Submitted URL: http://3mexpresstherapyportal.com/
Effective URL: https://3mexpresstherapyportal.com/
Submission: On March 21 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 32 HTTP transactions. The main IP is 52.152.250.160, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is 3mexpresstherapyportal.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 12th 2023. Valid for: a year.
This is the only time 3mexpresstherapyportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 52.152.250.160 8075 (MICROSOFT...)
3 13.35.58.2 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 20.119.0.21 8075 (MICROSOFT...)
5 40.117.180.169 8075 (MICROSOFT...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 76.223.94.4 16509 (AMAZON-02)
32 7
Apex Domain
Subdomains
Transfer
13 3mexpresstherapyportal.com
3mexpresstherapyportal.com
2 MB
6 okta.com
3mhealth-ciam.okta.com
23 KB
5 acelity.com
www.acelity.com
291 KB
4 azurewebsites.net
3mecontentmanagerprod.azurewebsites.net
2 KB
3 oktacdn.com
global.oktacdn.com — Cisco Umbrella Rank: 24680
56 KB
1 3m.com
multimedia.3m.com — Cisco Umbrella Rank: 234628
20 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437
90 KB
32 7
Domain Requested by
13 3mexpresstherapyportal.com 1 redirects 3mexpresstherapyportal.com
6 3mhealth-ciam.okta.com 3mexpresstherapyportal.com
5 www.acelity.com
4 3mecontentmanagerprod.azurewebsites.net 3mexpresstherapyportal.com
3 global.oktacdn.com 3mexpresstherapyportal.com
global.oktacdn.com
1 multimedia.3m.com
1 cdn.jsdelivr.net 3mexpresstherapyportal.com
32 7
Subject Issuer Validity Valid
3mexpresstherapyportal.com
Sectigo RSA Organization Validation Secure Server CA
2023-09-12 -
2024-09-11
a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-15 -
2025-01-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
*.azurewebsites.net
Microsoft Azure RSA TLS Issuing CA 08
2024-03-13 -
2025-03-08
a year crt.sh
*.acelity.com
Sectigo RSA Organization Validation Secure Server CA
2023-09-27 -
2024-09-26
a year crt.sh
solutions.3m.com
Sectigo ECC Organization Validation Secure Server CA
2023-12-19 -
2024-12-18
a year crt.sh
*.okta.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-12 -
2025-03-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://3mexpresstherapyportal.com/
Frame ID: C630C8DFE28890E8B8DEB7AB9C70956C
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

3M™ Express Therapy Portal

Page URL History Show full URLs

  1. http://3mexpresstherapyportal.com/ HTTP 301
    https://3mexpresstherapyportal.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

