 65 61 72 63 68 22 2c 22 63 6f 6c 6f 72 22 2c 22 74 65 6c 22 5d 2c 74 65 78 74 49 6e 70 75 74 54 79 70 65 73 3a 2f 74 65 78 74 61 72 65 61 7c 69 6e 70 75 74 7c 73 65 6c 65 63 74 2f 69 2c 6f 70 74 69 6f 6e 73 3a 7b 66 69 6c 74 65 72 49 6e 70 75 74 41 Data Ascii: :'"',",":"<",".":">","/":"?","\\":"\|"},textAcceptingInputTypes:["text","password","number","email","url","range","date","month","week","time","datetime","datetime-local","search","color","tel"],textInputTypes:/textarea\|input\|select/i,options:{filterInputA
2024-09-27 14:38:56 UTC	42	IN	Data Raw: 7d 7d 29 7d 29 28 6a 51 75 65 72 79 7c 7c 74 68 69 73 2e 6a 51 75 65 72 79 7c 7c 77 69 6e 64 6f 77 2e 6a 51 75 65 72 79 29 3b Data Ascii: }})})(jQuery\|\|this.jQuery\|\|window.jQuery);

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:38:56 UTC	992	OUT	GET /formpostdir/Image?key=logo_image_key_1%40path&r=33a498e7-5de7-4716-8255-4d6eb41f7fe3 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:38:57 UTC	635	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:38:57 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: max-age=2592000 Expires: Sun, 27 Oct 2024 14:38:57 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: image/gif X-CDN: Imperva X-Iinfo: 9-12355867-12355878 NNNN CT(174 171 0) RT(1727447936254 301) q(0 0 4 -1) r(5 5) U24
2024-09-27 14:38:57 UTC	49	IN	Data Raw: 32 62 0d 0a 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b 0d 0a Data Ascii: 2bGIF89a!,D;
2024-09-27 14:38:57 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:38:57 UTC	670	OUT	GET /securereader/javax.faces.resource/jquery/jquery-plugins.js.jsf?ln=primefaces&v=7.0.17 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:38:58 UTC	692	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:38:58 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Expires: Fri, 04 Oct 2024 14:38:58 GMT Last-Modified: Fri, 03 Feb 2023 21:07:08 GMT ETag: W/"267239-1675458428000" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: text/javascript X-CDN: Imperva X-Iinfo: 12-34824792-34824824 NNNN CT(213 1265 0) RT(1727447936741 352) q(0 0 15 -1) r(17 17) U24
2024-09-27 14:38:58 UTC	760	IN	Data Raw: 31 66 66 38 0d 0a 2f 2a 21 20 6a 51 75 65 72 79 20 55 49 20 2d 20 76 31 2e 31 32 2e 31 20 2d 20 32 30 31 37 2d 30 38 2d 30 39 0a 2a 20 68 74 74 70 3a 2f 2f 6a 71 75 65 72 79 75 69 2e 63 6f 6d 0a 2a 20 49 6e 63 6c 75 64 65 73 3a 20 77 69 64 67 65 74 2e 6a 73 2c 20 70 6f 73 69 74 69 6f 6e 2e 6a 73 2c 20 64 61 74 61 2e 6a 73 2c 20 64 69 73 61 62 6c 65 2d 73 65 6c 65 63 74 69 6f 6e 2e 6a 73 2c 20 66 6f 63 75 73 61 62 6c 65 2e 6a 73 2c 20 66 6f 72 6d 2d 72 65 73 65 74 2d 6d 69 78 69 6e 2e 6a 73 2c 20 6b 65 79 63 6f 64 65 2e 6a 73 2c 20 6c 61 62 65 6c 73 2e 6a 73 2c 20 73 63 72 6f 6c 6c 2d 70 61 72 65 6e 74 2e 6a 73 2c 20 74 61 62 62 61 62 6c 65 2e 6a 73 2c 20 75 6e 69 71 75 65 2d 69 64 2e 6a 73 2c 20 77 69 64 67 65 74 73 2f 64 72 61 67 67 61 62 6c 65 2e 6a 73 Data Ascii: 1ff8/! jQuery UI - v1.12.1 - 2017-08-09 http://jqueryui.com* Includes: widget.js, position.js, data.js, disable-selection.js, focusable.js, form-reset-mixin.js, keycode.js, labels.js, scroll-parent.js, tabbable.js, unique-id.js, widgets/draggable.js
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 6c 69 64 65 2e 6a 73 2c 20 65 66 66 65 63 74 73 2f 65 66 66 65 63 74 2d 74 72 61 6e 73 66 65 72 2e 6a 73 0a 2a 20 43 6f 70 79 72 69 67 68 74 20 6a 51 75 65 72 79 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 3b 20 4c 69 63 65 6e 73 65 64 20 4d 49 54 20 2a 2f 0a 28 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 64 65 66 69 6e 65 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 64 65 66 69 6e 65 2e 61 6d 64 29 7b 64 65 66 69 6e 65 28 5b 22 6a 71 75 65 72 79 22 5d 2c 61 29 7d 65 6c 73 65 7b 61 28 6a 51 75 65 72 79 29 7d 7d 28 66 75 6e 63 74 69 6f 6e 28 4b 29 7b 4b 2e 75 69 3d 4b 2e 75 69 7c 7c 7b 7d 3b 76 61 72 20 5a 3d 4b 2e 75 69 2e 76 65 72 73 69 6f 6e 3d 22 31 2e 31 32 2e 31 22 3b 0a Data Ascii: lide.js, effects/effect-transfer.js* Copyright jQuery Foundation and other contributors; Licensed MIT */(function(a){if(typeof define==="function"&&define.amd){define(["jquery"],a)}else{a(jQuery)}}(function(K){K.ui=K.ui\|\|{};var Z=K.ui.version="1.12.1";
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 68 69 73 2e 5f 73 75 70 65 72 3b 76 61 72 20 61 75 3d 74 68 69 73 2e 5f 73 75 70 65 72 41 70 70 6c 79 3b 76 61 72 20 61 76 3b 74 68 69 73 2e 5f 73 75 70 65 72 3d 61 72 3b 74 68 69 73 2e 5f 73 75 70 65 72 41 70 70 6c 79 3d 61 74 3b 61 76 3d 61 70 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 3b 74 68 69 73 2e 5f 73 75 70 65 72 3d 61 77 3b 74 68 69 73 2e 5f 73 75 70 65 72 41 70 70 6c 79 3d 61 75 3b 72 65 74 75 72 6e 20 61 76 7d 7d 29 28 29 7d 29 3b 61 6a 2e 70 72 6f 74 6f 74 79 70 65 3d 4b 2e 77 69 64 67 65 74 2e 65 78 74 65 6e 64 28 61 6e 2c 7b 77 69 64 67 65 74 45 76 65 6e 74 50 72 65 66 69 78 3a 61 6d 3f 28 61 6e 2e 77 69 64 67 65 74 45 76 65 6e 74 50 72 65 66 69 78 7c 7c 61 67 29 3a 61 67 7d 2c 61 69 2c 7b 63 6f 6e 73 74 72 75 63 74 Data Ascii: his._super;var au=this._superApply;var av;this._super=ar;this._superApply=at;av=ap.apply(this,arguments);this._super=aw;this._superApply=au;return av}})()});aj.prototype=K.widget.extend(an,{widgetEventPrefix:am?(an.widgetEventPrefix\|\|ag):ag},ai,{construct
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 7b 61 6d 3d 61 6f 26 26 61 6f 2e 6a 71 75 65 72 79 3f 61 6d 2e 70 75 73 68 53 74 61 63 6b 28 61 6f 2e 67 65 74 28 29 29 3a 61 6f 3b 72 65 74 75 72 6e 20 66 61 6c 73 65 7d 7d 29 7d 7d 65 6c 73 65 7b 69 66 28 61 6b 2e 6c 65 6e 67 74 68 29 7b 61 6c 3d 4b 2e 77 69 64 67 65 74 2e 65 78 74 65 6e 64 2e 61 70 70 6c 79 28 6e 75 6c 6c 2c 5b 61 6c 5d 2e 63 6f 6e 63 61 74 28 61 6b 29 29 7d 74 68 69 73 2e 65 61 63 68 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 6e 3d 4b 2e 64 61 74 61 28 74 68 69 73 2c 61 69 29 3b 69 66 28 61 6e 29 7b 61 6e 2e 6f 70 74 69 6f 6e 28 61 6c 7c 7c 7b 7d 29 3b 69 66 28 61 6e 2e 5f 69 6e 69 74 29 7b 61 6e 2e 5f 69 6e 69 74 28 29 7d 7d 65 6c 73 65 7b 4b 2e 64 61 74 61 28 74 68 69 73 2c 61 69 2c 6e 65 77 20 61 67 28 61 6c 2c 74 68 69 73 Data Ascii: {am=ao&&ao.jquery?am.pushStack(ao.get()):ao;return false}})}}else{if(ak.length){al=K.widget.extend.apply(null,[al].concat(ak))}this.each(function(){var an=K.data(this,ai);if(an){an.option(al\|\|{});if(an._init){an._init()}}else{K.data(this,ai,new ag(al,this
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 65 6d 6f 76 65 44 61 74 61 28 74 68 69 73 2e 77 69 64 67 65 74 46 75 6c 6c 4e 61 6d 65 29 3b 74 68 69 73 2e 77 69 64 67 65 74 28 29 2e 6f 66 66 28 74 68 69 73 2e 65 76 65 6e 74 4e 61 6d 65 73 70 61 63 65 29 2e 72 65 6d 6f 76 65 41 74 74 72 28 22 61 72 69 61 2d 64 69 73 61 62 6c 65 64 22 29 3b 74 68 69 73 2e 62 69 6e 64 69 6e 67 73 2e 6f 66 66 28 74 68 69 73 2e 65 76 65 6e 74 4e 61 6d 65 73 70 61 63 65 29 7d 2c 5f 64 65 73 74 72 6f 79 3a 4b 2e 6e 6f 6f 70 2c 77 69 64 67 65 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 65 6c 65 6d 65 6e 74 7d 2c 6f 70 74 69 6f 6e 3a 66 75 6e 63 74 69 6f 6e 28 61 6a 2c 61 6b 29 7b 76 61 72 20 61 67 3d 61 6a 3b 76 61 72 20 61 6c 3b 76 61 72 20 61 69 3b 76 61 72 20 61 68 3b 69 66 28 61 72 67 75 6d Data Ascii: emoveData(this.widgetFullName);this.widget().off(this.eventNamespace).removeAttr("aria-disabled");this.bindings.off(this.eventNamespace)},_destroy:K.noop,widget:function(){return this.element},option:function(aj,ak){var ag=aj;var al;var ai;var ah;if(argum
2024-09-27 14:38:58 UTC	1047	IN	Data Raw: 22 29 7d 7d 2c 65 6e 61 62 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 73 65 74 4f 70 74 69 6f 6e 73 28 7b 64 69 73 61 62 6c 65 64 3a 66 61 6c 73 65 7d 29 7d 2c 64 69 73 61 62 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 73 65 74 4f 70 74 69 6f 6e 73 28 7b 64 69 73 61 62 6c 65 64 3a 74 72 75 65 7d 29 7d 2c 5f 63 6c 61 73 73 65 73 3a 66 75 6e 63 74 69 6f 6e 28 61 67 29 7b 76 61 72 20 61 68 3d 5b 5d 3b 76 61 72 20 61 69 3d 74 68 69 73 3b 61 67 3d 4b 2e 65 78 74 65 6e 64 28 7b 65 6c 65 6d 65 6e 74 3a 74 68 69 73 2e 65 6c 65 6d 65 6e 74 2c 63 6c 61 73 73 65 73 3a 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 63 6c 61 73 73 65 73 7c 7c 7b 7d 7d 2c 61 67 29 3b 66 75 6e 63 74 69 6f 6e 20 61 6a 28 Data Ascii: ")}},enable:function(){return this._setOptions({disabled:false})},disable:function(){return this._setOptions({disabled:true})},_classes:function(ag){var ah=[];var ai=this;ag=K.extend({element:this.element,classes:this.options.classes\|\|{}},ag);function aj(
2024-09-27 14:38:58 UTC	575	IN	Data Raw: 5f 74 6f 67 67 6c 65 43 6c 61 73 73 3a 66 75 6e 63 74 69 6f 6e 28 61 6a 2c 61 6b 2c 61 67 2c 61 6c 29 7b 61 6c 3d 28 74 79 70 65 6f 66 20 61 6c 3d 3d 3d 22 62 6f 6f 6c 65 61 6e 22 29 3f 61 6c 3a 61 67 3b 76 61 72 20 61 68 3d 28 74 79 70 65 6f 66 20 61 6a 3d 3d 3d 22 73 74 72 69 6e 67 22 7c 7c 61 6a 3d 3d 3d 6e 75 6c 6c 29 2c 61 69 3d 7b 65 78 74 72 61 3a 61 68 3f 61 6b 3a 61 67 2c 6b 65 79 73 3a 61 68 3f 61 6a 3a 61 6b 2c 65 6c 65 6d 65 6e 74 3a 61 68 3f 74 68 69 73 2e 65 6c 65 6d 65 6e 74 3a 61 6a 2c 61 64 64 3a 61 6c 7d 3b 61 69 2e 65 6c 65 6d 65 6e 74 2e 74 6f 67 67 6c 65 43 6c 61 73 73 28 74 68 69 73 2e 5f 63 6c 61 73 73 65 73 28 61 69 29 2c 61 6c 29 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 2c 5f 6f 6e 3a 66 75 6e 63 74 69 6f 6e 28 61 6a 2c 61 69 2c 61 Data Ascii: _toggleClass:function(aj,ak,ag,al){al=(typeof al==="boolean")?al:ag;var ah=(typeof aj==="string"\|\|aj===null),ai={extra:ah?ak:ag,keys:ah?aj:ak,element:ah?this.element:aj,add:al};ai.element.toggleClass(this._classes(ai),al);return this},_on:function(aj,ai,a
2024-09-27 14:38:58 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-09-27 14:38:59 UTC	1452	IN	Data Raw: 31 66 66 38 0d 0a 3f 61 67 5b 61 70 5d 3a 61 70 29 2e 61 70 70 6c 79 28 61 67 2c 61 72 67 75 6d 65 6e 74 73 29 7d 69 66 28 74 79 70 65 6f 66 20 61 70 21 3d 3d 22 73 74 72 69 6e 67 22 29 7b 61 6e 2e 67 75 69 64 3d 61 70 2e 67 75 69 64 3d 61 70 2e 67 75 69 64 7c 7c 61 6e 2e 67 75 69 64 7c 7c 4b 2e 67 75 69 64 2b 2b 7d 76 61 72 20 61 6f 3d 61 71 2e 6d 61 74 63 68 28 2f 5e 28 5b 5c 77 3a 2d 5d 2a 29 5c 73 2a 28 2e 2a 29 24 2f 29 3b 76 61 72 20 61 6d 3d 61 6f 5b 31 5d 2b 61 67 2e 65 76 65 6e 74 4e 61 6d 65 73 70 61 63 65 3b 76 61 72 20 61 6c 3d 61 6f 5b 32 5d 3b 69 66 28 61 6c 29 7b 61 6b 2e 6f 6e 28 61 6d 2c 61 6c 2c 61 6e 29 7d 65 6c 73 65 7b 61 69 2e 6f 6e 28 61 6d 2c 61 6e 29 7d 7d 29 7d 2c 5f 6f 66 66 3a 66 75 6e 63 74 69 6f 6e 28 61 68 2c 61 67 29 7b 61 Data Ascii: 1ff8?ag[ap]:ap).apply(ag,arguments)}if(typeof ap!=="string"){an.guid=ap.guid=ap.guid\|\|an.guid\|\|K.guid++}var ao=aq.match(/^([\w:-])\s(.*)$/);var am=ao[1]+ag.eventNamespace;var al=ao[2];if(al){ak.on(am,al,an)}else{ai.on(am,an)}})},_off:function(ah,ag){a
2024-09-27 14:38:59 UTC	1452	IN	Data Raw: 65 6e 74 5b 30 5d 2c 5b 61 68 5d 2e 63 6f 6e 63 61 74 28 61 69 29 29 3d 3d 3d 66 61 6c 73 65 7c 7c 61 68 2e 69 73 44 65 66 61 75 6c 74 50 72 65 76 65 6e 74 65 64 28 29 29 7d 7d 3b 4b 2e 65 61 63 68 28 7b 73 68 6f 77 3a 22 66 61 64 65 49 6e 22 2c 68 69 64 65 3a 22 66 61 64 65 4f 75 74 22 7d 2c 66 75 6e 63 74 69 6f 6e 28 61 68 2c 61 67 29 7b 4b 2e 57 69 64 67 65 74 2e 70 72 6f 74 6f 74 79 70 65 5b 22 5f 22 2b 61 68 5d 3d 66 75 6e 63 74 69 6f 6e 28 61 6b 2c 61 6a 2c 61 6d 29 7b 69 66 28 74 79 70 65 6f 66 20 61 6a 3d 3d 3d 22 73 74 72 69 6e 67 22 29 7b 61 6a 3d 7b 65 66 66 65 63 74 3a 61 6a 7d 7d 76 61 72 20 61 6c 3b 76 61 72 20 61 69 3d 21 61 6a 3f 61 68 3a 61 6a 3d 3d 3d 74 72 75 65 7c 7c 74 79 70 65 6f 66 20 61 6a 3d 3d 3d 22 6e 75 6d 62 65 72 22 3f 61 67 Data Ascii: ent[0],[ah].concat(ai))===false\|\|ah.isDefaultPrevented())}};K.each({show:"fadeIn",hide:"fadeOut"},function(ah,ag){K.Widget.prototype["_"+ah]=function(ak,aj,am){if(typeof aj==="string"){aj={effect:aj}}var al;var ai=!aj?ah:aj===true\|\|typeof aj==="number"?ag

