retrieval.greatland.com Open in urlscan Pro
13.82.175.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect2.fireeye.com/v1/url?k=ffa83e17-a3228653-ffaf0d5c-86c91879b721-0c3e4ff67a967b71&q=1&e=1181ea3c-c7ef-4f8f-b7bf-...
Effective URL:
https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
Submission: On February 28 via manual (February 28th 2020, 9:18:17 pm UTC) from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 13.82.175.96, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is retrieval.greatland.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 8th 2018. Valid for: 2 years.

This is the only time retrieval.greatland.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:e980:d::a0 2a02:e980:d::a0	19551 (INCAPSULA) (INCAPSULA)
14	13.82.175.96 13.82.175.96	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
2	51.140.6.23 51.140.6.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
17	3

1 2a02:e980:d::a0 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

protect2.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.82.175.96 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

retrieval.greatland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	greatland.com retrieval.greatland.com	209 KB
2	visualstudio.com dc.services.visualstudio.com	830 B
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	fireeye.com 1 redirects protect2.fireeye.com	727 B
17	4

	Domain	Requested by
14	retrieval.greatland.com	retrieval.greatland.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
1	az416426.vo.msecnd.net	retrieval.greatland.com
1	protect2.fireeye.com	1 redirects
17	4

This site contains no links.

Subject Issuer	Validity	Valid
*.greatland.com Go Daddy Secure Certificate Authority - G2	`2018-02-08` - `2020-04-07`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
dc.services.visualstudio.com Microsoft IT TLS CA 5	`2019-11-18` - `2021-11-18`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
Frame ID: 6233EEAF7C03DAB6F9096F9C9C4AA766
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://protect2.fireeye.com/v1/url?k=ffa83e17-a3228653-ffaf0d5c-86c91879b721-0c3e4ff67a967b71&q=1&e=1181... HTTP 302
https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe Page URL

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

232 kB
Transfer

469 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect2.fireeye.com/v1/url?k=ffa83e17-a3228653-ffaf0d5c-86c91879b721-0c3e4ff67a967b71&q=1&e=1181ea3c-c7ef-4f8f-b7bf-efb922e229a3&u=https%3A%2F%2Fretrieval.greatland.com%2F9bcf84c0-3218-420d-9e1b-9eac6d57bcbe HTTP 302
https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set 9bcf84c0-3218-420d-9e1b-9eac6d57bcbe Show response
retrieval.greatland.com/
Redirect Chain

https://protect2.fireeye.com/v1/url?k=ffa83e17-a3228653-ffaf0d5c-86c91879b721-0c3e4ff67a967b71&q=1&e=1181ea3c-c7ef-4f8f-b7bf-efb922e229a3&u=https%3A%2F%2Fretrieval.greatland.com%2F9bcf84c0-3218-420...
https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe

6 KB
4 KB

451ms
126ms

Document
text/html

13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

552de677a22282380e36b7066a684f294c5a99d93ae4fdda6abbb618b0aeed36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: retrieval.greatland.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Cache-Control: private
Content-Length: 2846
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: RecipientId=15266854; path=/; secure RecipientGUID=9bcf84c0-3218-420d-9e1b-9eac6d57bcbe; path=/; secure SecurityToken=; path=/; secure __RequestVerificationToken=i02KDcXIW3qUkXufq_t8pYmi22kb-re68kUYdrL1US0_CxdJ5whthIKCFVGM53Sz5blPXPoJav8t6zov2PBNHNHXy7JmbxZMfCWZzJXdaJk1; path=/; HttpOnly ARRAffinity=f702dec08f589ce253222d52518caee265b893971cefd0d4623b9bd5477384fe;Path=/;HttpOnly;Domain=retrieval.greatland.com
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000
X-Frame-Options: SAMEORIGIN SAMEORIGIN SAMEORIGIN
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Request-Context: appId=cid-v1:67d67441-da85-4964-bc49-2ce4bb17dd65
X-Powered-By: ASP.NET
Date: Fri, 28 Feb 2020 21:17:55 GMT

Redirect headers

Date: Fri, 28 Feb 2020 21:17:56 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Fireeye-Faude: Benign
Location: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
Set-Cookie: visid_incap_813375=3mMKlobsScyh3JLAuvtcMIODWV4AAAAAQUIPAAAAAADkac9Up8RvErYVppjS2nfL; expires=Sat, 27 Feb 2021 18:39:52 GMT; path=/; Domain=.fireeye.com nlbi_813375=NvJ2ecc4yHIW7pB2t7E59gAAAABZ4fIe7kiqDPEie0W+d5bB; path=/; Domain=.fireeye.com incap_ses_534_813375=5zKdbQEamwVkMhWUbUBpB4SDWV4AAAAAKmvdG0Yu273TvGDR+vXnpw==; path=/; Domain=.fireeye.com
X-Iinfo: 6-15781221-15781222 NNNN CT(163 212 0) RT(1582924675596 13) q(0 0 3 0) r(5 5) U11