32
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

2945 kB
Transfer

10983 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://3mexpresstherapyportal.com/ HTTP 301
    https://3mexpresstherapyportal.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
3mexpresstherapyportal.com/
Redirect Chain
  • http://3mexpresstherapyportal.com/
  • https://3mexpresstherapyportal.com/
1 KB
1 KB
Document
General
Full URL
https://3mexpresstherapyportal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
43a49edbcfad0f14d647b03397cc4c4572d154cca0d01342ee606af43077dc42
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
783
Content-Security-Policy
frame-ancestors 'self';
Content-Type
text/html
Date
Thu, 21 Mar 2024 07:12:25 GMT
ETag
"0d3f21a3e6eda1:0"
Last-Modified
Mon, 04 Mar 2024 14:13:18 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Connection
keep-alive
Content-Length
195
Content-Type
text/html
Date
Thu, 21 Mar 2024 07:12:24 GMT
Location
https://3mexpresstherapyportal.com/
Server
Microsoft-Azure-Application-Gateway/v2
okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/7.2.0/css/
215 KB
31 KB
Stylesheet
General
Full URL
https://global.oktacdn.com/okta-signin-widget/7.2.0/css/okta-sign-in.min.css
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-2.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ce38444a92aa9f7bde0909102d6aac7eb45cfbccf0c37a476dfa6794beee04f
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
WQh42NljEpgHa4T0yOz2C1sZY2xuy9KR
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Wed, 20 Mar 2024 11:39:40 GMT
content-encoding
gzip
via
1.1 6af229f397d391cfa25045f944cba714.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
age
70366
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 05 Jan 2023 19:03:51 GMT
server
AmazonS3
etag
W/"a9c9e7132b57f12e30afd77b5e1d8ddc"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
4zvCgE-C_t9xEOCabqdohGGfbGfRRf-bq19vqmrhYDZBVI3M1ZDe9w==
styles.css
3mexpresstherapyportal.com/
108 B
894 B
Stylesheet
General
Full URL
https://3mexpresstherapyportal.com/styles.css
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
eec6ebd97dbb0bb80d9b3971e353a5847d77374842b7788c10dd691ab58138aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 07:12:25 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 04 Mar 2024 14:08:34 GMT
Server
Microsoft-IIS/10.0
ETag
"0ddab713d6eda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
205
main.fdc86a60.js
3mexpresstherapyportal.com/static/js/
9 MB
2 MB
Script
General
Full URL
https://3mexpresstherapyportal.com/static/js/main.fdc86a60.js
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6fc19a761a023d8ac89b0d21f34bdd20d25f3eb9a707a042f0b867ee07d929a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 07:12:25 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 04 Mar 2024 14:13:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0d3f21a3e6eda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2192345
main.c3e92658.css
3mexpresstherapyportal.com/static/css/
1017 KB
133 KB
Stylesheet
General
Full URL
https://3mexpresstherapyportal.com/static/css/main.c3e92658.css
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3eab21af365e5870b20fe01d940e81954c8a0ebc8b5fd364bbe56130bba71df8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 07:12:25 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 04 Mar 2024 14:13:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0d3f21a3e6eda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
135262
ScanbotSDK.min.js
cdn.jsdelivr.net/npm/scanbot-web-sdk@latest/bundle/
307 KB
90 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/scanbot-web-sdk@latest/bundle/ScanbotSDK.min.js
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cba44b9232305b5b7b8b135c5da61c8e69a7d77699d234b235f83281fd3b553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 07:12:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35695
x-jsd-version
4.0.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220107-FRA, cache-lga21954-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"4cb76-E9rDOQQluBwgpNRDfeZixJZYKOc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2FuPNcOiBDk6nhVUUUR%2B5eTjLMahABeCz8v2nIYxygcX0WYIXz5L84uMzsbotTNAjA9wNwb7w7j6DqiB1vy3gfFagSRBSmMGeUQT%2FCxfAkJICU%2BlK1w9C4c7edlKJxeBrkrw8wOqoNp6F0nm%2BMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
867c222d5ed84dbb-FRA
print.css
3mexpresstherapyportal.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://3mexpresstherapyportal.com/print.css
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
09a9031f6eea704018b1c01269675c990f7615dc207f49a6339f03a38604f47e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 07:12:25 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 04 Mar 2024 14:08:34 GMT
Server
Microsoft-IIS/10.0
ETag
"0ddab713d6eda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
717
3MCircularTT-Regular.448b9457136f5be9f1d4.ttf
3mexpresstherapyportal.com/static/media/
172 KB
173 KB
Font
General
Full URL
https://3mexpresstherapyportal.com/static/media/3MCircularTT-Regular.448b9457136f5be9f1d4.ttf
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/css/main.c3e92658.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
de8fa52da1f9eb9d8ff6afd37efa54a44ddb6ac6c9598414e487c0cb9f705273
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://3mexpresstherapyportal.com/static/css/main.c3e92658.css
Origin
https://3mexpresstherapyportal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 07:12:27 GMT
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 04 Mar 2024 14:13:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0d3f21a3e6eda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
176632
SignIn
3mecontentmanagerprod.azurewebsites.net/api/getContent/
0
0
Preflight
General
Full URL
https://3mecontentmanagerprod.azurewebsites.net/api/getContent/SignIn
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.0.21 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-functions-key
Access-Control-Request-Method
GET
Origin
https://3mexpresstherapyportal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-origin,content-type,x-functions-key
Access-Control-Allow-Origin
https://3mexpresstherapyportal.com
Content-Length
0
Date
Thu, 21 Mar 2024 07:12:27 GMT
Footer
3mecontentmanagerprod.azurewebsites.net/api/getContent/
0
0
Preflight
General
Full URL
https://3mecontentmanagerprod.azurewebsites.net/api/getContent/Footer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.0.21 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-functions-key
Access-Control-Request-Method
GET
Origin
https://3mexpresstherapyportal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-origin,content-type,x-functions-key
Access-Control-Allow-Origin
https://3mexpresstherapyportal.com
Content-Length
0
Date
Thu, 21 Mar 2024 07:12:27 GMT
SignIn
3mecontentmanagerprod.azurewebsites.net/api/getContent/
2 KB
1 KB
Fetch
General
Full URL
https://3mecontentmanagerprod.azurewebsites.net/api/getContent/SignIn
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/js/main.fdc86a60.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.0.21 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d9a744c80350f858b0c6beeb485f2c8d3a319352d260f52be36c046886e962a8

