DNS Registrar gave domain name to US government, the US government simply pointed the new domain name to a new server. If you're still viewing the old site, then the DNS propagation hasn't reached your ISP's DNS yet. The server hosting the files is unaffected as it's in another country hence someone provided a direct IP address.
This has the potential for attacks on unprotected clients with malicious JS.
But most likely, they will be logging browser details and ip address as an old honeypot tactic. If I was in their position, I would attempt to cross-match the IP addresses with list of associated profiles (For the paranoid, FB/HN/etc may provide profile associations due to sealed requests). Then there's a list of suspects for questioning.
They have a banner at the top saying it was shut down this afternoon but how did they get it back? Or is it still blocked in the US?