urlscan.io logo urlscan.io
SecurityTrails logo

attackevals.mitre-engenuity.org Open in urlscan Pro
185.199.111.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://attackevals.mitre.org/APT29/
Effective URL: https://attackevals.mitre-engenuity.org/APT29/
Submission: On October 21 via api from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 57 HTTP transactions. The main IP is 185.199.111.153, located in United States and belongs to FASTLY, US. The main domain is attackevals.mitre-engenuity.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 16th 2020. Valid for: 3 months.
This is the only time attackevals.mitre-engenuity.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    185.199.108.153 (United States)

ASN54113 (FASTLY, US)
attackevals.mitre.org
26    2600:9000:2057:7c00:3:4981:3cc0:21 (United States)

ASN16509 (AMAZON-02, US)
d1zq5d3dtjfcoj.cloudfront.net
15    185.199.111.153 (United States)

ASN54113 (FASTLY, US)
attackevals.mitre-engenuity.org
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
26 d1zq5d3dtjfcoj.cloudfront.net attackevals.mitre.org
attackevals.mitre-engenuity.org
15 attackevals.mitre-engenuity.org attackevals.mitre-engenuity.org
11 attackevals.mitre.org attackevals.mitre.org
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagmanager.com attackevals.mitre-engenuity.org
57 5

This site contains links to these domains. Also see Links.

Domain
github.com
medium.com
attack.mitre.org
www.f-secure.com
www.us-cert.gov
www.crowdstrike.com
twitter.com
Subject Issuer Validity Valid
attackevals.mitre.org
Let's Encrypt Authority X3		 2020-09-19 -
2020-12-18		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
attackevals.mitre-engenuity.org
Let's Encrypt Authority X3		 2020-09-16 -
2020-12-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://attackevals.mitre-engenuity.org/APT29/
Frame ID: 670604C5A3310D27FBE9D405B2385DC5
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://attackevals.mitre.org/APT29/ Page URL
  2. https://attackevals.mitre-engenuity.org/APT29/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i

Page Statistics

57
Requests

96 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

1535 kB
Transfer

3881 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://attackevals.mitre.org/APT29/ Page URL
  2. https://attackevals.mitre-engenuity.org/APT29/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
attackevals.mitre.org/APT29/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
d6645352321e385ea0466a3c43a458eaa26042974f93cf21a0fc2dc1dcb49b8f
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:method
GET
:authority
attackevals.mitre.org
:scheme
https
:path
/APT29/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
server
GitHub.com
strict-transport-security
max-age=31556952
last-modified
Thu, 15 Oct 2020 21:47:57 GMT
etag
W/"5f88c38d-1156"
access-control-allow-origin
*
expires
Wed, 21 Oct 2020 13:16:00 GMT
cache-control
max-age=600
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
EA30:0BC3:106E510:119746A:5F903237
accept-ranges
bytes
date
Wed, 21 Oct 2020 13:06:00 GMT
via
1.1 varnish
age
0
x-served-by
cache-cdg20763-CDG
x-cache
MISS
x-cache-hits
0
x-timer
S1603285561.809461,VS0,VE98
vary
Accept-Encoding
x-fastly-request-id
b487208cdae5d7d28b94a2db9929425d6ee2d97f
content-length
1468
all.css
attackevals.mitre.org/theme/style/ 		63 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre.org/theme/style/all.css
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
440b5661211b0b6946647e97477e376fdceebb9e698578601e8bba04e1acd255
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://attackevals.mitre.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
cd3024af25f0d8724e5e7552993994ea631ee918
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"5f88c38d-faa3"
age
0
x-cache
MISS
status
200
content-length
11716
x-served-by
cache-cdg20763-CDG
access-control-allow-origin
*
last-modified
Thu, 15 Oct 2020 21:47:57 GMT
server
GitHub.com
x-github-request-id
B562:12A2C:429D0BC:4685F07:5F900665
x-timer
S1603285561.929835,VS0,VE99
date
Wed, 21 Oct 2020 13:06:01 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:01 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
jquery-3.3.1.min.js
attackevals.mitre.org/theme/scripts/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre.org/theme/scripts/jquery-3.3.1.min.js
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://attackevals.mitre.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
c8bc637a90600fb943be89196f3a065638c982f4
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"5f88c38d-1538f"
age
0
x-cache
MISS
status
200
content-length
30544
x-served-by
cache-cdg20763-CDG
access-control-allow-origin
*
last-modified
Thu, 15 Oct 2020 21:47:57 GMT
server
GitHub.com
x-github-request-id
E08A:F9F5:2337877:2569BB4:5F900665
x-timer
S1603285561.929954,VS0,VE103
date
Wed, 21 Oct 2020 13:06:01 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:01 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
bootstrap.min.css
attackevals.mitre.org/theme/style/ 		141 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre.org/theme/style/bootstrap.min.css
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://attackevals.mitre.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
24cb95e3af0bd785c75997416847ab63f6ad20a9
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"5f88c38d-235ed"
age
0
x-cache
MISS
status
200
content-length
21144
x-served-by
cache-cdg20763-CDG
access-control-allow-origin
*
last-modified
Thu, 15 Oct 2020 21:47:57 GMT
server
GitHub.com
x-github-request-id
6552:1317A:407AAF1:444825E:5F900665
x-timer
S1603285561.929978,VS0,VE99
date
Wed, 21 Oct 2020 13:06:01 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:01 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
bootstrap-glyphicon.min.css
attackevals.mitre.org/theme/style/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre.org/theme/style/bootstrap-glyphicon.min.css
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
f8e8843bbff15bff0d67cf7cb38ab081b6d941146369769b3955aaa77d77f31c
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://attackevals.mitre.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
6885089021d445b8767e1f871bbc3e5674c99eb1
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"5f88c38d-31e1"
age
0
x-cache
MISS
status
200
content-length
2648
x-served-by
cache-cdg20763-CDG
access-control-allow-origin
*
last-modified
Thu, 15 Oct 2020 21:47:57 GMT
server
GitHub.com
x-github-request-id
DE8A:F9F6:42E47CF:46D96BC:5F900665
x-timer
S1603285561.929963,VS0,VE95
date
Wed, 21 Oct 2020 13:06:01 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:01 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
style.css
attackevals.mitre.org/theme/style/ 		44 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre.org/theme/style/style.css
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
e71cdd28c97ef314ce66cadac89690b616a826457e49ba53571d2d80262ee146
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://attackevals.mitre.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
c0811a9ba8d11fb9b6b10209320cd07f3bb7359c
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"5f88c38d-af59"
age
0
x-cache
MISS
status
200
content-length
8663
x-served-by
cache-cdg20763-CDG
access-control-allow-origin
*
last-modified
Thu, 15 Oct 2020 21:47:57 GMT
server
GitHub.com
x-github-request-id
2C0C:F969:249F5EC:26E27D5:5F900665
x-timer
S1603285561.929927,VS0,VE96
date
Wed, 21 Oct 2020 13:06:01 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:01 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
ATT&CKEvals_Logo_new.png
d1zq5d3dtjfcoj.cloudfront.net/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/ATT&CKEvals_Logo_new.png
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65c818f6e98442bcc6b1b89569470a9972b858cc4ec4e06241b4230c7824461a