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:38:58 UTC	883	OUT	GET /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1190947317 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:38:58 UTC	138	IN	HTTP/1.1 200 OK Cache-Control: no-cache, no-store Content-Type: application/javascript X-Robots-Tag: noindex Content-Length: 83982
2024-09-27 14:38:58 UTC	1314	IN	Data Raw: 76 61 72 20 5f 30 78 39 63 63 31 3d 5b 27 5c 78 34 36 5c 78 36 33 5c 78 34 62 5c 78 33 36 5c 78 37 37 5c 78 37 30 5c 78 36 62 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 33 35 5c 78 34 36 5c 78 34 36 5c 78 37 37 5c 78 37 32 5c 78 37 37 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 32 5c 78 34 35 5c 78 37 61 5c 78 37 37 5c 78 37 30 5c 78 36 32 5c 78 34 33 5c 78 36 62 5c 78 34 31 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 33 34 5c 78 36 32 5c 78 34 34 5c 78 37 32 5c 78 37 33 5c 78 34 62 5c 78 37 32 27 2c 27 5c 78 37 37 5c 78 37 32 5c 78 37 34 5c 78 34 38 5c 78 35 38 5c 78 35 31 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 31 5c 78 35 34 5c 78 34 33 5c 78 37 33 5c 78 37 33 5c 78 34 66 5c 78 35 33 5c 78 35 30 5c 78 34 64 5c 78 34 62 5c 78 35 36 5c 78 Data Ascii: var _0x9cc1=['\x46\x63\x4b\x36\x77\x70\x6b\x3d','\x77\x35\x46\x46\x77\x72\x77\x3d','\x77\x72\x45\x7a\x77\x70\x62\x43\x6b\x41\x3d\x3d','\x77\x34\x62\x44\x72\x73\x4b\x72','\x77\x72\x74\x48\x58\x51\x3d\x3d','\x77\x71\x54\x43\x73\x73\x4f\x53\x50\x4d\x4b\x56\x
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 5c 78 35 32 5c 78 32 66 5c 78 36 32 5c 78 37 33 5c 78 34 62 5c 78 37 31 5c 78 37 37 5c 78 37 30 5c 78 34 61 5c 78 36 32 5c 78 37 37 5c 78 33 35 5c 78 36 66 5c 78 34 34 5c 78 35 38 5c 78 34 33 5c 78 33 31 5c 78 37 37 5c 78 35 32 5c 78 37 33 5c 78 34 62 5c 78 33 32 5c 78 37 37 5c 78 36 66 5c 78 37 33 5c 78 34 37 27 2c 27 5c 78 37 37 5c 78 33 36 5c 78 35 39 5c 78 36 32 5c 78 37 37 5c 78 33 34 5c 78 35 34 5c 78 34 34 5c 78 36 39 5c 78 37 37 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 36 66 5c 78 33 31 5c 78 37 30 5c 78 37 37 5c 78 33 36 5c 78 34 32 5c 78 37 34 5c 78 36 33 5c 78 37 33 5c 78 34 62 5c 78 33 32 5c 78 37 37 5c 78 33 35 5c 78 35 39 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 31 5c 78 36 65 5c 78 34 34 5c 78 37 32 5c 78 33 30 5c 78 33 37 5c 78 Data Ascii: \x52\x2f\x62\x73\x4b\x71\x77\x70\x4a\x62\x77\x35\x6f\x44\x58\x43\x31\x77\x52\x73\x4b\x32\x77\x6f\x73\x47','\x77\x36\x59\x62\x77\x34\x54\x44\x69\x77\x3d\x3d','\x77\x6f\x31\x70\x77\x36\x42\x74\x63\x73\x4b\x32\x77\x35\x59\x3d','\x77\x71\x6e\x44\x72\x30\x37\x
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 78 33 64 27 2c 27 5c 78 36 32 5c 78 33 38 5c 78 34 62 5c 78 34 66 5c 78 37 37 5c 78 37 30 5c 78 34 34 5c 78 34 34 5c 78 36 63 5c 78 35 36 5c 78 33 39 5c 78 35 37 27 2c 27 5c 78 37 37 5c 78 36 66 5c 78 36 38 5c 78 33 34 5c 78 37 37 5c 78 33 34 5c 78 36 62 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 32 5c 78 36 34 5c 78 37 30 5c 78 35 33 5c 78 36 37 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 32 5c 78 33 33 5c 78 34 34 5c 78 37 30 5c 78 35 37 5c 78 35 39 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 31 5c 78 36 65 5c 78 34 33 5c 78 36 63 5c 78 36 33 5c 78 34 66 5c 78 36 31 27 2c 27 5c 78 37 37 5c 78 37 32 5c 78 34 36 5c 78 34 35 5c 78 35 33 5c 78 36 64 5c 78 36 63 5c 78 36 31 5c 78 36 36 5c 78 37 37 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 33 Data Ascii: x3d','\x62\x38\x4b\x4f\x77\x70\x44\x44\x6c\x56\x39\x57','\x77\x6f\x68\x34\x77\x34\x6b\x3d','\x77\x72\x64\x70\x53\x67\x3d\x3d','\x77\x72\x33\x44\x70\x57\x59\x3d','\x77\x71\x6e\x43\x6c\x63\x4f\x61','\x77\x72\x46\x45\x53\x6d\x6c\x61\x66\x77\x3d\x3d','\x77\x3
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 78 36 32 5c 78 34 33 5c 78 37 32 5c 78 34 31 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 32 5c 78 35 35 5c 78 35 30 5c 78 34 64 5c 78 36 33 5c 78 34 66 5c 78 37 33 5c 78 37 37 5c 78 37 30 5c 78 33 38 5c 78 35 34 5c 78 37 37 5c 78 33 36 5c 78 32 66 5c 78 34 33 5c 78 36 38 5c 78 35 31 5c 78 37 32 5c 78 34 34 5c 78 37 30 5c 78 35 34 5c 78 34 63 5c 78 34 33 5c 78 37 35 5c 78 36 33 5c 78 34 62 5c 78 35 33 5c 78 35 30 5c 78 37 37 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 30 5c 78 37 38 5c 78 33 32 5c 78 37 37 5c 78 33 36 5c 78 35 31 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 31 5c 78 35 38 5c 78 34 34 5c 78 37 31 5c 78 36 62 5c 78 35 38 5c 78 34 34 5c 78 37 33 5c 78 34 35 5c 78 33 33 5c 78 34 34 5c 78 36 38 5c 78 36 37 5c 78 33 64 5c 78 33 Data Ascii: x62\x43\x72\x41\x3d\x3d','\x77\x72\x55\x50\x4d\x63\x4f\x73\x77\x70\x38\x54\x77\x36\x2f\x43\x68\x51\x72\x44\x70\x54\x4c\x43\x75\x63\x4b\x53\x50\x77\x3d\x3d','\x77\x70\x78\x32\x77\x36\x51\x3d','\x77\x71\x58\x44\x71\x6b\x58\x44\x73\x45\x33\x44\x68\x67\x3d\x3
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 27 2c 27 5c 78 37 37 5c 78 33 36 5c 78 34 38 5c 78 34 33 5c 78 36 61 5c 78 34 64 5c 78 34 66 5c 78 37 61 27 2c 27 5c 78 37 37 5c 78 33 36 5c 78 34 38 5c 78 34 33 5c 78 36 65 5c 78 34 37 5c 78 33 35 5c 78 36 37 5c 78 37 37 5c 78 37 30 5c 78 33 37 5c 78 34 33 5c 78 36 63 5c 78 33 32 5c 78 36 33 5c 78 34 66 5c 78 37 37 5c 78 36 66 5c 78 34 39 5c 78 37 30 5c 78 34 33 5c 78 33 31 5c 78 33 37 5c 78 34 34 5c 78 37 30 5c 78 37 33 5c 78 34 66 5c 78 36 36 5c 78 37 37 5c 78 36 66 5c 78 33 37 5c 78 34 33 5c 78 36 64 5c 78 37 33 5c 78 34 66 5c 78 36 35 5c 78 37 37 5c 78 33 35 5c 78 37 32 5c 78 34 33 5c 78 36 66 5c 78 36 33 5c 78 34 66 5c 78 35 35 5c 78 37 37 5c 78 33 37 5c 78 35 38 5c 78 34 34 5c 78 37 36 5c 78 35 33 5c 78 35 38 5c 78 34 34 5c 78 37 31 5c 78 33 38 5c Data Ascii: ','\x77\x36\x48\x43\x6a\x4d\x4f\x7a','\x77\x36\x48\x43\x6e\x47\x35\x67\x77\x70\x37\x43\x6c\x32\x63\x4f\x77\x6f\x49\x70\x43\x31\x37\x44\x70\x73\x4f\x66\x77\x6f\x37\x43\x6d\x73\x4f\x65\x77\x35\x72\x43\x6f\x63\x4f\x55\x77\x37\x58\x44\x76\x53\x58\x44\x71\x38\
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 36 35 5c 78 36 32 5c 78 33 38 5c 78 34 62 5c 78 37 61 27 2c 27 5c 78 34 65 5c 78 36 33 5c 78 34 62 5c 78 37 34 5c 78 37 37 5c 78 37 31 5c 78 34 64 5c 78 36 65 5c 78 34 35 5c 78 34 64 5c 78 34 62 5c 78 35 35 5c 78 36 32 5c 78 36 33 5c 78 34 62 5c 78 36 37 5c 78 37 37 5c 78 33 37 5c 78 37 61 5c 78 34 34 5c 78 37 36 5c 78 36 37 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 35 36 5c 78 35 33 5c 78 33 33 5c 78 34 33 5c 78 37 32 5c 78 36 37 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 34 33 5c 78 37 39 5c 78 36 36 5c 78 34 34 5c 78 37 31 5c 78 36 33 5c 78 34 62 5c 78 34 37 5c 78 37 37 5c 78 37 31 5c 78 37 61 5c 78 34 34 5c 78 36 62 5c 78 34 31 5c 78 35 61 5c 78 36 62 5c 78 37 37 5c 78 37 30 5c 78 36 32 5c 78 34 34 5c 78 36 64 5c 78 33 38 5c 78 34 66 5c 78 33 31 5c 78 37 37 Data Ascii: 65\x62\x38\x4b\x7a','\x4e\x63\x4b\x74\x77\x71\x4d\x6e\x45\x4d\x4b\x55\x62\x63\x4b\x67\x77\x37\x7a\x44\x76\x67\x3d\x3d','\x56\x53\x33\x43\x72\x67\x3d\x3d','\x43\x79\x66\x44\x71\x63\x4b\x47\x77\x71\x7a\x44\x6b\x41\x5a\x6b\x77\x70\x62\x44\x6d\x38\x4f\x31\x77
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 5c 78 34 63 5c 78 34 33 5c 78 36 66 5c 78 36 39 5c 78 37 37 5c 78 34 31 5c 78 36 31 5c 78 37 37 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 32 5c 78 34 65 5c 78 34 39 5c 78 37 37 5c 78 33 36 5c 78 33 30 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 33 35 5c 78 37 32 5c 78 34 34 5c 78 36 64 5c 78 34 38 5c 78 36 62 5c 78 33 64 27 2c 27 5c 78 35 37 5c 78 33 31 5c 78 33 34 5c 78 37 33 5c 78 37 37 5c 78 33 34 5c 78 35 30 5c 78 34 34 5c 78 36 62 5c 78 35 35 5c 78 37 36 5c 78 34 33 5c 78 36 61 5c 78 33 33 5c 78 33 38 5c 78 35 38 5c 78 37 37 5c 78 33 35 5c 78 37 34 5c 78 34 38 27 2c 27 5c 78 37 37 5c 78 33 35 5c 78 32 66 5c 78 34 34 5c 78 37 30 5c 78 36 64 5c 78 37 33 5c 78 37 39 5c 78 37 37 5c 78 33 37 5c 78 37 37 5c 78 33 32 5c 78 34 65 5c 78 36 37 5c 78 34 Data Ascii: \x4c\x43\x6f\x69\x77\x41\x61\x77\x3d\x3d','\x77\x72\x4e\x49\x77\x36\x30\x3d','\x77\x35\x72\x44\x6d\x48\x6b\x3d','\x57\x31\x34\x73\x77\x34\x50\x44\x6b\x55\x76\x43\x6a\x33\x38\x58\x77\x35\x74\x48','\x77\x35\x2f\x44\x70\x6d\x73\x79\x77\x37\x77\x32\x4e\x67\x4
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 5c 78 37 34 5c 78 32 62 27 2c 27 5c 78 37 37 5c 78 37 30 5c 78 35 30 5c 78 34 34 5c 78 37 32 5c 78 33 31 5c 78 34 35 5c 78 36 39 5c 78 37 37 5c 78 33 35 5c 78 33 31 5c 78 36 36 27 2c 27 5c 78 34 36 5c 78 33 38 5c 78 34 62 5c 78 36 66 5c 78 37 37 5c 78 36 66 5c 78 35 31 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 32 5c 78 36 62 5c 78 34 34 5c 78 34 36 5c 78 36 37 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 36 31 5c 78 33 38 5c 78 34 62 5c 78 37 38 5c 78 37 37 5c 78 37 32 5c 78 34 31 5c 78 36 37 5c 78 34 65 5c 78 36 37 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 34 66 5c 78 37 33 5c 78 34 62 5c 78 36 37 5c 78 37 37 5c 78 37 31 5c 78 37 37 5c 78 37 39 5c 78 34 61 5c 78 33 38 5c 78 34 62 5c 78 35 34 27 2c 27 5c 78 37 37 5c 78 33 35 5c 78 36 34 5c 78 37 31 5c 78 37 37 5c Data Ascii: \x74\x2b','\x77\x70\x50\x44\x72\x31\x45\x69\x77\x35\x31\x66','\x46\x38\x4b\x6f\x77\x6f\x51\x3d','\x77\x72\x6b\x44\x46\x67\x3d\x3d','\x61\x38\x4b\x78\x77\x72\x41\x67\x4e\x67\x3d\x3d','\x4f\x73\x4b\x67\x77\x71\x77\x79\x4a\x38\x4b\x54','\x77\x35\x64\x71\x77\
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 37 36 5c 78 34 33 5c 78 37 35 5c 78 35 33 5c 78 37 37 5c 78 36 34 5c 78 36 32 5c 78 36 33 5c 78 34 62 5c 78 35 33 5c 78 37 37 5c 78 37 30 5c 78 35 35 5c 78 34 63 5c 78 37 37 5c 78 33 36 5c 78 32 66 5c 78 34 34 5c 78 37 35 5c 78 33 38 5c 78 34 62 5c 78 34 32 5c 78 37 37 5c 78 36 66 5c 78 35 34 5c 78 34 33 5c 78 36 38 5c 78 33 30 5c 78 33 37 5c 78 34 34 5c 78 37 33 5c 78 35 31 5c 78 33 38 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 32 5c 78 34 35 5c 78 34 34 5c 78 37 37 5c 78 37 31 5c 78 33 35 5c 78 33 39 5c 78 37 37 5c 78 33 36 5c 78 35 39 5c 78 33 33 5c 78 37 37 5c 78 33 37 5c 78 35 61 5c 78 37 30 5c 78 37 37 5c 78 33 34 5c 78 35 35 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 33 36 5c 78 34 32 5c 78 33 39 5c 78 37 37 5c 78 37 32 5c 78 36 36 5c 78 34 33 5c 78 37 Data Ascii: 76\x43\x75\x53\x77\x64\x62\x63\x4b\x53\x77\x70\x55\x4c\x77\x36\x2f\x44\x75\x38\x4b\x42\x77\x6f\x54\x43\x68\x30\x37\x44\x73\x51\x38\x3d','\x77\x72\x45\x44\x77\x71\x35\x39\x77\x36\x59\x33\x77\x37\x5a\x70\x77\x34\x55\x3d','\x77\x36\x42\x39\x77\x72\x66\x43\x7
2024-09-27 14:38:58 UTC	1452	IN	Data Raw: 37 5c 78 34 31 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 34 66 5c 78 35 37 5c 78 35 32 5c 78 35 30 5c 78 37 37 5c 78 33 37 5c 78 34 32 5c 78 34 34 5c 78 37 37 5c 78 33 37 5c 78 32 66 5c 78 34 34 5c 78 37 31 5c 78 33 38 5c 78 34 66 5c 78 34 36 5c 78 37 37 5c 78 37 31 5c 78 34 64 5c 78 33 64 27 2c 27 5c 78 35 34 5c 78 36 39 5c 78 37 36 5c 78 34 33 5c 78 37 33 5c 78 34 64 5c 78 34 62 5c 78 35 34 5c 78 37 37 5c 78 33 36 5c 78 33 38 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 36 66 5c 78 37 36 5c 78 34 33 5c 78 36 39 5c 78 37 33 5c 78 34 62 5c 78 36 31 5c 78 37 37 5c 78 33 37 5c 78 36 37 5c 78 35 37 5c 78 34 33 5c 78 34 35 5c 78 36 34 5c 78 32 62 5c 78 35 37 5c 78 36 37 5c 78 33 64 5c 78 33 64 27 2c 27 5c 78 37 37 5c 78 37 31 5c 78 37 36 5c 78 34 33 5c 78 37 30 5c 78 Data Ascii: 7\x41\x3d\x3d','\x4f\x57\x52\x50\x77\x37\x42\x44\x77\x37\x2f\x44\x71\x38\x4f\x46\x77\x71\x4d\x3d','\x54\x69\x76\x43\x73\x4d\x4b\x54\x77\x36\x38\x3d','\x77\x6f\x76\x43\x69\x73\x4b\x61\x77\x37\x67\x57\x43\x45\x64\x2b\x57\x67\x3d\x3d','\x77\x71\x76\x43\x70\x
2024-09-27 14:38:58 UTC	3869	OUT	GET /_Incapsula_Resource?SWKMTFSR=1&e=0.2987383674441728 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==; ___utmvc=ezRt5BS0QrxO+LoAUzOLDXONnzLbYwHOrB4ZXLi5h6JrueemerHUR+XM3nL59tkK7BIJw5eaRokwgyUHueBKy/3ajJ2T/sUzetWtV9nc8E8yMOSDGVmE770RJhxew869WQ6hQ7w+d2H5zHTlypZrtO1y1OdKJmLLLc+kAHplUi7lwSHYYGmX3I+xEdN37cpQ+amO1iyPJRx9uHSX4q9InnH7Q4ElrXxNok82S6Z7l1yXeytc1RRcVOVSeTJvMHK1OUjInZ7hFukYWVmWm1YoAEG9FhyLPlCCLUbkBEKNfkDMJtzAZ+gkkOJf7c39dlPRuZREndxwwqtRBBNzSBnCQyr+JK+2G1qQJaJzgrQu3TR8DMiLhBsKfnlB7uLSgknw9/3w/jkL2hY8LaVkRQ54G0RSCGxycq1i6MulMafRHtlkdBV5JfiOsDHrk88tmcrJ7qv+oNVIiLi3wT1sXvWu+SLnv6xwtPAWNtjLbxfiVlloGbkHsHERirlhl3CoKQBeyFHdApWqj0ZZORaU81QnCv70mgen3xYKkVxHEOtFD+hPyEdgKP3katiOJenFUFLW3TARBrrM24ZFTWUmA2deoJNoI/lKfOlJ23whnLWqCKR9yJAMT06UHfEkFK7ODshDP4rURQUx0gRNdYCuOOK2NYGmLqf6x5flvoYRviIV9auxjAK1YZgZ6IjM0jwHug0hZeq/y3z+xL7DhMBJ1/uqtWtXjh7AcfqSFjgz01Yw7ahgXKEQ9PQOkqmlUvkti7TWNYIfzHtCLv7yovQH/41xi2RUutVj9ZsaKtgr8u4TbjSNia/KN0Q91GviJF [TRUNCATED]

