Submitted URL: http://3mexpresstherapyportal.com/
Effective URL: https://3mexpresstherapyportal.com/
Submission: On February 12 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 32 HTTP transactions. The main IP is 52.152.250.160, located in Washington, United States and belongs to . The main domain is 3mexpresstherapyportal.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 12th 2023. Valid for: a year.
This is the only time 3mexpresstherapyportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 52.152.250.160 ()
3 18.66.147.116 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 20.119.0.21 ()
5 40.117.180.169 8075 (MICROSOFT...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
6 13.248.212.212 16509 (AMAZON-02)
32 7
Apex Domain
Subdomains
Transfer
13 3mexpresstherapyportal.com
3mexpresstherapyportal.com
2 MB
6 okta.com
3mhealth-ciam.okta.com
22 KB
5 acelity.com
www.acelity.com
291 KB
4 azurewebsites.net
3mecontentmanagerprod.azurewebsites.net
2 KB
3 oktacdn.com
global.oktacdn.com — Cisco Umbrella Rank: 11392
56 KB
1 3m.com
multimedia.3m.com — Cisco Umbrella Rank: 93700
20 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 314
90 KB
32 7
Domain Requested by
13 3mexpresstherapyportal.com 1 redirects 3mexpresstherapyportal.com
6 3mhealth-ciam.okta.com 3mexpresstherapyportal.com
5 www.acelity.com
4 3mecontentmanagerprod.azurewebsites.net 3mexpresstherapyportal.com
3 global.oktacdn.com 3mexpresstherapyportal.com
global.oktacdn.com
1 multimedia.3m.com
1 cdn.jsdelivr.net 3mexpresstherapyportal.com
32 7
Subject Issuer Validity Valid
3mexpresstherapyportal.com
Sectigo RSA Organization Validation Secure Server CA
2023-09-12 -
2024-09-11
a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-15 -
2025-01-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 01
2023-10-30 -
2024-06-27
8 months crt.sh
*.acelity.com
Sectigo RSA Organization Validation Secure Server CA
2023-09-27 -
2024-09-26
a year crt.sh
solutions.3m.com
Sectigo ECC Organization Validation Secure Server CA
2023-12-19 -
2024-12-18
a year crt.sh
*.okta.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-22 -
2024-04-12
a year crt.sh

This page contains 1 frames:

Primary Page: https://3mexpresstherapyportal.com/
Frame ID: 3B6F2DEDDE81655A78FD30D35BA2E7A5
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

3M™ Express Therapy Portal

Page URL History Show full URLs

  1. http://3mexpresstherapyportal.com/ HTTP 301
    https://3mexpresstherapyportal.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