Request headers

Referer
https://attackevals.mitre.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 06:08:50 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:40:33 GMT
server
AmazonS3
age
25032
etag
"5113b984334c8b5e7c8fc18363e8f7d6"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
8656
x-amz-cf-id
J3htDLcmC9YA0NmT-GFhR3DXYbT6FM4bk67goaeffiKC-pePwxer0Q==
mitrelogowhiteontrans.gif
d1zq5d3dtjfcoj.cloudfront.net/ 		661 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/mitrelogowhiteontrans.gif
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55f61ce63b8f846de286d53083e0380f2b8898fa15245437a3f960fa9dc27503

Request headers

Referer
https://attackevals.mitre.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 06:08:50 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:55 GMT
server
AmazonS3
age
25032
etag
"d1fafd1b628d38206e63aa5d9ab0efbe"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
661
x-amz-cf-id
AoZcuRWguUm445L4r5x69NM_TYPBwI5zn2wq3bgMRYtl0tk6An0HXQ==
twitter.png
d1zq5d3dtjfcoj.cloudfront.net/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/twitter.png
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa56d1290557a7b0734f0b53ee6b8b31e4e36276cfb622f1a48fed56c3188730

Request headers

Referer
https://attackevals.mitre.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 12:35:25 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:57 GMT
server
AmazonS3
age
1837
etag
"55cc7d994f5382c09000881301e7303b"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
11502
x-amz-cf-id
l344s8YDVXN4eLb3Y2bkwiPu0kWQi9jvIyU7tw2BmYmtEH6JYLtAkg==
popper.min.js
attackevals.mitre.org/theme/scripts/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre.org/theme/scripts/popper.min.js
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
976705f4556d7fb372a1696b61112f0091182e1761a27a7ff261cafb4da551da
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://attackevals.mitre.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
b9b6076822e22ebb97c0b1f8f22f5c010c6d0f69
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"5f88c38d-5050"
age
0
x-cache
MISS
status
200
content-length
6148
x-served-by
cache-cdg20763-CDG
access-control-allow-origin
*
last-modified
Thu, 15 Oct 2020 21:47:57 GMT
server
GitHub.com
x-github-request-id
A07A:13179:22531FE:247AE86:5F900665
x-timer
S1603285561.070691,VS0,VE92
date
Wed, 21 Oct 2020 13:06:01 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:01 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
bootstrap.min.js
attackevals.mitre.org/theme/scripts/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre.org/theme/scripts/bootstrap.min.js
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://attackevals.mitre.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
a07ea68d4b474affb39af74ec98cc4d67998842e
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"5f88c38d-bf30"
age
0
x-cache
MISS
status
200
content-length
13216
x-served-by
cache-cdg20763-CDG
access-control-allow-origin
*
last-modified
Thu, 15 Oct 2020 21:47:57 GMT
server
GitHub.com
x-github-request-id
943A:127C:46A3FE0:4ABEF56:5F903239
x-timer
S1603285561.081979,VS0,VE107
date
Wed, 21 Oct 2020 13:06:01 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 13:16:01 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
site.js
attackevals.mitre.org/theme/scripts/ 		491 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre.org/theme/scripts/site.js
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
088003d066c1340c4c1eea524b749cbe7cdeb0cb6893f4857d8e74ee4a04d0b8
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://attackevals.mitre.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
1b06bd394dfcb5026ca8e5027a4c65f359578c2b
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"5f88c38d-1eb"
age
0
x-cache
MISS
status
200
content-length
262
x-served-by
cache-cdg20763-CDG
access-control-allow-origin
*
last-modified
Thu, 15 Oct 2020 21:47:57 GMT
server
GitHub.com
x-github-request-id
110E:1279:106B71D:1191E53:5F900665
