urlscan.io logo urlscan.io
SecurityTrails logo

auth.firefly.health Open in urlscan Pro
2606:4700::6813:a718  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forms-ui.i.firefly.health/
Effective URL: https://auth.firefly.health/u/login?state=hKFo2SBkanpNMi1LVW8zeUlvTFFPeS12ZTMwem5wRnFza2J3d6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIE...
Submission: On November 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 13 HTTP transactions. The main IP is 2606:4700::6813:a718, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.firefly.health.
TLS certificate: Issued by E1 on October 24th 2023. Valid for: 3 months.
This is the only time auth.firefly.health was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3.162.163.85 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.84.125.116 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1f18:24e... 14618 (AMAZON-AES)
1 2600:9000:261... 16509 (AMAZON-02)
2 2600:9000:202... 16509 (AMAZON-02)
1 52.216.152.192 16509 (AMAZON-02)
13 10
3    3.162.163.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-163-85.ord56.r.cloudfront.net
forms-ui.i.firefly.health
1    2607:f8b0:4006:80a::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    52.84.125.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-125-116.ord53.r.cloudfront.net
cdn.form.io
2    2606:4700::6813:a718 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.firefly.health
1    2600:1f18:24e6:b900:ee61:5258:2d1d:3bd4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
1    2600:9000:2616:3800:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
2    2600:9000:2029:bc00:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets-global.website-files.com
1    52.216.152.192 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
fireflyhealth-assets-static.s3.us-east-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
5 firefly.health
forms-ui.i.firefly.health
auth.firefly.health
3 MB
2 website-files.com
assets-global.website-files.com — Cisco Umbrella Rank: 6538
23 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914
29 KB
1 amazonaws.com
fireflyhealth-assets-static.s3.us-east-1.amazonaws.com
294 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 7121
62 KB
1 browser-intake-datadoghq.com
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 1980
1 form.io
cdn.form.io — Cisco Umbrella Rank: 110299
75 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1011 B
13 8
Domain Requested by
3 forms-ui.i.firefly.health forms-ui.i.firefly.health
2 assets-global.website-files.com auth.firefly.health
2 auth.firefly.health 1 redirects forms-ui.i.firefly.health
2 stackpath.bootstrapcdn.com forms-ui.i.firefly.health
1 fireflyhealth-assets-static.s3.us-east-1.amazonaws.com auth.firefly.health
1 cdn.auth0.com auth.firefly.health
1 rum.browser-intake-datadoghq.com forms-ui.i.firefly.health
1 cdn.form.io forms-ui.i.firefly.health
1 fonts.googleapis.com forms-ui.i.firefly.health
13 9

This site contains no links.

Subject Issuer Validity Valid
forms-ui.i.firefly.health
Amazon RSA 2048 M02		 2023-11-28 -
2024-12-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.form.io
Amazon RSA 2048 M02		 2023-11-16 -
2024-12-13		 a year crt.sh
auth.firefly.health
E1		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-17 -
2024-06-18		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
*.website-files.com
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-08		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.firefly.health/u/login?state=hKFo2SBkanpNMi1LVW8zeUlvTFFPeS12ZTMwem5wRnFza2J3d6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExPajBVM2l3d19xVGFCclg3U1E2RXFzRU9mR2R4M3J5o2NpZNkgZEl2SU9Nbk9pYTZzM2JoSTBPR3V4Q09YMmVPWW5NZDc
Frame ID: 5D5868B8F71A7B39E634009E16B84D53
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | Forms UI

Page URL History Show full URLs

  1. https://forms-ui.i.firefly.health/ Page URL
  2. https://auth.firefly.health/authorize?client_id=dIvIOMnOia6s3bhI0OGuxCOX2eOYnMd7&redirect_uri=https%3A%2... HTTP 302
    https://auth.firefly.health/u/login?state=hKFo2SBkanpNMi1LVW8zeUlvTFFPeS12ZTMwem5wRnFza2J3d6Fur3VuaXZlcn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