32
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

2104 kB
Transfer

7202 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://3mexpresstherapyportal.com/ HTTP 301
    https://3mexpresstherapyportal.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
3mexpresstherapyportal.com/
Redirect Chain
  • http://3mexpresstherapyportal.com/
  • https://3mexpresstherapyportal.com/
1 KB
1 KB
Document
General
Full URL
https://3mexpresstherapyportal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a275bd1f898d4e8357b97e2607e70a41e65be1bcef991f57e83e050075966adc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
783
Content-Security-Policy
frame-ancestors 'self';
Content-Type
text/html
Date
Mon, 12 Feb 2024 07:02:17 GMT
ETag
"04d84a6ee58da1:0"
Last-Modified
Tue, 06 Feb 2024 11:21:38 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
195
Content-Type
text/html
Date
Mon, 12 Feb 2024 07:02:17 GMT
Location
https://3mexpresstherapyportal.com/
Server
Microsoft-Azure-Application-Gateway/v2
okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/7.2.0/css/
215 KB
30 KB
Stylesheet
General
Full URL
https://global.oktacdn.com/okta-signin-widget/7.2.0/css/okta-sign-in.min.css
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-116.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ce38444a92aa9f7bde0909102d6aac7eb45cfbccf0c37a476dfa6794beee04f
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
WQh42NljEpgHa4T0yOz2C1sZY2xuy9KR
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Mon, 12 Feb 2024 07:02:19 GMT
content-encoding
gzip
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 05 Jan 2023 19:03:51 GMT
server
AmazonS3
etag
W/"a9c9e7132b57f12e30afd77b5e1d8ddc"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
iuA2ImlFklm19e7mc4vRhu9ryvdyVbs3VlasXRKtXTep437XqyIpEg==
styles.css
3mexpresstherapyportal.com/
108 B
894 B
Stylesheet
General
Full URL
https://3mexpresstherapyportal.com/styles.css
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
eec6ebd97dbb0bb80d9b3971e353a5847d77374842b7788c10dd691ab58138aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 07:02:18 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Tue, 06 Feb 2024 11:18:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0f4a637ee58da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
205
main.41896a65.js
3mexpresstherapyportal.com/static/js/
5 MB
1 MB
Script
General
Full URL
https://3mexpresstherapyportal.com/static/js/main.41896a65.js
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c8fbaa41ce6bc995261c0c548a9191bcba92a5db86600298f80737c0871ae2d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 07:02:18 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Tue, 06 Feb 2024 11:21:38 GMT
Server
Microsoft-IIS/10.0
ETag
"04d84a6ee58da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1374023
main.b02f2069.css
3mexpresstherapyportal.com/static/css/
697 KB
91 KB
Stylesheet
General
Full URL
https://3mexpresstherapyportal.com/static/css/main.b02f2069.css
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1b0a58d5f3a567dd11173db5a17b3eb7d88d8a2b80ee069b8712b158bc399fd1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 07:02:18 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Tue, 06 Feb 2024 11:21:38 GMT
Server
Microsoft-IIS/10.0
ETag
"04d84a6ee58da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92201
ScanbotSDK.min.js
cdn.jsdelivr.net/npm/scanbot-web-sdk@latest/bundle/
307 KB
90 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/scanbot-web-sdk@latest/bundle/ScanbotSDK.min.js
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cba44b9232305b5b7b8b135c5da61c8e69a7d77699d234b235f83281fd3b553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 07:02:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
4.0.1
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220107-FRA, cache-lga21924-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"4cb76-E9rDOQQluBwgpNRDfeZixJZYKOc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlrtGWN9u6Xel9I4TdO5o3jc8S2eiLGD54A6Hqt3GyInNkMVb5KDOYl0QdJop9NYF91777%2BMERIbotvFYVvLLW0ncVOpaEj2DDdbtaF%2BBX9FlxQw4C39r98i4ul53vZEWeuqH8x2tAyyiQd8yMk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8542f71a99c85d8c-FRA
print.css
3mexpresstherapyportal.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://3mexpresstherapyportal.com/print.css
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
09a9031f6eea704018b1c01269675c990f7615dc207f49a6339f03a38604f47e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 07:02:18 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Tue, 06 Feb 2024 11:18:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0f4a637ee58da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
717
SignIn
3mecontentmanagerprod.azurewebsites.net/api/getContent/
0
0
Preflight
General
Full URL
https://3mecontentmanagerprod.azurewebsites.net/api/getContent/SignIn
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.0.21 Washington, United States, ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-functions-key
Access-Control-Request-Method
GET
Origin
https://3mexpresstherapyportal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-origin,content-type,x-functions-key
Access-Control-Allow-Origin
https://3mexpresstherapyportal.com
Content-Length
0
Date
Mon, 12 Feb 2024 07:02:20 GMT
Footer
3mecontentmanagerprod.azurewebsites.net/api/getContent/
0
0
Preflight
General
Full URL
https://3mecontentmanagerprod.azurewebsites.net/api/getContent/Footer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.0.21 Washington, United States, ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-functions-key
Access-Control-Request-Method
GET
Origin
https://3mexpresstherapyportal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-origin,content-type,x-functions-key
Access-Control-Allow-Origin
https://3mexpresstherapyportal.com
Content-Length
0
Date
Mon, 12 Feb 2024 07:02:20 GMT
SignIn
3mecontentmanagerprod.azurewebsites.net/api/getContent/
2 KB
1 KB
Fetch
General
Full URL
https://3mecontentmanagerprod.azurewebsites.net/api/getContent/SignIn
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/js/main.41896a65.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.0.21 Washington, United States, ASN (),
Reverse DNS
Software
/
Resource Hash
576626a6086e48d497c30ead6f4254c5057e6ebe0e739a11ad5392b9b4f04a9d