GET
H/1.1 200
OK css
retrieval.greatland.com/Content/ 5 KB
2 KB 102ms
101ms Stylesheet
text/css 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://retrieval.greatland.com/Content/css?v=yyNGwusDeMzUnH-8r5Gg5u9Bhugskba-HJsokSW0zKw1

Requested by

Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

385e3352162ca353d0feb4dc606dc39f61249f7c9549fdc15e0a4e9d46c64f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Feb 2020 21:17:56 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Expires: Sat, 27 Feb 2021 21:17:56 GMT
Cache-Control: public
Date: Fri, 28 Feb 2020 21:17:57 GMT
Vary: User-Agent,Accept-Encoding
Content-Length: 1744
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:67d67441-da85-4964-bc49-2ce4bb17dd65

GET
H/1.1 200
OK jquery Show response
retrieval.greatland.com/bundles/ 176 KB
80 KB 209ms
107ms Script
text/javascript 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://retrieval.greatland.com/bundles/jquery?v=LJOIKmnscIaZTYSKPncLwtZEwMepz8Y4XL1Km8srRus1

Requested by

Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

0a44b5e537d01b851f6f6aca48f0d794a31048b45dea0debad400b4b952c66e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 21:17:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Feb 2020 21:17:57 GMT
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=63072000
Content-Type: text/javascript; charset=utf-8
Expires: Sat, 27 Feb 2021 21:17:57 GMT
Cache-Control: public
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:67d67441-da85-4964-bc49-2ce4bb17dd65

GET
H/1.1 200
OK jqueryval Show response
retrieval.greatland.com/bundles/ 83 KB
31 KB 296ms
104ms Script
text/javascript 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://retrieval.greatland.com/bundles/jqueryval?v=mkS8U9dwJq4AB8r0mhcPRDKSs3b164TkP_0S8JOy-g01

Requested by

Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

36f646408c6ee342ba163a0bac680f93101983e9a1dc4aec837c6e932442f756

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Feb 2020 21:17:57 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Expires: Sat, 27 Feb 2021 21:17:57 GMT
Cache-Control: public
Date: Fri, 28 Feb 2020 21:17:57 GMT
Vary: User-Agent,Accept-Encoding
Content-Length: 30786
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:67d67441-da85-4964-bc49-2ce4bb17dd65

GET
H/1.1 200
OK modernizr Show response
retrieval.greatland.com/bundles/ 11 KB
6 KB 394ms
103ms Script
text/javascript 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://retrieval.greatland.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1

Requested by

Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Feb 2020 21:17:57 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Expires: Sat, 27 Feb 2021 21:17:57 GMT
Cache-Control: public
Date: Fri, 28 Feb 2020 21:17:56 GMT
Vary: User-Agent,Accept-Encoding
Content-Length: 5292
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:67d67441-da85-4964-bc49-2ce4bb17dd65

GET
H/1.1 200
OK modal Show response
retrieval.greatland.com/bundles/ 16 KB
7 KB 394ms
102ms Script
text/javascript 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://retrieval.greatland.com/bundles/modal?v=-a4TryEKwD6_l2KoDb4knH7rIkrny3QIHNOq2F-8J1I1

Requested by

Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

2909ff58df9812fad123411cad49b7689213b3107c803e8652d68cd8b52c35ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Feb 2020 21:17:57 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Expires: Sat, 27 Feb 2021 21:17:57 GMT
Cache-Control: public
Date: Fri, 28 Feb 2020 21:17:57 GMT
Vary: User-Agent,Accept-Encoding
Content-Length: 6955
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:67d67441-da85-4964-bc49-2ce4bb17dd65

GET
H/1.1 200
OK Common Show response
retrieval.greatland.com/bundles/ 1 KB
1 KB 395ms
102ms Script
text/javascript 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://retrieval.greatland.com/bundles/Common?v=iv-wMx9JW9PONMa62erC7xTxZejViXqRf7JNiAKcC7Y1

Requested by

Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

cec90510fdd0be504f5718ab89eaf3a534369bac196372d60408f4b6b25e8425

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Feb 2020 21:17:57 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Expires: Sat, 27 Feb 2021 21:17:57 GMT
Cache-Control: public
Date: Fri, 28 Feb 2020 21:17:56 GMT
Vary: User-Agent,Accept-Encoding
Content-Length: 632
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:67d67441-da85-4964-bc49-2ce4bb17dd65