x-timer
S1603285561.103875,VS0,VE93
date
Wed, 21 Oct 2020 13:06:01 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:01 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
Roboto-Regular.ttf
attackevals.mitre.org/theme/fonts/Roboto/ 		168 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre.org/theme/fonts/Roboto/Roboto-Regular.ttf
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/theme/style/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Origin
https://attackevals.mitre.org
Referer
https://attackevals.mitre.org/theme/style/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
b374f1e2bb638873a6a030f9a01b00a76848cf7c
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"5f88c38d-29e9c"
age
0
x-cache
MISS
status
200
content-length
91002
x-served-by
cache-cdg20763-CDG
access-control-allow-origin
*
last-modified
Thu, 15 Oct 2020 21:47:57 GMT
server
GitHub.com
x-github-request-id
8278:645C:24968E7:26D6046:5F900665
x-timer
S1603285561.107693,VS0,VE113
date
Wed, 21 Oct 2020 13:06:01 GMT
vary
Accept-Encoding
content-type
font/ttf
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:02 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
Roboto-Thin.ttf
attackevals.mitre.org/theme/fonts/Roboto/ 		168 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre.org/theme/fonts/Roboto/Roboto-Thin.ttf
Requested by
Host: attackevals.mitre.org
URL: https://attackevals.mitre.org/theme/style/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
3d91f7aa69cb7f7064035895c566ac5cb9b2084582d351af7267bb4e0fba60f5
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Origin
https://attackevals.mitre.org
Referer
https://attackevals.mitre.org/theme/style/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
97bc42ab71533433e35a11aaf173a143b1e0465c
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"5f88c38d-29f80"
age
0
x-cache
MISS
status
200
content-length
89365
x-served-by
cache-cdg20763-CDG
access-control-allow-origin
*
last-modified
Thu, 15 Oct 2020 21:47:57 GMT
server
GitHub.com
x-github-request-id
88BE:12A2A:1010154:113511F:5F900665
x-timer
S1603285561.107656,VS0,VE95
date
Wed, 21 Oct 2020 13:06:01 GMT
vary
Accept-Encoding
content-type
font/ttf
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:02 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
Primary Request /
attackevals.mitre-engenuity.org/APT29/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
8a809d39cbaf177275f11edf5d3795ab97fbcaa021f86f86e136f5352aaa9e40

Request headers

:method
GET
:authority
attackevals.mitre-engenuity.org
:scheme
https
:path
/APT29/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://attackevals.mitre.org/APT29/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://attackevals.mitre.org/APT29/

Response headers

status
200
content-type
text/html; charset=utf-8
server
GitHub.com
last-modified
Tue, 13 Oct 2020 14:42:39 GMT
etag
W/"5f85bcdf-4cfb"
access-control-allow-origin
*
expires
Wed, 21 Oct 2020 13:16:06 GMT
cache-control
max-age=600
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
3732:127C:46A41DD:4ABF169:5F90323E
accept-ranges
bytes
date
Wed, 21 Oct 2020 13:06:06 GMT
via
1.1 varnish
age
0
x-served-by
cache-cdg20729-CDG
x-cache
MISS
x-cache-hits
0
x-timer
S1603285566.413570,VS0,VE95
vary
Accept-Encoding
x-fastly-request-id
b3da565e593e488b0d81ec756f2883ba1c6036ae
content-length
4583
js
www.googletagmanager.com/gtag/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-62667723-5
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb67474502bf9fb62a36b71173d93f465f17b54b3eb0033bfdb390e32345984a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37914
x-xss-protection
0
last-modified
Wed, 21 Oct 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Oct 2020 13:06:06 GMT
analytics.js
attackevals.mitre-engenuity.org/theme/scripts/ 		143 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/scripts/analytics.js
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
c0d1b09b13f8ca1e862d88a7b161bf9910d33bea42dacf9970fc02ce8ccb4250