Request headers

Access-Control-Allow-Origin
*
x-functions-key
E3sm1yLVzDmwc620xHdbMtc2ovHjcAlQk2Fx26gGu5WtAzFukLAQaw==
Referer
https://3mexpresstherapyportal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 12 Feb 2024 07:02:20 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://3mexpresstherapyportal.com
Access-Control-Allow-Credentials
true
Request-Context
appId=cid-v1:1616fd10-c9c7-43ae-9083-63aeacedde21
Footer
3mecontentmanagerprod.azurewebsites.net/api/getContent/
1 KB
993 B
Fetch
General
Full URL
https://3mecontentmanagerprod.azurewebsites.net/api/getContent/Footer
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/js/main.41896a65.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.0.21 Washington, United States, ASN (),
Reverse DNS
Software
/
Resource Hash
caa80027217ce895df9a0d52725a9c33569a8bfaa1faf1a9d87e4da98b71a04d

Request headers

Access-Control-Allow-Origin
*
x-functions-key
E3sm1yLVzDmwc620xHdbMtc2ovHjcAlQk2Fx26gGu5WtAzFukLAQaw==
Referer
https://3mexpresstherapyportal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 12 Feb 2024 07:02:21 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://3mexpresstherapyportal.com
Access-Control-Allow-Credentials
true
Request-Context
appId=cid-v1:1616fd10-c9c7-43ae-9083-63aeacedde21
3MCircularTT-Regular.448b9457136f5be9f1d4.ttf
3mexpresstherapyportal.com/static/media/
172 KB
173 KB
Font
General
Full URL
https://3mexpresstherapyportal.com/static/media/3MCircularTT-Regular.448b9457136f5be9f1d4.ttf
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/css/main.b02f2069.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
de8fa52da1f9eb9d8ff6afd37efa54a44ddb6ac6c9598414e487c0cb9f705273
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://3mexpresstherapyportal.com/static/css/main.b02f2069.css
Origin
https://3mexpresstherapyportal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 07:02:20 GMT
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Tue, 06 Feb 2024 11:21:38 GMT
Server
Microsoft-IIS/10.0
ETag
"04d84a6ee58da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
176632
Promogran-banner-ad-1-900x225_3.jpg
www.acelity.com/-/media/3MExpress/
65 KB
66 KB
Image
General
Full URL
https://www.acelity.com/-/media/3MExpress/Promogran-banner-ad-1-900x225_3.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.117.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5e916286be78461a2b926815728e152f332c63a3642a2212e0ae1c476550252
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Request-Context
appId=cid-v1:64704b2f-0c99-4b21-bdd8-66b2222dde71
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Mon, 12 Feb 2024 07:02:21 GMT
Last-Modified
Tue, 25 Jul 2023 18:53:57 GMT
ETag
caa3aa8f335f4d0392ffb0c72ab67ed9
Content-Type
image/png
Cache-Control
public, max-age=604800
Content-Disposition
inline; filename="Promogran-banner-ad-1-900x225_3.png"
Accept-Ranges
bytes
Content-Length
66183
X-XSS-Protection
1; mode=block
Expires
Mon, 19 Feb 2024 07:02:21 GMT
banner-ad-3-update-900x225_2.jpg
www.acelity.com/-/media/3MExpress/
53 KB
54 KB
Image
General
Full URL
https://www.acelity.com/-/media/3MExpress/banner-ad-3-update-900x225_2.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.117.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
93798d77d50e7a373a1bb3ebc34ada4aad6ed3563b36a7acbb46f020e0db3700
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Request-Context
appId=cid-v1:64704b2f-0c99-4b21-bdd8-66b2222dde71
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Mon, 12 Feb 2024 07:02:21 GMT
Last-Modified
Mon, 17 Jul 2023 13:46:35 GMT
ETag
d32ad753d62543fdb18bb5c2362e50a0
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Content-Disposition
inline; filename="banner-ad-3-update-900x225_2.jpg"
Accept-Ranges
bytes
Content-Length
54435
X-XSS-Protection
1; mode=block
Expires
Mon, 19 Feb 2024 07:02:21 GMT
banner-ad-4-900x225_2.jpg
www.acelity.com/-/media/3MExpress/
76 KB
78 KB
Image
General
Full URL
https://www.acelity.com/-/media/3MExpress/banner-ad-4-900x225_2.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.117.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
67640e61d2219e7668a6535fae6ebc11b32de192ec05c1b42ce9fcdc51aff6b2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Request-Context
appId=cid-v1:64704b2f-0c99-4b21-bdd8-66b2222dde71