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 83ms
18ms Script
application/x-javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AAA) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 28 Feb 2020 21:17:57 GMT
content-encoding: gzip
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1034
x-cache: HIT
status: 200
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Tue, 04 Feb 2020 19:23:51 GMT
server: ECAcc (ama/8AAA)
etag: 0x8D7A9A7C460F06C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d4adbb24-501e-00c2-607a-ee6c5a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19

GET
H/1.1 200
OK corner-left.png
retrieval.greatland.com/Images/ 1004 B
1 KB 102ms
101ms Image
image/png 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retrieval.greatland.com/Images/corner-left.png
Requested by: Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/bundles/jquery?v=LJOIKmnscIaZTYSKPncLwtZEwMepz8Y4XL1Km8srRus1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: bc1a39b8ba812bf30911404dc3c1562db22e7976728ce5c5c35483bec0dc954e

Request headers

Referer: https://retrieval.greatland.com/Content/css?v=yyNGwusDeMzUnH-8r5Gg5u9Bhugskba-HJsokSW0zKw1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 21:17:56 GMT
ETag: "5a4cad91eaa9d51:0"
Last-Modified: Tue, 03 Dec 2019 15:01:40 GMT
Accept-Ranges: bytes
X-Powered-By: ASP.NET
Content-Length: 1004
Content-Type: image/png

GET
H/1.1 200
OK rrfill.png
retrieval.greatland.com/Images/ 194 B
414 B 100ms
99ms Image
image/png 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retrieval.greatland.com/Images/rrfill.png
Requested by: Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/bundles/jquery?v=LJOIKmnscIaZTYSKPncLwtZEwMepz8Y4XL1Km8srRus1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: fb83d8dae402022ccfb7f31111d64afc9b19b4a8aa0cfa80665a3a79d4442d19

Request headers

Referer: https://retrieval.greatland.com/Content/css?v=yyNGwusDeMzUnH-8r5Gg5u9Bhugskba-HJsokSW0zKw1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 21:17:56 GMT
ETag: "4392b191eaa9d51:0"
Last-Modified: Tue, 03 Dec 2019 15:01:40 GMT
Accept-Ranges: bytes
X-Powered-By: ASP.NET
Content-Length: 194
Content-Type: image/png

GET
H/1.1 200
OK corner-right.png
retrieval.greatland.com/Images/ 1011 B
1 KB 99ms
99ms Image
image/png 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retrieval.greatland.com/Images/corner-right.png
Requested by: Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/bundles/jquery?v=LJOIKmnscIaZTYSKPncLwtZEwMepz8Y4XL1Km8srRus1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 6429eebab382bbb13342b93957ee8bcbe2fb408e13a10b62644fc820dd88c751

Request headers

Referer: https://retrieval.greatland.com/Content/css?v=yyNGwusDeMzUnH-8r5Gg5u9Bhugskba-HJsokSW0zKw1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 21:17:57 GMT
ETag: "809aad91eaa9d51:0"
Last-Modified: Tue, 03 Dec 2019 15:01:40 GMT
Accept-Ranges: bytes
X-Powered-By: ASP.NET
Content-Length: 1011
Content-Type: image/png

GET
H/1.1 200
OK background.jpg
retrieval.greatland.com/Images/ 66 KB
66 KB 99ms
98ms Image
image/jpeg 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retrieval.greatland.com/Images/background.jpg
Requested by: Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/bundles/jquery?v=LJOIKmnscIaZTYSKPncLwtZEwMepz8Y4XL1Km8srRus1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 35f50c4e038524e7f9f819f342c65e9305804ff51bf4751fb43b520f4ff8fcbd

Request headers

Referer: https://retrieval.greatland.com/Content/css?v=yyNGwusDeMzUnH-8r5Gg5u9Bhugskba-HJsokSW0zKw1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 21:17:57 GMT
ETag: "2cb4aa91eaa9d51:0"
Last-Modified: Tue, 03 Dec 2019 15:01:40 GMT
Accept-Ranges: bytes
X-Powered-By: ASP.NET
Content-Length: 67390
Content-Type: image/jpeg

GET
H/1.1 200
OK logo.png
retrieval.greatland.com/Images/ 5 KB
5 KB 98ms
98ms Image
image/png 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retrieval.greatland.com/Images/logo.png
Requested by: Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/bundles/jquery?v=LJOIKmnscIaZTYSKPncLwtZEwMepz8Y4XL1Km8srRus1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 877ee645a0823aab63bcce873a79fd79e053ef81c7cab0bcf892b3919e497dab

Request headers

Referer: https://retrieval.greatland.com/Content/css?v=yyNGwusDeMzUnH-8r5Gg5u9Bhugskba-HJsokSW0zKw1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 21:17:57 GMT
ETag: "bc80b091eaa9d51:0"
Last-Modified: Tue, 03 Dec 2019 15:01:40 GMT
Accept-Ranges: bytes
X-Powered-By: ASP.NET
Content-Length: 5361
Content-Type: image/png

