Please see the attached for the 3rd party vulnerability scan:
89556-livingdonorportalcom-detailed-scan-report-002.pdf
Request
GET https://www.livingdonorportal.com/portal-admin/patient-directory HTTP/1.1 (FYI this url is currently not open to the public until we sort out this issue)
Origin: https://www.livingdonorportal.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.39
45. 0 Safari/537.36
Sec-Fetch-User: ?1
Referer: https://www.livingdonorportal.com/
Cookie: ASP.NET_SessionId=cdf3zhoktpielz0ryxc2pfh2; CMSPreferredCulture=en-CA; .ASPXFORMSAUTH=CBE516
990AC28B452DAF630AF543B266894ACEC68F4F7FC2205721DF47EBF9D73EC250EE263503C4FD1D34DB4C4C4BB557ED69A2D1
7964FEA07F0535331455F11094F1BD4751A7CABFC1A017612F427C8C13A174FB4F86C9BE27134E827CC370C2E4AE55861436
2A524E0C168509CE39DEEB587924C9BE825DC8D617EA6E57AF; CMSPreferredUICulture=en-US; CMSViewMode=0
Response
Response Time (ms) : 0 Total Bytes Received : 64668 Body Length : 64340 Is Compressed : No
HTTP/1.1 200 OK
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-UA-Compatible: IE=Edge
X-Frame-Options: SAMEORIGIN
Date: Tue, 30 Mar 2021 20:57:46 GMT
Cache-Control: private, no-store, must-revalidate
content-type: text/html; charset=utf-8
content-HTTP/1.1 200 OK
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-UA-Compatible: IE=Edge
X-Frame-Options: SAMEORIGIN
Date: Tue, 30 Mar 2021 20:57:46 GMT
Cache-Control: private, no-store