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Mon, 12 Feb 2024 07:02:21 GMT
Last-Modified
Mon, 17 Jul 2023 13:46:56 GMT
ETag
d3c5fa035b88415ab84fc8ca2d5446fb
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Content-Disposition
inline; filename="banner-ad-4-900x225_2.jpg"
Accept-Ranges
bytes
Content-Length
78321
X-XSS-Protection
1; mode=block
Expires
Mon, 19 Feb 2024 07:02:21 GMT
3M%20MSD%205940%20Advantage%20Center.jpg
www.acelity.com/-/media/3MExpress/
76 KB
77 KB
Image
General
Full URL
https://www.acelity.com/-/media/3MExpress/3M%20MSD%205940%20Advantage%20Center.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.117.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9740e93a8d89420a89a8eb08be8dc38790c387115ab965c6c2e630a9c4c45c8e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Request-Context
appId=cid-v1:64704b2f-0c99-4b21-bdd8-66b2222dde71
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Mon, 12 Feb 2024 07:02:21 GMT
Last-Modified
Tue, 19 Sep 2023 22:10:48 GMT
ETag
f06e62ec11054b7684c6764563624f0d
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Content-Disposition
inline; filename="3M MSD 5940 Advantage Center.jpg"
Accept-Ranges
bytes
Content-Length
78135
X-XSS-Protection
1; mode=block
Expires
Mon, 19 Feb 2024 07:02:21 GMT
vac-600x400.jpg
www.acelity.com/-/media/3MExpress/
15 KB
16 KB
Image
General
Full URL
https://www.acelity.com/-/media/3MExpress/vac-600x400.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.117.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d03f4120c41260c96df637d7e65f24f3bf4a135c1e4d1186d6d9b04e9cc28d0f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Request-Context
appId=cid-v1:64704b2f-0c99-4b21-bdd8-66b2222dde71
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Mon, 12 Feb 2024 07:02:21 GMT
Last-Modified
Tue, 19 Sep 2023 23:05:45 GMT
ETag
2f56492b8ab84cf8b4633a3e98107fdb
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Content-Disposition
inline; filename="vac-600x400.jpg"
Accept-Ranges
bytes
Content-Length
15320
X-XSS-Protection
1; mode=block
Expires
Mon, 19 Feb 2024 07:02:21 GMT
3m-activ-a-c-therapy-unit-with-3m-coban-2-two-layer-compression-system-photo-4.jpg
multimedia.3m.com/mws/media/2092356V/
19 KB
20 KB
Image
General
Full URL
https://multimedia.3m.com/mws/media/2092356V/3m-activ-a-c-therapy-unit-with-3m-coban-2-two-layer-compression-system-photo-4.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:5b0::1e28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
653cffc7bf95bb2a8d284361b0ae67fdb2bc8b6e52033624b515b02eace01693
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 07:02:21 GMT
last-modified
Mon, 02 Oct 2023 10:46:36 GMT
server
Akamai Image Manager
x-frame-options
SAMEORIGIN
edge-cache-tag
multimedia-2092356
content-type
image/avif
access-control-allow-origin
access-control-expose-headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
cache-control
private, no-transform, max-age=43200
server-timing
cdn-cache; desc=HIT, edge; dur=36, origin; dur=0, ak_p; desc="1707721341359_35115179_1776476742_3700_12660_6_86_219";dur=1
content-length
19593
expires
Mon, 12 Feb 2024 19:02:21 GMT
okta3mlogo.svg
3mexpresstherapyportal.com/
8 KB
4 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/okta3mlogo.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
700a3a9ce28fd2a57ac84ce6d2bfa4835a74696b9a05b101447f106e04780789
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 07:02:21 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Tue, 06 Feb 2024 11:18:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0f4a637ee58da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3293
openid-configuration
3mhealth-ciam.okta.com/oauth2/default/.well-known/
3 KB
4 KB
Fetch
General
Full URL
https://3mhealth-ciam.okta.com/oauth2/default/.well-known/openid-configuration
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/js/main.41896a65.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.212.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
1ae55675925d78559f664e231168fbb0a5582b48650dfaca81dcc62ab3fcbd78
Security Headers
Name Value
Content-Security-Policy default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://3mexpresstherapyportal.com/
X-Okta-User-Agent-Extended
okta-auth-js/7.0.2 okta-signin-widget-7.12.1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