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
5349447b939b5befeafaaa0193e8d6d3397b0548
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
132
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
A0AA:7AA8:25037B5:274A03B:5F90323D
x-timer
S1603285567.535142,VS0,VE95
etag
W/"5f85bce0-8f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 13:16:06 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
all.css
attackevals.mitre-engenuity.org/theme/style/ 		63 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/style/all.css
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
440b5661211b0b6946647e97477e376fdceebb9e698578601e8bba04e1acd255

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
816c8446d353ec7a372b7e8878bd90431c50ed7b
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
11716
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
5AE0:12A2C:429D337:468619F:5F90066B
x-timer
S1603285567.534779,VS0,VE97
etag
W/"5f85bce0-faa3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:07 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
jquery-3.3.1.min.js
attackevals.mitre-engenuity.org/theme/scripts/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/scripts/jquery-3.3.1.min.js
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
ebb583f965b6ad571222e1b5cf919fa3f158faad
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
30544
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
4DC0:7AA8:248A222:26CA7E8:5F90066B
x-timer
S1603285567.535105,VS0,VE96
etag
W/"5f85bce0-1538f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:07 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
bootstrap.min.css
attackevals.mitre-engenuity.org/theme/style/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/style/bootstrap.min.css
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
ff07e076f876d3e23b1a7251b947c23872dd1145
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
24273
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
924C:12A2C:429D337:4686195:5F90066B
x-timer
S1603285567.534857,VS0,VE101
etag
W/"5f85bce0-2722e"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:07 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
bootstrap-glyphicon.min.css
attackevals.mitre-engenuity.org/theme/style/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/style/bootstrap-glyphicon.min.css
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
f8e8843bbff15bff0d67cf7cb38ab081b6d941146369769b3955aaa77d77f31c

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
4066bcca4cd8b20bc3c367faaccb83a97915477f
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
2648
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
371E:F159:41F5899:45DD667:5F90066B
x-timer
S1603285567.534893,VS0,VE97
etag
W/"5f85bce0-31e1"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:07 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
bootstrap-tourist.css
attackevals.mitre-engenuity.org/theme/style/ 		2 KB
859 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/style/bootstrap-tourist.css
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
29fa98ce23b9e5d2feceda91016a119c48cdabb6db1f588e31fd3a0608176f15

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
dc2374f8ad0d7f56c037c7d4ff0f3100000c48f6
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
660
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
777A:12A2C:429D33B:46861A2:5F90066B
x-timer
S1603285567.535035,VS0,VE95
etag
W/"5f85bce0-8aa"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:07 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
style.min.css
attackevals.mitre-engenuity.org/theme/ 		114 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/style.min.css?1ff16dad
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
793b99eeaffc0884147e3e957a8990c5ed57413987393d1e39ff10b6f272ab46

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
8df9554fc1c2f881f6523289a0488c323fe423a7
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
8388
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
97AA:13177:83770D:8EB623:5F90066A
x-timer
S1603285567.535000,VS0,VE96
etag
W/"5f85bce0-1c74b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:07 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
MITRE_Engenuity_ATTACK-Evaluations_logo_PMS_purple.jpg
d1zq5d3dtjfcoj.cloudfront.net/ 		191 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/MITRE_Engenuity_ATTACK-Evaluations_logo_PMS_purple.jpg
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:06:08 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 16:16:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"54cf7d51c8e8f96533361247be901411"
x-cache
Miss from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
940448
x-amz-cf-id
IE8I_cm7wlcqqmf0dDcRGBClo5SfsvgYvpCyMuJR9QHtxUBWe02g7g==
Attack_hacker.svg
d1zq5d3dtjfcoj.cloudfront.net/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/Attack_hacker.svg
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6ae2206a73176869f132bc049e6c427e0cf695feab496c92993868b11ea0f01

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 06:10:06 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:40:33 GMT
server
AmazonS3
age
24961
etag
"7e71e1b8b079eaa6850357ea8ef84e01"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
3262
x-amz-cf-id
MDherumY9gGbUkFh5ODD27kfJWffihtRTS6j0h6gsTeInY0GBSij6g==
APT29_Process_Diagram.png
d1zq5d3dtjfcoj.cloudfront.net/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/APT29_Process_Diagram.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
611ab77317751cc6cdbbd4c77750e5defaf6bfaab44abcb86b1c9fe0ac373f67

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 13:06:08 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:40:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"55b41d41a0c12fa86908a7ddf0865243"
x-cache
Miss from cloudfront
content-type
image/png
status
200
accept-ranges
bytes
content-length
30864
x-amz-cf-id
HIw6FVxmlCKJZVw9zwlpDpDXFGCGSl4a0dN69h1LEbyhAw0tYmK5oA==
LOGO_bitdefender_red_white.png
d1zq5d3dtjfcoj.cloudfront.net/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/LOGO_bitdefender_red_white.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
482abab68f5f82091b200bf845043fcfef154c46dac0ca800ab978273abbf2a1

