ID photo of Ciro Santilli taken in 2013 right eyeCiro Santilli OurBigBook logoOurBigBook.com  Sponsor 中国独裁统治 China Dictatorship 新疆改造中心、六四事件、法轮功、郝海东、709大抓捕、2015巴拿马文件 邓家贵、低端人口、西藏骚乱
One promising way to find more of those would be with IP searches, since it was stated in the Reuters article that the CIA made the terrible mistake of using several contiguous IP blocks for those website. What a phenomenal OPSEC failure!!!
The easiest way would be if Wayback Machine itself had an IP search function, but we couldn't find one: Search Wayback Machine by IP.
viewdns.info was the first easily accessible website that Ciro Santilli could find that contained such information.
Our current results indicate that the typical IP range is about 30 IPs wide.
E.g. searching: viewdns.info/iphistory and considering only hits from 2011 or earlier we obtain:
  • capture-nature.com
    • 65.61.127.163 - Greenacres - United States - TierPoint - 2013-10-19
  • activegaminginfo.com
    • 66.175.106.148 - United States - Verizon Business - 2012-03-03
  • iraniangoals.com
    • 68.178.232.100 - United States - GoDaddy.com - 2011-11-13
    • 69.65.33.21 - Flushing - United States - GigeNET - 2011-09-08
  • rastadirect.net
    • 68.178.232.100 - United States - GoDaddy.com - 2011-05-02
  • iraniangoalkicks.com
    • 68.178.232.100 - United States - GoDaddy.com - 2011-04-04
  • headlines2day.com
    • 118.139.174.1 - Singapore - Web Hosting Service - 2013-06-30. Source: viewdns.info
    • 184.168.221.91 2013-08-12T06:17:39. Source: 2013 DNS Census grep
  • fightwithoutrules.com
    • 204.11.56.25 - British Virgin Islands - Confluence Networks Inc - 2013-09-26
    • 208.91.197.19 - British Virgin Islands - Confluence Networks Inc - 2013-05-20
    • 212.4.17.38 - Milan - Italy - MCI Worldcom Italy Spa - 2012-03-03
  • fitness-dawg.com
    • 219.90.62.243 - Taiwan - Verizon Taiwan Co. Limited - 2012-01-11
Neither of these seem to be in the same ranges, the only common nearby hit amongst these ranges is the exact 68.178.232.100, and doing reverse IP search at viewdns.info/reverseip/?host=68.178.232.100&t=1 states that it has 2.5 million hostnames associated to it, so it must be some kind of Shared web hosting service, see also: superuser.com/questions/577070/is-it-possible-for-many-domain-names-to-share-one-ip-address, which makes search hard.
Ciro then tried some of the other IPs, and soon hit gold.
Initially, Ciro started by doing manual queries to viewdns.info/reversip until his IP was blocked. Then he created an account and used his 250 free queries with the following helper script: cia-2010-covert-communication-websites/viewdns-info.sh. The output of that script can be seen at: github.com/cirosantilli/media/blob/master/cia-2010-covert-communication-websites/viewdns-info.sh.
Ciro then found 2013 DNS Census which contained data highly disjoint form the viewdns-info one!
Summaries of the IP range exploration done so far follows, combined data from all databases above.

Ancestors (11)

  1. Methodology
  2. CIA 2010 covert communication websites
  3. Central Intelligence Agency
  4. Intelligence agency
  5. Secret service
  6. Espionage
  7. War
  8. Social science
  9. Scientific method
  10. Science
  11. Home

Incoming links (2)