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:38:58 UTC	936	OUT	GET /formpostdir/fonts/sourcesanspro-regular.ttf.woff HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://securemail.zionsbancorp.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:38:59 UTC	725	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:38:59 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Accept-Ranges: bytes ETag: W/"128612-1712877320000" Last-Modified: Thu, 11 Apr 2024 23:15:20 GMT Content-Length: 128612 Cache-Control: max-age=0 Expires: Fri, 27 Sep 2024 14:38:59 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Content-Type: font/woff X-CDN: Imperva X-Iinfo: 14-53081027-53081079 NNNN CT(70 751 0) RT(1727447937829 295) q(0 0 8 -1) r(9 9) U24
2024-09-27 14:38:59 UTC	727	IN	Data Raw: 77 4f 46 46 00 01 00 00 00 01 f6 64 00 13 00 00 00 04 7c 48 00 02 00 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 42 41 53 45 00 01 e5 18 00 00 00 3a 00 00 00 3a 8b 19 94 b1 44 53 49 47 00 01 e5 54 00 00 11 0d 00 00 18 fc 90 16 06 f3 47 44 45 46 00 01 76 8c 00 00 02 78 00 00 03 c2 83 24 87 b4 47 50 4f 53 00 01 79 04 00 00 51 4d 00 01 02 16 0c ca 3b 13 47 53 55 42 00 01 ca 54 00 00 1a c2 00 00 3c 5a 92 a2 9d 89 4f 53 2f 32 00 00 02 24 00 00 00 59 00 00 00 60 5d b0 d7 80 63 6d 61 70 00 00 0e 38 00 00 1d 58 00 00 36 86 97 c0 f1 5b 63 76 74 20 00 00 2c e8 00 00 00 2a 00 00 00 2a 01 22 0d ca 66 70 67 6d 00 00 2b 90 00 00 01 02 00 00 01 73 06 59 9c 37 67 61 73 70 00 01 76 84 00 00 00 08 00 00 00 08 ff ff 00 03 67 6c 79 66 00 00 3f ec 00 01 0e Data Ascii: wOFFd\|HBASE::DSIGTGDEFvx$GPOSyQM;GSUBT<ZOS/2$Y`]cmap8X6[cvt ,**"fpgm+sY7gaspvglyf?
2024-09-27 14:38:59 UTC	1452	IN	Data Raw: e7 be fb 3e 3f 23 09 89 8e 7f 34 33 bf 39 77 7b 77 3d f7 9c 73 bf d8 5b 64 be e8 5f 43 84 cd 96 c0 9e 2e 75 76 a2 94 d9 0b 90 bd a4 ce 7c 84 bc 88 fc 5a d2 69 b0 43 86 d9 29 c8 dd 94 6f 87 35 70 3b f5 63 bd 1c 8f ec 2f 23 6d a6 0c b1 ab a5 d6 06 22 41 5f 19 60 8d f4 32 ef 84 a1 1d 2c 85 e6 73 da 15 48 8d 69 90 22 3b 4a 8a cd 27 52 64 86 4b 16 e5 85 cc a1 46 5a 65 8a 1c 0c ff 65 3e 26 1d 4a 4d 30 49 6a 6c 1e 64 b9 f6 35 ee 9b 05 7c 7f b7 0c 31 35 92 c9 37 a7 99 37 e4 47 76 9b 64 9a 27 25 43 d3 66 03 f3 d4 f5 fc 00 04 63 a5 7b 8c 5d 20 59 89 3d 6b 8b ee 61 cc b5 92 a3 fb d9 45 a6 1f b1 5c cf e3 68 70 5e 09 36 4b b6 49 0b bf e4 fc 66 22 3f 86 d7 61 1f 7c 45 d9 8c a8 4c 2a 61 16 8c 22 df 1c 9f 73 0c e7 3d 47 cf bc 0d e2 e4 9e f0 90 d3 85 ed 49 3a d1 11 aa 27 Data Ascii: >?#439w{w=s[d_C.uv\|ZiC)o5p;c/#m"A_`2,sHi";J'RdKFZee>&JM0Ijld5\|1577Gvd'%Cfc{] Y=kaE\hp^6KIf"?a\|EL*a"s=GI:'
2024-09-27 14:38:59 UTC	1452	IN	Data Raw: 20 11 d7 44 7e 41 e3 81 ff 10 cf 3c e9 d6 54 43 ec 33 d1 36 21 3f 83 33 38 cf bb 68 bb cf b5 cf b4 ef 53 66 89 2f 7c 9c 6d 87 13 c3 ac f3 7d dd ed fc a8 c6 cf 7b 8c 41 4f 89 3f ec 7b f4 dd 1a c5 d7 df 98 93 ce 51 c7 2d 22 5d c5 18 1a 7f be 4b 3c 72 27 e5 f7 e1 6b b7 b1 ae 6d ac 6b 9b 5f 57 26 ed 62 16 d3 3e 66 02 71 54 83 8f b1 94 f7 59 43 77 e6 af 31 96 ee cd c6 68 6f 34 b6 8a df 25 7e ee d1 5e c5 b1 af ff 9e 37 51 71 50 cf f7 e7 b1 c6 66 6c 5b 33 be b7 59 86 c3 20 e8 03 03 a1 c4 d7 15 c0 08 9f 1e 8d af af 30 4b 89 f9 3e 23 26 a2 bd 4d 93 5c 6d 4f fc 34 89 fd 1b 8d ac 80 32 6d e7 da b6 df ff 89 49 fd 67 d9 54 f4 68 a9 8b 25 0b 5c bf a9 ae cd 40 e4 78 b3 87 7e d3 88 39 52 89 b9 3a d7 df 08 6f 37 62 1b 52 1c 3c 2c e7 98 1c 99 e7 d8 40 3f 1b a4 84 f2 39 c8 Data Ascii: D~A<TC36!?38hSf/\|m}{AO?{Q-"]K<r'kmk_W&b>fqTYCw1ho4%~^7QqPfl[3Y 0K>#&M\mO42mIgTh%\@x~9R:o7bR<,@?9
2024-09-27 14:38:59 UTC	1452	IN	Data Raw: ac ff 01 7a 46 0b 9b 00 00 78 da d5 9a 77 98 54 c5 b6 f6 d7 aa aa a9 6d 04 c4 23 49 a7 6a 77 c3 80 82 02 62 40 40 0c 18 c1 84 98 10 50 04 8c 88 12 c4 84 92 54 44 0c 80 04 31 a0 12 94 2c 20 28 41 44 04 15 33 82 24 91 cc c0 80 f9 98 f5 a0 cc 7d 57 af ed f9 ee 3d e7 3e f7 bb ff de f1 f9 4d b5 4d 4f f7 ae 5a e9 5d 6b 37 11 15 11 91 25 32 b5 b0 3a a2 4a 5f 12 93 fc 1c 8d 67 b9 f0 bc a5 03 0a cf 7b fe 0d cf ef 4f bf ca eb 0b 3f 7f ad ff f3 8f 75 f7 ba 81 6e a9 9f e2 97 ba d3 dc 00 f7 94 7b da 4d f4 eb dc 5d ee 51 77 a7 7b de 9d ee 5a b8 33 dc 99 ee 2c 77 b6 3b c7 9d eb 5a ba 56 ee 6e d7 c7 6f f2 1b fd 66 d7 cf 2d c1 75 15 91 a7 84 f6 c3 a7 1f 40 07 d2 41 74 30 55 a0 8a 54 89 0e a1 ca 74 28 fd 8d 0e a3 2a 54 95 aa 51 75 aa 41 87 d3 11 54 ec 9e 71 e3 dd 58 bf dd Data Ascii: zFxwTm#Ijwb@@PTD1, (AD3$}W=>MMOZ]k7%2:J_g{O?un{M]Qw{Z3,w;ZVnof-u@At0UTt(*TQuATqX
2024-09-27 14:38:59 UTC	1452	IN	Data Raw: cb fb 94 df 5b de af fc 95 f2 79 e5 0b ca 17 96 2f fa ff 95 9c 2f 9a 82 13 41 13 d0 78 4f e9 9e 1d 7b 36 fe 4f af df 71 24 51 e9 17 f2 a8 74 4f 69 df d2 fe a5 5b fe fa 97 d2 8d a5 37 97 de 52 ba ba 74 6d 69 97 d2 6b 4b bb 64 cf 2e 29 5d 8a df 8b c1 c2 7f 7d af dd 0f ff f5 68 e7 65 44 65 6b ca 56 ef bc 08 6b 1f 79 66 d7 02 30 6f d7 dc b2 03 ca 2a 94 1d 54 76 60 19 2a 6b d9 c1 65 ae 0c 95 b4 8c 76 6d c2 fb 8d 2d 7d 6a d7 f2 5d cb f0 ba db 76 f5 de 75 fe ae 4e 3b cb 76 ee da b9 15 ef 36 0d bc b7 f3 8d 9d 63 77 de b7 b3 cf f6 11 db 2f db 7e ce f6 b3 b6 9f be fd d4 ed 38 d9 ed 97 6e fb 7e db d3 5b ff be 75 d2 a6 8f d6 8d 58 77 79 e1 02 0a 95 9c b7 f1 3e 13 90 7d 9f 30 6b cc 2f b6 92 6d 54 b0 c8 d9 a8 b4 ad b0 b6 72 37 ba ae ae 9b bb d5 f5 40 dc f4 2e fc db 1d Data Ascii: [y//AxO{6Oq$QtOi[7RtmikKd.)]}heDekVkyf0oTv`kevm-}j]vuN;v6cw/~8n~[uXwy>}0k/mTr7@.
2024-09-27 14:38:59 UTC	1042	IN	Data Raw: 77 f3 bd f9 c1 0c 31 0f 9b c7 cc 50 33 cc 0c 37 8f a3 7f f9 c5 fc 6a 8d b5 d6 d9 22 eb 6d 82 5e e6 39 a8 dc 09 66 a2 79 c1 bc 68 26 d9 fd ed 01 f6 60 5b 01 0a b7 12 34 6e 65 33 d9 4c 31 d3 cd 0c f3 92 99 69 66 99 d9 b6 ba ad 61 96 da e3 a0 7a 1b db 93 a0 7c 9b da 66 f6 64 f3 b6 79 c7 bc 67 de 37 1f 98 0f d1 0b 7d 6c be 32 5f 9b df cc ef 50 ca 6c 0f 44 57 74 b8 3d c2 96 d8 da f6 04 7b a2 f9 04 2a 7a 95 f9 d4 ac 46 6d 5f 6b d6 d9 f3 ec f9 50 d5 1b cc e7 66 a3 d9 64 36 a3 8f da 6a af b0 6d cd 76 b3 c3 94 9a 9d 66 97 29 33 bb cd 1e f3 a3 f9 c9 9e 6e 4f b1 2d cc cf b6 a5 19 09 8d fe 88 79 d4 ac b0 3d 6d 0f db cb de 6b fb db 0b 6c 2b 7b a1 dd cf 5e 66 c6 40 bf 3f 6f c6 99 f5 f6 0e 7b 17 54 f9 a1 f6 6f b6 8a ad 6a 0f b3 d5 cc cb 50 f4 53 cd 34 7b a7 bd db de 03 Data Ascii: w1P37j"m^9fyh&`[4ne3L1ifaz\|fdyg7}l2_PlDWt={*zFm_kPfd6jmvf)3nO-y=mkl+{^f@?o{TojPS4{
2024-09-27 14:38:59 UTC	607	IN	Data Raw: a0 7f e6 54 a1 9e d9 df 0b c7 a9 af 14 fc a5 57 76 dd c2 f1 d9 b5 4a 9d b8 33 bb 3e 01 b1 06 7d 53 40 72 22 74 8e 82 7c 0d bd 53 40 72 1f 74 8f 82 bc 0c fd 53 80 50 47 a0 83 94 16 e0 68 85 1e c4 7a 4c c6 b9 d9 9e a5 66 0c c2 da 20 e3 6c d0 50 a1 81 d9 3e 85 96 d9 de 1a a9 6f 16 f6 23 2c c9 f6 00 68 30 d6 13 32 5a 81 13 15 7a 08 6b e3 8c f3 b2 bd 09 c8 1b d0 99 05 08 f1 c8 4d 33 2e 02 cd 14 7a 2c db b3 d0 46 63 ac 10 67 a8 77 7c 4a 46 6b 70 aa 42 43 b3 b3 10 2e d6 38 2c c4 e2 88 ec 2c 04 f1 c3 33 14 42 0d 82 4e 54 50 cf a0 17 0b d0 d3 d9 59 08 a8 5b 7c 8e 42 4f 66 67 27 74 c8 ce 45 e8 9c ed b9 55 16 c3 e7 65 2c 06 e7 2b 52 7b f8 82 8c 1b b3 fd 5f a8 b5 a1 b0 67 a1 57 b6 9f d6 5a 9f 0a 7b 10 6e ca f6 df 46 eb 04 f4 b8 72 3b b8 54 91 5c cf 97 65 f4 cd f6 79 Data Ascii: TWvJ3>}S@r"t\|S@rtSPGhzLf lP>o#,h02ZzkM3.z,Fcgw\|JFkpBC.8,,3BNTPY[\|BOfg'tEUe,+R{_gWZ{nFr;T\ey
2024-09-27 14:38:59 UTC	1452	IN	Data Raw: ff 99 81 da 66 aa 29 04 dd 65 aa 2b 8c 9c 69 6a 28 f4 3e d6 c3 15 46 7e 33 8d 15 86 56 33 67 28 84 1c 61 5a 2b 8c 38 35 17 2b 8c 58 33 c8 19 46 62 1e f1 68 10 eb 46 e2 19 fa cc 20 76 cd 0d 6a 3f 73 a3 22 e7 68 ba 2a 72 8e 06 71 63 6e d5 b3 33 88 0f 23 3e 02 dd 64 e0 bf 46 7c 14 9a c8 c0 1f 8d f8 21 74 90 81 0f 1a c9 19 d0 43 46 f6 20 fe f7 23 56 e8 51 33 1a 8f a1 57 cc 93 19 72 67 f9 29 85 65 8f 63 15 b1 ab 79 56 11 fb 99 e7 15 86 6e 33 f0 53 33 41 5b 31 33 5b f1 f8 3c 33 47 f1 c8 33 66 ae e2 e5 ac e6 2b 1e 7e 6f 16 28 1e d7 61 16 2a 09 b4 8b 41 7e 34 d0 50 09 b4 8b 91 33 45 fe 4b a0 57 cc 52 c5 c3 8e 06 3a d7 20 0f 25 d0 25 06 7e 6d e0 cf 5e f6 f0 99 92 88 ad 36 28 09 f4 81 f9 5c 49 c4 6e 1b 95 04 fa c0 6c 52 12 68 11 b3 59 49 a0 2d cc 16 c5 23 ff 98 6d Data Ascii: f)e+ij(>F~3V3g(aZ+85+X3FbhF vj?s"hrqcn3#>dF\|!tCF #VQ3Wrg)ecyVn3S3A[13[<3G3f+~o(aA~4P3EKWR: %%~m^6(\InlRhYI-#m
2024-09-27 14:38:59 UTC	1452	IN	Data Raw: 2b 32 13 0c 0b 14 82 36 08 0b 15 99 85 85 d7 14 82 4e 08 8b 14 99 8b 85 d7 15 82 66 08 8b 15 99 91 85 37 14 82 4e 0b 4b 14 99 97 85 37 15 82 1e 0b 4b 15 99 9d 85 65 0a 41 07 86 b7 14 99 a3 85 b7 15 82 0e 0c ef 28 32 53 0b cb 15 ba 19 eb bb 8a cc d7 c2 7b 0a 89 df bd af c8 8c 29 7c a0 90 f8 e0 87 8a cc 9b c2 47 8a dc 7b 08 1f 2b 32 bf 08 2b 14 b9 0f 11 3e 51 64 96 11 56 2a 72 4f 22 ac 52 64 ae 11 3e 55 e4 fe 44 58 ad c8 8c 23 ac 51 e4 5e 45 58 ab c8 bc 23 ac 53 e4 be 45 58 af c8 ec 23 7c a6 c8 3d 8c b0 41 91 39 48 f8 5c 91 fb 12 61 a3 22 73 8d b0 49 91 7b 15 61 b3 22 33 8e b0 45 91 fb 16 61 ab 22 f3 8e b0 4d 91 7b 18 61 bb 22 b3 8f b0 43 91 fb 19 a1 54 91 39 48 d8 a9 c8 ac 3f ec 52 64 66 11 ca 14 99 fb 87 dd 0a 4b 0c ed 51 64 d6 1f be 50 58 e2 e6 4b 45 66 Data Ascii: +26Nf7NK7KeA(2S{)\|G{+2+>QdV*rO"Rd>UDX#Q^EX#SEX#\|=A9H\a"sI{a"3Ea"M{a"CT9H?RdfKQdPXKEf
2024-09-27 14:38:59 UTC	1452	IN	Data Raw: 56 67 b7 ce 7a ea c3 6e f5 51 f7 1c 7c a4 3e 62 a8 7e 33 9d 79 ed d5 af 33 90 c1 fb ec c5 fb ee 95 b9 34 7a a4 bd 78 af bd 78 ce e0 1a f6 95 2b c9 68 e2 ef bb 02 e8 5f b7 f8 3f 00 00 b2 30 ba 78 da 5d 90 3d 4e c4 30 10 85 c7 38 2c e4 06 48 16 92 2d 2b 14 2b af e8 a9 52 38 91 50 9a 40 28 3c 0d 3f d2 ae 44 f6 0e 48 69 68 5c 70 96 a1 33 5d 2e 86 60 92 8d b6 d8 c6 33 ef cd e8 f3 b3 13 80 6b 12 e4 6d f8 16 e2 0b 93 f8 fb 4c e0 af 7f 20 07 f9 f2 bc 49 20 9c d6 55 ef 49 bc b2 38 73 6c ac 0d 77 d2 e9 9a 64 51 3f 06 8b 3a ea 78 bf 8d ba d6 ef 6f 5b ca 8a b9 f2 60 17 f1 56 13 74 a1 e7 f3 29 18 2a 51 1d db 1d e2 1d 73 b2 89 93 cd 9c 88 4c d8 2f 84 fd 4c 60 c0 2f 2f 9d bb 46 93 bc 69 c3 43 a0 c1 2b 2a 3d 2a 63 74 45 63 1b 68 f4 ca 20 f2 d6 ea 98 94 eb 47 7f b5 64 be Data Ascii: VgznQ\|>b~3y34zxx+h_?0x]=N08,H-++R8P@(<?DHih\p3].`3kmL I UI8slwdQ?:xo[`Vt)QsL/L`//FiC+=*ctEch Gd