Request headers

Access-Control-Allow-Origin
*
x-functions-key
E3sm1yLVzDmwc620xHdbMtc2ovHjcAlQk2Fx26gGu5WtAzFukLAQaw==
Referer
https://3mexpresstherapyportal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 21 Mar 2024 07:12:27 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://3mexpresstherapyportal.com
Access-Control-Allow-Credentials
true
Request-Context
appId=cid-v1:1616fd10-c9c7-43ae-9083-63aeacedde21
Footer
3mecontentmanagerprod.azurewebsites.net/api/getContent/
1 KB
999 B
Fetch
General
Full URL
https://3mecontentmanagerprod.azurewebsites.net/api/getContent/Footer
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/js/main.fdc86a60.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.119.0.21 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
caa80027217ce895df9a0d52725a9c33569a8bfaa1faf1a9d87e4da98b71a04d

Request headers

Access-Control-Allow-Origin
*
x-functions-key
E3sm1yLVzDmwc620xHdbMtc2ovHjcAlQk2Fx26gGu5WtAzFukLAQaw==
Referer
https://3mexpresstherapyportal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 21 Mar 2024 07:12:27 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://3mexpresstherapyportal.com
Access-Control-Allow-Credentials
true
Request-Context
appId=cid-v1:1616fd10-c9c7-43ae-9083-63aeacedde21
3M%20MSD%205940%20Advantage%20Center.jpg
www.acelity.com/-/media/3MExpress/
76 KB
77 KB
Image
General
Full URL
https://www.acelity.com/-/media/3MExpress/3M%20MSD%205940%20Advantage%20Center.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.117.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9740e93a8d89420a89a8eb08be8dc38790c387115ab965c6c2e630a9c4c45c8e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Request-Context
appId=cid-v1:64704b2f-0c99-4b21-bdd8-66b2222dde71
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 07:12:27 GMT
Last-Modified
Tue, 19 Sep 2023 22:10:48 GMT
ETag
f06e62ec11054b7684c6764563624f0d
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Content-Disposition
inline; filename="3M MSD 5940 Advantage Center.jpg"
Accept-Ranges
bytes
Content-Length
78135
X-XSS-Protection
1; mode=block
Expires
Thu, 28 Mar 2024 07:12:28 GMT
banner-ad-3-update-900x225_2.jpg
www.acelity.com/-/media/3MExpress/
53 KB
54 KB
Image
General
Full URL
https://www.acelity.com/-/media/3MExpress/banner-ad-3-update-900x225_2.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.117.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
93798d77d50e7a373a1bb3ebc34ada4aad6ed3563b36a7acbb46f020e0db3700
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Request-Context
appId=cid-v1:64704b2f-0c99-4b21-bdd8-66b2222dde71
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 07:12:27 GMT
Last-Modified
Mon, 17 Jul 2023 13:46:35 GMT
ETag
d32ad753d62543fdb18bb5c2362e50a0
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Content-Disposition
inline; filename="banner-ad-3-update-900x225_2.jpg"
Accept-Ranges
bytes
Content-Length
54435
X-XSS-Protection
1; mode=block
Expires
Thu, 28 Mar 2024 07:12:28 GMT
banner-ad-4-900x225_2.jpg
www.acelity.com/-/media/3MExpress/
76 KB
78 KB
Image
General
Full URL
https://www.acelity.com/-/media/3MExpress/banner-ad-4-900x225_2.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.117.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
67640e61d2219e7668a6535fae6ebc11b32de192ec05c1b42ce9fcdc51aff6b2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Request-Context
appId=cid-v1:64704b2f-0c99-4b21-bdd8-66b2222dde71
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 07:12:27 GMT
Last-Modified
Mon, 17 Jul 2023 13:46:56 GMT
ETag
d3c5fa035b88415ab84fc8ca2d5446fb
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Content-Disposition
inline; filename="banner-ad-4-900x225_2.jpg"
Accept-Ranges
bytes
Content-Length
78321
X-XSS-Protection
1; mode=block
Expires
Thu, 28 Mar 2024 07:12:28 GMT
Promogran-banner-ad-1-900x225_3.jpg
www.acelity.com/-/media/3MExpress/
65 KB
66 KB
Image
General