x-okta-request-id
3ee198f8849fa6478b9ca7cfa3a63d0c
date
Mon, 12 Feb 2024 07:02:22 GMT
content-security-policy
default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=315360000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin, Origin
p3p
CP="HONK"
content-type
application/json
access-control-allow-origin
https://3mexpresstherapyportal.com
cache-control
max-age=86400, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Tue, 13 Feb 2024 07:02:21 GMT
openid-configuration
3mhealth-ciam.okta.com/oauth2/default/.well-known/
0
0
Preflight
General
Full URL
https://3mhealth-ciam.okta.com/oauth2/default/.well-known/openid-configuration
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.212.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://3mexpresstherapyportal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-okta-user-agent-extended
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://3mexpresstherapyportal.com
access-control-max-age
3600
content-length
0
content-type
application/octet-stream
date
Mon, 12 Feb 2024 07:02:21 GMT
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
vary
Origin
x-okta-request-id
2fad7fc666cc3437c7dc9549d2bfe846
facebook.c16de08bcf2a22f962aca6f47b164b0e.svg
3mexpresstherapyportal.com/static/media/
492 B
1 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/static/media/facebook.c16de08bcf2a22f962aca6f47b164b0e.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ceadf77135ddbab89af6b4ddee18e95db3c328e51f22b5b62cacbee83bef7e38
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 07:02:21 GMT
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Tue, 06 Feb 2024 11:21:38 GMT
Server
Microsoft-IIS/10.0
ETag
"04d84a6ee58da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
492
instagram.590a62b965d6db6a6e27ecbe88fb47a4.svg
3mexpresstherapyportal.com/static/media/
3 KB
2 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/static/media/instagram.590a62b965d6db6a6e27ecbe88fb47a4.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c992f606d9539803e706326f32adb3372848351aa86c3ae2fd123b7873423916
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 07:02:21 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Tue, 06 Feb 2024 11:21:38 GMT
Server
Microsoft-IIS/10.0
ETag
"04d84a6ee58da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1155
linkedin.e5bb3ff1d9895aa03d6ae4f1b80177ad.svg
3mexpresstherapyportal.com/static/media/
834 B
1 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/static/media/linkedin.e5bb3ff1d9895aa03d6ae4f1b80177ad.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4abf01531297b5c28ca1915eb1d518796e25ebf974eabed7acbcfa3416ddd390
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 07:02:21 GMT
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Tue, 06 Feb 2024 11:21:38 GMT
Server
Microsoft-IIS/10.0
ETag
"04d84a6ee58da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
834
twitter.db8bf7e978e6d40f9846c892eb16430a.svg
3mexpresstherapyportal.com/static/media/
1 KB
2 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/static/media/twitter.db8bf7e978e6d40f9846c892eb16430a.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
370d4dee01c16046d6e7878a0e793040a48d1fdae342483f427f7c93c0a17a25
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 07:02:21 GMT
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Tue, 06 Feb 2024 11:21:38 GMT
Server
Microsoft-IIS/10.0
ETag
"04d84a6ee58da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1392
youtube.c2827f796bb792d1d76d9baf0abd34eb.svg
3mexpresstherapyportal.com/static/media/
930 B
2 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/static/media/youtube.c2827f796bb792d1d76d9baf0abd34eb.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f1106d035ff20091a2b867ff4f6c81300faca3805a89d2bdac622e0efd80a170
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 07:02:21 GMT
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Tue, 06 Feb 2024 11:21:38 GMT
Server
Microsoft-IIS/10.0
ETag
"04d84a6ee58da1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
930
interact
3mhealth-ciam.okta.com/oauth2/default/v1/
1 KB
3 KB
Fetch
General
Full URL
https://3mhealth-ciam.okta.com/oauth2/default/v1/interact
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/js/main.41896a65.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.212.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
1f93b218dad5c978fb34e2372f698adf0bd8d3376c545a7a4b143d2d288546e9
Security Headers
Name Value
Content-Security-Policy default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://3mexpresstherapyportal.com/
X-Okta-User-Agent-Extended
okta-auth-js/7.0.2 okta-signin-widget-7.12.1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-okta-request-id
df00c8eeaa2e921156e86ac1a9859cff
date
Mon, 12 Feb 2024 07:02:22 GMT
content-security-policy
default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit
1200
x-content-type-options
nosniff
x-rate-limit-remaining
1199
strict-transport-security
max-age=315360000; includeSubDomains
p3p
CP="HONK"
x-xss-protection
0
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
content-type
application/json
access-control-allow-origin
https://3mexpresstherapyportal.com
x-rate-limit-reset
1707721402
access-control-allow-credentials
true
cache-control
no-cache, no-store
x-robots-tag
noindex,nofollow
access-control-allow-headers
Content-Type
expires
0
interact
3mhealth-ciam.okta.com/oauth2/default/v1/
0
0
Preflight
General
Full URL
https://3mhealth-ciam.okta.com/oauth2/default/v1/interact
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.212.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-okta-user-agent-extended
Access-Control-Request-Method
POST
Origin
https://3mexpresstherapyportal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
x-okta-user-agent-extended,Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://3mexpresstherapyportal.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control
no-cache, no-store
content-length
0
content-security-policy
default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
date
Mon, 12 Feb 2024 07:02:22 GMT
expires
0
p3p
CP="HONK"
pragma
no-cache
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
vary
Origin
x-frame-options
SAMEORIGIN
x-okta-request-id
860c1aff48efb97f08be840f5893afe0
x-rate-limit-limit
10000
x-rate-limit-remaining
9999
x-rate-limit-reset
1707721402
x-robots-tag
noindex,nofollow
x-xss-protection
0
introspect
3mhealth-ciam.okta.com/idp/idx/
13 KB
15 KB
Fetch
General
Full URL
https://3mhealth-ciam.okta.com/idp/idx/introspect
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/js/main.41896a65.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.212.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
ffed7f7e63ea5fddc361f66b09a15508885b05986cee535e296bb8efa3641c11
Security Headers
Name Value
Content-Security-Policy default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/ion+json; okta-version=1.0.0
Referer
https://3mexpresstherapyportal.com/
X-Okta-User-Agent-Extended
okta-auth-js/7.0.2 okta-signin-widget-7.12.1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/ion+json; okta-version=1.0.0

