www.cjis.gov
Open in
urlscan Pro
153.31.113.23
Public Scan
Effective URL: https://www.cjis.gov/CJISEAI/TAMOperationHandler?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2FFIM%2Fsps%2Fauth%3FFedName...
Submission Tags: insec_govpress_testing wordpress Search All
Submission: On October 16 via api from US
Summary
TLS certificate: Issued by Entrust Certification Authority - L1M on May 29th 2020. Valid for: 2 years.
This is the only time www.cjis.gov was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 4 | 65.199.41.163 65.199.41.163 | 701 (UUNET) (UUNET) | |
1 | 65.199.41.167 65.199.41.167 | 701 (UUNET) (UUNET) | |
2 10 | 153.31.113.23 153.31.113.23 | 25996 (FBICJIS) (FBICJIS) | |
9 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
cjis.gov
2 redirects
www.cjis.gov |
77 KB |
5 |
fbi.gov
4 redirects
leep-ndcac.fbi.gov login-ndcac.fbi.gov |
9 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
10 | www.cjis.gov |
2 redirects
www.cjis.gov
|
4 | leep-ndcac.fbi.gov | 4 redirects |
1 | login-ndcac.fbi.gov | |
9 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
login-ndcac.fbi.gov Entrust Certification Authority - L1K |
2020-02-20 - 2022-03-31 |
2 years | crt.sh |
www.cjis.gov Entrust Certification Authority - L1M |
2020-05-29 - 2022-08-28 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.cjis.gov/CJISEAI/TAMOperationHandler?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DTrustedBroker-SAML20-IDP%26FedId%3Duuidbf3a3219-012a-1e48-909a-85c16b55c6a1&AUTHNLEVEL=
Frame ID: 7694A6B04D44AAE23B82A89AC82CE5C6
Requests: 8 HTTP requests in this frame
Frame:
https://www.cjis.gov/static/CJISEAI/UserNameEntry.html
Frame ID: CA8F91AFD6DCFE8126CE07F2FA8E2E7F
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://leep-ndcac.fbi.gov/
HTTP 307
https://leep-ndcac.fbi.gov/ HTTP 302
https://leep-ndcac.fbi.gov/_layouts/15/Authenticate.aspx?Source=%2F HTTP 302
https://leep-ndcac.fbi.gov/_login/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%... HTTP 302
https://leep-ndcac.fbi.gov/_trust/default.aspx?trust=CJIS&ReturnUrl=%2f_layouts%2f15%2fAuthenticate.asp... HTTP 302
https://login-ndcac.fbi.gov/adfs/ls?wa=wsignin1.0&wtrealm=uri%3andcac%3aportal&wctx=https%3a%2f%2fleep-n... Page URL
-
https://www.cjis.gov/FIM/sps/TrustedBroker-SAML20-IDP/saml20/login
HTTP 302
https://www.cjis.gov/FIM/sps/auth?FedName=TrustedBroker-SAML20-IDP&FedId=uuidbf3a3219-012a-1e48-9... HTTP 302
https://www.cjis.gov/CJISEAI/TAMOperationHandler?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2FFIM%2F... Page URL
Detected technologies
Microsoft HTTPAPI (Web Servers) ExpandDetected patterns
- headers server /Microsoft-HTTPAPI(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://leep-ndcac.fbi.gov/
HTTP 307
https://leep-ndcac.fbi.gov/ HTTP 302
https://leep-ndcac.fbi.gov/_layouts/15/Authenticate.aspx?Source=%2F HTTP 302
https://leep-ndcac.fbi.gov/_login/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
https://leep-ndcac.fbi.gov/_trust/default.aspx?trust=CJIS&ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
https://login-ndcac.fbi.gov/adfs/ls?wa=wsignin1.0&wtrealm=uri%3andcac%3aportal&wctx=https%3a%2f%2fleep-ndcac.fbi.gov%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&wreply=https%3a%2f%2fleep-ndcac.fbi.gov%2f_trust%2fdefault.aspx Page URL
-
https://www.cjis.gov/FIM/sps/TrustedBroker-SAML20-IDP/saml20/login
HTTP 302
https://www.cjis.gov/FIM/sps/auth?FedName=TrustedBroker-SAML20-IDP&FedId=uuidbf3a3219-012a-1e48-909a-85c16b55c6a1 HTTP 302
https://www.cjis.gov/CJISEAI/TAMOperationHandler?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DTrustedBroker-SAML20-IDP%26FedId%3Duuidbf3a3219-012a-1e48-909a-85c16b55c6a1&AUTHNLEVEL= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://leep-ndcac.fbi.gov/ HTTP 307
- https://leep-ndcac.fbi.gov/ HTTP 302
- https://leep-ndcac.fbi.gov/_layouts/15/Authenticate.aspx?Source=%2F HTTP 302