Full URL
https://www.acelity.com/-/media/3MExpress/Promogran-banner-ad-1-900x225_3.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.117.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5e916286be78461a2b926815728e152f332c63a3642a2212e0ae1c476550252
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Request-Context
appId=cid-v1:64704b2f-0c99-4b21-bdd8-66b2222dde71
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 07:12:27 GMT
Last-Modified
Tue, 25 Jul 2023 18:53:57 GMT
ETag
caa3aa8f335f4d0392ffb0c72ab67ed9
Content-Type
image/png
Cache-Control
public, max-age=604800
Content-Disposition
inline; filename="Promogran-banner-ad-1-900x225_3.png"
Accept-Ranges
bytes
Content-Length
66183
X-XSS-Protection
1; mode=block
Expires
Thu, 28 Mar 2024 07:12:28 GMT
vac-600x400.jpg
www.acelity.com/-/media/3MExpress/
15 KB
16 KB
Image
General
Full URL
https://www.acelity.com/-/media/3MExpress/vac-600x400.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.117.180.169 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d03f4120c41260c96df637d7e65f24f3bf4a135c1e4d1186d6d9b04e9cc28d0f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Request-Context
appId=cid-v1:64704b2f-0c99-4b21-bdd8-66b2222dde71
Content-Security-Policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval' blob:; connect-src * 'unsafe-inline' wss:; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Thu, 21 Mar 2024 07:12:27 GMT
Last-Modified
Tue, 19 Sep 2023 23:05:45 GMT
ETag
2f56492b8ab84cf8b4633a3e98107fdb
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Content-Disposition
inline; filename="vac-600x400.jpg"
Accept-Ranges
bytes
Content-Length
15320
X-XSS-Protection
1; mode=block
Expires
Thu, 28 Mar 2024 07:12:28 GMT
3m-activ-a-c-therapy-unit-with-3m-coban-2-two-layer-compression-system-photo-4.jpg
multimedia.3m.com/mws/media/2092356V/
19 KB
20 KB
Image
General
Full URL
https://multimedia.3m.com/mws/media/2092356V/3m-activ-a-c-therapy-unit-with-3m-coban-2-two-layer-compression-system-photo-4.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:888::1e28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
653cffc7bf95bb2a8d284361b0ae67fdb2bc8b6e52033624b515b02eace01693
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 07:12:27 GMT
last-modified
Mon, 02 Oct 2023 10:46:36 GMT
server
Akamai Image Manager
x-frame-options
SAMEORIGIN
edge-cache-tag
multimedia-2092356
content-type
image/avif
access-control-allow-origin
access-control-expose-headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
cache-control
private, no-transform, max-age=43200
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1711005147856_388276615_2262770827_171_10419_6_14_219";dur=1
content-length
19593
expires
Thu, 21 Mar 2024 19:12:27 GMT
okta3mlogo.svg
3mexpresstherapyportal.com/
8 KB
4 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/okta3mlogo.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
700a3a9ce28fd2a57ac84ce6d2bfa4835a74696b9a05b101447f106e04780789
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 07:12:27 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 04 Mar 2024 14:08:34 GMT
Server
Microsoft-IIS/10.0
ETag
"0ddab713d6eda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3293
openid-configuration
3mhealth-ciam.okta.com/oauth2/default/.well-known/
3 KB
5 KB
Fetch
General
Full URL
https://3mhealth-ciam.okta.com/oauth2/default/.well-known/openid-configuration
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/js/main.fdc86a60.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.94.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2fa66f64ceb4916ba94950dd0855a654953625655d1c498863e2aad748b08510
Security Headers
Name Value
Content-Security-Policy default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://3mexpresstherapyportal.com/
X-Okta-User-Agent-Extended
okta-auth-js/7.0.2 okta-signin-widget-7.16.1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