10
IPs

1
Countries

3397 kB
Transfer

3734 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forms-ui.i.firefly.health/ Page URL
  2. https://auth.firefly.health/authorize?client_id=dIvIOMnOia6s3bhI0OGuxCOX2eOYnMd7&redirect_uri=https%3A%2F%2Fforms-ui.i.firefly.health&scope=openid%20profile%20email&response_type=code&response_mode=query&state=bWl%2BMmtGb054RWZuLmQxUDBsRFQ0MVA3TWFtUWd5cGI1SWFJWURCfkgzTQ%3D%3D&nonce=VzBjUX5VVHdjNzlJQmpPbDRQZ0hpVkJQSS0wTXMzM0hjaDlGS1lpUW01WA%3D%3D&code_challenge=NSaYZ8x8inUjGrwAFIO1aBzsDpXnLGgrX7DdOBWxz40&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS4xMi4xIn0%3D HTTP 302
    https://auth.firefly.health/u/login?state=hKFo2SBkanpNMi1LVW8zeUlvTFFPeS12ZTMwem5wRnFza2J3d6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExPajBVM2l3d19xVGFCclg3U1E2RXFzRU9mR2R4M3J5o2NpZNkgZEl2SU9Nbk9pYTZzM2JoSTBPR3V4Q09YMmVPWW5NZDc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
forms-ui.i.firefly.health/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forms-ui.i.firefly.health/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.163.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-163-85.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39a4ecbdedca4224d1fb1b1a3e324826738456254e31e934e7506a14cb1281e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
1196
content-type
text/html
date
Wed, 29 Nov 2023 00:48:29 GMT
etag
"145681c549ec36dfa8445cea5a746b5f"
last-modified
Tue, 28 Nov 2023 19:40:06 GMT
server
AmazonS3
via
1.1 0f6a4426b676591cbd174e7f5747f762.cloudfront.net (CloudFront)
x-amz-cf-id
DWKllMb27nycl_nMxGSe7ybcugPce-lLP1vsN74tn66bHy5qUkEAEQ==
x-amz-cf-pop
ORD56-P8
x-amz-server-side-encryption
aws:kms
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-2:127699512125:key/4d71159d-1f18-4b20-bbc8-c9db916cde97
x-amz-server-side-encryption-bucket-key-enabled
true
x-amz-version-id
lP5QpKp75WtGLD28tZqm2176wbOoG45X
x-cache
Miss from cloudfront
css
fonts.googleapis.com/ 		2 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+3
Requested by
Host: forms-ui.i.firefly.health
URL: https://forms-ui.i.firefly.health/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0cad13095d4a1dd6c5cd9ec3accd7a782b7b66dd8273e3d0e93a6ab5201670bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms-ui.i.firefly.health/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 00:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 00:48:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 00:48:28 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: forms-ui.i.firefly.health
URL: https://forms-ui.i.firefly.health/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms-ui.i.firefly.health/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 00:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
871
age
391220
cdn-cachedat
10/31/2023 18:51:50
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
086aa50bbc233f2ae34411d111593456
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
82d6d860ff1b4bcd-BUF
cdn-requestpullsuccess
True
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: forms-ui.i.firefly.health
URL: https://forms-ui.i.firefly.health/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms-ui.i.firefly.health/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 00:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
984
age
501115
cdn-cachedat
06/19/2023 03:09:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b152273781d04cefcdadaf3c85006c3b
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
82d6d860ff1c4bcd-BUF
cdn-requestpullsuccess
True
formio.full.min.css
cdn.form.io/formiojs/ 		74 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.form.io/formiojs/formio.full.min.css
Requested by
Host: forms-ui.i.firefly.health
URL: https://forms-ui.i.firefly.health/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.125.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-125-116.ord53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b29b623bd33d2caba93fb46c3660639061e55ee0c000ee57fc8b1730e4fef3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms-ui.i.firefly.health/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 03:35:37 GMT
via
1.1 f278d4328465ffddb27d4fe0ff8cd9a4.cloudfront.net (CloudFront)
last-modified
Wed, 11 Oct 2023 16:52:26 GMT
server
AmazonS3
x-amz-cf-pop
ORD53-C1
age
76378
etag
"169a3d43ce717f0721218d0e222d3adf"
x-cache
Hit from cloudfront
content-type
text/css