- https://leep-ndcac.fbi.gov/_login/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
- https://leep-ndcac.fbi.gov/_trust/default.aspx?trust=CJIS&ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
- https://login-ndcac.fbi.gov/adfs/ls?wa=wsignin1.0&wtrealm=uri%3andcac%3aportal&wctx=https%3a%2f%2fleep-ndcac.fbi.gov%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&wreply=https%3a%2f%2fleep-ndcac.fbi.gov%2f_trust%2fdefault.aspx
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
ls
login-ndcac.fbi.gov/adfs/ Redirect Chain
|
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
TAMOperationHandler
www.cjis.gov/CJISEAI/ Redirect Chain
|
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
generic.css
www.cjis.gov/CJISEAI/css/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pm_fp.js
www.cjis.gov/CJISEAI/js/ |
21 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background_gradient.png
www.cjis.gov/CJISEAI/images/ |
840 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
leep_logo.png
www.cjis.gov/CJISEAI/images/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Help_white.png
www.cjis.gov/CJISEAI/images/ |
443 B 740 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Help_grey.png
www.cjis.gov/CJISEAI/images/ |
538 B 835 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UserNameEntry.html
www.cjis.gov/static/CJISEAI/ Frame CA8F |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
48 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| SEP string| PAIR string| DEV number| ver function| activeXDetect function| extractVersions function| stripIllegalChars function| stripFullPath function| deviceprint_browser function| deviceprint_display function| deviceprint_software function| deviceprint_timezone function| deviceprint_language function| deviceprint_java function| deviceprint_cookie function| form_add_data function| form_add_deviceprint function| asyncpost_deviceprint function| post_deviceprint function| URLencode function| encode_deviceprint function| decode_deviceprint function| add_deviceprint function| Hashtable string| ua boolean| opera boolean| ie boolean| iemac number| moz string| os function| enrollQuestionChanged function| getWidth boolean| isMobile boolean| isMobileOverride boolean| formSubmitted undefined| submittedTime function| send function| KeyCheck function| setFocus function| check string| t boolean| isFirst string| encodedString7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.cjis.gov/ | Name: PD_STATEFUL_f4321dea-ccb8-11e0-a1de-0050568f3340 Value: %2FCJISEAI |
|
www.cjis.gov/ | Name: AMWEBJCT!%2FCJISEAI!JSESSIONID Value: 0001mNGTRQG7VCrmq_vV2IRu7SJ:-10L0HBL |
|
.cjis.gov/ | Name: PD-H0-SESSION-ID Value: 0_s0L4wlgqh9uc4qfEkh7WngQ8AVqBjV6kBzjBbaW1FwPcDODoaas= |
|
www.cjis.gov/ | Name: IV_JCT Value: %2FCJISEAI |
|
www.cjis.gov/ | Name: PD_STATEFUL_55ecfa32-b221-11df-9cd4-0050568f3340 Value: %2FFIM |
|
www.cjis.gov/ | Name: AMWEBJCT!%2FFIM!https%3A%2F%2Fwww.cjis.gov%2FFIM%2Fsps%2FTrustedBroker-SAML20-IDP%2Fsaml20FIMSAML20 Value: uuid2f0eb1f6-0175-14f8-a87b-9769bf934673 |
|
www.cjis.gov/ | Name: AMWEBJCT!%2FFIM!JSESSIONID Value: 0000_HVknCMxKZhpslaOn5-ClFE:156n3s178 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
leep-ndcac.fbi.gov
login-ndcac.fbi.gov
www.cjis.gov
153.31.113.23
65.199.41.163
65.199.41.167
16e59748ff49b8d13cbac0c71f750738919a0c45ef131780543c5bef5855472d
31993d5c53775ea8256a6c9a4017ec4ae3ec31d29f24e5ad8856b7eff198b44a
3ef66bd4ad7e25598dc55db0182f4b06dd9ab9fa9a04c6e31d2c01762638e079
44e53729713c49e390883cff0b4f20a17fc411be4a9a6894c38b7a2c504e4421
4699bede8f1ad37f1f7ef1f6bffd9d6f17eff2d3bbb29513373995943d0bb8b1
65780af060a4d3b739121ff8efae3e7fcbfbb7754bbe6fad51a701a040f9daee
68d38df0fa524169c6fdec414a2d9d7bf9d0d9526120e82144501e229e67529a
90e7e1c88ff7aa00426ebda9cf2c1dfe53cd062567c2d3516534310e6f4782fa
ec83762fab2bc836fab52adac02978c5b3811312dbede5aad67b695bb8fd5b2f