x-okta-request-id
e3d1d2afc8dddd557122c3648ba07419
date
Thu, 21 Mar 2024 07:12:28 GMT
content-security-policy
default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=315360000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin, Origin
p3p
CP="HONK"
content-type
application/json
access-control-allow-origin
https://3mexpresstherapyportal.com
cache-control
max-age=86400, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Fri, 22 Mar 2024 07:12:28 GMT
openid-configuration
3mhealth-ciam.okta.com/oauth2/default/.well-known/
0
0
Preflight
General
Full URL
https://3mhealth-ciam.okta.com/oauth2/default/.well-known/openid-configuration
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.94.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://3mexpresstherapyportal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-okta-user-agent-extended
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://3mexpresstherapyportal.com
access-control-max-age
3600
content-length
0
content-type
application/octet-stream
date
Thu, 21 Mar 2024 07:12:28 GMT
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
vary
Origin
x-okta-request-id
3e45d5be08d237edfc8b3521f11ad707
facebook.c16de08bcf2a22f962aca6f47b164b0e.svg
3mexpresstherapyportal.com/static/media/
492 B
1 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/static/media/facebook.c16de08bcf2a22f962aca6f47b164b0e.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ceadf77135ddbab89af6b4ddee18e95db3c328e51f22b5b62cacbee83bef7e38
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 07:12:27 GMT
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 04 Mar 2024 14:13:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0d3f21a3e6eda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
492
instagram.590a62b965d6db6a6e27ecbe88fb47a4.svg
3mexpresstherapyportal.com/static/media/
3 KB
2 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/static/media/instagram.590a62b965d6db6a6e27ecbe88fb47a4.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c992f606d9539803e706326f32adb3372848351aa86c3ae2fd123b7873423916
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 07:12:27 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 04 Mar 2024 14:13:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0d3f21a3e6eda1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1155
linkedin.e5bb3ff1d9895aa03d6ae4f1b80177ad.svg
3mexpresstherapyportal.com/static/media/
834 B
1 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/static/media/linkedin.e5bb3ff1d9895aa03d6ae4f1b80177ad.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4abf01531297b5c28ca1915eb1d518796e25ebf974eabed7acbcfa3416ddd390
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 07:12:27 GMT
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 04 Mar 2024 14:13:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0d3f21a3e6eda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
834
twitter.db8bf7e978e6d40f9846c892eb16430a.svg
3mexpresstherapyportal.com/static/media/
1 KB
2 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/static/media/twitter.db8bf7e978e6d40f9846c892eb16430a.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
370d4dee01c16046d6e7878a0e793040a48d1fdae342483f427f7c93c0a17a25
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 07:12:27 GMT
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 04 Mar 2024 14:13:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0d3f21a3e6eda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1392
youtube.c2827f796bb792d1d76d9baf0abd34eb.svg
3mexpresstherapyportal.com/static/media/
930 B
2 KB
Image
General
Full URL
https://3mexpresstherapyportal.com/static/media/youtube.c2827f796bb792d1d76d9baf0abd34eb.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.250.160 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f1106d035ff20091a2b867ff4f6c81300faca3805a89d2bdac622e0efd80a170
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3mexpresstherapyportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 07:12:27 GMT
Content-Security-Policy
frame-ancestors 'self';
Last-Modified
Mon, 04 Mar 2024 14:13:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0d3f21a3e6eda1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
930
interact
3mhealth-ciam.okta.com/oauth2/default/v1/
1 KB
3 KB
Fetch
General
Full URL
https://3mhealth-ciam.okta.com/oauth2/default/v1/interact
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/js/main.fdc86a60.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.94.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
b99b4a8555269344b12338084b4cfc0a5091897767e63e4d6713dcccfafff8cd
Security Headers
Name Value
Content-Security-Policy default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://3mexpresstherapyportal.com/
X-Okta-User-Agent-Extended
okta-auth-js/7.0.2 okta-signin-widget-7.16.1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-okta-request-id
c1846727db05ff625502c7027a4ac6cc
date
Thu, 21 Mar 2024 07:12:29 GMT
content-security-policy
default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit
1200
x-content-type-options
nosniff
x-rate-limit-remaining
1199
strict-transport-security
max-age=315360000; includeSubDomains
p3p
CP="HONK"
x-xss-protection
0
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
content-type
application/json
access-control-allow-origin
https://3mexpresstherapyportal.com
x-rate-limit-reset
1711005209
access-control-allow-credentials
true
cache-control
no-cache, no-store
x-robots-tag
noindex,nofollow
access-control-allow-headers
Content-Type
expires
0
interact
3mhealth-ciam.okta.com/oauth2/default/v1/
0
0
Preflight
General
Full URL
https://3mhealth-ciam.okta.com/oauth2/default/v1/interact
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.94.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-okta-user-agent-extended
Access-Control-Request-Method
POST
Origin
https://3mexpresstherapyportal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
x-okta-user-agent-extended,Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://3mexpresstherapyportal.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control
no-cache, no-store
content-length
0
content-security-policy
default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
date
Thu, 21 Mar 2024 07:12:28 GMT
expires
0
p3p
CP="HONK"
pragma
no-cache
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
vary
Origin
x-frame-options
SAMEORIGIN
x-okta-request-id
abce245c688ff25efb928ad80791c701
x-rate-limit-limit
10000
x-rate-limit-remaining
9999
x-rate-limit-reset
1711005208
x-robots-tag
noindex,nofollow
x-xss-protection
0
introspect
3mhealth-ciam.okta.com/idp/idx/
13 KB
15 KB
Fetch
General
Full URL
https://3mhealth-ciam.okta.com/idp/idx/introspect
Requested by
Host: 3mexpresstherapyportal.com
URL: https://3mexpresstherapyportal.com/static/js/main.fdc86a60.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.94.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e8b8afa2a13ac513f98becee4bf3b291b5a954054f6e610c240d91bbe06b31d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce; report-to csp
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/ion+json; okta-version=1.0.0
Referer
https://3mexpresstherapyportal.com/
X-Okta-User-Agent-Extended
okta-auth-js/7.0.2 okta-signin-widget-7.16.1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/ion+json; okta-version=1.0.0

Response headers

x-okta-request-id
dd5f1a03bd6e9186b9d40378481be83d
date
Thu, 21 Mar 2024 07:12:29 GMT
content-security-policy
default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce; report-to csp
x-rate-limit-limit
2000
x-content-type-options
nosniff
x-rate-limit-remaining
1999
strict-transport-security
max-age=315360000; includeSubDomains
p3p
CP="HONK"
x-xss-protection
0
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Platform-Version
vary
Origin
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://oktacsp.report-uri.com/a/t/g"}],"include_subdomains":true}
content-type
application/ion+json;okta-version=1.0.0
access-control-allow-origin
https://3mexpresstherapyportal.com
x-rate-limit-reset
1711005209
access-control-allow-credentials
true
cache-control
no-cache, no-store
x-robots-tag
noindex,nofollow
expires
0
introspect
3mhealth-ciam.okta.com/idp/idx/
0
0
Preflight
General
Full URL
https://3mhealth-ciam.okta.com/idp/idx/introspect
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.94.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a95f94dcbb67173ac.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
POST
Origin
https://3mexpresstherapyportal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://3mexpresstherapyportal.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control
no-cache, no-store
content-length
0
content-security-policy
default-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com; connect-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com 3mhealth-ciam.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 3mhealth-ciam.okta.com *.oktacdn.com; frame-src 'self' 3mhealth-ciam.okta.com 3mhealth-ciam-admin.okta.com login.okta.com com-okta-authenticator:; img-src 'self' 3mhealth-ciam.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' 3mhealth-ciam.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
date
Thu, 21 Mar 2024 07:12:29 GMT
expires
0
p3p
CP="HONK"
pragma
no-cache
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
vary
Origin
x-frame-options
SAMEORIGIN
x-okta-request-id
127253cbfc680bba3bef0b15eb486cbc
x-rate-limit-limit
10000
x-rate-limit-remaining
9998
x-rate-limit-reset
1711005208
x-robots-tag
noindex,nofollow
x-xss-protection
0
checkbox-sign-in-widget.png
global.oktacdn.com/okta-signin-widget/7.2.0/img/ui/forms/
3 KB
4 KB
Image
General
Full URL
https://global.oktacdn.com/okta-signin-widget/7.2.0/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.2.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-2.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://global.oktacdn.com/okta-signin-widget/7.2.0/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
g.eic_YA8zs9TQ_XbHHmadC5UvFEvB5m
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 07:12:31 GMT
via
1.1 6af229f397d391cfa25045f944cba714.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3141
last-modified
Thu, 05 Jan 2023 19:03:51 GMT
server
AmazonS3
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
UlzNb2KcSWBbauL-Mwpg3GZHUHq6P-i8gsMCBmzO6oZ7X8HSZbkUrw==
montserrat-okta-light-webfont.woff
global.oktacdn.com/okta-signin-widget/7.2.0/font/
22 KB
22 KB
Font
General
Full URL
https://global.oktacdn.com/okta-signin-widget/7.2.0/font/montserrat-okta-light-webfont.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.2.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-2.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