GET
H/1.1 200
OK btn-retrieve.png
retrieval.greatland.com/Images/ 2 KB
3 KB 98ms
98ms Image
image/png 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retrieval.greatland.com/Images/btn-retrieve.png
Requested by: Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/bundles/jquery?v=LJOIKmnscIaZTYSKPncLwtZEwMepz8Y4XL1Km8srRus1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 57a6a6e336968b17fea336b927b897cd9aad106a99a89d412ca68adca96f18b7

Request headers

Referer: https://retrieval.greatland.com/Content/css?v=yyNGwusDeMzUnH-8r5Gg5u9Bhugskba-HJsokSW0zKw1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 21:17:56 GMT
ETag: "2cedab91eaa9d51:0"
Last-Modified: Tue, 03 Dec 2019 15:01:40 GMT
Accept-Ranges: bytes
X-Powered-By: ASP.NET
Content-Length: 2426
Content-Type: image/png

GET
H/1.1 200
OK footer-tile.jpg
retrieval.greatland.com/Images/ 1 KB
1 KB 195ms
98ms Image
image/jpeg 13.82.175.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retrieval.greatland.com/Images/footer-tile.jpg
Requested by: Host: retrieval.greatland.com
URL: https://retrieval.greatland.com/bundles/jquery?v=LJOIKmnscIaZTYSKPncLwtZEwMepz8Y4XL1Km8srRus1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.82.175.96 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 07aac26b8679d2b812aefd2d5607e47b9cea5eca62c8b8e384941c85bcbc5774

Request headers

Referer: https://retrieval.greatland.com/Content/css?v=yyNGwusDeMzUnH-8r5Gg5u9Bhugskba-HJsokSW0zKw1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 21:17:57 GMT
ETag: "7d3ae91eaa9d51:0"
Last-Modified: Tue, 03 Dec 2019 15:01:40 GMT
Accept-Ranges: bytes
X-Powered-By: ASP.NET
Content-Length: 1179
Content-Type: image/jpeg

OPTIONS
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 0
311 B 101ms
24ms XHR
text/plain 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://retrieval.greatland.com
Referer: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,sdk-context

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 Feb 2020 21:17:56 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 0
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST

POST
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 96 B
519 B 434ms
434ms XHR
application/json 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8ed834d5bbdea5228868946b56d1aff5ae8b5c7a24e05c3d2fdf8b2eeb224333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://retrieval.greatland.com/9bcf84c0-3218-420d-9e1b-9eac6d57bcbe
Origin: https://retrieval.greatland.com
Sec-Fetch-Dest: empty
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 1D4CC34C-B7F6-42D0-B0BA-EDAD0CAF8D93
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 28 Feb 2020 21:17:57 GMT
Access-Control-Max-Age: 3600
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 96

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
protect2.fireeye.com
retrieval.greatland.com
13.82.175.96
152.199.19.160
2a02:e980:d::a0
51.140.6.23
07aac26b8679d2b812aefd2d5607e47b9cea5eca62c8b8e384941c85bcbc5774
0a44b5e537d01b851f6f6aca48f0d794a31048b45dea0debad400b4b952c66e3
2909ff58df9812fad123411cad49b7689213b3107c803e8652d68cd8b52c35ce
35f50c4e038524e7f9f819f342c65e9305804ff51bf4751fb43b520f4ff8fcbd
36f646408c6ee342ba163a0bac680f93101983e9a1dc4aec837c6e932442f756
385e3352162ca353d0feb4dc606dc39f61249f7c9549fdc15e0a4e9d46c64f1c
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
552de677a22282380e36b7066a684f294c5a99d93ae4fdda6abbb618b0aeed36
57a6a6e336968b17fea336b927b897cd9aad106a99a89d412ca68adca96f18b7
6429eebab382bbb13342b93957ee8bcbe2fb408e13a10b62644fc820dd88c751
877ee645a0823aab63bcce873a79fd79e053ef81c7cab0bcf892b3919e497dab
8ed834d5bbdea5228868946b56d1aff5ae8b5c7a24e05c3d2fdf8b2eeb224333
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
bc1a39b8ba812bf30911404dc3c1562db22e7976728ce5c5c35483bec0dc954e
cec90510fdd0be504f5718ab89eaf3a534369bac196372d60408f4b6b25e8425
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb83d8dae402022ccfb7f31111d64afc9b19b4a8aa0cfa80665a3a79d4442d19

retrieval.greatland.com Open in urlscan Pro 13.82.175.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

17 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

232 kBTransfer

469 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

retrieval.greatland.com Open in urlscan Pro
13.82.175.96 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

232 kB
Transfer

469 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions