urlscan.io logo urlscan.io
SecurityTrails logo

recoverhelp.werally.com Open in urlscan Pro
85.222.140.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://recoverhelp.werally.com/
Effective URL: https://recoverhelp.werally.com/s/
Submission: On July 26 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 85.222.140.11, located in Dublin, Ireland and belongs to SALESFORCE, US. The main domain is recoverhelp.werally.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 7th 2022. Valid for: a year.
This is the only time recoverhelp.werally.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 85.222.140.11 14340 (SALESFORCE)
1 13.225.83.103 16509 (AMAZON-02)
1 149.126.77.158 19551 (INCAPSULA)
1 2600:1f18:24e... 14618 (AMAZON-AES)
1 2600:1f18:24e... 14618 (AMAZON-AES)
21 6
17    85.222.140.11 (Dublin, Ireland)

ASN14340 (SALESFORCE, US)
PTR: sledge3-fra.slb.sfdcsvc.net
recoverhelp.werally.com
1    13.225.83.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-103.fra2.r.cloudfront.net
www.datadoghq-browser-agent.com
1    149.126.77.158 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.158.ip.incapdns.net
www.rallyhealth.com
1    2600:1f18:24e6:b900:3b56:55e9:1bb7:a431 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
session-replay.browser-intake-datadoghq.com
1    2600:1f18:24e6:b902:396c:5768:f8c3:756e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
Apex Domain
Subdomains		 Transfer
17 werally.com
recoverhelp.werally.com
2 MB
2 browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 7041
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2166
610 B
1 rallyhealth.com
www.rallyhealth.com — Cisco Umbrella Rank: 575869
4 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1828
45 KB
21 4
Domain Requested by
17 recoverhelp.werally.com 1 redirects recoverhelp.werally.com
www.datadoghq-browser-agent.com
1 rum.browser-intake-datadoghq.com www.datadoghq-browser-agent.com
1 session-replay.browser-intake-datadoghq.com www.datadoghq-browser-agent.com
1 www.rallyhealth.com recoverhelp.werally.com
1 www.datadoghq-browser-agent.com recoverhelp.werally.com
21 5

This site contains links to these domains. Also see Links.

Domain
www.werally.com
www.rallyhealth.com
Subject Issuer Validity Valid
support.werally.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-07 -
2023-08-07		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
*.rallyhealth.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-15 -
2024-04-14		 a year crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-17 -
2024-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://recoverhelp.werally.com/s/
Frame ID: E2C46900E1A44FD599B66B62EAA44AC7
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Page URL History Show full URLs

  1. https://recoverhelp.werally.com/ HTTP 301
    https://recoverhelp.werally.com/s/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