content-length
76025
x-amz-cf-id
nYYokP7K_fImfwywJ9sjIlmOf5uEra_LcydgsAhffXNUuRETtAf3ng==
main.67780302.js
forms-ui.i.firefly.health/static/js/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms-ui.i.firefly.health/static/js/main.67780302.js
Requested by
Host: forms-ui.i.firefly.health
URL: https://forms-ui.i.firefly.health/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.163.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-163-85.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f2347c5e8ee2ed7849a0df3b68ce2d164b4b37a0930de080469464e1ca68ac9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms-ui.i.firefly.health/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 00:48:29 GMT
x-amz-version-id
xnXwnRxsl8VYoWDLhfEU4kYEHQzFFmmd
via
1.1 0f6a4426b676591cbd174e7f5747f762.cloudfront.net (CloudFront)
last-modified
Tue, 28 Nov 2023 19:40:08 GMT
server
AmazonS3
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-2:127699512125:key/4d71159d-1f18-4b20-bbc8-c9db916cde97
x-amz-cf-pop
ORD56-P8
etag
"006f97c24129569b1d75e777eb0508d2"
x-amz-server-side-encryption
aws:kms
x-cache
Miss from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
2900507
x-amz-cf-id
xB3xJuUqiKy3Y8RLabttLUNQ9I-RLcPqXbVU3WhYAgtvW3DhdBtgNg==
x-amz-server-side-encryption-bucket-key-enabled
true
main.8f85ddc1.css
forms-ui.i.firefly.health/static/css/ 		52 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forms-ui.i.firefly.health/static/css/main.8f85ddc1.css
Requested by
Host: forms-ui.i.firefly.health
URL: https://forms-ui.i.firefly.health/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.163.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-163-85.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ed3af6e418ad2aefbf098c3ef891cde957ae0629958baa9e73dac467d9be13a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://forms-ui.i.firefly.health/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 00:48:29 GMT
x-amz-version-id
bMi44GNjNPEOi0MOSSv418t3ZLRhOzpV
via
1.1 0f6a4426b676591cbd174e7f5747f762.cloudfront.net (CloudFront)
last-modified
Tue, 28 Nov 2023 19:40:07 GMT
server
AmazonS3
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-2:127699512125:key/4d71159d-1f18-4b20-bbc8-c9db916cde97
x-amz-cf-pop
ORD56-P8
etag
"d09d990f2bb1037599d7d777c537ecf1"
x-amz-server-side-encryption
aws:kms
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
53445
x-amz-cf-id
M7LHrP8mIpOZitmMGjXblv-qq--NQLCmvZURxRGUOnxhNJdXqr68MA==
x-amz-server-side-encryption-bucket-key-enabled
true
Primary Request login
auth.firefly.health/u/
Redirect Chain
  • https://auth.firefly.health/authorize?client_id=dIvIOMnOia6s3bhI0OGuxCOX2eOYnMd7&redirect_uri=https%3A%2F%2Fforms-ui.i.firefly.health&scope=openid%20profile%20email&response_type=code&response_mode...
  • https://auth.firefly.health/u/login?state=hKFo2SBkanpNMi1LVW8zeUlvTFFPeS12ZTMwem5wRnFza2J3d6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExPajBVM2l3d19xVGFCclg3U1E2RXFzRU9mR2R4M3J5o2NpZNkgZEl2SU9Nbk9pYTZzM2JoSTB...
22 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.firefly.health/u/login?state=hKFo2SBkanpNMi1LVW8zeUlvTFFPeS12ZTMwem5wRnFza2J3d6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExPajBVM2l3d19xVGFCclg3U1E2RXFzRU9mR2R4M3J5o2NpZNkgZEl2SU9Nbk9pYTZzM2JoSTBPR3V4Q09YMmVPWW5NZDc
Requested by
Host: forms-ui.i.firefly.health
URL: https://forms-ui.i.firefly.health/static/js/main.67780302.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a718 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c8a5e9146d7a90cbd2f2912f65ea5f3bedbc0f1aace46c7c751c2344c509a15
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forms-ui.i.firefly.health/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
82d6d8689f814bbd-BUF
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 29 Nov 2023 00:48:29 GMT
etag
W/"5662-TNVJ1QTaQiZbRrZd0fEZHbbBizc"
expires
Wed, 29 Nov 2023 00:48:29 GMT
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-dl
121
x-auth0-requestid
e6dfdd60cacec569c49d
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1701218916
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
82d6d8668f724bbd-BUF
content-length
424
content-type
text/html; charset=utf-8
date
Wed, 29 Nov 2023 00:48:29 GMT
location
/u/login?state=hKFo2SBkanpNMi1LVW8zeUlvTFFPeS12ZTMwem5wRnFza2J3d6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExPajBVM2l3d19xVGFCclg3U1E2RXFzRU9mR2R4M3J5o2NpZNkgZEl2SU9Nbk9pYTZzM2JoSTBPR3V4Q09YMmVPWW5NZDc