Response headers

x-okta-request-id
399926c23f4ed81449d792a375204659
date
Mon, 12 Feb 2024 07:02:23 GMT
content-security-policy
default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit
2000
x-content-type-options
nosniff
x-rate-limit-remaining
1999
strict-transport-security
max-age=315360000; includeSubDomains
p3p
CP="HONK"
x-xss-protection
0
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
content-type
application/ion+json;okta-version=1.0.0
access-control-allow-origin
https://3mexpresstherapyportal.com
x-rate-limit-reset
1707721403
access-control-allow-credentials
true
cache-control
no-cache, no-store
x-robots-tag
noindex,nofollow
expires
0
introspect
3mhealth-ciam.okta.com/idp/idx/
0
0
Preflight
General
Full URL
https://3mhealth-ciam.okta.com/idp/idx/introspect
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.212.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
POST
Origin
https://3mexpresstherapyportal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://3mexpresstherapyportal.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control
no-cache, no-store
content-length
0
content-security-policy
default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
date
Mon, 12 Feb 2024 07:02:23 GMT
expires
0
p3p
CP="HONK"
pragma
no-cache
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
vary
Origin
x-frame-options
SAMEORIGIN
x-okta-request-id
9e6cefa9e0bd387294bb93591e50dce7
x-rate-limit-limit
10000
x-rate-limit-remaining
9998
x-rate-limit-reset
1707721402
x-robots-tag
noindex,nofollow
x-xss-protection
0
checkbox-sign-in-widget.png
global.oktacdn.com/okta-signin-widget/7.2.0/img/ui/forms/
3 KB
4 KB
Image
General
Full URL
https://global.oktacdn.com/okta-signin-widget/7.2.0/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.2.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-116.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://global.oktacdn.com/okta-signin-widget/7.2.0/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
g.eic_YA8zs9TQ_XbHHmadC5UvFEvB5m
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Sun, 11 Feb 2024 10:07:44 GMT
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
75280
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3141
last-modified
Thu, 05 Jan 2023 19:03:51 GMT
server
AmazonS3
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
UqQODEYxs_X-miSSZTp-RwR5WV3LjPBBwwr9fmmis_b1BIiRHHA_gA==
montserrat-okta-light-webfont.woff
global.oktacdn.com/okta-signin-widget/7.2.0/font/
22 KB
22 KB
Font
General
Full URL
https://global.oktacdn.com/okta-signin-widget/7.2.0/font/montserrat-okta-light-webfont.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.2.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-116.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://global.oktacdn.com/okta-signin-widget/7.2.0/css/okta-sign-in.min.css
Origin
https://3mexpresstherapyportal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
jCGi4UHNXnTf3scnAKQZAY9olTaEhs1M
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Sun, 11 Feb 2024 10:07:44 GMT
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
75279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
22112
last-modified
Thu, 05 Jan 2023 19:03:51 GMT
server
AmazonS3
etag
"6225f3ca44b83090833064727a09cc95"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
OUpKFmIlaXd8pcTtYGLU3tuBCx2DDZ6Zc15APZwuK6KEoalxDVMDbg==