21
Requests

95 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

1667 kB
Transfer

7147 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://recoverhelp.werally.com/ HTTP 301
    https://recoverhelp.werally.com/s/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
recoverhelp.werally.com/s/
Redirect Chain
  • https://recoverhelp.werally.com/
  • https://recoverhelp.werally.com/s/
117 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
07ae908524c6324c1fb664dae87382abc10d32222732c18c41d30ce0d11713e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-encoding
gzip
content-security-policy
upgrade-insecure-requests frame-ancestors 'self'
content-type
text/html;charset=UTF-8
date
Wed, 26 Jul 2023 17:28:30 GMT
expires
Tue, 26 Jul 2022 17:28:30 GMT
last-modified
Tue, 26 Jul 2022 17:28:30 GMT
link
</s/sfsites/auraFW/javascript/YlFCb0tteDV4aGhQNENwMlB3WlU0ZzE0VDFFNVRwUjllNDRPNDJ3WDdmcWcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22px8N56mPBZchFBRlTl_6MQ%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/app.js?2=>;rel=preload;as=script;nopush
referrer-policy
origin-when-cross-origin
server
sfdcedge
server-timing
Total;dur=116
strict-transport-security
max-age=63072000; includeSubDomains
timing-allow-origin
*
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sfdc-request-id
ca2d19940d7e913e4aeb31e196432d12
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-length
0
content-security-policy
upgrade-insecure-requests
date
Wed, 26 Jul 2023 17:28:30 GMT
location
https://recoverhelp.werally.com/s/
referrer-policy
origin-when-cross-origin
server
sfdcedge
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-sfdc-request-id
4d8933304d468906e50dacfec29cafb9
x-xss-protection
1; mode=block
aura_prod.js
recoverhelp.werally.com/s/sfsites/auraFW/javascript/YlFCb0tteDV4aGhQNENwMlB3WlU0ZzE0VDFFNVRwUjllNDRPNDJ3WDdmcWcyNDQuMjAuNC0yLjQxLjQ/ 		834 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/sfsites/auraFW/javascript/YlFCb0tteDV4aGhQNENwMlB3WlU0ZzE0VDFFNVRwUjllNDRPNDJ3WDdmcWcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
c1b2e1d1c775b2b26d6e9648e7108536a5d5431e8a877bc66e743830db4d20fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recoverhelp.werally.com/s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server-timing
Total;dur=15
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Tue, 25 Jul 2023 17:28:30 GMT
server
sfdcedge
x-sfdc-request-id
6e89fa1b17f6e9c409e1022131c17ffa
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
app.js
recoverhelp.werally.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22f%22%2C%22loa... 		3 MB
540 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22px8N56mPBZchFBRlTl_6MQ%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/app.js?2=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
fc0f939f6e1ba3c84e3e87d7a83a977f44ede43041071db7a6f7b5fd4ff22073
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recoverhelp.werally.com/s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 25 Jul 2023 17:28:30 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
831e0a6fdcac6d624d5b95c59e45d4d2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-xss-protection
1; mode=block
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		141 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: recoverhelp.werally.com
URL: https://recoverhelp.werally.com/s/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.83.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-83-103.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
498eef79d803f0a7a493e762b3b86b8f6d6732fd23350f908661f6c7f31ea2cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recoverhelp.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:27 GMT
content-encoding
br
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jul 2023 14:55:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
4
x-amz-server-side-encryption
AES256
etag
W/"aaae28a557c3a9585d513aefafa84239"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
Yv3oa_Twv5FWjbmKiBaUvEerLsPRseH8SQGZqkeqe3mgkTalsBpzMw==
fonts.css
recoverhelp.werally.com/s/sfsites/runtimedownload/ 		0
397 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/sfsites/runtimedownload/fonts.css?lastMod=1626815722000&brandSet=5a210290-21c5-4d8a-8492-fb6a6e94ee4c
Requested by
Host: recoverhelp.werally.com
URL: https://recoverhelp.werally.com/s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recoverhelp.werally.com/s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 20 Jul 2021 21:15:22 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
1e8b0bb9f314d0ed360d5ac944577f56
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public,max-age=31536000
x-xss-protection
1; mode=block
expires
Thu, 25 Jul 2024 17:28:31 GMT
app.css
recoverhelp.werally.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22px8N... 		1 MB
128 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22px8N56mPBZchFBRlTl_6MQ%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityFormFactorLarge%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AsldsFontOverride%22%5D%2C%22tuid%22%3A%22a6a80wQ5aX-xkyaSjUCKJg%22%2C%22cuid%22%3A693942382%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?2=&aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%225a210290-21c5-4d8a-8492-fb6a6e94ee4c%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%221b5f235d-a643-4752-a383-f04abf5cb4cc%22%2C%22publishedChangelistNum%22%3A%2264%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Home%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: recoverhelp.werally.com
URL: https://recoverhelp.werally.com/s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
5a6f5f26d58aa8c49e44c1a5e72db69c1f1c54f8cba3856f5aab7ed20aadff28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recoverhelp.werally.com/s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 25 Jul 2023 17:28:31 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
bab7d84a8fec662d183d3eda94544db8
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-xss-protection
1; mode=block
resources.js
recoverhelp.werally.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22YlFCb0tteDV4aGhQNENwMlB3WlU0ZzE0VDFFNVRwUjllNDRPNDJ3WDdmcWcyNDQuMjAuNC... 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22YlFCb0tteDV4aGhQNENwMlB3WlU0ZzE0VDFFNVRwUjllNDRPNDJ3WDdmcWcyNDQuMjAuNC0yLjQxLjQ%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22px8N56mPBZchFBRlTl_6MQ%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwNTNlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/resources.js?pv=1690168860000453524225&rv=1681002704000
Requested by
Host: recoverhelp.werally.com
URL: https://recoverhelp.werally.com/s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
4e8e67ede0c61f0d0569fb695f66f08f46c22baf8e727a50207b115876e3aef3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recoverhelp.werally.com/s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 25 Jul 2023 17:28:31 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
921348bcc97af525eaad830e6088d62f
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=31536000,immutable
x-xss-protection
1; mode=block
bootstrap.js
recoverhelp.werally.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22YlFCb0tteDV4aGhQNENwMlB3WlU0ZzE0VDFFNVRwUjllNDRPNDJ3WDdmcWcyNDQuMjAuNC... 		764 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22fwuid%22%3A%22YlFCb0tteDV4aGhQNENwMlB3WlU0ZzE0VDFFNVRwUjllNDRPNDJ3WDdmcWcyNDQuMjAuNC0yLjQxLjQ%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22px8N56mPBZchFBRlTl_6MQ%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwNTNlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/bootstrap.js?aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%225a210290-21c5-4d8a-8492-fb6a6e94ee4c%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%221b5f235d-a643-4752-a383-f04abf5cb4cc%22%2C%22publishedChangelistNum%22%3A%2264%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Home%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: recoverhelp.werally.com
URL: https://recoverhelp.werally.com/s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
36db1c947d505506a0db5c9799b4131e0671c84ed0ff832d18f43d2746d5c083
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recoverhelp.werally.com/s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 25 Jul 2023 17:28:32 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
1154cd7570b77abe18d3892ffaab1f19
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public,max-age=900
x-xss-protection
1; mode=block
aura
recoverhelp.werally.com/s/sfsites/ 		54 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%22944cca8f-8d8a-43bf-bc72-ffc5a5fa5bf3%22%2C%22routeType%22%3A%22home%22%2C%22themeLayoutType%22%3A%22Home%22%2C%22params%22%3A%7B%22viewid%22%3A%22e948b64b-d105-48f0-8d8e-fabb69ec49c7%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A64%2C%22brandingSetId%22%3A%225a210290-21c5-4d8a-8492-fb6a6e94ee4c%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22YlFCb0tteDV4aGhQNENwMlB3WlU0ZzE0VDFFNVRwUjllNDRPNDJ3WDdmcWcyNDQuMjAuNC0yLjQxLjQ%22%2C%22app%22%3A%22siteforce%3AcommunityApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AcommunityApp%22%3A%22px8N56mPBZchFBRlTl_6MQ%22%7D%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwNTNlbl9VUw%22%2C%22uad%22%3Afalse%7D&aura.isAction=true
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
6515c94fcd87d764a4f1f46a4216c63459e239e00578c19f8facd74d249e55ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://recoverhelp.werally.com/s/
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
9ff9cd56-190f-4199-9a7e-19cee8d067f0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 25 Jul 2023 17:28:34 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
c8e56e4d47ef32158edccbe07a6fea88
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=1800
x-xss-protection
1; mode=block
expires
Tue, 26 Jul 2022 17:28:34 GMT
aura
recoverhelp.werally.com/s/sfsites/ 		1 MB
307 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/sfsites/aura?r=1&aura.Component.getComponentDef=1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
0b85ee7aa87448b8920f5eb5da67c90fbe174953112a39543067eecf3bb176f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://recoverhelp.werally.com/s/
X-SFDC-Page-Cache
6d146365a174cfdd
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
9ff9cd56-190f-4199-9a7e-19cee8d067f0
X-SFDC-Request-Id
34903000007f6e70b2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 26 Jul 2023 17:28:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 26 Jul 2022 17:28:34 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
34903000007f6e70b2
vary
Origin, Accept-Encoding
content-type
application/json
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-xss-protection
1; mode=block
expires
Tue, 26 Jul 2022 17:28:34 GMT
Rally_Arrows_w_tmk.png
www.rallyhealth.com/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rallyhealth.com/assets/Rally_Arrows_w_tmk.png
Requested by
Host: recoverhelp.werally.com
URL: https://recoverhelp.werally.com/s/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
b896279fff3d8bb808e348cc28283721ec6e70165229623948c5239818b4bf4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recoverhelp.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:34 GMT
last-modified
Wed, 28 Jun 2023 06:58:28 GMT
x-cdn
Imperva
etag
"649bda14-c91"
content-type
image/png
x-iinfo
13-34691376-34691383 NNNN CT(105 203 0) RT(1690392513453 31) q(0 0 3 2) r(5 5) U24
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3217
expires
Thu, 25 Jul 2024 17:28:34 GMT
Illustration_Doctors.png
recoverhelp.werally.com/resource/1613511230000/CoachingHelpCenter/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recoverhelp.werally.com/resource/1613511230000/CoachingHelpCenter/images/Illustration_Doctors.png
Requested by
Host: recoverhelp.werally.com
URL: https://recoverhelp.werally.com/s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
5ba19121497139b5d5354d45e4fb0670ed0b1121eeaa70c74ba119875203a7ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recoverhelp.werally.com/s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 16 Feb 2021 21:33:50 GMT
server
sfdcedge
x-sfdc-request-id
15e06660b5d7482052a1d2230accbc20
x-frame-options
SAMEORIGIN
content-type
image/png
p3p
CP="CUR OTR STA"
cache-control
public,max-age=3888000,immutable
content-length
8906
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 17:28:34 GMT
HelveticaNeueMedium.ttf
recoverhelp.werally.com/resource/RHCC_CommunityAssets/fonts/ 		119 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/resource/RHCC_CommunityAssets/fonts/HelveticaNeueMedium.ttf
Requested by
Host: recoverhelp.werally.com
URL: https://recoverhelp.werally.com/s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
82ff7e5c8ee61ac9fd20279d3138b055571f3955441091b100b16f426944a0dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://recoverhelp.werally.com/s/
Origin
https://recoverhelp.werally.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Thu, 21 Mar 2019 05:22:21 GMT
server
sfdcedge
x-sfdc-request-id
001b656bcb00b68a9451c455d0b6eaad
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
p3p
CP="CUR OTR STA"
cache-control
public,max-age=3888000
content-length
121592
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 17:28:34 GMT
2866512f-55b6-4639-a5c3-a0b7f916bd80
https://recoverhelp.werally.com/ 		24 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://recoverhelp.werally.com/2866512f-55b6-4639-a5c3-a0b7f916bd80
Requested by
Host: recoverhelp.werally.com
URL: https://recoverhelp.werally.com/s/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d864b61c190297721b440b241cd61c2e7a377176a0fbb12b2d3342757b1f34da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
24961
Content-Type
aura
recoverhelp.werally.com/s/sfsites/ 		88 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/sfsites/aura?r=2&aura.Component.getComponent=1&ui-communities-components-aura-components-forceCommunity-navigationMenu.NavigationMenuDataProvider.getNavigationMenu=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
6f6825a7b3e2e0f54eb97541a991a3cea2f5279f314829a68e3893267bfe92ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://recoverhelp.werally.com/s/
X-SFDC-Page-Cache
6d146365a174cfdd
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
9ff9cd56-190f-4199-9a7e-19cee8d067f0
X-SFDC-Request-Id
355220000003f31f3a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 26 Jul 2023 17:28:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 26 Jul 2022 17:28:34 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
355220000003f31f3a
vary
Origin, Accept-Encoding
content-type
application/json
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
server-timing
Total;dur=237
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 26 Jul 2022 17:28:34 GMT
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		53 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Axhr%2Cenv%3Aproduction%2Cservice%3Asalesforce-help-center&dd-api-key=pube391e677e480d392651dcd3fba4609f6&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=f0a04c70-d1b3-4632-83a4-787f60c4c0df
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:3b56:55e9:1bb7:a431 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cf384ba058527f38e46508687b2cff4696520b6102e032545561af350dd65bcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://recoverhelp.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarypBqBv8ijidpcBnW1

Response headers

date
Wed, 26 Jul 2023 17:28:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
RA_group.png
recoverhelp.werally.com/resource/1553145741000/RHCC_CommunityAssets/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recoverhelp.werally.com/resource/1553145741000/RHCC_CommunityAssets/images/RA_group.png
Requested by
Host: recoverhelp.werally.com
URL: https://recoverhelp.werally.com/s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
fd9f8a8d28ed4b16c1599776a53c29906ba6bca69e21eeda17fc8cefa3289f5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recoverhelp.werally.com/s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Thu, 21 Mar 2019 05:22:21 GMT
server
sfdcedge
x-sfdc-request-id
a01a6ad446bcd15ae2884cb1d3bbd3df
x-frame-options
SAMEORIGIN
content-type
image/png
p3p
CP="CUR OTR STA"
cache-control
public,max-age=3888000,immutable
content-length
6514
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 17:28:36 GMT
Support.png
recoverhelp.werally.com/resource/1613511230000/CoachingHelpCenter/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recoverhelp.werally.com/resource/1613511230000/CoachingHelpCenter/images/Support.png
Requested by
Host: recoverhelp.werally.com
URL: https://recoverhelp.werally.com/s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
190e0e147d2177aab32f089c97251082dbf8a53c339c487285a8307b97d55831
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://recoverhelp.werally.com/s/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 17:28:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 16 Feb 2021 21:33:50 GMT
server
sfdcedge
x-sfdc-request-id
5b60ef16252996161f2406f2e4b2b481
x-frame-options
SAMEORIGIN
content-type
image/png
p3p
CP="CUR OTR STA"
cache-control
public,max-age=3888000,immutable
content-length
20496
x-xss-protection
1; mode=block
expires
Sat, 09 Sep 2023 17:28:36 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		53 B
305 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.45.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Asalesforce-help-center&dd-api-key=pube391e677e480d392651dcd3fba4609f6&dd-evp-origin-version=4.45.0&dd-evp-origin=browser&dd-request-id=7c8740aa-4e2c-46b7-a0be-7982cd8879a5&batch_time=1690392518128
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:396c:5768:f8c3:756e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
cdd018a2b8003bb719fa87ada0f2bda06443276e75430fc0c3542ceab4c0be42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://recoverhelp.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 26 Jul 2023 17:28:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
aura
recoverhelp.werally.com/s/sfsites/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/sfsites/aura?r=3&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
9b6ad3a029ba350de1b53f4719d78c1cb9d0c65c616b0086e78c04c23b051be2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://recoverhelp.werally.com/s/
X-SFDC-Page-Cache
6d146365a174cfdd
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
9ff9cd56-190f-4199-9a7e-19cee8d067f0
X-SFDC-Request-Id
809330000025ba205f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 26 Jul 2023 17:28:39 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 26 Jul 2022 17:28:39 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
809330000025ba205f
vary
Origin, Accept-Encoding
content-type
application/json
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
server-timing
Total;dur=172
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 26 Jul 2022 17:28:39 GMT
aura
recoverhelp.werally.com/s/sfsites/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://recoverhelp.werally.com/s/sfsites/aura?r=4&ui-comm-runtime-components-aura-components-siteforce-network-tracking.NetworkTracking.createLogRecord=1
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.140.11 Dublin, Ireland, ASN14340 (SALESFORCE, US),
Reverse DNS
sledge3-fra.slb.sfdcsvc.net
Software
sfdcedge /
Resource Hash
7665a23b6f9cf0788e2382d6e45c055e746ff1a3dd2387116d23bf713a260942
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://recoverhelp.werally.com/s/
X-SFDC-Page-Cache
6d146365a174cfdd
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
9ff9cd56-190f-4199-9a7e-19cee8d067f0
X-SFDC-Request-Id
8096500000ff4ab730
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 26 Jul 2023 17:28:38 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 26 Jul 2022 17:28:38 GMT
server
sfdcedge
content-encoding
gzip
x-sfdc-request-id
8096500000ff4ab730
vary
Origin, Accept-Encoding
content-type
application/json
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
server-timing
Total;dur=16
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 26 Jul 2022 17:28:38 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DD_RUM object| picassoSPA string| comm__attrVariationKey number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router function| _moreThenOneCriteria function| _isOnlyValidTokens function| _isNoAmbiguousAndOr function| _checkAmbiguousNum function| _checkParentheses function| _filterValidation function| _validate

6 Cookies

Domain/Path Name / Value
recoverhelp.werally.com/s Name: renderCtx
Value: %7B%22pageId%22%3A%221b5f235d-a643-4752-a383-f04abf5cb4cc%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%225a210290-21c5-4d8a-8492-fb6a6e94ee4c%22%2C%22audienceIds%22%3A%22%22%7D
recoverhelp.werally.com/ Name: CookieConsentPolicy
Value: 0:1
recoverhelp.werally.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
recoverhelp.werally.com/ Name: sfdc-stream
Value: !sYDVCiBFTz/lw7YAvjz5hV+hctJC8mQFkqAtdvuLGQTT9hy5SZ1GI71Djir4fAz+aHDEa6v9ymFq8YA=
recoverhelp.werally.com/ Name: pctrk
Value: d3640b8b-d3a0-4dcb-baf4-2ad14cd88732
recoverhelp.werally.com/ Name: _dd_s
Value: rum=1&id=d6922335-e626-4af2-9078-9b82fa3e2a57&created=1690392510970&expire=1690393410971

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

recoverhelp.werally.com
rum.browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com
www.datadoghq-browser-agent.com
www.rallyhealth.com
13.225.83.103
149.126.77.158
2600:1f18:24e6:b900:3b56:55e9:1bb7:a431
2600:1f18:24e6:b902:396c:5768:f8c3:756e
85.222.140.11
07ae908524c6324c1fb664dae87382abc10d32222732c18c41d30ce0d11713e5
0b85ee7aa87448b8920f5eb5da67c90fbe174953112a39543067eecf3bb176f6
190e0e147d2177aab32f089c97251082dbf8a53c339c487285a8307b97d55831
36db1c947d505506a0db5c9799b4131e0671c84ed0ff832d18f43d2746d5c083
498eef79d803f0a7a493e762b3b86b8f6d6732fd23350f908661f6c7f31ea2cf
4e8e67ede0c61f0d0569fb695f66f08f46c22baf8e727a50207b115876e3aef3
5a6f5f26d58aa8c49e44c1a5e72db69c1f1c54f8cba3856f5aab7ed20aadff28
5ba19121497139b5d5354d45e4fb0670ed0b1121eeaa70c74ba119875203a7ed
6515c94fcd87d764a4f1f46a4216c63459e239e00578c19f8facd74d249e55ac
6f6825a7b3e2e0f54eb97541a991a3cea2f5279f314829a68e3893267bfe92ba
7665a23b6f9cf0788e2382d6e45c055e746ff1a3dd2387116d23bf713a260942
82ff7e5c8ee61ac9fd20279d3138b055571f3955441091b100b16f426944a0dc
9b6ad3a029ba350de1b53f4719d78c1cb9d0c65c616b0086e78c04c23b051be2
b896279fff3d8bb808e348cc28283721ec6e70165229623948c5239818b4bf4d
c1b2e1d1c775b2b26d6e9648e7108536a5d5431e8a877bc66e743830db4d20fb
cdd018a2b8003bb719fa87ada0f2bda06443276e75430fc0c3542ceab4c0be42
cf384ba058527f38e46508687b2cff4696520b6102e032545561af350dd65bcb
d864b61c190297721b440b241cd61c2e7a377176a0fbb12b2d3342757b1f34da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc0f939f6e1ba3c84e3e87d7a83a977f44ede43041071db7a6f7b5fd4ff22073
fd9f8a8d28ed4b16c1599776a53c29906ba6bca69e21eeda17fc8cefa3289f5a