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:41:44 GMT
server
AmazonS3
age
85698
etag
"bb6a1061e29360e6a443b068ceb665c6"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
27001
x-amz-cf-id
vw0Jus96JrvJHhvICI0E_eVBom26DmoMidKcm72CJfqkv5FFV1ODDA==
CS_logostacked-red.png
d1zq5d3dtjfcoj.cloudfront.net/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/CS_logostacked-red.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75c64eb2c362a63fc805f5b6dbf968f4fa7b860b18edf02645042fe4f8144f31

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:40:50 GMT
server
AmazonS3
age
85698
etag
"55ab9500727ddc9206b0b342f018bbd6"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
33249
x-amz-cf-id
8oSyU-0Ne9miWRpmimZunjJDao8D2_tHGC4mRQTC7IlsU2tFqGJ2XQ==
Cybereason_Logo.png
d1zq5d3dtjfcoj.cloudfront.net/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/Cybereason_Logo.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5714e1da10f6ac19dc56c32f5fe0ffb9f1558f6b6dd34a9878d874671c6fae8e

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:41:10 GMT
server
AmazonS3
age
85698
etag
"ea3ab12ad60df86ac28574f2deea5836"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
40671
x-amz-cf-id
qxfAGqiTxfz4RSUQdxYca5SWE8iTxaF3r5-9EUQSz0ASPeB67aiFsw==
CyCraft-Logo_vertical_D.png
d1zq5d3dtjfcoj.cloudfront.net/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/CyCraft-Logo_vertical_D.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7bbcf206357a66c0089be2066af2280ef271bb660184e3332c5bd7cc8464be35

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 18:09:56 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Mon, 03 Aug 2020 22:24:39 GMT
server
AmazonS3
age
68171
etag
"0d770c15932dcc0e08427d0113a3e75b"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
116149
x-amz-cf-id
O7hkJQmIYyShuoLN644U-qcig3Ix7MgeCG1KsgF0Thp7ZwkmEDNnqg==
Cylance_BB_Logo_RGB_Vert_BLK.png
d1zq5d3dtjfcoj.cloudfront.net/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/Cylance_BB_Logo_RGB_Vert_BLK.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19421038550de06a4f5ea69c578f34e214f7ddd566865a2ebc85511c18140b79

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:41:14 GMT
server
AmazonS3
age
85698
etag
"8c9d21cc322612ec2669241bf496e06f"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
29020
x-amz-cf-id
lwieYbA_12paiGbNmtChMGXAWWHwF1yspSztCHPvjtjplaz6phQNLQ==
elastic-logo-final.png
d1zq5d3dtjfcoj.cloudfront.net/ 		161 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/elastic-logo-final.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:46 GMT
server
AmazonS3
age
85698
etag
"b897ec5b2228ad4bdf8470406e58d3ef"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
334557
x-amz-cf-id
kmFUZVW5dAJYR_QqKLwizk1DV4JJpIbAyuy1QTTqkaodigsyARx7Iw==
F-Secure_vertical-logo_RGB_blue.png
d1zq5d3dtjfcoj.cloudfront.net/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/F-Secure_vertical-logo_RGB_blue.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:41:25 GMT
server
AmazonS3
age
85698
etag
"4b707108bd5ea650bfc415874b411591"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
16006
x-amz-cf-id
9z7dBMjaH_k9--jYkGPkcp5MXoVV_Vu9ADXBWfVOqTB2q6Dft7BXag==
fireeye-logo.png
d1zq5d3dtjfcoj.cloudfront.net/ 		0
0
GoSecure_L_h_red_cmyk.png
d1zq5d3dtjfcoj.cloudfront.net/ 		63 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/GoSecure_L_h_red_cmyk.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:41:38 GMT
server
AmazonS3
age
85698
etag
"ddad93b8653a77409e3ef70f5802dce4"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
1303324
x-amz-cf-id
MMHyQ4l59gB1EGjUf8BfxEm_-DlGRrf9ux-i_4B324a6rK9IWcJ-9w==
hansight_logo2.png
d1zq5d3dtjfcoj.cloudfront.net/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/hansight_logo2.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
249794ff1af8eba349d5618c0aaefd30829f7a1e15a43b4d502d270245ff62fc

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 06:08:55 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:47 GMT
server
AmazonS3
age
25032
etag
"bedd239e2a371f2fcdd90d2b1e446908"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
25329
x-amz-cf-id
nuQrcXgc6ICe33IGK3sgzAazKcRYqIVx4nEdNcuNAfpzcaAIAbfOYg==
Kaspersky_logotype_green.png
d1zq5d3dtjfcoj.cloudfront.net/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/Kaspersky_logotype_green.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35fb1fb52048077c52b23db57043f58c0810a842d26cacc2052049c82a0bdc44