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ScanbotSDK object| webpackChunkexpress_2_0 object| regeneratorRuntime function| jQueryCourage object| u2f

1 Cookies

Domain/Path Name / Value
3mhealth-ciam.okta.com/ Name: DT
Value: DI1lusfV0ftT5WWZ8pYd7s8Tg

2 Console Messages

Source Level URL
Text
other warning URL: https://3mexpresstherapyportal.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://3mexpresstherapyportal.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3mecontentmanagerprod.azurewebsites.net
3mexpresstherapyportal.com
3mhealth-ciam.okta.com
cdn.jsdelivr.net
global.oktacdn.com
multimedia.3m.com
www.acelity.com
13.248.212.212
18.66.147.116
20.119.0.21
2606:4700::6810:5714
2a02:26f0:480:5b0::1e28
40.117.180.169
52.152.250.160
09a9031f6eea704018b1c01269675c990f7615dc207f49a6339f03a38604f47e
1ae55675925d78559f664e231168fbb0a5582b48650dfaca81dcc62ab3fcbd78
1b0a58d5f3a567dd11173db5a17b3eb7d88d8a2b80ee069b8712b158bc399fd1
1f93b218dad5c978fb34e2372f698adf0bd8d3376c545a7a4b143d2d288546e9
370d4dee01c16046d6e7878a0e793040a48d1fdae342483f427f7c93c0a17a25
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
4abf01531297b5c28ca1915eb1d518796e25ebf974eabed7acbcfa3416ddd390
576626a6086e48d497c30ead6f4254c5057e6ebe0e739a11ad5392b9b4f04a9d
5cba44b9232305b5b7b8b135c5da61c8e69a7d77699d234b235f83281fd3b553
5ce38444a92aa9f7bde0909102d6aac7eb45cfbccf0c37a476dfa6794beee04f
653cffc7bf95bb2a8d284361b0ae67fdb2bc8b6e52033624b515b02eace01693
67640e61d2219e7668a6535fae6ebc11b32de192ec05c1b42ce9fcdc51aff6b2
700a3a9ce28fd2a57ac84ce6d2bfa4835a74696b9a05b101447f106e04780789
93798d77d50e7a373a1bb3ebc34ada4aad6ed3563b36a7acbb46f020e0db3700
9740e93a8d89420a89a8eb08be8dc38790c387115ab965c6c2e630a9c4c45c8e
a275bd1f898d4e8357b97e2607e70a41e65be1bcef991f57e83e050075966adc
c8fbaa41ce6bc995261c0c548a9191bcba92a5db86600298f80737c0871ae2d1
c992f606d9539803e706326f32adb3372848351aa86c3ae2fd123b7873423916
caa80027217ce895df9a0d52725a9c33569a8bfaa1faf1a9d87e4da98b71a04d
ceadf77135ddbab89af6b4ddee18e95db3c328e51f22b5b62cacbee83bef7e38
d03f4120c41260c96df637d7e65f24f3bf4a135c1e4d1186d6d9b04e9cc28d0f
de8fa52da1f9eb9d8ff6afd37efa54a44ddb6ac6c9598414e487c0cb9f705273
e5e916286be78461a2b926815728e152f332c63a3642a2212e0ae1c476550252
eec6ebd97dbb0bb80d9b3971e353a5847d77374842b7788c10dd691ab58138aa
f1106d035ff20091a2b867ff4f6c81300faca3805a89d2bdac622e0efd80a170
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
ffed7f7e63ea5fddc361f66b09a15508885b05986cee535e296bb8efa3641c11