Referer
https://global.oktacdn.com/okta-signin-widget/7.2.0/css/okta-sign-in.min.css
Origin
https://3mexpresstherapyportal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
jCGi4UHNXnTf3scnAKQZAY9olTaEhs1M
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 07:12:31 GMT
via
1.1 50d1552804e5c5074606d2b5a0eb8ef8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
22112
last-modified
Thu, 05 Jan 2023 19:03:51 GMT
server
AmazonS3
etag
"6225f3ca44b83090833064727a09cc95"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
GP017RczcDvYZm6Is63hePtA-hsAk8i5kV6HuNRijpb758YnE0g9uQ==

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ScanbotSDK object| webpackChunkexpress_2_0 object| regeneratorRuntime function| jQueryCourage object| u2f

1 Cookies

Domain/Path Name / Value
3mhealth-ciam.okta.com/ Name: DT
Value: DI1R2mbb-uQQE2q9U663S-DPg

2 Console Messages

Source Level URL
Text
other warning URL: https://3mexpresstherapyportal.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://3mexpresstherapyportal.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3mecontentmanagerprod.azurewebsites.net
3mexpresstherapyportal.com
3mhealth-ciam.okta.com
cdn.jsdelivr.net
global.oktacdn.com
multimedia.3m.com
www.acelity.com
13.35.58.2
20.119.0.21
2606:4700::6810:5914
2a02:26f0:3500:888::1e28
40.117.180.169
52.152.250.160
76.223.94.4
09a9031f6eea704018b1c01269675c990f7615dc207f49a6339f03a38604f47e
2fa66f64ceb4916ba94950dd0855a654953625655d1c498863e2aad748b08510
370d4dee01c16046d6e7878a0e793040a48d1fdae342483f427f7c93c0a17a25
3eab21af365e5870b20fe01d940e81954c8a0ebc8b5fd364bbe56130bba71df8
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
43a49edbcfad0f14d647b03397cc4c4572d154cca0d01342ee606af43077dc42
4abf01531297b5c28ca1915eb1d518796e25ebf974eabed7acbcfa3416ddd390
5cba44b9232305b5b7b8b135c5da61c8e69a7d77699d234b235f83281fd3b553
5ce38444a92aa9f7bde0909102d6aac7eb45cfbccf0c37a476dfa6794beee04f
653cffc7bf95bb2a8d284361b0ae67fdb2bc8b6e52033624b515b02eace01693
67640e61d2219e7668a6535fae6ebc11b32de192ec05c1b42ce9fcdc51aff6b2
6fc19a761a023d8ac89b0d21f34bdd20d25f3eb9a707a042f0b867ee07d929a6
700a3a9ce28fd2a57ac84ce6d2bfa4835a74696b9a05b101447f106e04780789
93798d77d50e7a373a1bb3ebc34ada4aad6ed3563b36a7acbb46f020e0db3700
9740e93a8d89420a89a8eb08be8dc38790c387115ab965c6c2e630a9c4c45c8e
b99b4a8555269344b12338084b4cfc0a5091897767e63e4d6713dcccfafff8cd
c992f606d9539803e706326f32adb3372848351aa86c3ae2fd123b7873423916
caa80027217ce895df9a0d52725a9c33569a8bfaa1faf1a9d87e4da98b71a04d
ceadf77135ddbab89af6b4ddee18e95db3c328e51f22b5b62cacbee83bef7e38
d03f4120c41260c96df637d7e65f24f3bf4a135c1e4d1186d6d9b04e9cc28d0f
d9a744c80350f858b0c6beeb485f2c8d3a319352d260f52be36c046886e962a8
de8fa52da1f9eb9d8ff6afd37efa54a44ddb6ac6c9598414e487c0cb9f705273
e5e916286be78461a2b926815728e152f332c63a3642a2212e0ae1c476550252
e8b8afa2a13ac513f98becee4bf3b291b5a954054f6e610c240d91bbe06b31d6
eec6ebd97dbb0bb80d9b3971e353a5847d77374842b7788c10dd691ab58138aa
f1106d035ff20091a2b867ff4f6c81300faca3805a89d2bdac622e0efd80a170
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace