www.doj.com Open in urlscan Pro
2a00:1768:2001:63::46:110 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.doj.com/terrorism
Submission Tags: falconsandbox
Submission: On July 11 via api (July 11th 2021, 6:32:20 pm UTC) from US

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2a00:1768:2001:63::46:110, located in Netherlands and belongs to NFORCE, NL. The main domain is www.doj.com.

This is the only time www.doj.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a00:1768:200... 2a00:1768:2001:63::46:110	43350 (NFORCE) (NFORCE)
1	2a00:1768:200... 2a00:1768:2001:46::1:1	43350 (NFORCE) (NFORCE)
1 3	104.16.169.131 104.16.169.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	5

4 2a00:1768:2001:63::46:110 (Netherlands)

ASN43350 (NFORCE, NL)

www.doj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1768:2001:46::1:1 (Netherlands)

ASN43350 (NFORCE, NL)

www.cloudns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.169.131 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.168.131 (United States)

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	hcaptcha.com 1 redirects hcaptcha.com newassets.hcaptcha.com	451 KB
4	doj.com www.doj.com	35 KB
1	cloudns.net www.cloudns.net	10 KB
13	3

	Domain	Requested by
6	newassets.hcaptcha.com	www.doj.com hcaptcha.com newassets.hcaptcha.com
4	www.doj.com	www.doj.com
3	hcaptcha.com	1 redirects newassets.hcaptcha.com
1	www.cloudns.net	www.doj.com
13	4

This site contains links to these domains. Also see Links.

Domain
www.cloudns.net

Subject Issuer	Validity	Valid
*.cloudns.net Sectigo RSA Domain Validation Secure Server CA	`2019-09-05` - `2021-11-02`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://www.doj.com/terrorism
Frame ID: E456CD6D72A439A7FF90CE23EEC4DD80
Requests: 6 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/97a7068/static/hcaptcha-challenge.html
Frame ID: 36CB1E406AF2B73516CB64AB8570ECF2
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/97a7068/static/hcaptcha-checkbox.html
Frame ID: DD22BB27E7CB947DC227C8573B567A7A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

69 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

495 kB
Transfer

1378 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudns.net/
Title: ClouDNS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://hcaptcha.com/1/api.js?render=explicit&_=1626028323977 HTTP 302
https://newassets.hcaptcha.com/captcha/v1/97a7068/hcaptcha.js

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request terrorism Show response
www.doj.com/ 3 KB
1 KB 50ms
16ms Document
text/html 2a00:1768:2001:63::46:110
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: http://www.doj.com/terrorism
Protocol: HTTP/1.1
Server: 2a00:1768:2001:63::46:110 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx /
Resource Hash: 458aa5449676f4a392457f6893eeea628f8d355dbe37e7f0b8c56fdf777ae63d

Request headers

Host: www.doj.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sun, 11 Jul 2021 18:32:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK style.css
www.doj.com/templates/1/ 2 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1768:2001:63::46:110
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: http://www.doj.com/templates/1/style.css
Requested by: Host: www.doj.com
URL: http://www.doj.com/terrorism
Protocol: HTTP/1.1
Server: 2a00:1768:2001:63::46:110 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx /
Resource Hash: f95413da199164de3ec7cadea8620bb7e2985d9be5034c284f6c749140701658

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.doj.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.doj.com/terrorism
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.doj.com/terrorism
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Jul 2021 18:32:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 11:59:43 GMT
Server: nginx
ETag: W/"5ee762af-899"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK jquery.min.js Show response
www.doj.com/js/ 92 KB
33 KB 34ms
21ms Script
application/javascript 2a00:1768:2001:63::46:110
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: http://www.doj.com/js/jquery.min.js
Requested by: Host: www.doj.com
URL: http://www.doj.com/terrorism
Protocol: HTTP/1.1
Server: 2a00:1768:2001:63::46:110 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.doj.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.doj.com/terrorism
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.doj.com/terrorism
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Jul 2021 18:32:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Jun 2020 11:59:43 GMT
Server: nginx
ETag: W/"5ee762af-16eab"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 bg.gif
www.cloudns.net/images/web/ 10 KB
10 KB 58ms
14ms Image
image/gif 2a00:1768:2001:46::1:1
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cloudns.net/images/web/bg.gif

Requested by

Host: www.doj.com
URL: http://www.doj.com/templates/1/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2a00:1768:2001:46::1:1 , Netherlands, ASN43350 (NFORCE, NL),

Reverse DNS

Software

nginx /

Resource Hash

2d6712e6e76bc1034f54a4257ebcc9cf8204af4d8ed8e7d3979505382a612476

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: http://www.doj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 18:32:04 GMT
last-modified: Tue, 30 Jun 2020 16:16:20 GMT
server: nginx
etag: "5efb6554-2698"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/gif
accept-ranges: bytes
content-length: 9880

GET
H/1.1 200
OK button.gif
www.doj.com/templates/1/images/ 167 B
397 B 14ms
13ms Image
image/gif 2a00:1768:2001:63::46:110
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.doj.com/templates/1/images/button.gif
Requested by: Host: www.doj.com
URL: http://www.doj.com/templates/1/style.css
Protocol: HTTP/1.1
Server: 2a00:1768:2001:63::46:110 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
Software: nginx /
Resource Hash: f8d7a5894ffd4d6766938aa8fcef32f8b05c55ea30144c0f9cff1e06b67de3f0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.doj.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.doj.com/templates/1/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.doj.com/templates/1/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 11 Jul 2021 18:32:03 GMT
Last-Modified: Mon, 15 Jun 2020 11:59:43 GMT
Server: nginx
ETag: "5ee762af-a7"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 167

GET
H2

200

hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/97a7068/
Redirect Chain

https://hcaptcha.com/1/api.js?render=explicit&_=1626028323977
https://newassets.hcaptcha.com/captcha/v1/97a7068/hcaptcha.js

80 KB
25 KB

41ms
40ms

Script
application/javascript

104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/97a7068/hcaptcha.js

Requested by

Host: www.doj.com
URL: http://www.doj.com/terrorism

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be40c4f5cd3faf2add99d6878ad6521b1794d5759a4e78303c0358ecf4509f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.doj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 18:32:04 GMT
via: 1.1 ed56cfaa883e0c10b610c3cdd45acb40.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 463510
cf-polished: origSize=81616
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 06 Jul 2021 08:31:53 GMT
server: cloudflare
etag: W/"9ea59b3ff6b180e7abe79b91316b5f5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: CDG3-C2
cf-ray: 66d41cc18d8fedc7-CDG
x-amz-cf-id: wBWsnGqYAknokevmexeCUKcQv6BUzwJnuAJROpIkFNLCceJvX88_Tg==
cf-bgj: minify

Redirect headers

date: Sun, 11 Jul 2021 18:32:04 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://newassets.hcaptcha.com/captcha/v1/97a7068/hcaptcha.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 66d41cc13cdfedc7-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0b38704ccd0000edc7509ee000000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-29 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/97a7068/static/ Frame 36CB 2 KB
1 KB 71ms
35ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/97a7068/static/hcaptcha-challenge.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&_=1626028323977

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7d8c4773f79af9608e0fe64f4c6cf8e18e74c37734d4a58d15de01941dabba

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: newassets.hcaptcha.com
:scheme: https
:path: /captcha/v1/97a7068/static/hcaptcha-challenge.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.doj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.doj.com/

Response headers

date: Sun, 11 Jul 2021 18:32:04 GMT
content-type: text/html
last-modified: Tue, 06 Jul 2021 08:31:53 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: SCxg0r8XfMzJNy9nZQW87UPuktak1T9AOMBqGBJbU1GSw93QOmS45A==
age: 463510
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 66d41cc22de0eddb-CDG
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/97a7068/static/ Frame DD22 2 KB
1 KB 70ms
34ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/97a7068/static/hcaptcha-checkbox.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&_=1626028323977

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00c216c759bd58809f6591699d5547281ef3caa6672cad62ec4007e7821cb5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: newassets.hcaptcha.com
:scheme: https
:path: /captcha/v1/97a7068/static/hcaptcha-checkbox.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.doj.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.doj.com/

Response headers

date: Sun, 11 Jul 2021 18:32:04 GMT
content-type: text/html
last-modified: Tue, 06 Jul 2021 08:31:53 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 7d935e83126b0b85ded112b940f9c85d.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: Xcm8m-SSn-Ro-qH7QK-IfOZIpg5_spPPGv-sm8rGtv3cTHSyc2Jdpg==
age: 463510
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 66d41cc22dddeddb-CDG
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/97a7068/ Frame DD22 127 KB
41 KB 58ms
58ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/97a7068/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/97a7068/static/hcaptcha-checkbox.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e70457fa14a7298fd995cd6ae3ef8dacff2438cd42e7e29193cb665311f0559c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/97a7068/static/hcaptcha-checkbox.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 18:32:04 GMT
via: 1.1 b3f4b9d58649ca2204c0fb8174557c63.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 463508
cf-polished: origSize=130410
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 06 Jul 2021 08:31:52 GMT
server: cloudflare
etag: W/"c12bdc730f0d11039b44885ddff5935d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: CDG3-C2
cf-ray: 66d41cc26e75eddb-CDG
x-amz-cf-id: q7aqnjAf9-XPnrVF45pvrJcYUkid0ZVjHB-fC6PWAphgvVmbuE6BYg==
cf-bgj: minify

GET
H3-29 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/97a7068/ Frame 36CB 206 KB
58 KB 33ms
33ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/97a7068/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/97a7068/static/hcaptcha-challenge.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82d929b3bfcd45c13b83e09188b7d0d2d7d0255ca5386575d1d352226dd60ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/97a7068/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 18:32:04 GMT
via: 1.1 19fefe7d41cfedb99873c7b5cd95d411.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 463508
cf-polished: origSize=211279
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 06 Jul 2021 08:31:51 GMT
server: cloudflare
etag: W/"56d5d29e355a4b434dcb0006e1d65e5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: CDG3-C2
cf-ray: 66d41cc26e83eddb-CDG
x-amz-cf-id: Bfek-yu-qeM3BDkIziW2xdxHTI6O8S8jyVWO5jsvJdUxEsuT_CwbFg==
cf-bgj: minify

GET
DATA 200
OK truncated
/ Frame DD22 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3-29 200 checksiteconfig
hcaptcha.com/ Frame 0
0 59ms
35ms Preflight 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?host=www.doj.com&sitekey=29216ad8-853d-4298-bcca-4ad64bbea37f&sc=1&swa=1

Protocol

H3-29

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 11 Jul 2021 18:32:04 GMT
content-length: 0
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 66d41cc329660834-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 checksiteconfig Show response
hcaptcha.com/ Frame DD22 508 B
894 B 48ms
48ms XHR
application/json 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?host=www.doj.com&sitekey=29216ad8-853d-4298-bcca-4ad64bbea37f&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/97a7068/hcaptcha-checkbox.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5199e9b4da8dc4665ab17833c711c5c2f06374e5cd262191b1d90cb393aa52f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 11 Jul 2021 18:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 66d41cc368b9eddb-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 hsw.js Show response
newassets.hcaptcha.com/c/b4c6e9dc/ Frame 36CB 854 KB
323 KB 44ms
44ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/b4c6e9dc/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/97a7068/hcaptcha-challenge.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae11f7e28d19a5701cea9a04f4cefd77896a24afc6b2aebf32c185e390f57190

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/97a7068/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 18:32:04 GMT
via: 1.1 2114f6e9c6130b946922a303f84256b1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 366423
cf-polished: origSize=874444
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 07 Jul 2021 12:40:35 GMT
server: cloudflare
etag: W/"950bf968d33ca21a6719fd5481dad91e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: CDG3-C2
cf-ray: 66d41cc3b97feddb-CDG
x-amz-cf-id: Jx0nncik0qnOMB8VgZAhVp8In4JIyFA9MKo9IDF5dZyOBDtq0qh_Aw==
cf-bgj: minify

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hcaptcha.com
newassets.hcaptcha.com
www.cloudns.net
www.doj.com
104.16.168.131
104.16.169.131
2a00:1768:2001:46::1:1
2a00:1768:2001:63::46:110
00c216c759bd58809f6591699d5547281ef3caa6672cad62ec4007e7821cb5f7
2d6712e6e76bc1034f54a4257ebcc9cf8204af4d8ed8e7d3979505382a612476
3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23
458aa5449676f4a392457f6893eeea628f8d355dbe37e7f0b8c56fdf777ae63d
5199e9b4da8dc4665ab17833c711c5c2f06374e5cd262191b1d90cb393aa52f4
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
82d929b3bfcd45c13b83e09188b7d0d2d7d0255ca5386575d1d352226dd60ea4
ae11f7e28d19a5701cea9a04f4cefd77896a24afc6b2aebf32c185e390f57190
be40c4f5cd3faf2add99d6878ad6521b1794d5759a4e78303c0358ecf4509f88
e70457fa14a7298fd995cd6ae3ef8dacff2438cd42e7e29193cb665311f0559c
f8d7a5894ffd4d6766938aa8fcef32f8b05c55ea30144c0f9cff1e06b67de3f0
f95413da199164de3ec7cadea8620bb7e2985d9be5034c284f6c749140701658
ff7d8c4773f79af9608e0fe64f4c6cf8e18e74c37734d4a58d15de01941dabba

www.doj.com Open in urlscan Pro 2a00:1768:2001:63::46:110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

69 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

495 kBTransfer

1378 kBSize

0 Cookies

1 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

Indicators

www.doj.com Open in urlscan Pro
2a00:1768:2001:63::46:110 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

69 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

495 kB
Transfer

1378 kB
Size

0
Cookies

13 HTTP transactions
1 data transactions