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:41:44 GMT
server
AmazonS3
age
85698
etag
"88d32ef812c3fc68d135da57069b371a"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
112719
x-amz-cf-id
4ovGufhS8ipI5mDYQFy09ikJ3RLu35FXvXprlOgvHF8Es_tU0p36Ow==
malwarebytes_logo.png
d1zq5d3dtjfcoj.cloudfront.net/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/malwarebytes_logo.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:54 GMT
server
AmazonS3
age
85698
etag
"58b19f9bd198593255588566b86dcaa5"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
2618
x-amz-cf-id
VCD1WtoUEHcyrLR_03NOCnzkvT467M1YxRCO18oDSsM3ryn3jF2gHw==
mcafee-stacked-logo-no-tag-rgb-20170327.png
d1zq5d3dtjfcoj.cloudfront.net/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/mcafee-stacked-logo-no-tag-rgb-20170327.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf5b321ecef8397b2f3be0d136ad930da5bad3dd4aa30ef0b7cb0d864ca5581d

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:54 GMT
server
AmazonS3
age
85698
etag
"80887fce7926c87d981b6e80b5c649c5"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
111855
x-amz-cf-id
nyn-s4ClcZUWPTbvJug7yi8zvtVuY5mtktWvwlXSN3RR2EnvVWD9AQ==
Microsoft-logo-APT29-final.png
d1zq5d3dtjfcoj.cloudfront.net/ 		0
0
Cortex-Logo.png
d1zq5d3dtjfcoj.cloudfront.net/ 		39 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/Cortex-Logo.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Thu, 07 May 2020 13:23:01 GMT
server
AmazonS3
age
85698
etag
"cfa6290d0acd828be6eaf6ffa7693f1c"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
40229
x-amz-cf-id
N11_NObMVvFTebbusOSMO8a254xa2E7iaXpcK1fimFRXoBpLt9x4HQ==
reaqta_r3.png
d1zq5d3dtjfcoj.cloudfront.net/ 		177 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/reaqta_r3.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Mon, 03 Aug 2020 22:24:39 GMT
server
AmazonS3
age
85698
etag
"bdd2fa28c8019bce05339941c1ba9faf"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
181503
x-amz-cf-id
IPJT4qJmhDXskcsrg7kRdJSZIfgpZf0iK77D09okTd5NTxXP2r3E1Q==
Secureworks_Logo_final.png
d1zq5d3dtjfcoj.cloudfront.net/ 		349 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/Secureworks_Logo_final.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 06:08:55 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:22 GMT
server
AmazonS3
age
25032
etag
"521054439fc0d077a107b96857ab0103"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
568015
x-amz-cf-id
3eFQZeputjD89-yr1QU4DIqznvnvK0hiDiZOTtQa-4DJPNRIwoeQPQ==
sentinelOne_logo_2019.jpg
d1zq5d3dtjfcoj.cloudfront.net/ 		180 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/sentinelOne_logo_2019.jpg
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:56 GMT
server
AmazonS3
age
85698
etag
"cfdca6642c7e9992d8de85635985df97"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
184780
x-amz-cf-id
G7rZ1s_Z_yKIz51O4QMGCAwrbe6aDv8TXzLOcnXq-oqepDIKJcl4pw==
Symantec-Logo-APT29.png
d1zq5d3dtjfcoj.cloudfront.net/ 		259 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/Symantec-Logo-APT29.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81ee2fd2cfa5792333ac93a3a7a98d6a8cd8a64cb9f4632064e37726bfc830b3

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 18:09:56 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:34 GMT
server
AmazonS3
age
68171
etag
"4f0b8e53c233a4940360c7b9106fd72c"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
265709
x-amz-cf-id
ljRTudFzf_RXxynFmsN8z3dRBnBPkSAqUAC6NNInwpaZUrWqRBdXYQ==
TM_logo_red_2c.png
d1zq5d3dtjfcoj.cloudfront.net/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/TM_logo_red_2c.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ea9f5412d0d936147163ac2dd8c27db1fadcb03662d058dbb067d9b975f03e7

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 06:20:43 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:34 GMT
server
AmazonS3
age
24324
etag
"3e3298e0601e3bba14dfc407d80215fa"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
75560
x-amz-cf-id
184yK5zQJWJlLn-Wap4mq-LeDESq6mJ2H8hcZ0W_SPAebBvj341CgA==
VMware-logo.png
d1zq5d3dtjfcoj.cloudfront.net/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/VMware-logo.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
967ef389cd73f0b5fb109598553dd96ee9679c384ebbb531b68b6bc6022811b3

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 20 Oct 2020 13:17:49 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:44 GMT
server
AmazonS3
age
85698
etag
"69cabaee2c5b8332f173e39eee1e63b1"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
56578
x-amz-cf-id
vm_KjLWoZ39XDu4TKU2fPalUx-jLHCjc2YKeE_hzHKGTqHPYr2E3AQ==
twitter.png
d1zq5d3dtjfcoj.cloudfront.net/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1zq5d3dtjfcoj.cloudfront.net/twitter.png
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:3:4981:3cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa56d1290557a7b0734f0b53ee6b8b31e4e36276cfb622f1a48fed56c3188730

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 12:35:25 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 14:42:57 GMT
server
AmazonS3
age
1842
etag
"55cc7d994f5382c09000881301e7303b"
x-cache
Hit from cloudfront
content-type
image/png
status
200
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
11502
x-amz-cf-id
HQG4RGMnCgh3Dr9K-3UW88uIUMw8ozL9Z3ZgJBSWWhEuGInq95-Tfw==
popper.min.js
attackevals.mitre-engenuity.org/theme/scripts/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/scripts/popper.min.js
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
53c8d84fdb074ac31e101704abfe4ef3f2bf92f467582498afe70461b72d2051

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
05f85b5ed9c849282c980730f7a2a512b117c9f6
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
8670
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
BA06:6FD8:4B268D8:4F8D0CB:5F90066B
x-timer
S1603285567.673520,VS0,VE92
etag
W/"5f85bce0-7964"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:07 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
bootstrap.min.js
attackevals.mitre-engenuity.org/theme/scripts/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/scripts/bootstrap.min.js
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
4629ba6e890826b04a706961b07661a86fa931ef
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
14992
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
6E6A:4DAB:43CC423:47D4FE1:5F90066B
x-timer
S1603285567.685060,VS0,VE93
etag
W/"5f85bce0-ea8c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:07 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
site.js
attackevals.mitre-engenuity.org/theme/scripts/ 		491 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/scripts/site.js
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
088003d066c1340c4c1eea524b749cbe7cdeb0cb6893f4857d8e74ee4a04d0b8

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
204b0997b5c7600f795fe6f937a22f0dc00f7fd9
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
262
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
5768:2D58:4750ECD:4B88B74:5F90066B
x-timer
S1603285567.685217,VS0,VE95
etag
W/"5f85bce0-1eb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:07 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
bootstrap-tourist.js
attackevals.mitre-engenuity.org/theme/scripts/ 		80 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/scripts/bootstrap-tourist.js
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/APT29/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7980f0eb2baeb8a63047a92c7f110cb40ea8d92f633469c6f85ec7b9639b8cdf

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
75571c67215bd1d944882d5c59423504d71f4281
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
19993
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
A4EA:2D56:EA9801:FB718A:5F900669
x-timer
S1603285567.685190,VS0,VE94
etag
W/"5f85bce0-13f20"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:07 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62667723-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
4601
date
Wed, 21 Oct 2020 11:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Wed, 21 Oct 2020 13:49:25 GMT
Gilroy-Bold.otf
attackevals.mitre-engenuity.org/theme/fonts/Gilroy/ 		54 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/fonts/Gilroy/Gilroy-Bold.otf
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/theme/style.min.css?1ff16dad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c

Request headers

Origin
https://attackevals.mitre-engenuity.org
Referer
https://attackevals.mitre-engenuity.org/theme/style.min.css?1ff16dad
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
e1a34dc90db61468e209d3fbad7f8e8e07a578c3
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
33460
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
BEB6:0BC5:43AC677:47AC2EA:5F90066C
x-timer
S1603285567.700806,VS0,VE96
etag
W/"5f85bce0-d850"
vary
Accept-Encoding
content-type
font/otf
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:08 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
Gilroy-Regular.otf
attackevals.mitre-engenuity.org/theme/fonts/Gilroy/ 		53 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/fonts/Gilroy/Gilroy-Regular.otf
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/theme/style.min.css?1ff16dad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776

Request headers

Origin
https://attackevals.mitre-engenuity.org
Referer
https://attackevals.mitre-engenuity.org/theme/style.min.css?1ff16dad
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
6b3c9177202ebf5c3ec3c8c6f0cb5a94e5e33c4d
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
31614
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
7320:2D57:23C7EED:260119B:5F90066C
x-timer
S1603285567.700775,VS0,VE96
etag
W/"5f85bce0-d250"
vary
Accept-Encoding
content-type
font/otf
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:08 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
Sentinel-Book.otf
attackevals.mitre-engenuity.org/theme/fonts/Sentinel/ 		151 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://attackevals.mitre-engenuity.org/theme/fonts/Sentinel/Sentinel-Book.otf
Requested by
Host: attackevals.mitre-engenuity.org
URL: https://attackevals.mitre-engenuity.org/theme/style.min.css?1ff16dad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
596a72e28754e2c80f2c5ee21d37d7111d4b1a4c5fae4433c4fdae6078346747

Request headers

Origin
https://attackevals.mitre-engenuity.org
Referer
https://attackevals.mitre-engenuity.org/theme/style.min.css?1ff16dad
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id
eca28ff80300700034c5b83b54cf6ba489143fd8
date
Wed, 21 Oct 2020 13:06:06 GMT
content-encoding
gzip
age
0
x-cache
MISS
status
200
content-length
73985
x-served-by
cache-cdg20729-CDG
access-control-allow-origin
*
last-modified
Tue, 13 Oct 2020 14:42:40 GMT
server
GitHub.com
x-github-request-id
B1A8:0BC5:43AC677:47AC152:5F900667
x-timer
S1603285567.700955,VS0,VE97
etag
W/"5f85bce0-25cfc"
vary
Accept-Encoding
content-type
font/otf
via
1.1 varnish
expires
Wed, 21 Oct 2020 10:09:08 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
collect
www.google-analytics.com/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=36793725&t=pageview&_s=1&dl=https%3A%2F%2Fattackevals.mitre-engenuity.org%2FAPT29%2F&dr=https%3A%2F%2Fattackevals.mitre.org%2FAPT29%2F&ul=en-us&de=UTF-8&dt=ATT%26CK%C2%AE%20EVALUATIONS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=433934545&gjid=240483115&cid=1090608501.1603285567&tid=UA-62667723-5&_gid=2107573430.1603285567&_r=1&gtm=2ou9u1&z=1740136005
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://attackevals.mitre-engenuity.org/APT29/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Oct 2020 13:06:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://attackevals.mitre-engenuity.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d1zq5d3dtjfcoj.cloudfront.net
URL
https://d1zq5d3dtjfcoj.cloudfront.net/fireeye-logo.png
Domain
d1zq5d3dtjfcoj.cloudfront.net
URL
https://d1zq5d3dtjfcoj.cloudfront.net/Microsoft-logo-APT29-final.png

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| gaplugins object| gaGlobal object| gaData function| Popper object| bootstrap function| autoHeight function| Tour

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://attackevals.mitre.org/theme/scripts/site.js(Line 7)
Message:
undefined
console-api log URL: https://attackevals.mitre-engenuity.org/theme/scripts/site.js(Line 7)
Message:
undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

attackevals.mitre-engenuity.org
attackevals.mitre.org
d1zq5d3dtjfcoj.cloudfront.net
www.google-analytics.com
www.googletagmanager.com
d1zq5d3dtjfcoj.cloudfront.net
185.199.108.153
185.199.111.153
2600:9000:2057:7c00:3:4981:3cc0:21
2a00:1450:4001:808::200e
2a00:1450:4001:824::2008
088003d066c1340c4c1eea524b749cbe7cdeb0cb6893f4857d8e74ee4a04d0b8
0ea9f5412d0d936147163ac2dd8c27db1fadcb03662d058dbb067d9b975f03e7
11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19421038550de06a4f5ea69c578f34e214f7ddd566865a2ebc85511c18140b79
249794ff1af8eba349d5618c0aaefd30829f7a1e15a43b4d502d270245ff62fc
29fa98ce23b9e5d2feceda91016a119c48cdabb6db1f588e31fd3a0608176f15
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c
35fb1fb52048077c52b23db57043f58c0810a842d26cacc2052049c82a0bdc44
3d91f7aa69cb7f7064035895c566ac5cb9b2084582d351af7267bb4e0fba60f5
440b5661211b0b6946647e97477e376fdceebb9e698578601e8bba04e1acd255
482abab68f5f82091b200bf845043fcfef154c46dac0ca800ab978273abbf2a1
53c8d84fdb074ac31e101704abfe4ef3f2bf92f467582498afe70461b72d2051
55f61ce63b8f846de286d53083e0380f2b8898fa15245437a3f960fa9dc27503
5714e1da10f6ac19dc56c32f5fe0ffb9f1558f6b6dd34a9878d874671c6fae8e
596a72e28754e2c80f2c5ee21d37d7111d4b1a4c5fae4433c4fdae6078346747
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
611ab77317751cc6cdbbd4c77750e5defaf6bfaab44abcb86b1c9fe0ac373f67
65c818f6e98442bcc6b1b89569470a9972b858cc4ec4e06241b4230c7824461a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75c64eb2c362a63fc805f5b6dbf968f4fa7b860b18edf02645042fe4f8144f31
793b99eeaffc0884147e3e957a8990c5ed57413987393d1e39ff10b6f272ab46
7980f0eb2baeb8a63047a92c7f110cb40ea8d92f633469c6f85ec7b9639b8cdf
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7bbcf206357a66c0089be2066af2280ef271bb660184e3332c5bd7cc8464be35
81ee2fd2cfa5792333ac93a3a7a98d6a8cd8a64cb9f4632064e37726bfc830b3
8a809d39cbaf177275f11edf5d3795ab97fbcaa021f86f86e136f5352aaa9e40
967ef389cd73f0b5fb109598553dd96ee9679c384ebbb531b68b6bc6022811b3
976705f4556d7fb372a1696b61112f0091182e1761a27a7ff261cafb4da551da
bf5b321ecef8397b2f3be0d136ad930da5bad3dd4aa30ef0b7cb0d864ca5581d
c0d1b09b13f8ca1e862d88a7b161bf9910d33bea42dacf9970fc02ce8ccb4250
cb67474502bf9fb62a36b71173d93f465f17b54b3eb0033bfdb390e32345984a
d6645352321e385ea0466a3c43a458eaa26042974f93cf21a0fc2dc1dcb49b8f
d6ae2206a73176869f132bc049e6c427e0cf695feab496c92993868b11ea0f01
e71cdd28c97ef314ce66cadac89690b616a826457e49ba53571d2d80262ee146
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f8e8843bbff15bff0d67cf7cb38ab081b6d941146369769b3955aaa77d77f31c
fa56d1290557a7b0734f0b53ee6b8b31e4e36276cfb622f1a48fed56c3188730