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:39:00 UTC	3546	OUT	GET /_Incapsula_Resource?SWKMTFSR=1&e=0.2987383674441728 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==; ___utmvc=ezRt5BS0QrxO+LoAUzOLDXONnzLbYwHOrB4ZXLi5h6JrueemerHUR+XM3nL59tkK7BIJw5eaRokwgyUHueBKy/3ajJ2T/sUzetWtV9nc8E8yMOSDGVmE770RJhxew869WQ6hQ7w+d2H5zHTlypZrtO1y1OdKJmLLLc+kAHplUi7lwSHYYGmX3I+xEdN37cpQ+amO1iyPJRx9uHSX4q9InnH7Q4ElrXxNok82S6Z7l1yXeytc1RRcVOVSeTJvMHK1OUjInZ7hFukYWVmWm1YoAEG9FhyLPlCCLUbkBEKNfkDMJtzAZ+gkkOJf7c39dlPRuZREndxwwqtRBBNzSBnCQyr+JK+2G1qQJaJzgrQu3TR8DMiLhBsKfnlB7uLSgknw9/3w/jkL2hY8LaVkRQ54G0RSCGxycq1i6MulMafRHtlkdBV5JfiOsDHrk88tmcrJ7qv+oNVIiLi3wT1sXvWu+SLnv6xwtPAWNtjLbxfiVlloGbkHsHERirlhl3CoKQBeyFHdApWqj0ZZORaU81QnCv70mgen3xYKkVxHEOtFD+hPyEdgKP3katiOJenFUFLW3TARBrrM24ZFTWUmA2deoJNoI/lKfOlJ23whnLWqCKR9yJAMT06UHfEkFK7ODshDP4rURQUx0gRNdYCuOOK2NYGmLqf6x5flvoYRviIV9auxjAK1YZgZ6IjM0jwHug0hZeq/y3z+xL7DhMBJ1/uqtWtXjh7AcfqSFjgz01Yw7ahgXKEQ9PQOkqmlUvkti7TWNYIfzHtCLv7yovQH/41xi2RUutVj9ZsaKtgr8u4TbjSNia/KN0Q91GviJF [TRUNCATED]
2024-09-27 14:39:00 UTC	204	IN	HTTP/1.1 200 OK Cache-Control: no-cache, no-store Content-Type: text/plain X-Robots-Tag: noindex Content-Length: 1 Set-Cookie: ___utmvc=a; Max-Age=0; path=/; expires=Sat, 21 Sep 2024 06:28:35 GMT
2024-09-27 14:39:00 UTC	1	IN	Data Raw: 31 Data Ascii: 1
2024-09-27 14:39:02 UTC	551	OUT	GET /favicon.ico HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 69

Chrome Cache Entry: 70

Chrome Cache Entry: 71

Chrome Cache Entry: 72

Chrome Cache Entry: 73

Chrome Cache Entry: 74

Chrome Cache Entry: 75

Chrome Cache Entry: 76

Chrome Cache Entry: 77

Chrome Cache Entry: 78

Chrome Cache Entry: 79

Chrome Cache Entry: 80

Chrome Cache Entry: 81

Chrome Cache Entry: 82

Chrome Cache Entry: 83

Chrome Cache Entry: 84

Chrome Cache Entry: 85

Chrome Cache Entry: 86

Chrome Cache Entry: 87

Chrome Cache Entry: 88

Chrome Cache Entry: 89

Chrome Cache Entry: 90

Chrome Cache Entry: 91

Chrome Cache Entry: 92

Chrome Cache Entry: 93

Static File Info

Network Behavior

Network Port Distribution

Windows Analysis Report
https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:39:00 UTC	3829	OUT	GET /favicon.ico HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==; ___utmvc=ezRt5BS0QrxO+LoAUzOLDXONnzLbYwHOrB4ZXLi5h6JrueemerHUR+XM3nL59tkK7BIJw5eaRokwgyUHueBKy/3ajJ2T/sUzetWtV9nc8E8yMOSDGVmE770RJhxew869WQ6hQ7w+d2H5zHTlypZrtO1y1OdKJmLLLc+kAHplUi7lwSHYYGmX3I+xEdN37cpQ+amO1iyPJRx9uHSX4q9InnH7Q4ElrXxNok82S6Z7l1yXeytc1RRcVOVSeTJvMHK1OUjInZ7hFukYWVmWm1YoAEG9FhyLPlCCLUbkBEKNfkDMJtzAZ+gkkOJf7c39dlPRuZREndxwwqtRBBNzSBnCQyr+JK+2G1qQJaJzgrQu3TR8DMiLhBsKfnlB7uLSgknw9/3w/jkL2hY8LaVkRQ54G0RSCGxycq1i6MulMafRHtlkdBV5JfiOsDHrk88tmcrJ7qv+oNVIiLi3wT1sXvWu+SLnv6xwtPAWNtjLbxfiVlloGbkHsHERirlhl3CoKQBeyFHdApWqj0ZZORaU81QnCv70mgen3xYKkVxHEOtFD+hPyEdgKP3katiOJenFUFLW3TARBrrM24ZFTWUmA2deoJNoI/lKfOlJ23whnLWqCKR9yJAMT06UHfEkFK7ODshDP4rURQUx0gRNdYCuOOK2NYGmLqf6x5flvoYRviIV9auxjAK1YZgZ6IjM0jwHug0hZeq/y3z+xL7DhMBJ1/uqtWtXjh7AcfqSFjgz01Yw7ahgXKEQ9PQOkqmlUvkti7TWNYIfzHtCLv7yovQH/41xi2RUutVj9ZsaKtgr8u4TbjSNia/KN0Q91GviJF [TRUNCATED]
2024-09-27 14:39:01 UTC	791	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 14:39:01 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Last-Modified: Fri, 09 Sep 2022 18:31:36 GMT ETag: "47e-5e842c188b200" Accept-Ranges: bytes Content-Length: 1150 Cache-Control: public, max-age=1550000 Expires: Fri, 27 Sep 2024 14:39:01 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' Connection: close Content-Type: image/x-icon Set-Cookie: ___utmvc=a; Max-Age=0; path=/; expires=Sat, 21 Sep 2024 06:28:35 GMT X-CDN: Imperva X-Iinfo: 12-34825218-34825257 NNNN CT(171 190 0) RT(1727447940013 312) q(0 0 3 -1) r(7 7) U24
2024-09-27 14:39:01 UTC	661	IN	Data Raw: 00 00 01 00 01 00 10 10 00 00 01 00 20 00 68 04 00 00 16 00 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 04 00 00 f3 0e 00 00 f3 0e 00 00 00 00 00 00 00 00 00 00 d7 8c 02 ff ec 92 00 ff ee 8f 00 ff d6 82 04 ff d6 86 0f ff eb 92 0c ff e6 86 00 ff ec 90 01 ff ef 90 00 ff e9 8d 00 ff e4 89 06 ff e4 88 0b ff e3 87 0a ff e3 88 05 ff e3 89 02 ff e4 8c 02 ff eb 8c 00 ff f5 8b 00 ff e5 8b 0f ff ef be 80 ff ff f0 d9 ff ff e8 bf ff ea a2 44 ff f1 88 01 ff d8 8b 10 ff e2 8e 0c ff e8 8d 03 ff eb 89 00 ff e9 8b 02 ff e6 8d 07 ff e1 8c 08 ff de 8a 08 ff d5 88 13 ff f0 8a 00 ff eb 8c 0d ff fc d4 a0 ff f1 fb ff ff fb fe ff ff dc a7 64 ff ef 8a 05 ff dd 88 0a ff e9 8c 01 ff ee 8b 00 ff eb 8b 00 ff e6 8e 01 ff df 8c 08 ff db 88 04 ff e2 89 03 ff c5 Data Ascii: h( Dd
2024-09-27 14:39:01 UTC	489	IN	Data Raw: ff db 9d 49 ff f4 90 00 ff f2 98 04 ff e5 86 01 ff ff c2 7b ff ff ff fb ff fb fc f8 ff fb d4 8a ff d4 83 02 ff e8 8c 00 ff e2 88 0b ff f0 8d 00 ff dd 8a 09 ff f0 cb 91 ff ff fe ff ff ff ff f4 ff ee af 5e ff e7 88 00 ff fa 91 00 ff e7 87 05 ff fb c2 84 ff ff ff fc ff ff ff f2 ff ec bd 69 ff ea 97 13 ff e4 89 00 ff e7 89 08 ff f1 8f 01 ff d3 85 0d ff f9 d9 a8 ff fc fb ff ff ff fe ff ff ff da a6 ff c0 80 21 ff ea 8d 00 ff cb 90 3a ff fb f1 ea ff ec fb ff ff ed de bd ff e9 a4 2f ff e7 86 00 ff eb 8e 03 ff e6 87 02 ff ed 8d 00 ff cb 80 0c ff f3 d5 a6 ff f9 fb ff ff fb fb ff ff ff ff eb ff ff e4 b1 ff dc bc 7b ff f8 ec d4 ff f3 fc ff ff fd ff ff ff d6 af 6a ff df 8c 01 ff f2 8e 00 ff e4 88 01 ff e3 88 05 ff ee 90 01 ff e1 93 18 ff ff d5 90 ff ff ff ed ff ff f0 Data Ascii: I{^i!:/{j

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:39:03 UTC	551	OUT	GET /favicon.ico HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:39:03 UTC	709	IN	HTTP/1.1 200 OK Date: Fri, 27 Sep 2024 14:39:03 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Last-Modified: Fri, 09 Sep 2022 18:31:36 GMT ETag: "47e-5e842c188b200" Accept-Ranges: bytes Content-Length: 1150 Cache-Control: public, max-age=1550000 Expires: Fri, 27 Sep 2024 14:39:03 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' Connection: close Content-Type: image/x-icon X-CDN: Imperva X-Iinfo: 14-53081681-53081721 NNNN CT(177 190 0) RT(1727447942756 304) q(0 0 4 -1) r(6 6) U24
2024-09-27 14:39:03 UTC	743	IN	Data Raw: 00 00 01 00 01 00 10 10 00 00 01 00 20 00 68 04 00 00 16 00 00 00 28 00 00 00 10 00 00 00 20 00 00 00 01 00 20 00 00 00 00 00 00 04 00 00 f3 0e 00 00 f3 0e 00 00 00 00 00 00 00 00 00 00 d7 8c 02 ff ec 92 00 ff ee 8f 00 ff d6 82 04 ff d6 86 0f ff eb 92 0c ff e6 86 00 ff ec 90 01 ff ef 90 00 ff e9 8d 00 ff e4 89 06 ff e4 88 0b ff e3 87 0a ff e3 88 05 ff e3 89 02 ff e4 8c 02 ff eb 8c 00 ff f5 8b 00 ff e5 8b 0f ff ef be 80 ff ff f0 d9 ff ff e8 bf ff ea a2 44 ff f1 88 01 ff d8 8b 10 ff e2 8e 0c ff e8 8d 03 ff eb 89 00 ff e9 8b 02 ff e6 8d 07 ff e1 8c 08 ff de 8a 08 ff d5 88 13 ff f0 8a 00 ff eb 8c 0d ff fc d4 a0 ff f1 fb ff ff fb fe ff ff dc a7 64 ff ef 8a 05 ff dd 88 0a ff e9 8c 01 ff ee 8b 00 ff eb 8b 00 ff e6 8e 01 ff df 8c 08 ff db 88 04 ff e2 89 03 ff c5 Data Ascii: h( Dd
2024-09-27 14:39:03 UTC	407	IN	Data Raw: c2 84 ff ff ff fc ff ff ff f2 ff ec bd 69 ff ea 97 13 ff e4 89 00 ff e7 89 08 ff f1 8f 01 ff d3 85 0d ff f9 d9 a8 ff fc fb ff ff ff fe ff ff ff da a6 ff c0 80 21 ff ea 8d 00 ff cb 90 3a ff fb f1 ea ff ec fb ff ff ed de bd ff e9 a4 2f ff e7 86 00 ff eb 8e 03 ff e6 87 02 ff ed 8d 00 ff cb 80 0c ff f3 d5 a6 ff f9 fb ff ff fb fb ff ff ff ff eb ff ff e4 b1 ff dc bc 7b ff f8 ec d4 ff f3 fc ff ff fd ff ff ff d6 af 6a ff df 8c 01 ff f2 8e 00 ff e4 88 01 ff e3 88 05 ff ee 90 01 ff e1 93 18 ff ff d5 90 ff ff ff ed ff ff f0 df ff ea d2 ae ff ff ff d0 ff f1 ff ff ff ff ff f9 ff ff ff e0 ff fb c9 81 ff d4 8e 1c ff e4 92 05 ff e4 89 00 ff e7 8c 09 ff e0 8c 0e ff e8 8d 00 ff df 89 00 ff df 9a 2d ff eb b0 60 ff de 9c 4d ff b6 76 18 ff df a4 40 ff f4 e1 b4 ff ff dc a1 ff Data Ascii: i!:/{j-`Mv@

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:39:07 UTC	1197	OUT	POST /securereader/login.jsf HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive Content-Length: 155 Cache-Control: max-age=0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 Origin: https://securemail.zionsbancorp.com Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://securemail.zionsbancorp.com/formpostdir/securereader?id=nDl8UYFg-mw2Hv8MSsp7YazN3E_e0tlJ&brand=995e7a42 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:39:07 UTC	155	OUT	Data Raw: 64 69 61 6c 6f 67 3d 64 69 61 6c 6f 67 26 64 69 61 6c 6f 67 25 33 41 72 65 73 65 74 54 69 6d 65 3d 31 38 30 30 30 30 26 64 69 61 6c 6f 67 25 33 41 70 61 73 73 77 6f 72 64 3d 26 64 69 61 6c 6f 67 25 33 41 63 6f 6e 74 69 6e 75 65 42 75 74 74 6f 6e 3d 43 6f 6e 74 69 6e 75 65 26 6a 61 76 61 78 2e 66 61 63 65 73 2e 56 69 65 77 53 74 61 74 65 3d 34 37 31 30 39 35 37 33 31 31 30 36 35 32 35 38 37 37 31 25 33 41 31 34 30 38 30 37 35 39 33 31 37 37 33 32 33 37 37 31 38 Data Ascii: dialog=dialog&dialog%3AresetTime=180000&dialog%3Apassword=&dialog%3AcontinueButton=Continue&javax.faces.ViewState=4710957311065258771%3A1408075931773237718
2024-09-27 14:39:08 UTC	675	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:39:08 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Pragma: no-cache Cache-Control: no-store, max-age=0 Expires: Thu, 30 Sep 2021 23:59:59 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=UTF-8 X-CDN: Imperva X-Iinfo: 11-25944369-25944394 NNNN CT(184 739 0) RT(1727447946700 290) q(0 0 10 -1) r(12 12) U24
2024-09-27 14:39:08 UTC	777	IN	Data Raw: 31 66 66 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 20 69 64 3d 22 6a 5f 69 64 74 33 22 3e 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 65 63 75 72 65 72 65 61 64 65 72 2f 6a 61 76 61 78 2e 66 61 63 65 73 2e 72 65 73 6f 75 72 63 65 2f 74 68 65 6d 65 2e 63 73 73 2e 6a 73 66 3f 6c 6e 3d 70 72 69 6d 65 66 61 63 65 73 2d 61 72 69 73 74 6f 22 20 2f 3e 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 65 63 75 72 65 72 65 61 64 65 72 2f 6a 61 76 61 78 2e 66 61 63 65 73 2e 72 65 73 6f 75 72 63 65 2f Data Ascii: 1ff8<!DOCTYPE html><html lang="en"><head id="j_idt3"><link type="text/css" rel="stylesheet" href="/securereader/javax.faces.resource/theme.css.jsf?ln=primefaces-aristo" /><link type="text/css" rel="stylesheet" href="/securereader/javax.faces.resource/
2024-09-27 14:39:08 UTC	1452	IN	Data Raw: 66 3f 6c 6e 3d 70 72 69 6d 65 66 61 63 65 73 26 61 6d 70 3b 76 3d 37 2e 30 2e 31 37 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 2f 73 65 63 75 72 65 72 65 61 64 65 72 2f 6a 61 76 61 78 2e 66 61 63 65 73 2e 72 65 73 6f 75 72 63 65 2f 68 6f 74 6b 65 79 2f 68 6f 74 6b 65 79 2e 6a 73 2e 6a 73 66 3f 6c 6e 3d 70 72 69 6d 65 66 61 63 65 73 26 61 6d 70 3b 76 3d 37 2e 30 2e 31 37 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 69 66 28 77 69 6e 64 6f 77 2e 50 72 69 6d 65 46 61 63 65 73 29 7b 50 72 69 6d 65 46 61 63 65 73 2e 73 65 74 74 69 6e 67 73 2e 6c 6f 63 61 6c 65 3d 27 65 6e 27 3b 7d 3c Data Ascii: f?ln=primefaces&v=7.0.17"></script><script type="text/javascript" src="/securereader/javax.faces.resource/hotkey/hotkey.js.jsf?ln=primefaces&v=7.0.17"></script><script type="text/javascript">if(window.PrimeFaces){PrimeFaces.settings.locale='en';}<
2024-09-27 14:39:08 UTC	1452	IN	Data Raw: 74 69 6d 65 6f 75 74 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 64 69 61 6c 6f 67 54 69 6d 65 20 3d 20 74 69 6d 65 6f 75 74 20 2d 20 70 66 70 74 54 69 6d 65 6f 75 74 2e 64 69 61 6c 6f 67 54 69 6d 65 6f 75 74 4c 69 6d 69 74 20 2d 20 35 30 30 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 66 70 74 54 69 6d 65 6f 75 74 2e 64 69 61 6c 6f 67 54 69 6d 65 6f 75 74 54 69 6d 65 72 20 3d 20 77 69 6e 64 6f 77 2e 73 65 74 54 69 6d 65 6f 75 74 28 64 69 61 6c 6f 67 54 69 6d 65 6f 75 74 43 61 6c 6c 62 61 63 6b 2c 20 64 69 61 6c 6f 67 54 69 6d 65 29 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 7d 0a 7d 0a 66 75 6e 63 74 69 6f 6e 20 74 69 6d 65 6f 75 74 43 61 6c 6c 62 61 63 6b 28 29 20 7b 0a 20 20 20 20 72 65 64 69 72 65 63 74 54 6f 54 69 6d 65 6f 75 74 50 61 Data Ascii: timeout var dialogTime = timeout - pfptTimeout.dialogTimeoutLimit - 5000; pfptTimeout.dialogTimeoutTimer = window.setTimeout(dialogTimeoutCallback, dialogTime); } }}function timeoutCallback() { redirectToTimeoutPa
2024-09-27 14:39:08 UTC	1452	IN	Data Raw: 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 73 65 73 73 69 6f 6e 54 69 6d 65 4f 75 74 57 61 72 6e 69 6e 67 43 6f 6e 74 65 6e 74 22 29 3b 0a 20 20 20 20 74 69 6d 65 6f 75 74 4d 6f 64 61 6c 43 6f 6e 74 65 6e 74 2e 73 74 79 6c 65 2e 74 6f 70 20 3d 20 28 28 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 20 2d 20 74 69 6d 65 6f 75 74 4d 6f 64 61 6c 43 6f 6e 74 65 6e 74 2e 63 6c 69 65 6e 74 48 65 69 67 68 74 29 20 2f 20 32 29 20 2b 20 22 70 78 22 3b 0a 20 20 20 20 74 69 6d 65 6f 75 74 4d 6f 64 61 6c 43 6f 6e 74 65 6e 74 2e 73 74 79 6c 65 2e 6c 65 66 74 20 3d 20 28 28 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 20 2d 20 74 69 6d 65 6f 75 74 4d 6f 64 61 6c 43 6f 6e 74 65 6e 74 2e 63 6c 69 65 6e 74 57 69 64 74 68 29 Data Ascii: document.getElementById("sessionTimeOutWarningContent"); timeoutModalContent.style.top = ((window.innerHeight - timeoutModalContent.clientHeight) / 2) + "px"; timeoutModalContent.style.left = ((window.innerWidth - timeoutModalContent.clientWidth)
2024-09-27 14:39:08 UTC	1452	IN	Data Raw: 28 70 66 70 74 54 69 6d 65 6f 75 74 2e 64 69 61 6c 6f 67 54 69 6d 65 6f 75 74 54 69 6d 65 72 29 3b 0a 20 20 20 20 7d 0a 20 20 20 20 69 66 20 28 70 66 70 74 54 69 6d 65 6f 75 74 2e 75 70 64 61 74 65 44 69 61 6c 6f 67 49 6e 74 65 72 76 61 6c 29 7b 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 70 66 70 74 54 69 6d 65 6f 75 74 2e 75 70 64 61 74 65 44 69 61 6c 6f 67 49 6e 74 65 72 76 61 6c 29 3b 0a 20 20 20 20 7d 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 72 65 73 65 74 54 69 6d 65 6f 75 74 54 69 6d 65 72 28 29 20 7b 0a 20 20 20 20 63 6c 65 61 72 54 69 6d 65 6f 75 74 54 69 6d 65 72 73 28 29 3b 0a 20 20 20 20 73 65 74 54 69 6d 65 6f 75 74 54 69 6d 65 72 28 29 3b 0a 7d 0a 0a 2f 2f 20 6b 65 65 70 20 6b 65 79 62 6f 61 72 64 Data Ascii: (pfptTimeout.dialogTimeoutTimer); } if (pfptTimeout.updateDialogInterval){ window.clearInterval(pfptTimeout.updateDialogInterval); }}function resetTimeoutTimer() { clearTimeoutTimers(); setTimeoutTimer();}// keep keyboard
2024-09-27 14:39:08 UTC	1046	IN	Data Raw: 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 70 66 70 74 45 6e 64 53 65 73 73 69 6f 6e 42 74 6e 27 29 2e 66 6f 63 75 73 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 76 65 6e 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 7d 20 65 6c 73 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 65 76 65 6e 74 2e 74 61 72 67 65 74 2e 69 64 20 3d 3d 3d 20 27 70 66 70 74 43 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 27 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 70 66 70 74 43 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 27 29 2e 66 6f 63 75 73 28 29 3b 0a Data Ascii: getElementById('pfptEndSessionBtn').focus(); event.preventDefault(); } } else { if (event.target.id === 'pfptContinueSessionBtn') { document.getElementById('pfptContinueSessionBtn').focus();
2024-09-27 14:39:08 UTC	559	IN	Data Raw: 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 72 67 62 28 30 2c 30 2c 30 29 3b 20 2f 2a 20 46 61 6c 6c 62 61 63 6b 20 69 66 20 6f 70 61 63 69 74 79 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 20 2a 2f 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 34 29 3b 0a 7d 0a 2e 70 66 70 74 4d 6f 64 61 6c 20 2e 70 66 70 74 4d 6f 64 61 6c 43 6f 6e 74 65 6e 74 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 65 6d 20 32 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 6f 75 72 63 65 53 61 6e 73 50 72 6f 2c 73 61 6e 73 2d 73 65 72 69 66 20 21 Data Ascii: flow: hidden; background-color: rgb(0,0,0); /* Fallback if opacity not supported */ background-color: rgba(0,0,0,0.4);}.pfptModal .pfptModalContent { background-color: #ffffff; padding: 1em 2em; font-family:sourceSansPro,sans-serif !
2024-09-27 14:39:08 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-09-27 14:39:08 UTC	1452	IN	Data Raw: 31 66 66 38 0d 0a 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 62 61 73 65 6c 69 6e 65 3b 0a 7d 0a 2e 70 66 70 74 4d 6f 64 61 6c 42 75 74 74 6f 6e 73 43 6f 6e 74 61 69 6e 65 72 20 2e 63 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 3a 68 6f 76 65 72 2c 20 2e 70 66 70 74 4d 6f 64 61 6c 42 75 74 74 6f 6e 73 43 6f 6e 74 61 69 6e 65 72 20 2e 63 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 3a 66 6f 63 75 73 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 35 35 43 36 46 45 3b 0a 7d 0a 2e 70 66 70 74 4d 6f 64 61 6c 42 75 74 74 6f 6e 73 43 6f 6e 74 61 69 6e 65 72 20 69 6e 70 75 74 5b 74 79 70 65 3d 22 73 75 62 6d 69 74 22 5d 2e 65 6e 64 53 65 73 73 Data Ascii: 1ff8 padding: 10px; vertical-align: baseline;}.pfptModalButtonsContainer .continueSessionBtn:hover, .pfptModalButtonsContainer .continueSessionBtn:focus { background-color: #55C6FE;}.pfptModalButtonsContainer input[type="submit"].endSess

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:39:08 UTC	940	OUT	GET /securereader/Image?key=logo_image_key_1%40path&r=33a498e7-5de7-4716-8255-4d6eb41f7fe3 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://securemail.zionsbancorp.com/securereader/login.jsf Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:39:09 UTC	637	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:39:09 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: max-age=2592000 Expires: Sun, 27 Oct 2024 14:39:09 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: image/gif X-CDN: Imperva X-Iinfo: 14-53082234-53082474 NNNN CT(171 178 0) RT(1727447946701 1700) q(0 0 3 -1) r(5 5) U24
2024-09-27 14:39:09 UTC	49	IN	Data Raw: 32 62 0d 0a 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b 0d 0a Data Ascii: 2bGIF89a!,D;
2024-09-27 14:39:09 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:39:09 UTC	990	OUT	GET /securereader/javax.faces.resource/messages/messages.png.jsf?ln=primefaces&v=7.0.17 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://securemail.zionsbancorp.com/securereader/javax.faces.resource/components.css.jsf?ln=primefaces&v=7.0.17 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:39:11 UTC	683	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:39:10 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Expires: Fri, 04 Oct 2024 14:39:10 GMT Last-Modified: Fri, 03 Feb 2023 21:07:08 GMT ETag: W/"16755-1675458428000" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: image/png X-CDN: Imperva X-Iinfo: 14-53082517-53082564 NNNN CT(761 191 0) RT(1727447948691 315) q(0 0 9 -1) r(19 19) U24
2024-09-27 14:39:11 UTC	769	IN	Data Raw: 31 66 66 38 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 01 fc 08 06 00 00 00 b0 f1 ad 14 00 00 41 3a 49 44 41 54 78 01 b4 57 03 b0 24 4b d3 3d dd 3d 3d 9e b5 06 7b ff b5 9e 6d db b6 6d db b6 6d db b6 ad bb b6 77 af d7 3b 77 ac ae ff 64 45 77 bc 89 79 0a 7d 19 91 51 d5 55 d5 95 27 33 4f 65 57 a3 41 0c a5 94 81 ff 91 b8 7b d7 ef 8f 7f 32 d6 9f 9a dc 7b ef bd 93 89 44 22 66 9a a6 c2 df 08 c7 f1 4f 62 59 96 36 d8 d6 d6 96 79 fb ed b7 db 01 88 2e a3 e2 df 00 f8 a9 9b bf fc f2 cb a7 8c 1a 35 6a ed a6 a6 a6 78 34 1a ed a1 28 0d 9e fc 7d 1f ec ab 3f c7 0d 4a b1 58 ec 6e 6f 6f ef 9c 35 6b d6 d4 c3 0e 3b ec 51 00 3f 53 cb f5 00 44 95 18 3f e2 88 23 4e bc f2 ca 2b 2f 1c 33 66 cc 50 c8 aa 72 19 15 6a ad 56 83 e3 38 a8 51 1d ad 35 8e 39 50 Data Ascii: 1ff8PNGIHDR A:IDATxW$K==={mmmw;wdEwy}QU'3OeWA{2{D"fObY6y.5jx4(}?JXnoo5k;Q?SD?#N+/3fPrjV8Q59P
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: d0 47 8e a2 6d 7a 00 e4 19 2e 8b 0d ef c8 31 af 15 6e ba 19 3d 1f bc d1 46 c8 10 4c 94 1b 6f 75 da 69 f8 9a 00 05 44 88 e0 44 4a 0c 6b df 75 d6 c1 a8 03 0e 80 11 0a a1 c0 54 f4 1e 3b 16 4d bb ef 8e 19 e4 91 23 00 b8 af 49 a0 1e 99 e5 68 7b 00 e0 82 d0 83 82 44 87 93 06 15 9f e7 7e fd 35 92 f4 bc 4f d3 60 14 18 d2 70 af 5e d8 e6 9c 73 f0 15 01 b6 7c f7 9d f6 2e be e9 a6 58 fb e8 a3 61 31 55 85 4c 46 13 34 b7 a4 0b 9d cd cd 28 31 62 45 e6 5f 4e 87 44 a0 b1 7a fa 50 27 82 52 44 80 08 91 2a 64 f9 24 7a 50 62 8e 77 bb ea 2a f4 1f 32 04 e5 52 11 31 16 95 6d 09 e2 13 ae 91 54 6d 74 d2 49 3a d7 f9 ee 34 7c 8c 40 9a fc 99 f8 e4 53 68 7f ed 55 a8 44 12 8a 11 13 a0 e6 7f 02 e0 66 5e 41 91 30 55 f9 a2 93 4c a2 f9 f9 e7 91 21 cb 0f be eb 2e 0c 1a 31 42 9f f3 d8 c0 81 Data Ascii: Gmz.1n=FLouiDDJkuT;M#Ih{D~5O`p^s\|.Xa1ULF4(1bE_NDzP'RDd$zPbw2R1mTmtI:4\|@ShUDf^A0UL!.1B
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: 72 d5 24 d6 98 62 af d7 34 7b aa 2d c6 e4 1a 7b 89 49 04 45 11 03 2a 75 69 cb 2e 6d d9 99 f7 ff 7e 7b 86 9c 3d fc ef 89 24 78 7e a7 ed 73 ce 7b 66 18 66 be f7 fd de ef db 29 cf f3 ce 28 00 14 6d 69 ff bb a8 a8 c8 74 fc f8 f1 3b 00 6e 47 46 46 e6 75 eb d6 cd b6 67 cf 1e 1b 00 61 8a 1e 0e d8 be 7d bb c4 73 00 49 49 49 f9 a7 4f 9f 2e 38 76 ec d8 65 ed 81 d5 a0 99 58 d7 37 58 97 d8 6c 9a 59 b5 65 9d b6 5e 27 2c 2e 2e ae 2e 31 31 91 b8 4d b0 73 02 c0 e6 84 13 4e 38 e1 84 13 4e 38 e1 84 13 0d 14 13 87 07 14 01 bd 66 7f 05 36 61 0d da 6a 7c 00 1a da 6c de ba f5 d1 b8 98 98 38 1f 1f 1f 3f 00 42 77 c1 ff 84 83 3c 03 f6 56 69 b1 94 5e bf 71 23 9d 55 97 af 00 64 a1 91 d0 d7 47 fb e2 8b 2f 0e 99 35 6b d6 92 88 88 88 ee fc 7c a8 51 29 0e c4 85 c6 1d a8 0e 32 0d d9 97 Data Ascii: r$b4{-{IE*ui.m~{=$x~s{ff)(mit;nGFFuga}sIIIO.8veX7XlYe^',...11MsN8N8f6aj\|l8?Bw<Vi^q#UdG/5k\|Q)2
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: 98 47 1e 89 1e 30 7c b8 b7 4e 55 49 dc f3 83 4d 2c 35 08 6e 40 e2 72 9f 0a be 85 bf de 80 13 6e 2a 59 dd 2c e4 f2 e5 d3 1f 70 b1 f1 60 ae 9c 71 17 0f a9 8a 2a f8 02 36 c7 ca 7a 22 f1 08 5f 55 5d 55 f5 fd 84 09 13 92 7e fd f5 d7 dc fb c2 96 ff f2 cb 2f fb b8 c4 e2 09 c1 8a 95 17 16 82 b4 ca f9 fa 3a d3 7a 6e 50 70 85 a2 bc ab 6d bb 76 b8 9d 93 73 20 21 21 e1 09 34 11 fa 91 23 47 b6 0b 0b 0b 1b 42 ec e8 c8 b2 65 6a fe 89 13 92 a8 09 f4 66 7e c8 9d 0b 90 ec 55 d3 26 13 2a 8d 46 98 39 38 8f d8 58 a2 c7 1f 97 7d fd fd 07 cf 99 33 27 5a 0c 47 93 02 18 36 68 50 f3 66 1e 1e ee c5 5c 31 95 b1 65 8b 14 33 79 b2 94 c8 0c e8 e9 b5 6b 61 66 a7 e2 e1 54 64 21 82 eb c5 d5 73 e7 50 70 f8 30 c2 86 0c 81 be 65 4b f7 ce 09 09 de 4d ce 80 2a cb 24 d8 6e c1 76 0a de 37 ac 7b Data Ascii: G0\|NUIM,5n@rnY,p`q6z"_U]U~/:znPpmvs !!4#GBejf~U&F98X}3'ZG6hPf\1e3ykafTd!sPp0eKM$nv7{
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: ab b7 1e 78 a0 aa 3c 25 85 4a d6 ad 53 4b d8 a1 b0 d2 b5 6b c9 c8 c3 79 37 21 81 8a 17 2d 12 6d ab a6 79 f3 e8 94 87 47 75 7f 5f df be a8 c7 1a 60 43 41 ff 7e 54 f6 ce 3b b6 e2 15 2b a8 f0 d1 47 d5 ac 98 18 5a 1b 15 55 37 10 78 17 a1 a1 7e 8e 67 c6 0d 5d ba 18 20 30 60 80 db 4f 71 71 1f e6 77 ec 48 65 33 67 52 f1 ea d5 6a f1 e2 c5 54 fc f6 db 54 c2 ed 14 4f 98 40 e7 fd fd d5 43 62 82 8e 1a 65 df 56 b6 7a b5 cd 38 7c 38 7d 04 ec 80 1d 01 01 2d 8f 00 99 a6 e7 26 52 c9 f2 e5 4a e1 ac 99 94 1f 13 4d df 71 00 43 80 55 3c 31 5d 1d ce 8a d2 0f cc 09 68 ce 03 ce 44 45 1d 34 73 96 8c b3 66 51 f1 d2 a5 8a 71 e1 42 32 72 4f 8b d9 0a d8 e1 29 40 d9 d4 a2 05 ad e7 89 f9 4b 48 08 95 f0 c4 2c 4c 4a 52 4a 39 e0 ef fc 7c 73 e0 e3 13 81 04 bd db e0 53 2d 5a 58 4b 9f 7e 9a Data Ascii: x<%JSKky7!-myGu_`CA~T;+GZU7x~g] 0`OqqwHe3gRjTTO@CbeVz8\|8}-&RJMqCU<1]hDE4sfQqB2rO)@KH,LJRJ9\|sS-ZXK~
2024-09-27 14:39:11 UTC	1045	IN	Data Raw: 4b af 5f 57 2b 4f 9f d6 65 28 4a d9 1a 45 99 76 c1 64 da 55 ef 53 42 03 44 72 10 1f 79 7b bf d7 d5 66 8b 90 c2 c3 a1 b4 6f af ea 42 5a 49 d0 e9 39 12 82 c4 f3 41 cc 64 3e 1f d8 cd 7e d7 a3 d5 92 ab 44 2a 29 8a 58 95 95 ea 6a a9 3a eb a6 6a 39 77 5e b6 b2 e0 79 25 30 f0 ee 92 ea ea d7 ae 59 2c bb 1c 7e 2d 0e 01 68 1b b4 f5 01 1b 83 82 16 f4 05 86 04 b3 94 57 27 3e ef c3 81 88 aa 6a 9e a4 92 ec e5 65 ff be 88 24 02 60 21 c3 3e 69 6b 6b ed 9f 0d 52 4b 4a 48 b9 72 05 d6 4b 17 65 4a bf 8a 7c 55 c1 19 0f cf 1f 92 0b 0a 96 02 38 d6 d0 97 63 00 0d 83 68 35 ce df 7f fc 28 0f 8f 67 3a b8 b9 26 fa 7b 78 4a 6e 7c 0e 10 41 a8 2d 5b 82 3c 3d 09 b2 4c 10 a5 e0 ec 98 8c 46 59 be 7e 1d f8 f5 17 d4 98 2d 28 e1 20 d3 dd dd d3 0e aa ea 67 ff 31 1a ff 03 e0 ae a3 8f 3f 2d bf Data Ascii: K_W+Oe(JEvdUSBDry{foBZI9Ad>~D*)Xj:j9w^y%0Y,~-hW'>je$`!>ikkRKJHrKeJ\|U8ch5(g:&{xJn\|A-[<=LFY~-( g1?-
2024-09-27 14:39:11 UTC	568	IN	Data Raw: 3e 6c d1 e2 0d dc 0b 9f 04 07 af cb e7 9d 0b 23 22 ac 46 d6 01 3f 0f 0d d9 00 06 69 3d 5f 19 15 15 76 25 31 f1 2b f3 e8 d1 54 f2 da 6b 6a e1 ec d9 4a 31 4b 34 85 e3 9e b5 fd 1c 1a 4a 9f 7a 34 a3 05 c1 c1 5b 01 04 bc e9 ef ff 7e 56 cb 96 64 0c 0d b5 16 44 44 d0 e7 81 81 9b 71 0f e8 75 8a e2 26 6a ca 61 b3 e9 98 f9 46 15 a4 0b 60 48 97 2e d5 ed 88 8e 4e e8 69 30 6c 6b 65 d0 77 b6 d4 32 d5 7c ed 9a cc fb cb 35 aa aa 94 de cc d4 65 9a cd d6 5f 3d bd 97 bd 5b 50 60 27 a9 39 e2 4b 8a ab ab 20 d5 f5 20 15 90 ee 7d 7a 66 bd 00 2a 1f 01 d2 eb 54 4f 17 03 c2 25 c9 3e f6 df b5 6d 3b bc af 9b db 17 c1 40 e7 72 53 85 52 77 f9 b2 8e 15 15 c9 5a 90 6f ab bc 76 4d 77 c3 64 2a 3f a3 d7 cf 7c b7 b0 f0 75 02 2c 60 f8 b9 bb 97 1b f4 7a 9b 88 df 26 49 a8 24 dc 13 72 ae 6a 2b Data Ascii: >l#"F?i=_v%1+TkjJ1K4Jz4[~VdDDqu&jaF`H.Ni0lkew2\|5e_=[P`'9K }zfTO%>m;@rSRwZovMwd?\|u,`z&I$rj+
2024-09-27 14:39:11 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: 31 66 66 38 0d 0a 52 2d 55 6b af 97 95 ff c4 a4 b4 4e d7 22 50 61 be cf ae 78 cb 3a 3d 73 fc 2d 91 f5 f4 d3 57 4f cd 9f 7f 24 7d f3 e6 56 5f 2e 5f 9e b0 7d c1 82 7e e7 df 7e 7b 3a 7f f9 76 7f a7 da da 03 01 35 35 3d aa bd bd 15 8a 8c 54 4a 4a 8a 75 69 b7 6e 9e 59 15 10 f0 21 18 8d be 18 c5 f1 b8 1e f6 f5 4d 2f 8d 8f 23 e3 a3 8f da f2 9e 7b 4e 29 78 fe 79 95 a5 56 2a 7c 7d a1 b5 70 f9 72 0b 0b d3 c5 ac 82 1b 0b 37 6c a8 2c fb e0 03 aa 63 81 ba ec cd 37 c5 89 c9 9a 3b 69 92 2d 83 e7 ce 0e e0 46 2f 3f bf 9e 0e 6d 37 3e 88 88 80 80 ce 5f 7b 7a 9e c8 8b 8c 24 33 a7 b4 24 39 59 2d 59 bc d8 56 ba e6 3d b2 6c df 4e 55 5c 0d 51 cd 97 ea 2a b6 8a 7d fb 94 f2 2d 5b 6a 4b de 78 5d 31 3e 39 9a d2 42 43 85 f3 53 71 c1 c1 dd ff ce 4d 89 54 1f 84 10 b3 d7 78 fb bc 75 22 Data Ascii: 1ff8R-UkN"Pax:=s-WO$}V_._}~~{:v55=TJJuinY!M/#{N)xyV\|}pr7l,c7;i-F/?m7>_{z$3$9Y-YV=lNU\Q}-[jKx]1>9BCSqMTxu"
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: 4c 6d f9 62 22 21 90 cd 79 28 95 b4 36 8c 00 c1 cc 44 42 d4 5e 45 5f 69 c0 2c 88 38 19 17 b2 b1 31 0a c7 01 56 ad ee bf e3 92 5b 7b cf c4 55 07 f4 d4 c6 1e e6 40 2d f2 79 b2 73 ce 1c 3d eb a7 eb f6 9b 75 54 e3 75 33 f7 6b 39 2c 97 f5 38 57 d0 c6 18 88 aa 3d 10 01 be 02 8a 65 1f 0c 20 11 b3 10 b5 09 cc a8 60 0c 58 08 98 86 a4 10 cd cd 51 5a b1 3c fd da c3 cf 65 8e bd e5 7b 53 5f dd 91 13 b4 ad f1 0f 7e 7f e5 b4 63 de df fa d0 8c 99 2d 53 ba 7b 1c 55 2a 6b 29 04 0d 02 30 03 82 00 d7 37 b0 bd 34 c6 45 73 10 60 6c f5 53 c8 d2 28 c4 63 16 86 60 0e 1d 89 c7 48 8f 1b 17 b7 56 ad cc 6c ba 7b 51 e6 23 77 75 4c 59 16 ec e2 ce 39 a4 51 85 82 c7 03 0e 8a 01 16 a7 fe 7c 4f fb 03 fb ef df fa ce ee ee b2 2a bb da 92 92 b6 f3 54 31 c1 f6 73 78 fb 84 02 f6 1a db 02 22 81 Data Ascii: Lmb"!y(6DB^E_i,81V[{U@-ys=uTu3k9,8W=e `XQZ<e{S_~c-S{Uk)074Es`lS(c`HVl{Q#wuLY9Q\|OT1sx"

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:39:09 UTC	884	OUT	GET /securereader/fonts/sourcesanspro-regular.ttf.woff HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://securemail.zionsbancorp.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://securemail.zionsbancorp.com/securereader/login.jsf Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:39:11 UTC	730	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:39:11 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Accept-Ranges: bytes ETag: W/"128612-1712877320000" Last-Modified: Thu, 11 Apr 2024 23:15:20 GMT Content-Length: 128612 Cache-Control: max-age=0 Expires: Fri, 27 Sep 2024 14:39:11 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Content-Type: font/woff X-CDN: Imperva X-Iinfo: 13-43799381-43799422 NNNN CT(1143 831 0) RT(1727447948715 300) q(0 0 19 -1) r(21 21) U24
2024-09-27 14:39:11 UTC	722	IN	Data Raw: 77 4f 46 46 00 01 00 00 00 01 f6 64 00 13 00 00 00 04 7c 48 00 02 00 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 42 41 53 45 00 01 e5 18 00 00 00 3a 00 00 00 3a 8b 19 94 b1 44 53 49 47 00 01 e5 54 00 00 11 0d 00 00 18 fc 90 16 06 f3 47 44 45 46 00 01 76 8c 00 00 02 78 00 00 03 c2 83 24 87 b4 47 50 4f 53 00 01 79 04 00 00 51 4d 00 01 02 16 0c ca 3b 13 47 53 55 42 00 01 ca 54 00 00 1a c2 00 00 3c 5a 92 a2 9d 89 4f 53 2f 32 00 00 02 24 00 00 00 59 00 00 00 60 5d b0 d7 80 63 6d 61 70 00 00 0e 38 00 00 1d 58 00 00 36 86 97 c0 f1 5b 63 76 74 20 00 00 2c e8 00 00 00 2a 00 00 00 2a 01 22 0d ca 66 70 67 6d 00 00 2b 90 00 00 01 02 00 00 01 73 06 59 9c 37 67 61 73 70 00 01 76 84 00 00 00 08 00 00 00 08 ff ff 00 03 67 6c 79 66 00 00 3f ec 00 01 0e Data Ascii: wOFFd\|HBASE::DSIGTGDEFvx$GPOSyQM;GSUBT<ZOS/2$Y`]cmap8X6[cvt ,**"fpgm+sY7gaspvglyf?
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: 31 28 55 5e 7f e7 be fb 3e 3f 23 09 89 8e 7f 34 33 bf 39 77 7b 77 3d f7 9c 73 bf d8 5b 64 be e8 5f 43 84 cd 96 c0 9e 2e 75 76 a2 94 d9 0b 90 bd a4 ce 7c 84 bc 88 fc 5a d2 69 b0 43 86 d9 29 c8 dd 94 6f 87 35 70 3b f5 63 bd 1c 8f ec 2f 23 6d a6 0c b1 ab a5 d6 06 22 41 5f 19 60 8d f4 32 ef 84 a1 1d 2c 85 e6 73 da 15 48 8d 69 90 22 3b 4a 8a cd 27 52 64 86 4b 16 e5 85 cc a1 46 5a 65 8a 1c 0c ff 65 3e 26 1d 4a 4d 30 49 6a 6c 1e 64 b9 f6 35 ee 9b 05 7c 7f b7 0c 31 35 92 c9 37 a7 99 37 e4 47 76 9b 64 9a 27 25 43 d3 66 03 f3 d4 f5 fc 00 04 63 a5 7b 8c 5d 20 59 89 3d 6b 8b ee 61 cc b5 92 a3 fb d9 45 a6 1f b1 5c cf e3 68 70 5e 09 36 4b b6 49 0b bf e4 fc 66 22 3f 86 d7 61 1f 7c 45 d9 8c a8 4c 2a 61 16 8c 22 df 1c 9f 73 0c e7 3d 47 cf bc 0d e2 e4 9e f0 90 d3 85 ed 49 Data Ascii: 1(U^>?#439w{w=s[d_C.uv\|ZiC)o5p;c/#m"A_`2,sHi";J'RdKFZee>&JM0Ijld5\|1577Gvd'%Cfc{] Y=kaE\hp^6KIf"?a\|EL*a"s=GI
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: 8b 39 a2 f8 a1 20 11 d7 44 7e 41 e3 81 ff 10 cf 3c e9 d6 54 43 ec 33 d1 36 21 3f 83 33 38 cf bb 68 bb cf b5 cf b4 ef 53 66 89 2f 7c 9c 6d 87 13 c3 ac f3 7d dd ed fc a8 c6 cf 7b 8c 41 4f 89 3f ec 7b f4 dd 1a c5 d7 df 98 93 ce 51 c7 2d 22 5d c5 18 1a 7f be 4b 3c 72 27 e5 f7 e1 6b b7 b1 ae 6d ac 6b 9b 5f 57 26 ed 62 16 d3 3e 66 02 71 54 83 8f b1 94 f7 59 43 77 e6 af 31 96 ee cd c6 68 6f 34 b6 8a df 25 7e ee d1 5e c5 b1 af ff 9e 37 51 71 50 cf f7 e7 b1 c6 66 6c 5b 33 be b7 59 86 c3 20 e8 03 03 a1 c4 d7 15 c0 08 9f 1e 8d af af 30 4b 89 f9 3e 23 26 a2 bd 4d 93 5c 6d 4f fc 34 89 fd 1b 8d ac 80 32 6d e7 da b6 df ff 89 49 fd 67 d9 54 f4 68 a9 8b 25 0b 5c bf a9 ae cd 40 e4 78 b3 87 7e d3 88 39 52 89 b9 3a d7 df 08 6f 37 62 1b 52 1c 3c 2c e7 98 1c 99 e7 d8 40 3f 1b Data Ascii: 9 D~A<TC36!?38hSf/\|m}{AO?{Q-"]K<r'kmk_W&b>fqTYCw1ho4%~^7QqPfl[3Y 0K>#&M\mO42mIgTh%\@x~9R:o7bR<,@?
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: e2 7e 57 cd 93 ac ff 01 7a 46 0b 9b 00 00 78 da d5 9a 77 98 54 c5 b6 f6 d7 aa aa a9 6d 04 c4 23 49 a7 6a 77 c3 80 82 02 62 40 40 0c 18 c1 84 98 10 50 04 8c 88 12 c4 84 92 54 44 0c 80 04 31 a0 12 94 2c 20 28 41 44 04 15 33 82 24 91 cc c0 80 f9 98 f5 a0 cc 7d 57 af ed f9 ee 3d e7 3e f7 bb ff de f1 f9 4d b5 4d 4f f7 ae 5a e9 5d 6b 37 11 15 11 91 25 32 b5 b0 3a a2 4a 5f 12 93 fc 1c 8d 67 b9 f0 bc a5 03 0a cf 7b fe 0d cf ef 4f bf ca eb 0b 3f 7f ad ff f3 8f 75 f7 ba 81 6e a9 9f e2 97 ba d3 dc 00 f7 94 7b da 4d f4 eb dc 5d ee 51 77 a7 7b de 9d ee 5a b8 33 dc 99 ee 2c 77 b6 3b c7 9d eb 5a ba 56 ee 6e d7 c7 6f f2 1b fd 66 d7 cf 2d c1 75 15 91 a7 84 f6 c3 a7 1f 40 07 d2 41 74 30 55 a0 8a 54 89 0e a1 ca 74 28 fd 8d 0e a3 2a 54 95 aa 51 75 aa 41 87 d3 11 54 ec 9e 71 Data Ascii: ~WzFxwTm#Ijwb@@PTD1, (AD3$}W=>MMOZ]k7%2:J_g{O?un{M]Qw{Z3,w;ZVnof-u@At0UTt(*TQuATq
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: 66 f9 ac f2 97 cb fb 94 df 5b de af fc 95 f2 79 e5 0b ca 17 96 2f fa ff 95 9c 2f 9a 82 13 41 13 d0 78 4f e9 9e 1d 7b 36 fe 4f af df 71 24 51 e9 17 f2 a8 74 4f 69 df d2 fe a5 5b fe fa 97 d2 8d a5 37 97 de 52 ba ba 74 6d 69 97 d2 6b 4b bb 64 cf 2e 29 5d 8a df 8b c1 c2 7f 7d af dd 0f ff f5 68 e7 65 44 65 6b ca 56 ef bc 08 6b 1f 79 66 d7 02 30 6f d7 dc b2 03 ca 2a 94 1d 54 76 60 19 2a 6b d9 c1 65 ae 0c 95 b4 8c 76 6d c2 fb 8d 2d 7d 6a d7 f2 5d cb f0 ba db 76 f5 de 75 fe ae 4e 3b cb 76 ee da b9 15 ef 36 0d bc b7 f3 8d 9d 63 77 de b7 b3 cf f6 11 db 2f db 7e ce f6 b3 b6 9f be fd d4 ed 38 d9 ed 97 6e fb 7e db d3 5b ff be 75 d2 a6 8f d6 8d 58 77 79 e1 02 0a 95 9c b7 f1 3e 13 90 7d 9f 30 6b cc 2f b6 92 6d 54 b0 c8 d9 a8 b4 ad b0 b6 72 37 ba ae ae 9b bb d5 f5 40 dc Data Ascii: f[y//AxO{6Oq$QtOi[7RtmikKd.)]}heDekVkyf0oTv`kevm-}j]vuN;v6cw/~8n~[uXwy>}0k/mTr7@
2024-09-27 14:39:11 UTC	1047	IN	Data Raw: cc b7 e6 3b f3 77 f3 bd f9 c1 0c 31 0f 9b c7 cc 50 33 cc 0c 37 8f a3 7f f9 c5 fc 6a 8d b5 d6 d9 22 eb 6d 82 5e e6 39 a8 dc 09 66 a2 79 c1 bc 68 26 d9 fd ed 01 f6 60 5b 01 0a b7 12 34 6e 65 33 d9 4c 31 d3 cd 0c f3 92 99 69 66 99 d9 b6 ba ad 61 96 da e3 a0 7a 1b db 93 a0 7c 9b da 66 f6 64 f3 b6 79 c7 bc 67 de 37 1f 98 0f d1 0b 7d 6c be 32 5f 9b df cc ef 50 ca 6c 0f 44 57 74 b8 3d c2 96 d8 da f6 04 7b a2 f9 04 2a 7a 95 f9 d4 ac 46 6d 5f 6b d6 d9 f3 ec f9 50 d5 1b cc e7 66 a3 d9 64 36 a3 8f da 6a af b0 6d cd 76 b3 c3 94 9a 9d 66 97 29 33 bb cd 1e f3 a3 f9 c9 9e 6e 4f b1 2d cc cf b6 a5 19 09 8d fe 88 79 d4 ac b0 3d 6d 0f db cb de 6b fb db 0b 6c 2b 7b a1 dd cf 5e 66 c6 40 bf 3f 6f c6 99 f5 f6 0e 7b 17 54 f9 a1 f6 6f b6 8a ad 6a 0f b3 d5 cc cb 50 f4 53 cd 34 7b Data Ascii: ;w1P37j"m^9fyh&`[4ne3L1ifaz\|fdyg7}l2_PlDWt={*zFm_kPfd6jmvf)3nO-y=mkl+{^f@?o{TojPS4{
2024-09-27 14:39:11 UTC	607	IN	Data Raw: a0 7f e6 54 a1 9e d9 df 0b c7 a9 af 14 fc a5 57 76 dd c2 f1 d9 b5 4a 9d b8 33 bb 3e 01 b1 06 7d 53 40 72 22 74 8e 82 7c 0d bd 53 40 72 1f 74 8f 82 bc 0c fd 53 80 50 47 a0 83 94 16 e0 68 85 1e c4 7a 4c c6 b9 d9 9e a5 66 0c c2 da 20 e3 6c d0 50 a1 81 d9 3e 85 96 d9 de 1a a9 6f 16 f6 23 2c c9 f6 00 68 30 d6 13 32 5a 81 13 15 7a 08 6b e3 8c f3 b2 bd 09 c8 1b d0 99 05 08 f1 c8 4d 33 2e 02 cd 14 7a 2c db b3 d0 46 63 ac 10 67 a8 77 7c 4a 46 6b 70 aa 42 43 b3 b3 10 2e d6 38 2c c4 e2 88 ec 2c 04 f1 c3 33 14 42 0d 82 4e 54 50 cf a0 17 0b d0 d3 d9 59 08 a8 5b 7c 8e 42 4f 66 67 27 74 c8 ce 45 e8 9c ed b9 55 16 c3 e7 65 2c 06 e7 2b 52 7b f8 82 8c 1b b3 fd 5f a8 b5 a1 b0 67 a1 57 b6 9f d6 5a 9f 0a 7b 10 6e ca f6 df 46 eb 04 f4 b8 72 3b b8 54 91 5c cf 97 65 f4 cd f6 79 Data Ascii: TWvJ3>}S@r"t\|S@rtSPGhzLf lP>o#,h02ZzkM3.z,Fcgw\|JFkpBC.8,,3BNTPY[\|BOfg'tEUe,+R{_gWZ{nFr;T\ey
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: ff 99 81 da 66 aa 29 04 dd 65 aa 2b 8c 9c 69 6a 28 f4 3e d6 c3 15 46 7e 33 8d 15 86 56 33 67 28 84 1c 61 5a 2b 8c 38 35 17 2b 8c 58 33 c8 19 46 62 1e f1 68 10 eb 46 e2 19 fa cc 20 76 cd 0d 6a 3f 73 a3 22 e7 68 ba 2a 72 8e 06 71 63 6e d5 b3 33 88 0f 23 3e 02 dd 64 e0 bf 46 7c 14 9a c8 c0 1f 8d f8 21 74 90 81 0f 1a c9 19 d0 43 46 f6 20 fe f7 23 56 e8 51 33 1a 8f a1 57 cc 93 19 72 67 f9 29 85 65 8f 63 15 b1 ab 79 56 11 fb 99 e7 15 86 6e 33 f0 53 33 41 5b 31 33 5b f1 f8 3c 33 47 f1 c8 33 66 ae e2 e5 ac e6 2b 1e 7e 6f 16 28 1e d7 61 16 2a 09 b4 8b 41 7e 34 d0 50 09 b4 8b 91 33 45 fe 4b a0 57 cc 52 c5 c3 8e 06 3a d7 20 0f 25 d0 25 06 7e 6d e0 cf 5e f6 f0 99 92 88 ad 36 28 09 f4 81 f9 5c 49 c4 6e 1b 95 04 fa c0 6c 52 12 68 11 b3 59 49 a0 2d cc 16 c5 23 ff 98 6d Data Ascii: f)e+ij(>F~3V3g(aZ+85+X3FbhF vj?s"hrqcn3#>dF\|!tCF #VQ3Wrg)ecyVn3S3A[13[<3G3f+~o(aA~4P3EKWR: %%~m^6(\InlRhYI-#m
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: 2b 32 13 0c 0b 14 82 36 08 0b 15 99 85 85 d7 14 82 4e 08 8b 14 99 8b 85 d7 15 82 66 08 8b 15 99 91 85 37 14 82 4e 0b 4b 14 99 97 85 37 15 82 1e 0b 4b 15 99 9d 85 65 0a 41 07 86 b7 14 99 a3 85 b7 15 82 0e 0c ef 28 32 53 0b cb 15 ba 19 eb bb 8a cc d7 c2 7b 0a 89 df bd af c8 8c 29 7c a0 90 f8 e0 87 8a cc 9b c2 47 8a dc 7b 08 1f 2b 32 bf 08 2b 14 b9 0f 11 3e 51 64 96 11 56 2a 72 4f 22 ac 52 64 ae 11 3e 55 e4 fe 44 58 ad c8 8c 23 ac 51 e4 5e 45 58 ab c8 bc 23 ac 53 e4 be 45 58 af c8 ec 23 7c a6 c8 3d 8c b0 41 91 39 48 f8 5c 91 fb 12 61 a3 22 73 8d b0 49 91 7b 15 61 b3 22 33 8e b0 45 91 fb 16 61 ab 22 f3 8e b0 4d 91 7b 18 61 bb 22 b3 8f b0 43 91 fb 19 a1 54 91 39 48 d8 a9 c8 ac 3f ec 52 64 66 11 ca 14 99 fb 87 dd 0a 4b 0c ed 51 64 d6 1f be 50 58 e2 e6 4b 45 66 Data Ascii: +26Nf7NK7KeA(2S{)\|G{+2+>QdV*rO"Rd>UDX#Q^EX#SEX#\|=A9H\a"sI{a"3Ea"M{a"CT9H?RdfKQdPXKEf
2024-09-27 14:39:11 UTC	1452	IN	Data Raw: 56 67 b7 ce 7a ea c3 6e f5 51 f7 1c 7c a4 3e 62 a8 7e 33 9d 79 ed d5 af 33 90 c1 fb ec c5 fb ee 95 b9 34 7a a4 bd 78 af bd 78 ce e0 1a f6 95 2b c9 68 e2 ef bb 02 e8 5f b7 f8 3f 00 00 b2 30 ba 78 da 5d 90 3d 4e c4 30 10 85 c7 38 2c e4 06 48 16 92 2d 2b 14 2b af e8 a9 52 38 91 50 9a 40 28 3c 0d 3f d2 ae 44 f6 0e 48 69 68 5c 70 96 a1 33 5d 2e 86 60 92 8d b6 d8 c6 33 ef cd e8 f3 b3 13 80 6b 12 e4 6d f8 16 e2 0b 93 f8 fb 4c e0 af 7f 20 07 f9 f2 bc 49 20 9c d6 55 ef 49 bc b2 38 73 6c ac 0d 77 d2 e9 9a 64 51 3f 06 8b 3a ea 78 bf 8d ba d6 ef 6f 5b ca 8a b9 f2 60 17 f1 56 13 74 a1 e7 f3 29 18 2a 51 1d db 1d e2 1d 73 b2 89 93 cd 9c 88 4c d8 2f 84 fd 4c 60 c0 2f 2f 9d bb 46 93 bc 69 c3 43 a0 c1 2b 2a 3d 2a 63 74 45 63 1b 68 f4 ca 20 f2 d6 ea 98 94 eb 47 7f b5 64 be Data Ascii: VgznQ\|>b~3y34zxx+h_?0x]=N08,H-++R8P@(<?DHih\p3].`3kmL I UI8slwdQ?:xo[`Vt)QsL/L`//FiC+=*ctEch Gd

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:39:09 UTC	670	OUT	GET /securereader/Image?key=logo_image_key_1%40path&r=33a498e7-5de7-4716-8255-4d6eb41f7fe3 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:39:10 UTC	633	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:39:10 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Cache-Control: max-age=2592000 Expires: Sun, 27 Oct 2024 14:39:10 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: image/gif X-CDN: Imperva X-Iinfo: 4-7033513-7033527 NNNN CT(172 178 0) RT(1727447949357 317) q(0 0 4 -1) r(6 6) U24
2024-09-27 14:39:10 UTC	49	IN	Data Raw: 32 62 0d 0a 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b 0d 0a Data Ascii: 2bGIF89a!,D;
2024-09-27 14:39:10 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:39:12 UTC	667	OUT	GET /securereader/javax.faces.resource/messages/messages.png.jsf?ln=primefaces&v=7.0.17 HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:39:13 UTC	684	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:39:13 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Expires: Fri, 04 Oct 2024 14:39:13 GMT Last-Modified: Fri, 03 Feb 2023 21:07:08 GMT ETag: W/"16755-1675458428000" X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: image/png X-CDN: Imperva X-Iinfo: 12-34826976-34827043 NNNN CT(76 1112 0) RT(1727447951686 390) q(0 0 12 -1) r(13 13) U24
2024-09-27 14:39:13 UTC	768	IN	Data Raw: 31 66 66 38 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 20 00 00 01 fc 08 06 00 00 00 b0 f1 ad 14 00 00 41 3a 49 44 41 54 78 01 b4 57 03 b0 24 4b d3 3d dd 3d 3d 9e b5 06 7b ff b5 9e 6d db b6 6d db b6 6d db b6 ad bb b6 77 af d7 3b 77 ac ae ff 64 45 77 bc 89 79 0a 7d 19 91 51 d5 55 d5 95 27 33 4f 65 57 a3 41 0c a5 94 81 ff 91 b8 7b d7 ef 8f 7f 32 d6 9f 9a dc 7b ef bd 93 89 44 22 66 9a a6 c2 df 08 c7 f1 4f 62 59 96 36 d8 d6 d6 96 79 fb ed b7 db 01 88 2e a3 e2 df 00 f8 a9 9b bf fc f2 cb a7 8c 1a 35 6a ed a6 a6 a6 78 34 1a ed a1 28 0d 9e fc 7d 1f ec ab 3f c7 0d 4a b1 58 ec 6e 6f 6f ef 9c 35 6b d6 d4 c3 0e 3b ec 51 00 3f 53 cb f5 00 44 95 18 3f e2 88 23 4e bc f2 ca 2b 2f 1c 33 66 cc 50 c8 aa 72 19 15 6a ad 56 83 e3 38 a8 51 1d ad 35 8e 39 50 Data Ascii: 1ff8PNGIHDR A:IDATxW$K==={mmmw;wdEwy}QU'3OeWA{2{D"fObY6y.5jx4(}?JXnoo5k;Q?SD?#N+/3fPrjV8Q59P
2024-09-27 14:39:13 UTC	1452	IN	Data Raw: 6d d0 47 8e a2 6d 7a 00 e4 19 2e 8b 0d ef c8 31 af 15 6e ba 19 3d 1f bc d1 46 c8 10 4c 94 1b 6f 75 da 69 f8 9a 00 05 44 88 e0 44 4a 0c 6b df 75 d6 c1 a8 03 0e 80 11 0a a1 c0 54 f4 1e 3b 16 4d bb ef 8e 19 e4 91 23 00 b8 af 49 a0 1e 99 e5 68 7b 00 e0 82 d0 83 82 44 87 93 06 15 9f e7 7e fd 35 92 f4 bc 4f d3 60 14 18 d2 70 af 5e d8 e6 9c 73 f0 15 01 b6 7c f7 9d f6 2e be e9 a6 58 fb e8 a3 61 31 55 85 4c 46 13 34 b7 a4 0b 9d cd cd 28 31 62 45 e6 5f 4e 87 44 a0 b1 7a fa 50 27 82 52 44 80 08 91 2a 64 f9 24 7a 50 62 8e 77 bb ea 2a f4 1f 32 04 e5 52 11 31 16 95 6d 09 e2 13 ae 91 54 6d 74 d2 49 3a d7 f9 ee 34 7c 8c 40 9a fc 99 f8 e4 53 68 7f ed 55 a8 44 12 8a 11 13 a0 e6 7f 02 e0 66 5e 41 91 30 55 f9 a2 93 4c a2 f9 f9 e7 91 21 cb 0f be eb 2e 0c 1a 31 42 9f f3 d8 c0 Data Ascii: mGmz.1n=FLouiDDJkuT;M#Ih{D~5O`p^s\|.Xa1ULF4(1bE_NDzP'RDd$zPbw2R1mTmtI:4\|@ShUDf^A0UL!.1B
2024-09-27 14:39:13 UTC	1452	IN	Data Raw: 6b 72 d5 24 d6 98 62 af d7 34 7b aa 2d c6 e4 1a 7b 89 49 04 45 11 03 2a 75 69 cb 2e 6d d9 99 f7 ff 7e 7b 86 9c 3d fc ef 89 24 78 7e a7 ed 73 ce 7b 66 18 66 be f7 fd de ef db 29 cf f3 ce 28 00 14 6d 69 ff bb a8 a8 c8 74 fc f8 f1 3b 00 6e 47 46 46 e6 75 eb d6 cd b6 67 cf 1e 1b 00 61 8a 1e 0e d8 be 7d bb c4 73 00 49 49 49 f9 a7 4f 9f 2e 38 76 ec d8 65 ed 81 d5 a0 99 58 d7 37 58 97 d8 6c 9a 59 b5 65 9d b6 5e 27 2c 2e 2e ae 2e 31 31 91 b8 4d b0 73 02 c0 e6 84 13 4e 38 e1 84 13 4e 38 e1 84 13 0d 14 13 87 07 14 01 bd 66 7f 05 36 61 0d da 6a 7c 00 1a da 6c de ba f5 d1 b8 98 98 38 1f 1f 1f 3f 00 42 77 c1 ff 84 83 3c 03 f6 56 69 b1 94 5e bf 71 23 9d 55 97 af 00 64 a1 91 d0 d7 47 fb e2 8b 2f 0e 99 35 6b d6 92 88 88 88 ee fc 7c a8 51 29 0e c4 85 c6 1d a8 0e 32 0d d9 Data Ascii: kr$b4{-{IE*ui.m~{=$x~s{ff)(mit;nGFFuga}sIIIO.8veX7XlYe^',...11MsN8N8f6aj\|l8?Bw<Vi^q#UdG/5k\|Q)2
2024-09-27 14:39:13 UTC	1452	IN	Data Raw: c1 98 47 1e 89 1e 30 7c b8 b7 4e 55 49 dc f3 83 4d 2c 35 08 6e 40 e2 72 9f 0a be 85 bf de 80 13 6e 2a 59 dd 2c e4 f2 e5 d3 1f 70 b1 f1 60 ae 9c 71 17 0f a9 8a 2a f8 02 36 c7 ca 7a 22 f1 08 5f 55 5d 55 f5 fd 84 09 13 92 7e fd f5 d7 dc fb c2 96 ff f2 cb 2f fb b8 c4 e2 09 c1 8a 95 17 16 82 b4 ca f9 fa 3a d3 7a 6e 50 70 85 a2 bc ab 6d bb 76 b8 9d 93 73 20 21 21 e1 09 34 11 fa 91 23 47 b6 0b 0b 0b 1b 42 ec e8 c8 b2 65 6a fe 89 13 92 a8 09 f4 66 7e c8 9d 0b 90 ec 55 d3 26 13 2a 8d 46 98 39 38 8f d8 58 a2 c7 1f 97 7d fd fd 07 cf 99 33 27 5a 0c 47 93 02 18 36 68 50 f3 66 1e 1e ee c5 5c 31 95 b1 65 8b 14 33 79 b2 94 c8 0c e8 e9 b5 6b 61 66 a7 e2 e1 54 64 21 82 eb c5 d5 73 e7 50 70 f8 30 c2 86 0c 81 be 65 4b f7 ce 09 09 de 4d ce 80 2a cb 24 d8 6e c1 76 0a de 37 ac Data Ascii: G0\|NUIM,5n@rnY,p`q6z"_U]U~/:znPpmvs !!4#GBejf~U&F98X}3'ZG6hPf\1e3ykafTd!sPp0eKM$nv7
2024-09-27 14:39:13 UTC	1452	IN	Data Raw: cb ab b7 1e 78 a0 aa 3c 25 85 4a d6 ad 53 4b d8 a1 b0 d2 b5 6b c9 c8 c3 79 37 21 81 8a 17 2d 12 6d ab a6 79 f3 e8 94 87 47 75 7f 5f df be a8 c7 1a 60 43 41 ff 7e 54 f6 ce 3b b6 e2 15 2b a8 f0 d1 47 d5 ac 98 18 5a 1b 15 55 37 10 78 17 a1 a1 7e 8e 67 c6 0d 5d ba 18 20 30 60 80 db 4f 71 71 1f e6 77 ec 48 65 33 67 52 f1 ea d5 6a f1 e2 c5 54 fc f6 db 54 c2 ed 14 4f 98 40 e7 fd fd d5 43 62 82 8e 1a 65 df 56 b6 7a b5 cd 38 7c 38 7d 04 ec 80 1d 01 01 2d 8f 00 99 a6 e7 26 52 c9 f2 e5 4a e1 ac 99 94 1f 13 4d df 71 00 43 80 55 3c 31 5d 1d ce 8a d2 0f cc 09 68 ce 03 ce 44 45 1d 34 73 96 8c b3 66 51 f1 d2 a5 8a 71 e1 42 32 72 4f 8b d9 0a d8 e1 29 40 d9 d4 a2 05 ad e7 89 f9 4b 48 08 95 f0 c4 2c 4c 4a 52 4a 39 e0 ef fc 7c 73 e0 e3 13 81 04 bd db e0 53 2d 5a 58 4b 9f 7e Data Ascii: x<%JSKky7!-myGu_`CA~T;+GZU7x~g] 0`OqqwHe3gRjTTO@CbeVz8\|8}-&RJMqCU<1]hDE4sfQqB2rO)@KH,LJRJ9\|sS-ZXK~
2024-09-27 14:39:13 UTC	1046	IN	Data Raw: 2f 4b af 5f 57 2b 4f 9f d6 65 28 4a d9 1a 45 99 76 c1 64 da 55 ef 53 42 03 44 72 10 1f 79 7b bf d7 d5 66 8b 90 c2 c3 a1 b4 6f af ea 42 5a 49 d0 e9 39 12 82 c4 f3 41 cc 64 3e 1f d8 cd 7e d7 a3 d5 92 ab 44 2a 29 8a 58 95 95 ea 6a a9 3a eb a6 6a 39 77 5e b6 b2 e0 79 25 30 f0 ee 92 ea ea d7 ae 59 2c bb 1c 7e 2d 0e 01 68 1b b4 f5 01 1b 83 82 16 f4 05 86 04 b3 94 57 27 3e ef c3 81 88 aa 6a 9e a4 92 ec e5 65 ff be 88 24 02 60 21 c3 3e 69 6b 6b ed 9f 0d 52 4b 4a 48 b9 72 05 d6 4b 17 65 4a bf 8a 7c 55 c1 19 0f cf 1f 92 0b 0a 96 02 38 d6 d0 97 63 00 0d 83 68 35 ce df 7f fc 28 0f 8f 67 3a b8 b9 26 fa 7b 78 4a 6e 7c 0e 10 41 a8 2d 5b 82 3c 3d 09 b2 4c 10 a5 e0 ec 98 8c 46 59 be 7e 1d f8 f5 17 d4 98 2d 28 e1 20 d3 dd dd d3 0e aa ea 67 ff 31 1a ff 03 e0 ae a3 8f 3f 2d Data Ascii: /K_W+Oe(JEvdUSBDry{foBZI9Ad>~D*)Xj:j9w^y%0Y,~-hW'>je$`!>ikkRKJHrKeJ\|U8ch5(g:&{xJn\|A-[<=LFY~-( g1?-
2024-09-27 14:39:13 UTC	568	IN	Data Raw: 3e 6c d1 e2 0d dc 0b 9f 04 07 af cb e7 9d 0b 23 22 ac 46 d6 01 3f 0f 0d d9 00 06 69 3d 5f 19 15 15 76 25 31 f1 2b f3 e8 d1 54 f2 da 6b 6a e1 ec d9 4a 31 4b 34 85 e3 9e b5 fd 1c 1a 4a 9f 7a 34 a3 05 c1 c1 5b 01 04 bc e9 ef ff 7e 56 cb 96 64 0c 0d b5 16 44 44 d0 e7 81 81 9b 71 0f e8 75 8a e2 26 6a ca 61 b3 e9 98 f9 46 15 a4 0b 60 48 97 2e d5 ed 88 8e 4e e8 69 30 6c 6b 65 d0 77 b6 d4 32 d5 7c ed 9a cc fb cb 35 aa aa 94 de cc d4 65 9a cd d6 5f 3d bd 97 bd 5b 50 60 27 a9 39 e2 4b 8a ab ab 20 d5 f5 20 15 90 ee 7d 7a 66 bd 00 2a 1f 01 d2 eb 54 4f 17 03 c2 25 c9 3e f6 df b5 6d 3b bc af 9b db 17 c1 40 e7 72 53 85 52 77 f9 b2 8e 15 15 c9 5a 90 6f ab bc 76 4d 77 c3 64 2a 3f a3 d7 cf 7c b7 b0 f0 75 02 2c 60 f8 b9 bb 97 1b f4 7a 9b 88 df 26 49 a8 24 dc 13 72 ae 6a 2b Data Ascii: >l#"F?i=_v%1+TkjJ1K4Jz4[~VdDDqu&jaF`H.Ni0lkew2\|5e_=[P`'9K }zfTO%>m;@rSRwZovMwd?\|u,`z&I$rj+
2024-09-27 14:39:13 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-09-27 14:39:13 UTC	1452	IN	Data Raw: 31 66 66 38 0d 0a 52 2d 55 6b af 97 95 ff c4 a4 b4 4e d7 22 50 61 be cf ae 78 cb 3a 3d 73 fc 2d 91 f5 f4 d3 57 4f cd 9f 7f 24 7d f3 e6 56 5f 2e 5f 9e b0 7d c1 82 7e e7 df 7e 7b 3a 7f f9 76 7f a7 da da 03 01 35 35 3d aa bd bd 15 8a 8c 54 4a 4a 8a 75 69 b7 6e 9e 59 15 10 f0 21 18 8d be 18 c5 f1 b8 1e f6 f5 4d 2f 8d 8f 23 e3 a3 8f da f2 9e 7b 4e 29 78 fe 79 95 a5 56 2a 7c 7d a1 b5 70 f9 72 0b 0b d3 c5 ac 82 1b 0b 37 6c a8 2c fb e0 03 aa 63 81 ba ec cd 37 c5 89 c9 9a 3b 69 92 2d 83 e7 ce 0e e0 46 2f 3f bf 9e 0e 6d 37 3e 88 88 80 80 ce 5f 7b 7a 9e c8 8b 8c 24 33 a7 b4 24 39 59 2d 59 bc d8 56 ba e6 3d b2 6c df 4e 55 5c 0d 51 cd 97 ea 2a b6 8a 7d fb 94 f2 2d 5b 6a 4b de 78 5d 31 3e 39 9a d2 42 43 85 f3 53 71 c1 c1 dd ff ce 4d 89 54 1f 84 10 b3 d7 78 fb bc 75 22 Data Ascii: 1ff8R-UkN"Pax:=s-WO$}V_._}~~{:v55=TJJuinY!M/#{N)xyV\|}pr7l,c7;i-F/?m7>_{z$3$9Y-YV=lNU\Q}-[jKx]1>9BCSqMTxu"
2024-09-27 14:39:13 UTC	1452	IN	Data Raw: 4c 6d f9 62 22 21 90 cd 79 28 95 b4 36 8c 00 c1 cc 44 42 d4 5e 45 5f 69 c0 2c 88 38 19 17 b2 b1 31 0a c7 01 56 ad ee bf e3 92 5b 7b cf c4 55 07 f4 d4 c6 1e e6 40 2d f2 79 b2 73 ce 1c 3d eb a7 eb f6 9b 75 54 e3 75 33 f7 6b 39 2c 97 f5 38 57 d0 c6 18 88 aa 3d 10 01 be 02 8a 65 1f 0c 20 11 b3 10 b5 09 cc a8 60 0c 58 08 98 86 a4 10 cd cd 51 5a b1 3c fd da c3 cf 65 8e bd e5 7b 53 5f dd 91 13 b4 ad f1 0f 7e 7f e5 b4 63 de df fa d0 8c 99 2d 53 ba 7b 1c 55 2a 6b 29 04 0d 02 30 03 82 00 d7 37 b0 bd 34 c6 45 73 10 60 6c f5 53 c8 d2 28 c4 63 16 86 60 0e 1d 89 c7 48 8f 1b 17 b7 56 ad cc 6c ba 7b 51 e6 23 77 75 4c 59 16 ec e2 ce 39 a4 51 85 82 c7 03 0e 8a 01 16 a7 fe 7c 4f fb 03 fb ef df fa ce ee ee b2 2a bb da 92 92 b6 f3 54 31 c1 f6 73 78 fb 84 02 f6 1a db 02 22 81 Data Ascii: Lmb"!y(6DB^E_i,81V[{U@-ys=uTu3k9,8W=e `XQZ<e{S_~c-S{Uk)074Es`lS(c`HVl{Q#wuLY9Q\|OT1sx"

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:39:28 UTC	1144	OUT	POST /securereader/login.jsf HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive Content-Length: 155 Cache-Control: max-age=0 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 Origin: https://securemail.zionsbancorp.com Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Referer: https://securemail.zionsbancorp.com/securereader/login.jsf Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:39:28 UTC	155	OUT	Data Raw: 64 69 61 6c 6f 67 3d 64 69 61 6c 6f 67 26 64 69 61 6c 6f 67 25 33 41 72 65 73 65 74 54 69 6d 65 3d 31 38 30 30 30 30 26 64 69 61 6c 6f 67 25 33 41 70 61 73 73 77 6f 72 64 3d 26 64 69 61 6c 6f 67 25 33 41 63 6f 6e 74 69 6e 75 65 42 75 74 74 6f 6e 3d 43 6f 6e 74 69 6e 75 65 26 6a 61 76 61 78 2e 66 61 63 65 73 2e 56 69 65 77 53 74 61 74 65 3d 34 37 31 30 39 35 37 33 31 31 30 36 35 32 35 38 37 37 31 25 33 41 2d 35 31 39 38 34 33 31 35 33 30 34 37 31 39 34 36 30 35 Data Ascii: dialog=dialog&dialog%3AresetTime=180000&dialog%3Apassword=&dialog%3AcontinueButton=Continue&javax.faces.ViewState=4710957311065258771%3A-519843153047194605
2024-09-27 14:39:29 UTC	669	IN	HTTP/1.1 200 200 Date: Fri, 27 Sep 2024 14:39:29 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains Pragma: no-cache Cache-Control: no-store, max-age=0 Expires: Thu, 30 Sep 2021 23:59:59 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close Transfer-Encoding: chunked Content-Type: text/html;charset=UTF-8 X-CDN: Imperva X-Iinfo: 5-9441692-9441709 NNNN CT(166 166 0) RT(1727447968412 302) q(0 0 3 -1) r(5 5) U24
2024-09-27 14:39:29 UTC	783	IN	Data Raw: 31 66 66 38 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 20 69 64 3d 22 6a 5f 69 64 74 33 22 3e 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 65 63 75 72 65 72 65 61 64 65 72 2f 6a 61 76 61 78 2e 66 61 63 65 73 2e 72 65 73 6f 75 72 63 65 2f 74 68 65 6d 65 2e 63 73 73 2e 6a 73 66 3f 6c 6e 3d 70 72 69 6d 65 66 61 63 65 73 2d 61 72 69 73 74 6f 22 20 2f 3e 3c 6c 69 6e 6b 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 65 63 75 72 65 72 65 61 64 65 72 2f 6a 61 76 61 78 2e 66 61 63 65 73 2e 72 65 73 6f 75 72 63 65 2f Data Ascii: 1ff8<!DOCTYPE html><html lang="en"><head id="j_idt3"><link type="text/css" rel="stylesheet" href="/securereader/javax.faces.resource/theme.css.jsf?ln=primefaces-aristo" /><link type="text/css" rel="stylesheet" href="/securereader/javax.faces.resource/
2024-09-27 14:39:29 UTC	1452	IN	Data Raw: 72 69 6d 65 66 61 63 65 73 26 61 6d 70 3b 76 3d 37 2e 30 2e 31 37 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 2f 73 65 63 75 72 65 72 65 61 64 65 72 2f 6a 61 76 61 78 2e 66 61 63 65 73 2e 72 65 73 6f 75 72 63 65 2f 68 6f 74 6b 65 79 2f 68 6f 74 6b 65 79 2e 6a 73 2e 6a 73 66 3f 6c 6e 3d 70 72 69 6d 65 66 61 63 65 73 26 61 6d 70 3b 76 3d 37 2e 30 2e 31 37 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 69 66 28 77 69 6e 64 6f 77 2e 50 72 69 6d 65 46 61 63 65 73 29 7b 50 72 69 6d 65 46 61 63 65 73 2e 73 65 74 74 69 6e 67 73 2e 6c 6f 63 61 6c 65 3d 27 65 6e 27 3b 7d 3c 2f 73 63 72 69 70 Data Ascii: rimefaces&v=7.0.17"></script><script type="text/javascript" src="/securereader/javax.faces.resource/hotkey/hotkey.js.jsf?ln=primefaces&v=7.0.17"></script><script type="text/javascript">if(window.PrimeFaces){PrimeFaces.settings.locale='en';}</scrip
2024-09-27 14:39:29 UTC	1452	IN	Data Raw: 74 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 64 69 61 6c 6f 67 54 69 6d 65 20 3d 20 74 69 6d 65 6f 75 74 20 2d 20 70 66 70 74 54 69 6d 65 6f 75 74 2e 64 69 61 6c 6f 67 54 69 6d 65 6f 75 74 4c 69 6d 69 74 20 2d 20 35 30 30 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 70 66 70 74 54 69 6d 65 6f 75 74 2e 64 69 61 6c 6f 67 54 69 6d 65 6f 75 74 54 69 6d 65 72 20 3d 20 77 69 6e 64 6f 77 2e 73 65 74 54 69 6d 65 6f 75 74 28 64 69 61 6c 6f 67 54 69 6d 65 6f 75 74 43 61 6c 6c 62 61 63 6b 2c 20 64 69 61 6c 6f 67 54 69 6d 65 29 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 7d 0a 7d 0a 66 75 6e 63 74 69 6f 6e 20 74 69 6d 65 6f 75 74 43 61 6c 6c 62 61 63 6b 28 29 20 7b 0a 20 20 20 20 72 65 64 69 72 65 63 74 54 6f 54 69 6d 65 6f 75 74 50 61 67 65 28 29 3b 0a Data Ascii: t var dialogTime = timeout - pfptTimeout.dialogTimeoutLimit - 5000; pfptTimeout.dialogTimeoutTimer = window.setTimeout(dialogTimeoutCallback, dialogTime); } }}function timeoutCallback() { redirectToTimeoutPage();
2024-09-27 14:39:29 UTC	1452	IN	Data Raw: 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 73 65 73 73 69 6f 6e 54 69 6d 65 4f 75 74 57 61 72 6e 69 6e 67 43 6f 6e 74 65 6e 74 22 29 3b 0a 20 20 20 20 74 69 6d 65 6f 75 74 4d 6f 64 61 6c 43 6f 6e 74 65 6e 74 2e 73 74 79 6c 65 2e 74 6f 70 20 3d 20 28 28 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 48 65 69 67 68 74 20 2d 20 74 69 6d 65 6f 75 74 4d 6f 64 61 6c 43 6f 6e 74 65 6e 74 2e 63 6c 69 65 6e 74 48 65 69 67 68 74 29 20 2f 20 32 29 20 2b 20 22 70 78 22 3b 0a 20 20 20 20 74 69 6d 65 6f 75 74 4d 6f 64 61 6c 43 6f 6e 74 65 6e 74 2e 73 74 79 6c 65 2e 6c 65 66 74 20 3d 20 28 28 77 69 6e 64 6f 77 2e 69 6e 6e 65 72 57 69 64 74 68 20 2d 20 74 69 6d 65 6f 75 74 4d 6f 64 61 6c 43 6f 6e 74 65 6e 74 2e 63 6c 69 65 6e 74 57 69 64 74 68 29 20 2f 20 32 29 20 Data Ascii: ent.getElementById("sessionTimeOutWarningContent"); timeoutModalContent.style.top = ((window.innerHeight - timeoutModalContent.clientHeight) / 2) + "px"; timeoutModalContent.style.left = ((window.innerWidth - timeoutModalContent.clientWidth) / 2)
2024-09-27 14:39:29 UTC	1452	IN	Data Raw: 69 6d 65 6f 75 74 2e 64 69 61 6c 6f 67 54 69 6d 65 6f 75 74 54 69 6d 65 72 29 3b 0a 20 20 20 20 7d 0a 20 20 20 20 69 66 20 28 70 66 70 74 54 69 6d 65 6f 75 74 2e 75 70 64 61 74 65 44 69 61 6c 6f 67 49 6e 74 65 72 76 61 6c 29 7b 0a 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 63 6c 65 61 72 49 6e 74 65 72 76 61 6c 28 70 66 70 74 54 69 6d 65 6f 75 74 2e 75 70 64 61 74 65 44 69 61 6c 6f 67 49 6e 74 65 72 76 61 6c 29 3b 0a 20 20 20 20 7d 0a 7d 0a 0a 66 75 6e 63 74 69 6f 6e 20 72 65 73 65 74 54 69 6d 65 6f 75 74 54 69 6d 65 72 28 29 20 7b 0a 20 20 20 20 63 6c 65 61 72 54 69 6d 65 6f 75 74 54 69 6d 65 72 73 28 29 3b 0a 20 20 20 20 73 65 74 54 69 6d 65 6f 75 74 54 69 6d 65 72 28 29 3b 0a 7d 0a 0a 2f 2f 20 6b 65 65 70 20 6b 65 79 62 6f 61 72 64 20 6e 61 76 69 67 Data Ascii: imeout.dialogTimeoutTimer); } if (pfptTimeout.updateDialogInterval){ window.clearInterval(pfptTimeout.updateDialogInterval); }}function resetTimeoutTimer() { clearTimeoutTimers(); setTimeoutTimer();}// keep keyboard navig
2024-09-27 14:39:29 UTC	1040	IN	Data Raw: 6d 65 6e 74 42 79 49 64 28 27 70 66 70 74 45 6e 64 53 65 73 73 69 6f 6e 42 74 6e 27 29 2e 66 6f 63 75 73 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 76 65 6e 74 2e 70 72 65 76 65 6e 74 44 65 66 61 75 6c 74 28 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 7d 20 65 6c 73 65 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 65 76 65 6e 74 2e 74 61 72 67 65 74 2e 69 64 20 3d 3d 3d 20 27 70 66 70 74 43 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 27 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 70 66 70 74 43 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 27 29 2e 66 6f 63 75 73 28 29 3b 0a 20 20 20 20 20 20 Data Ascii: mentById('pfptEndSessionBtn').focus(); event.preventDefault(); } } else { if (event.target.id === 'pfptContinueSessionBtn') { document.getElementById('pfptContinueSessionBtn').focus();
2024-09-27 14:39:29 UTC	559	IN	Data Raw: 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 72 67 62 28 30 2c 30 2c 30 29 3b 20 2f 2a 20 46 61 6c 6c 62 61 63 6b 20 69 66 20 6f 70 61 63 69 74 79 20 6e 6f 74 20 73 75 70 70 6f 72 74 65 64 20 2a 2f 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 34 29 3b 0a 7d 0a 2e 70 66 70 74 4d 6f 64 61 6c 20 2e 70 66 70 74 4d 6f 64 61 6c 43 6f 6e 74 65 6e 74 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 66 66 66 3b 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 65 6d 20 32 65 6d 3b 0a 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 73 6f 75 72 63 65 53 61 6e 73 50 72 6f 2c 73 61 6e 73 2d 73 65 72 69 66 20 21 Data Ascii: flow: hidden; background-color: rgb(0,0,0); /* Fallback if opacity not supported */ background-color: rgba(0,0,0,0.4);}.pfptModal .pfptModalContent { background-color: #ffffff; padding: 1em 2em; font-family:sourceSansPro,sans-serif !
2024-09-27 14:39:29 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2024-09-27 14:39:29 UTC	1452	IN	Data Raw: 31 66 66 38 0d 0a 0a 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 62 61 73 65 6c 69 6e 65 3b 0a 7d 0a 2e 70 66 70 74 4d 6f 64 61 6c 42 75 74 74 6f 6e 73 43 6f 6e 74 61 69 6e 65 72 20 2e 63 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 3a 68 6f 76 65 72 2c 20 2e 70 66 70 74 4d 6f 64 61 6c 42 75 74 74 6f 6e 73 43 6f 6e 74 61 69 6e 65 72 20 2e 63 6f 6e 74 69 6e 75 65 53 65 73 73 69 6f 6e 42 74 6e 3a 66 6f 63 75 73 20 7b 0a 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 35 35 43 36 46 45 3b 0a 7d 0a 2e 70 66 70 74 4d 6f 64 61 6c 42 75 74 74 6f 6e 73 43 6f 6e 74 61 69 6e 65 72 20 69 6e 70 75 74 5b 74 79 70 65 3d 22 73 75 62 6d 69 74 22 5d 2e 65 6e 64 53 65 73 73 Data Ascii: 1ff8 padding: 10px; vertical-align: baseline;}.pfptModalButtonsContainer .continueSessionBtn:hover, .pfptModalButtonsContainer .continueSessionBtn:focus { background-color: #55C6FE;}.pfptModalButtonsContainer input[type="submit"].endSess

Timestamp	Bytes transferred	Direction	Data
2024-09-27 14:39:29 UTC	975	OUT	GET /securereader/fonts/sourcesanspro-regular.ttf.woff HTTP/1.1 Host: securemail.zionsbancorp.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://securemail.zionsbancorp.com If-None-Match: W/"128612-1712877320000" If-Modified-Since: Thu, 11 Apr 2024 23:15:20 GMT sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://securemail.zionsbancorp.com/securereader/login.jsf Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: JSESSIONID=CEA0AFCFA65CE70C83E1791C66001FE1; BID=995e7a42; visid_incap_2604843=keDjyB0aTSaYRgFaC5uzbHnD9mYAAAAAQUIPAAAAAACHdiX2H9dFUr11NhX2bo7T; incap_ses_1353_2604843=Wr+bdYl24V6VyZ4hetLGEn3D9mYAAAAASkGRXGtKo/D/b5vUJRrBXw==
2024-09-27 14:39:30 UTC	607	IN	HTTP/1.1 304 304 Date: Fri, 27 Sep 2024 14:39:30 GMT Server: Strict-Transport-Security: max-age=31536000; includeSubDomains ETag: W/"128612-1712877320000" Cache-Control: max-age=0 Expires: Fri, 27 Sep 2024 14:39:30 GMT X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Expect-CT: max-age=86400, enforce Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self' X-UA-Compatible: IE=edge Connection: close X-CDN: Imperva X-Iinfo: 5-9441691-9441740 NNNY CT(166 169 0) RT(1727447968412 1211) q(0 0 0 -1) r(7 7) U24