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
98096f8d2cf175474ba6
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1701218910
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.19.0%2Cenv%3Aprod%2Cservice%3Aforms-ui%2Cversion%3A0.1.0&dd-api-key=pub1fbb50abb738a117bfe4fba44c6007aa&dd-evp-origin-version=4.19.0&dd-evp-origin=browser&dd-request-id=14a6b80c-b9aa-49d7-8112-17d679e208c2&batch_time=1701218909089
Requested by
Host: forms-ui.i.firefly.health
URL: https://forms-ui.i.firefly.health/static/js/main.67780302.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:ee61:5258:2d1d:3bd4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://forms-ui.i.firefly.health/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.82.34/css/ 		263 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.82.34/css/main.cdn.min.css
Requested by
Host: auth.firefly.health
URL: https://auth.firefly.health/u/login?state=hKFo2SBkanpNMi1LVW8zeUlvTFFPeS12ZTMwem5wRnFza2J3d6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExPajBVM2l3d19xVGFCclg3U1E2RXFzRU9mR2R4M3J5o2NpZNkgZEl2SU9Nbk9pYTZzM2JoSTBPR3V4Q09YMmVPWW5NZDc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2616:3800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e402e7fd8be199fc19bb216e51ef20b0e0b685520919efeabf5f59fdb00dfbde
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
vn7fjvGq_4qkXMZqKXG06DVPfnG1HmEG
content-encoding
gzip
via
1.1 4ce7820043470844432b463359690f4c.cloudfront.net (CloudFront)
date
Tue, 28 Nov 2023 16:50:38 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
ORD56-P8
age
28673
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Fri, 17 Nov 2023 18:26:27 GMT
server
AmazonS3
etag
W/"aaa7d223fe8edf4885e4e1c35ebfaeaa"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2628000,public
x-robots-tag
noindex
x-amz-cf-id
TzTJQQcsimcZ4Blysop2jTP4ZnZ_P7A6-izM7irpF8HK1KJXSbUnLQ==
5f919342cc3bde48f5c1ee49_Firefly_dark_logo.svg
assets-global.website-files.com/5d716cb24df04f7b3f7913e2/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5d716cb24df04f7b3f7913e2/5f919342cc3bde48f5c1ee49_Firefly_dark_logo.svg
Requested by
Host: auth.firefly.health
URL: https://auth.firefly.health/u/login?state=hKFo2SBkanpNMi1LVW8zeUlvTFFPeS12ZTMwem5wRnFza2J3d6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExPajBVM2l3d19xVGFCclg3U1E2RXFzRU9mR2R4M3J5o2NpZNkgZEl2SU9Nbk9pYTZzM2JoSTBPR3V4Q09YMmVPWW5NZDc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2029:bc00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37fa2f90b66bf8f2844ce6930a8539fdcb2a71a7ea86cc3a42e972f4c8728af0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 01:20:43 GMT
x-amz-version-id
pknYU7x.6qkPxalM5P7PecOt_4..0xVt
content-encoding
br
via
1.1 f26542ad27191d9a36a453712d4b7c3e.cloudfront.net (CloudFront)
age
10538867
x-amz-cf-pop
ORD51-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 22 Oct 2020 14:12:20 GMT
server
AmazonS3
etag
W/"61026cb6964d50e54203f04b4458157b"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
x-amz-cf-id
iRu-c78F3JiJF0AhTasRZH9hgs1w9P_NwVqRIw_Wm4Q9z0yUY_NVHg==
63ecfe582bacb522bb963d28_jumpcloud-logo-small.png
assets-global.website-files.com/5d716cb24df04f7b3f7913e2/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/5d716cb24df04f7b3f7913e2/63ecfe582bacb522bb963d28_jumpcloud-logo-small.png
Requested by
Host: auth.firefly.health
URL: https://auth.firefly.health/u/login?state=hKFo2SBkanpNMi1LVW8zeUlvTFFPeS12ZTMwem5wRnFza2J3d6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExPajBVM2l3d19xVGFCclg3U1E2RXFzRU9mR2R4M3J5o2NpZNkgZEl2SU9Nbk9pYTZzM2JoSTBPR3V4Q09YMmVPWW5NZDc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2029:bc00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05ac8d0156e33113e6d503cd11aabf2196ea02da111a70b74235db9bd410aec0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:00:22 GMT
x-amz-version-id
cnMv_amPaw6RZ.vJTELDjXPvtRFgiPCb
via
1.1 f26542ad27191d9a36a453712d4b7c3e.cloudfront.net (CloudFront)
age
114488
x-amz-cf-pop
ORD51-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21769
last-modified
Wed, 15 Feb 2023 15:46:35 GMT
server
AmazonS3
etag
"c227eb19b33dfb67603c9c34ee9beac7"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
TXF-2qagIBoyTNejtqgTjh_dN5vK0jgeAZovcuuzCP3imgTTRGRv1w==
truncated
/ 		650 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aaf1eac584819e98c7f78a20216bd2fb10ee29e10b290983bc0fa82d0f293bce

Request headers

Referer
Origin
https://auth.firefly.health
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
auth0.png
fireflyhealth-assets-static.s3.us-east-1.amazonaws.com/ 		294 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fireflyhealth-assets-static.s3.us-east-1.amazonaws.com/auth0.png
Requested by
Host: auth.firefly.health
URL: https://auth.firefly.health/u/login?state=hKFo2SBkanpNMi1LVW8zeUlvTFFPeS12ZTMwem5wRnFza2J3d6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExPajBVM2l3d19xVGFCclg3U1E2RXFzRU9mR2R4M3J5o2NpZNkgZEl2SU9Nbk9pYTZzM2JoSTBPR3V4Q09YMmVPWW5NZDc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.152.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
05e57b37adc00bb91cd4b18c9fe273214512f7b99121725ea4a50b253e9aad30

Request headers

accept-language
en-US,en;q=0.9
Referer
https://auth.firefly.health/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 00:48:31 GMT
x-amz-version-id
null
Last-Modified
Fri, 25 Jun 2021 18:59:54 GMT
Server
AmazonS3
x-amz-request-id
DDA5362CQCJQM25C
ETag
"ca4ca27d60a19dfeac075d198176ee3d"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
301015
x-amz-id-2
u0ZKKoW+xw3Y8Fl7tPpHu01DGw4OakTyN24hBvPjr8Gf2IjG0O4yxoN1MWn65LsKzT0RZfswI64=

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

5 Cookies

Domain/Path Name / Value
forms-ui.i.firefly.health/ Name: _dd_s
Value: rum=1&id=6eaba997-cb15-42a9-8c09-fd861bf72a80&created=1701218909029&expire=1701219809029
auth.firefly.health/ Name: did
Value: s%3Av0%3A03508d91-8e51-11ee-bca8-fb135bbe8894.c1NG6WdVGNuTXqPZTXFFGBbAoLf1Z0YUkh2xfjGdG48
auth.firefly.health/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQHawUBSE1CWIo6qrfQRnKyvvJTENP3qbOojbzf2lgmfOnwM-jE7C5vr69o3gnpqNHkBzhxpqyjgRRfIzuJ6he6-mY29va2llg6dleHBpcmVz1_9zJ_sAZWp-3a5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Rm5DepLiVYmAwhrEz79Jh0p1I0fGybuJDLcVeoPsW8k
auth.firefly.health/ Name: did_compat
Value: s%3Av0%3A03508d91-8e51-11ee-bca8-fb135bbe8894.c1NG6WdVGNuTXqPZTXFFGBbAoLf1Z0YUkh2xfjGdG48
auth.firefly.health/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQHawUBSE1CWIo6qrfQRnKyvvJTENP3qbOojbzf2lgmfOnwM-jE7C5vr69o3gnpqNHkBzhxpqyjgRRfIzuJ6he6-mY29va2llg6dleHBpcmVz1_9zJ_sAZWp-3a5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.Rm5DepLiVYmAwhrEz79Jh0p1I0fGybuJDLcVeoPsW8k