So far, no new domains have been found with Common Crawl, nor have any existing known domains been found to be present in Common Crawl. Our working theory is that Common Crawl never reached the domains How did Alexa find the domains?
Let's try and do something with Common Crawl.
Unfortunately there's no IP data apparently: github.com/commoncrawl/cc-index-table/issues/30, so let's focus on the URLs.
Using their Common Crawl Athena method: commoncrawl.org/2018/03/index-to-warc-files-and-urls-in-columnar-format/
Sample first output line:So
# 2
url_surtkey org,whwheelers)/robots.txt
url https://whwheelers.org/robots.txt
url_host_name whwheelers.org
url_host_tld org
url_host_2nd_last_part whwheelers
url_host_3rd_last_part
url_host_4th_last_part
url_host_5th_last_part
url_host_registry_suffix org
url_host_registered_domain whwheelers.org
url_host_private_suffix org
url_host_private_domain whwheelers.org
url_host_name_reversed
url_protocol https
url_port
url_path /robots.txt
url_query
fetch_time 2021-06-22 16:36:50.000
fetch_status 301
fetch_redirect https://www.whwheelers.org/robots.txt
content_digest 3I42H3S6NNFQ2MSVX7XZKYAYSCX5QBYJ
content_mime_type text/html
content_mime_detected text/html
content_charset
content_languages
content_truncated
warc_filename crawl-data/CC-MAIN-2021-25/segments/1623488519183.85/robotstxt/CC-MAIN-20210622155328-20210622185328-00312.warc.gz
warc_record_offset 1854030
warc_record_length 639
warc_segment 1623488519183.85
crawl CC-MAIN-2021-25
subset robotstxt
url_host_3rd_last_part
might be a winner for CGI comms fingerprinting!Naive one for one index:have no results... data scanned: 5.73 GB
select * from "ccindex"."ccindex" where url_host_registered_domain = 'conquermstoday.com' limit 100;
Let's see if they have any of the domain hits. Let's also restrict by date to try and reduce the data scanned:Humm, data scanned: 60.59 GB and no hits... weird.
select * from "ccindex"."ccindex" where
fetch_time < TIMESTAMP '2014-01-01 00:00:00' AND
url_host_registered_domain IN (
'activegaminginfo.com',
'altworldnews.com',
...
'topbillingsite.com',
'worldwildlifeadventure.com'
)
Sanity check:has a bunch of hits of course. Data scanned: 212.88 MB,
select * from "ccindex"."ccindex" WHERE
crawl = 'CC-MAIN-2013-20' AND
subset = 'warc' AND
url_host_registered_domain IN (
'google.com',
'amazon.com'
)
WHERE
crawl
and subset
are a must! Should have read the article first.Let's widen a bit more:Still nothing found... they don't seem to have any of the URLs of interest?
select * from "ccindex"."ccindex" WHERE
crawl IN (
'CC-MAIN-2013-20',
'CC-MAIN-2013-48',
'CC-MAIN-2014-10'
) AND
subset = 'warc' AND
url_host_registered_domain IN (
'activegaminginfo.com',
'altworldnews.com',
...
'worldnewsandent.com',
'worldwildlifeadventure.com'
)
alljohnny.com
had a hit: ipinf.ru/domains/alljohnny.com/, and so Ciro started looking around... and a good number of other things have hits.Not all of them, definitely less data than viewdns.info.
But they do reverse IP, and they show which nearby reverse IPs have hits on the same page, for free, which is great!
Shame their ordering is purely alphabetical, doesn't properly order the IPs so it is a bit of a pain, but we can handle it.
OMG, Russians!!!
CIA 2010 covert communication websites Non Reuters ranges Updated 2025-04-24 +Created 1970-01-01
CIA 2010 covert communication websites securitytrails.com Updated 2025-04-24 +Created 1970-01-01
They appear to piece together data from various sources. This is the most complete historical domain -> IP database we have so far. They don't have hugely more data than viewdns.info, but many times do offer something new. It feels like the key difference is that their data goes further back in the critical time period a bit.
TODO do they have historical reverse IP? The fact that they don't seem to have it suggests that they are just making historical reverse IP requests to a third party via some API?
E.g. searching
thefilmcentre.com
under historical data at securitytrails.com/domain/thefilmcentre.com/history/al gives the correct IP 62.22.60.55.Account creation blacklists common email providers such as gmail to force users to use a "corporate" email address. But using random domains like
ciro@cirosantilli.com
works fine.Their data seems to date back to 2008 for our searches.
Domain list only, no IPs and no dates. We haven't been able to extract anything of interest from this source so far.
Domain hit count when we were at 69 hits: only 9, some of which had been since reused. Likely their data collection did not cover the dates of interest.
CIA 2010 covert communication websites atomworldnews.com Updated 2025-04-24 +Created 1970-01-01
whoisxmlapi WHOIS record on April 17, 2011
CIA 2010 covert communication websites Hits with nearby IP hits Updated 2025-04-24 +Created 1970-01-01
62.22.60.49: telecom-headlines.com. UUNET in Spain. Found with: visual inspection of full 2013 DNS Census virtual host cleanup list just before worldnewsnetworking.com. Tested viewdns.info range: 62.22.60.34 - 62.22.60.66
- 62.22.60.33: newsperk.com. Almost certainly a hit. Stylistically perfect, rss-item. But no comms not found. Ennerving! 2011. English. Egypt. news. Later legitimately reused.
- 62.22.60.34: freeslideshow.net. Legit? Attempting to open any HTML archives leads to an infinite page load loop, e.g. 2010. A subpage however exists: web.archive.org/web/20101230001640/http://freeslideshow.net/index_files/a.htm and appears legit.
- 62.22.60.40: travel-passage.com. Hit.
- 62.22.60.42: newsupdatesite.com. Hit.
- 62.22.60.46: flyingtimeline.com. Hit.
- 62.22.60.47: globalemergenceadvisorsbkserver.com. Legit.
- 62.22.60.48: currentcommunique.com. Hit.
- 62.22.60.49: telecom-headlines.com. Hit.
- 62.22.60.52: collectedmedias.com. Hit.
- 62.22.60.54: romulusactualites.com. Hit.
- 62.22.60.55: thefilmcentre.com. Hit.
- 62.22.60.56: traveltimenews.com. Hit.
62.22.61.206 worldnewsnetworking.com. UUNET in Spain. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 62.22.61.188 - 62.22.61.224
- 62.22.61.193: awfaoi.org. Hit.
- 62.22.61.197: rc5sports.com. Hit.
- 62.22.61.198: inside-vc.com. Hit.
- 62.22.61.200: zerosandonesnews.com. Hit.
- 62.22.61.202: bailsnboots.com. Hit.
- 62.22.61.203: the-cricketer-online.com. Hit.
- 62.22.61.204: hollywoodscreen.net. Hit.
- 62.22.61.206: worldnewsnetworking.com. Hit.
- 62.22.61.212: nuestrasfinanzas.com. Hit.
- 62.22.61.213: sandstormnews.com. Hit.
- 62.22.61.215: the-tech-mind.com. Hit.
- 62.22.61.217: court-masters.com. Hit.
- 62.22.61.219: allworldstatistics.com. Hit.
- 62.22.61.220: newsjaka.com. Hit.
- 62.22.61.221: biochemresource.com. Archive broken/empty. One archive: contains an epically long URL that might shed light into something: web.archive.org/web/20120529121245/http://www.biochemresource.com/?fp=iboHtuxnjLG66y52DkK1xCFuZDBnVC8wovQepLt2Tk%2Bo1JIgIdVb6WL8kv6sSOEtxwcq4EbiJ0GxFY9N6HSWlg%3D%3D&prvtof=97vgfKVqt1Sd68qgNDPXB0o7Rwo%2FO3GKiiMG7fane6A%3D&poru=Zd9DHFaHFZ6ZrRLm8SW3egagqvdpzHhWb%2FoulRGeEYIUSVATB5gwTIDhluetONjG7xovtb%2FrvDStoqiAF1O8wA%3D%3D&. Asked at: stackoverflow.com/questions/47310661/any-idea-what-are-fp-prvtof-poru-in-a-url but no reply so far. One day my friend, one day. cqcounter.com/whois/www/biochemresource.com.html not found.
- 62.22.61.222: www.news-blitz-ar.com (ipinf.ru). No archives. Perfect domain name theme match. cqcounter.com/whois/www/news-blitz-ar.com.html not found.
65.218.91.17 alljohnny.com. UUNET in United States. One of the Reuters websites.
- 208.91.197.132: rdns source: viewdns.info. Big virtual.
- 65.218.91.17: rdns source? : viewdns.info. Tested viewdns.info range: 65.218.91.13 - 65.218.91. 17
- 65.218.91.9: welcometonyc.net. Hit. rdns source: ipinf.ru. Later also at 208.91.197.132 British Virgin Islands CONFLUENCE-NETWORK-INC 2013-10-21 by viewdns.info
- rolling-in-rapids.com. Hit.
- 65.218.91.17
- international-smallbusiness.com. Stylitsic match, but some uncommon features like the country seelctor dropdown.
- Archives:Also a potential unarchived CGI comms: web.archive.org/web/20110202031627/https://ssl.international-smallbusiness.com/cgi-bin/starting.cgi Perhaps with some better HTML reversing we could confirm a hit. Same registrar as alljohnny "L. Glaze" fuck me.
- 208.91.197.132 British Virgin Islands CONFLUENCE-NETWORK-INC 2013-10-19. Big virtual.
- 65.218.91.17 United States UUNET 2013-09-06
- Archives:
- international-smallbusiness.com. Stylitsic match, but some uncommon features like the country seelctor dropdown.
- 65.218.91.9: welcometonyc.net. Hit. rdns source: ipinf.ru. Later also at 208.91.197.132 British Virgin Islands CONFLUENCE-NETWORK-INC 2013-10-21 by viewdns.info
- 216.168.229.50: whoisxmlapi 2008-09-01 (15 years) 2010-04-17. Checked viewdns.info range: 216.168.229.45 - 216.168.229.55. viewdns.info/reverseip/?t=1&host=216.168.229.50 3k domains.
63.131.229.12 cyberreportagenews.com. ADHOST in Coeur d'Alene - United States. Tested viewdns.info range: 63.131.228.248 - 63.131.229.30
- 63.131.229.2: fightskillsresource.com. Hit
- 63.131.229.4: unitedterritorynews.com. Hit
- 63.131.229.9: show-dustry.com. Hit
- 63.131.229.10: afghanpoetry.net. Hit. Also at 74.254.12.166 in another range.
- 63.131.229.11: mythriftytrip.com. Hit
- 63.131.229.12: cyberreportagenews.com. Hit.
- 63.131.229.13: sunrise-news.com. Hit.
- 63.131.229.15: cricketnewsforindia.com. Hit.
- 63.131.229.16:
- nutricion-saludable.info. No archives. cqcounter.com/whois/www/nutricion-saludable.info.html has the exact same screenshot at the .net one, so also hit.
- nutricion-saludable.net. Hit.
- 63.131.229.18: itnl-xchange.com. Hit.
- 63.131.229.20:
- fixashion.net. Hit.
- a few others
63.130.160.50 theglobalheadlines.com. CW Vodafone Group PLC in United States. Found with: 2013 DNS census secureserver.net MX records intersection 2013 DNS Census virtual host cleanup. Tested viewdns.info range: 63.130.160.35 - 63.130.160.75
- 63.130.160.50: theglobalheadlines.com. Hit.
- 63.130.160.51:
- hai-pow.com. Hit.
- secudenetworksecurity.com. No archives. cqcounter.com/whois/www/secudenetworksecurity.com.html blank image.
- 63.130.160.53: echessnews.com. Hit.
- 63.130.160.59: technologiewissen.com. No archives from the time. Would be Technology knowledge in German, so another likely German hit. Shame. cqcounter.com/whois/www/technologiewissen.com.html empty
- 63.130.160.60: boxingstop.net. Hit.
- 63.130.160.61: bookmarksthis.com. Hit.
- 63.130.160.62: azerinews.org. Hit.
64.16.204.55 holein1news.com. Saudi Telecom Company JSC in Saudi Arabia. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 64.16.204.50 - 64.16.204.63. With did Wayback Machine have so few archives here? TODO stopping viewdns.info exploration a bit short due to that.
- 64.16.204.35: ironcityfootball.com. web.archive.org/web/20080510230549/ironcityfootball.com Legit/broke. cqcounter.com/whois/www/ironcityfootball.com.html from 2011 could be in style though... "Iron City" is a historical nickname for Pittsburgh, Pennsylvania.
- 64.16.204.51: africannewsandsports.com. No archives. rdns source: viewdns.info. cqcounter.com/whois/www/africannewsandsports.com.html not found.
- 64.16.204.53: bosniakbusinessnews.com. Hit.
- 64.16.204.54: affairesdumonde.com. Hit.
- 64.16.204.55: holein1news.com. Hit.
- 64.16.204.56: fightorgohome.com. Uncertain. domainsbyproxy.com. Created: 2011-03-28. No archives. rdns source: viewdns.info cqcounter.com/whois/www/fightorgohome.com.html from 2011 not very typical but possible. Has a "Login" link visible for possible comms. The domain name is typical...
- 64.16.204.58: tech-topix.com. Hit.
- 64.16.204.60: pakpoldaily.com. No archives. rdns source: viewdns.info. TODO meaning? Might be Indonesian, maybe linked to police: www.facebook.com/watch/?v=880204266271955 cqcounter.com/whois/www/pakpoldaily.com.html not found.
65.61.127.163 capture-nature.com. ADHOST in Greenacres - United States. whois.arin.net/rest/net/NET-65-61-96-0-1/pft?s=65.61.127.163: Net Range: 65.61.96.0 - 65.61.127.255. Organization. Name: TierPoint, LLC. Tested viewdns.info range: 65.61.127.149 -
- 65.61.127.46: anahuacchamber.com 2012-12-22T14:59:01
- 65.61.127.117: medicaresupplementalinsurance.com, 2013-08-21T09:49:41. Legit.
- 65.61.127.121: counter-images.com 2013-08-22T11:14:44: web.archive.org/web/20110208173132/http://www.counter-images.com/ Empty.
- 65.61.127.125 zaphound.com 2013-08-21T02:25:40. Legit.
- 65.61.127.130: ambitions.org 2013-08-22T01:43:40. Legit.
- 65.61.127.161: european-footballer.com. Hit.
- 65.61.127.163: capture-nature.com. Hit.
- 65.61.127.164: futbolistico.net. 2012-02-20T03:25:33. Legit. web.archive.org/web/20130509004058/http://futbolistico.net/
- 65.61.127.165: travelconnectionsonline.com. Ciro initially though this might be a hit. But upon Googling it, there's now a mirror at: travelconn.tripod.com/. Combined with the lack of a standard communications mechanism and the 2001 copyright, maybe it isn't a hit after all
- 65.61.127.166: globalnewsbulletin.com: Hit.
- 65.61.127.167: internationalwhiskylounge.com. Hit.
- 65.61.127.168: the-golden-rule.info 2013-09-20T02:13:52. Hit.
- 65.61.127.169: crossovernews.net. Hit.
- 65.61.127.170: newsidori.com. Hit.
- 65.61.127.171: nrgconsultingandnews.com. Hit. 2013-08-13T18:45:05
- 65.61.127.172: premierstriker.com. Hit. 2012-01-11
- 65.61.127.174: dedrickonline.com. Hit.
- 65.61.127.175: altworldnews.com. Hit.
- 65.61.127.176: american-historyonline.com. Hit. 2011-09-08
- 65.61.127.177: material-science.org. Hit.
- 65.61.127.178: tee-shot.net. Hit.
- 65.61.127.180: screencentral.info. Hit.
- 65.61.127.181: worldnewsandtravel.com. Hit. 2011-11-13
- 65.61.127.182: pangawana.com. Hit.
- 65.61.127.183: cutabovenews.com. Hit.
- 65.61.127.184: worldwildlifeadventure.com. Hit.
- 65.61.127.186: explorealtmeds.com. Hit.
- 65.61.127.194: 16 domains, so unclear.
- about-video-games.com: web.archive.org/web/20121013013710/http://about-video-games.com/ off
- aboutfaceonline.com: web.archive.org/web/20120701000000*/aboutfaceonline.com off
- 65.61.127.200: cdl-link.com (ipinf.ru). Legit.
- 65.61.127.222: asianwhitecoffee.com 2012-07-16T09:21:05 web.archive.org/web/20110903080036/http://asianwhitecoffee.com/. Could be legit.
66.45.179.205 noticiasporjanua.com. ADHOST in Edmonds - United States. Found with: 2013 DNS Census virtual host cleanup. Tested viewdns.info range: 66.45.179.187 - 66.45.179.223
- 66.45.179.187: mail03.gatesfoundation.org. Legit.
- 66.45.179.192: thegraceofislam.com. Hit.
- 66.45.179.193: arabicnewsunfiltered.com. Hit.
- 66.45.179.194: raulsonsglobalnews.com. Hit.
- 66.45.179.195: aryannews.net. Hit.
- 66.45.179.199: attivitaestremi.com. Hit.
- 66.45.179.200: foodwineandsuch.com. Hit.
- 66.45.179.201: hitthepavementnow.com. Hit.
- 66.45.179.203: noticiascontinental.com. Hit.
- 66.45.179.205: noticiasporjanua.com. Hit.
- 66.45.179.206: podisticamondiale.com. Hit.
- 66.45.179.207: reflectordenoticias.com. Hit.
- 66.45.179.208: havenofgamerz.com. Hit.
- 66.45.179.209: vejaaeuropa.com. Hit.
- 66.45.179.210: sa-michigan.com. Hit.
- 66.45.179.211: absolutebearing.net. Hit.
- 66.45.179.212: grandretirement.net. No archives. cqcounter.com/whois/www/grandretirement.net.html blank image.
- 66.45.179.213: myportaltonews.com. Hit.
- 66.45.179.214: investmentintellect.com. Hit.
- 66.45.179.215: nigeriastar.net 2012-03-12. Hit.
66.104.169.184 bcenews.com. XO-AS15 in United States. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 66.104.169.158 - 66.104.169.189
- 66.104.169.162: bestsportsnews.net. Archive broken. cqcounter.com/whois/www/bestsportsnews.net.html error not found.
- 66.104.169.163: doctorsoncallsite.com. Hit. domainsbyproxy.com
- 66.104.169.164: lightandshadowonline.com. Hit. domainsbyproxy.com. Created: 2007-11-27. Updated: 2012-06-06.
- 66.104.169.168: plugged-into-news.net. Hit. Network Solutions, LLC. Registrant: Godfrey Hubbard.
- 66.104.169.169: worldsportsite.com. Hit. domainsbyproxy.com. Created: 2009-05-20.
- 66.104.169.171: golf-on-holiday.com. Hit. Network Solutions, LLC. Registrant: Tammy Pulley.
- 66.104.169.172: perspectiva-noticias.com. Hit. domainsbyproxy.com. Created: 2009-04-28.
- 66.104.169.175: aquaswimming.com. Hit. domainsbyproxy.com
- 66.104.169.177: dojo-temple.com. Hit. domainsbyproxy.com
- 66.104.169.179: neighbour-news.com. Hit. domainsbyproxy.com
- 66.104.169.180: medicatechinfo.com. Hit. Network Solutions, LLC. Registrant: Jason Noll.
- 205.178.189.131: securitytrails.com 2009-06-25 - 2009-07-02 Network Solutions, LLC., "ip_count": 726755. Moved to new one 2009-07-02 - 2010-11-03
- 66.104.169.181: brickmanfinancialnews.com. Hit. domainsbyproxy.com
- 66.104.169.182: casanewsnow.com. Hit. domainsbyproxy.com
- 66.104.169.183: aworldofnews.com. No archives. cqcounter.com/whois/www/aworldofnews.com.html blank image
- 66.104.169.184: bcenews.com. Hit.
- 66.104.169.197: teamshula.com. Legit.
66.104.173.186 myworldlymusic.com. XO-AS15 in United States. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 66.104.173.158 - 66.104.173.194
- 66.104.173.161: fanatic-pc-gamers.com. domainsbyproxy.com. 2013: Welcome to the US Petabox. cqcounter.com/whois/www/fanatic-pc-gamers.com.html somewhat in-style with large "Login to our Members Forum" message and copyright 2005.
- 66.104.173.163: runakonews.com. Hit.
- 66.104.173.164: shoppingadventure.net. Hit.
- 66.104.173.165: entertaining-ly.com. Hit. Network Solutions, LLC for Matthew Sorrell. tools.whoisxmlapi.com/reverse-whois-search hits:
- premier-fishing-tips.com. Legit with photos and mention of Matthew Sorrell: web.archive.org/web/20110129024453/http://www.premier-fishing-tips.com/ Still live as of 2025.
Sincerely,
Matthew Sorrell
Webmaster, Premier-Fishing-Tips.com
- entertaining-ly.com
- 66.104.173.166: zubeenews.com. Hit. domainsbyproxy.com
- 66.104.173.169: smart-financeology.com. Hit. domainsbyproxy.com
- 66.104.173.173: remarkably has two potential hits, both shown in viewdns.info, and one of them was also in the 2013 DNS Census.
- worldfeedstoday.com. Hit. Network Solutions, LLC + Perfect Privacy LLC.
- world-newsfeeds.com. No archives. cqcounter.com/whois/www/world-newsfeeds.com.html blank image.
- 66.104.173.175: media-coverage-now.com. Hit. domainsbyproxy.com
- 66.104.173.176: jbc-online-news.com. Hit. domainsbyproxy.com
- 66.104.173.177: webscooper.com. Hit.
- 66.104.173.178: dk-dcinvestment.com. Hit. domainsbyproxy.com
- 66.104.173.179: newsforthetech.com. Hit. domainsbyproxy.com
- 66.104.173.180: stara-turistick.com. Hit. domainsbyproxy.com
- 66.104.173.181: playbackpolitics.com. Hit. domainsbyproxy.com
- 66.104.173.182: snapnewsfront.net. Hit. domainsbyproxy.com
- 66.104.173.183: ingenuitytrendz.com. Hit. domainsbyproxy.com
- 66.104.173.184: armashoy.com. Hit. domainsbyproxy.com
- 66.104.173.185: baocontact.com. Hit. Godaddy for a "Denise Welch":tools.whoisxmlapi.com/reverse-whois-search has 151 results, some inspections:
"name": "Denise Welch", "organization": null, "street": "Box 288", "city": "Macdona", "state": "Texas", "postalCode": "78054", "country": "UNITED STATES",
Reducing a bit searching for Macdona as city gives only 19 hits:- web.archive.org/web/20160610031345/http://socialmediamagazine.biz/ legit Denise Welch, President
- web.archive.org/web/20211126033925/http://allofmywishes.com/ no relevant archives
- web.archive.org/web/20110208070523/pet-a-bration.com no archives
- web.archive.org/web/20111126163259/http://tamilupgraded.com/ 19 Archives broken. cqcounter.com/whois/www/tamilupgraded.com.html off style.
- web.archive.org/web/20080115063123/http://www.zirnitrasports.com/ suspicious but quite broken. Arabic. Split images. Comms not found. cqcounter.com/whois/www/zirnitrasports.com.html in-style. viewdns.info/iphistory/?domain=zirnitrasports.com. Members/register at top linking to web.archive.org/web/20080115220218/http://www.zirnitrasports.com/reg.html
- 216.180.224.58 British Virgin Islands NTHL 2012-01-11. viewdns.info/reverseip/?t=1&host=216.180.224.58 small virtual. Also searched 216.180.224.50 - 216.180.224.65
- dare2wearts.com 2012-06-29 No archives.
- keralaaicuf.com 2012-09-21. No archives.
- kids-ireland.com 2011-11-13 web.archive.org/web/20110128075525/http://kids-ireland.com/ off
- makeupbyjadab.com 2012-11-12. Off
- socalfitnessbootcamp.com 2012-06-29. Off
- unitedwelfareservices.com 2012-11-12. No archives.
- zirnitrasports.com 2012-01-11
- 216.180.224.58 British Virgin Islands NTHL 2012-01-11. viewdns.info/reverseip/?t=1&host=216.180.224.58 small virtual. Also searched 216.180.224.50 - 216.180.224.65
- bontonphoto.com web.archive.org/web/20100605033030/http://www.bontonphoto.com/ suspicious with members linking to web.archive.org/web/20130826142257/https://bonto001.secure.omnis.com/cgi-bin/main.cgi www.omnis.com/ is a hosting service.
- web.archive.org/web/20130528074647/http://bontonphoto.com/ better screenshot has a news link.. cqcounter.com/whois/www/bontonphoto.com.html empty
- olqhchurch.com web.archive.org/web/20110201182208/http://olqhchurch.com/ dead, cqcounter.com/whois/www/olqhchurch.com.html not found
- 66.104.173.186: myworldlymusic.com. Hit.
- 66.104.173.189: hitpoint-gaming.com. Hit. Network Solutions, LLC + perfect privacy.
66.104.175.40 beyondnetworknews.com. XO-AS15 in United States. whois.arin.net/rest/net/NET-66-104-0-0-1/pft?s=66.104.175.40. Net Range:66.104.0.0 - 66.107.255.255. 2012 Internet Census puts most/all hits in this range under ip66-104-175-34.z175-104-66.customer.algx.net,
algx.net
redirects to verizon.com as of 2023. Related: superuser.com/questions/956568/why-are-my-pings-going-to-customer-algx-net. Tested viewdns.info range: 66.104.175.24 - unknown- 66.104.175.34: itwebtoday.com. Hit. domainsbyproxy.com
- 66.104.175.35: drglobalnews.com. Hit.
- 66.104.175.36: adilnews.net. Hit.
- 66.104.175.37: technewstogo.com. web.archive.org/web/20110201205946/http://technewstogo.com/ "UNDER CONSTRUCTION" cqcounter.com/whois/www/technewstogo.com.html same.
- 66.104.175.40: beyondnetworknews.com. Hit.
- 66.104.175.41: grubbersworldrugbynews.com. Hit. domainsbyproxy.com
- 66.104.175.42: news-and-sports.com. Hit.
- 66.104.175.44: yourtripfinder.net. Hit. domainsbyproxy.com
- 66.104.175.45: rollinsnetwork.com. Hit. domainsbyproxy.com
- 66.104.175.46: infosharenews.com. Hit.
- 66.104.175.47: southasiaheadlines.com. Hit.
- 66.104.175.48: worlddispatch.net. Hit.
- 66.104.175.49: webworldsports.com. Hit.
- 66.104.175.50: fly-bybirdies.com. Hit.
- 66.104.175.51: businessexchangetoday.com. Hit.
- 66.104.175.52: mensajeradenoticias.com. Hit. domainsbyproxy.com
- 66.104.175.53: info-ology.net. Hit.
- 66.104.175.54: marketflows.net. Hit. domainsbyproxy.com
- 66.104.175.57: metanewsdaily.com. Hit.
- 66.104.175.218: remote.taxconsultantsgroup.com. No archives. cqcounter.com/whois/www/taxconsultantsgroup.com.html commercial so unlikely
66.175.106.148 activegaminginfo.com. UUNET in United States. whois.arin.net/rest/net/NET-66-175-106-128-1/pft?s=66.175.106.148: Net Range: 66.175.106.128 - 66.175.106.159. Customer Name: DIAMOND-COLESON. Tested viewdns.info range: 66.175.106.131 - 66.175.106.178
- 66.175.106.10: nationalchecktrust.com. Legit?
- 66.175.106.134: paddlescoop.com. Hit.
- 66.175.106.137: kessingerssportsnews.com. Hit. Network Solutions: Latimer, Daniel12 hits for name but nothing else looks promissing:
"name": "Latimer, Daniel|ATTN KESSINGERSSPORTSNEWS.COM|care of Network Solutions", "organization": null, "street": "PO Box 459", "city": "PA", "state": "US", "postalCode": "18222", "country": "UNITED STATES",
- element42.au
- refugeministryoils.com
- element42.com.au
- refugeloveministry.net
- refugeloveministry.com
- boysofrockingham.com
- daniellatimer.net
- thejourneytoyourheart.com. web.archive.org/web/20130925191623/http://thejourneytoyourheart.com/ empty cqcounter.com/whois/www/thejourneytoyourheart.com.html not found
- latimerstudio.com
- latimerstudios.com
- danlatimer.com
- kessingerssportsnews.com
- 66.175.106.138: factorforcenews.com. Hit. domainsbyproxy.com
- 66.175.106.140: aroundthemiddleeast.com. No Wayback Machine hits. Last resolved: 2012-06-29. cqcounter.com/whois/www/aroundthemiddleeast.com.html not found.
- 66.175.106.142: kanata-news.com. Hit. domainsbyproxy.com
- 66.175.106.143: thecricketfan.com. Hit.
- 66.175.106.146: inews-today.com. Initially found with 2013 DNS Census virtual host cleanup heuristic keyword searches which gave IP address 193.203.49.212. But that has no nearby hits. 66.175.106.146 was later found on viewdns.info, and slotted into this other existing IP range.
- 193.203.49.211 datingso.com: legit? Russian dating website
- 193.203.49.212 inews-today.com. Hit.
- 193.203.49.223 zatysi.net: legit
- 193.203.49.226 kinotopik.com: legit? Russian
- 193.203.49.229 rotor-volgograd.com. Legit.
- 193.203.49.233 ordercytotec.com. Broken. cqcounter.com/whois/www/ordercytotec.com.html not found.
- 66.175.106.147: starwarsweb.net. Hit.
- 66.175.106.148: activegaminginfo.com. Hit. Network Solutions, LLC for Elizabeth Corral. tools.whoisxmlapi.com/reverse-whois-search reverse search "Corral, Elizabeth" only has that hit
- 66.175.106.149: feedsdemexicoyelmundo.com. Hit.
- 66.175.106.150: noticiasmusica.net. Hit. Network Solutions, LLC for Megan See. tools.whoisxmlapi.com/reverse-whois-search only this hit.
- 66.175.106.155: atomworldnews.com. Hit. domainsbyproxy.com
- 66.175.106.158: nouvellesetdesrapports.com. Hit.
- 66.175.106.166: exchange.katzbarron.com. Legit. Reverse IP source: 2012 Internet Census
- 66.175.106.183: mail.lfdatacenter.com. No archives.
66.237.236.247 comunidaddenoticias.com. XO-AS15 in United States. Tested viewdns.info range: 66.237.236.222 - 66.237.236.254
- 66.237.236.227: newsandmusicminute.com. Hit. Network Solutions, LLC for:tools.whoisxmlapi.com/reverse-whois-search search for "Alger, Jennifer" has four domain:
"name": "Alger, Jennifer", "organization": null, "street": "PO Box 459", "city": "Drums", "state": "PA", "postalCode": "18222", "country": "UNITED STATES",
but more interestingly this address is the same as other hits: activegameinfo.com and noticiasmusica.net! "PO Box 459" anywhere search has 10k+ domains and so does Drums so not helping.- preparedtoact.com: parked domain girl web.archive.org/web/20130831091701/http://www.preparedtoact.com/
- prepared2act.com
- newsandmusicminute.com
- jennisdish.com web.archive.org/web/20110207105346/http://jennisdish.com/ godaddy
- 66.237.236.229: pearls-playlist.com 2011-11-13. Hit. domainsbyproxy.com
- 66.237.236.230: beyondthefringe.info 2013-01-02. Hit. GoDaddy.com forno hits for that name of reversed.
"registrantContact": { "name": "Nathan Stock", "organization": null, "street": "PO Box 61654", "city": "Savannah", "state": "Georgia", "postalCode": "31420", "country": "UNITED STATES", "email": "nathanstock@earthlink.net", "telephone": "19129206355",
- 66.237.236.231: primetimemovies.net 2011-06-22. Hit. No whois records.
- 66.237.236.235: persephneintl.com. Hit. domainsbyproxy.com
- 66.237.236.236: directoalgrano.net 2012-01-23. Hit.
- 66.237.236.240: actualizaciondebeisbol.com. Hit. domainsbyproxy.com
- 66.237.236.243: mygadgettech.com. Hit.
- 66.237.236.247: comunidaddenoticias.com. Hit. domainsbyproxy.com
- 66.237.236.249: sumerjaseahora.com. Hit. domainsbyproxy.com
69.84.156.90 stickshiftnews.com. COLOSPACE in Methuen - United States. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 69.84.156.64 - 69.84.156.95
- 69.84.156.69: al-ashak-news-me.com. Hit.
- 69.84.156.70: theventurenews.info. Hit.
- 69.84.156.71: worldfinancetoday.net. Hit.
- 69.84.156.72: autonewsarabia.com. Hit.
- 69.84.156.74: blue-moon-news.com. Hit.
- 69.84.156.75: theoutergreen.com. No archives. Might have been another golf hit. cqcounter.com/whois/www/theoutergreen.com.html not found.
- 69.84.156.76: tnc-urdu.com. Hit.
- 69.84.156.79: jassimnews.com. No archives/broken. cqcounter.com/whois/www/jassimnews.com.html blank.
- 69.84.156.80: noticiasdenuestromundo.com. Hit.
- 69.84.156.82: arabicnewsonline.com. Hit.
- 69.84.156.83: unganadormundial.com. Hit.
- 69.84.156.84: focusonbokeh.com. Hit. Network Solutions, LLC.
- 69.84.156.85: classic-rocktopia.com. Hit. domainsbyproxy.com.
- 69.84.156.87: i7diver.com. Hit.
- 69.84.156.88: diariodeelmundo.com. Hit.
- 69.84.156.89: todaysarabnews.com. Hit.
- 69.84.156.90: stickshiftnews.com. Hit.
- 69.84.156.91: theinternationalgoal.com. Hit.
72.34.53.174 technologytodayandtomorrow.com. IHNET in United States. This IP is special. This IP is somehow closely linked to the "Mass Deface III" pastebin as it seems to have been hosted by Condor hosting. They also have many old sites, and links to Russia which is apparently where this was hosted.
- viewdns.info/iphistory/?domain=technologytodayandtomorrow.com
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2011-11-13 virtual
- 72.34.53.174 United States IHNET 2011-09-08. Tested viewdns.info range: 72.34.53.164 72.34.53.184 viewdns.info/reverseip/?t=1&host=72.34.53.174 went through all of them;
- hits
- electronictechreviews.com 2011-09-08 domainsbyproxy.com
- recursosdenoticias.com 2012-06-29 domainsbyproxy.com
- todaysnewsandweather-ru.com 2012-01-11 domainsbyproxy.com
- myonlinegamesource.com 2012-01-11 Godaddy:has two domains:
"name": "Brandon Stiltner", "organization": null, "street": "1200 Brookstone Centre Pkwy", "city": "Columbus", "state": "Georgia", "postalCode": "31904", "country": "UNITED STATES",
- sandshomerepairs.com. web.archive.org/web/20110207105346/sandshomerepairs.com no archives, cqcounter.com/whois/www/sandshomerepairs.com.html not found
- myonlinegamesource.com
- mytravelopian.com 2011-04-04 domainsbyproxy.com
- possible hits
* intloil.org 2012-04-27. 2011, Possible hit, a bit off style, but possibly because too broken. rss-item. Copyright 2005. Present at pastebin.com/CTXnhjeSp (now lost without archives I'm an idiot). cqcounter.com/whois/www/intloil.org.html from 2011 somewhat in style but interestingly also similarly broken. The "Login" button leads to another domain: "condorsecure.com": web.archive.org/web/20110721052801/https://condorsecure.com/~intloilo/alternativefuels.html which is megaweird and is what is mentioned in the "Mass Deface III" pastebin. domainsbyproxy.com. A similar thing happens in europeantravelcafe.com but to another domain.
* islamicnewsonline.com 2013-03-23. No archives in date range. cqcounter.com/whois/www/islamicnewsonline.com.html not found, sad - not hits
- businesscardprinternyc.info 2012-04-18. Legit web.archive.org/web/20110925172844/http://businesscardprinternyc.info/
- dermozamsoe106.com 2011-07-02
- glialcells2009paris.com 2012-11-12
- hysfreedom.net 2013-07-08. Legit. web.archive.org/web/20111014185727/http://hysfreedom.net/
- integrativetherapiesec.com 2013-06-30. Parked domain girl. cqcounter.com/whois/www/integrativetherapiesec.com.html not found
- larumbaknox.com 2012-01-11. Parked domain girl
- theebizguy.com 2022-12-26 web.archive.org/web/20250000000000*/theebizguy.com many archives
- nofatchics.com 2012-01-11
- bjellaagency.com 2023-03-07
- hits
- securitytrails.com/domain/technologytodayandtomorrow.com/history/a same
74.116.72.236 techtopnews.com. OPTIMUM-WIFI2 in Brooklyn - United States. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 74.116.72.215 - 74.116.72.254
- 74.116.72.199: newsungraphics.com. Legit.
- 74.116.72.209: newsung.com. Legit/broken. cqcounter.com/whois/www/newsung.com.html not found
- 74.116.72.214: ofinancialinc.com. Legit.
- 74.116.72.219: stockpromoters.com. Legit.
- 74.116.72.227: dayenews.com. Hit.
- 74.116.72.229: guide-daventure.com. Hit.
- 74.116.72.230: spaceage-exchange.com. No archives. cqcounter.com/whois/www/spaceage-exchange.com.html blank image.
- 74.116.72.231: bleachersfootballnews.com. Hit.
- 74.116.72.232: indirectfreekick.com. Hit.
- 74.116.72.233: wwiichronicles.net. Hit.
- 74.116.72.234: petroleumagenews.com. Hit.
- 74.116.72.235: the-open-book-online.com. Hit.
- 74.116.72.236: techtopnews.com. Hit.
- 74.116.72.237: noticiasdiariasdedeportes.com. No archives. Sad, another potential Brazil hit. cqcounter.com/whois/www/noticiasdiariasdedeportes.com.html not found.
- 74.116.72.238: pohandakhbar.com. Hit. domainsbyproxy.com.
- 74.116.72.239: crickettoday.info. Hit.
- 74.116.72.240: zafernews.com. Hit.
- 74.116.72.241: itechnewstoday.com. Hit. domainsbyproxy.com.
- 74.116.72.242: gdgtsource.com. Hit.
- 74.116.72.243: waronfilmonline.com. Hit.
- 74.116.72.244: arborstribune.org. Hit. arborstribune.org. Godaddy without domainsbyproxy.com. Registrant: Ryan Binder, email rkbinder@copper.net Reverse hits for name:
- arborstribune.org
- phaseintl.us
- rblab.us
- bindersynthetics.com
- ryanbinder.com
- finalmarch.com. No archives. cqcounter.com/whois/www/finalmarch.com.html not found.
- finalmarch.info.
- mydrunknews.com. Godaddy parked: web.archive.org/web/20110207181833/http://mydrunknews.com/. cqcounter.com/whois/www/mydrunknews.com.html not found.
- 74.116.72.245: wineenthusiastonline.com. Welcome to the US Petabox. cqcounter.com/whois/www/wineenthusiastonline.com.html not found.
- 74.116.72.246: vuvuzelanews.com. Hit.
- 74.116.72.247: ballbatstumpsandbails.com. Hit.
- 74.116.72.248: kioni-sailing.com. Hit.
- 74.116.72.249: round-trip-travel.com. Hit.
- 74.116.72.250: arabicnewsource.com. Hit.
74.254.12.168 non-stop-news.net. BELLSOUTH-NET-BLK in Atlantic Beach - United States. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 74.254.12.158 - 74.254.12.195. This domain exceptionally also has a second IP also with multihits: 207.239.196.230. The fact that the range has rdns sources with hits from both 2013 DNS Census and viewdns.info suggests this range is correct.
- 74.254.12.163: half-court.net. Hit.
- 74.254.12.163: dailywellnessnews.com. Hit.
- 74.254.12.165: dylandon.net. Hit. rdns source: viewdns.info.
- 74.254.12.166: afghanpoetry.net. Hit.
- 74.254.12.168: non-stop-news.net. Hit.
- 74.254.12.169: soldiersofsouthasia.com. Hit.
- 74.254.12.170: greek-news.info. Hit.
- 74.254.12.171: autism-news.org. Hit.
- 74.254.12.172: thesportsguidebook.com. rdns source: 2013 DNS Census. Only has archive of one subpage: 2009. English. sports. cqcounter.com/whois/www/thesportsguidebook.com.html not found.
- 74.254.12.173: thefreshnews.com. Hit.
- 74.254.12.174: reliefline.info. web.archive.org/web/20090416064302/http://www.reliefline.info:80/ Archive too broken. cqcounter.com/whois/www/reliefline.info.html broken.
- 74.254.12.176: pakcricketgrd.com. Hit.
- 74.254.12.177: networkofnews.com. Hit.
- 74.254.12.179: wineconnaisseur.net. Hit.
- 74.254.12.180: helpinghandssite.com. Hit.
- 74.254.12.185: newskwest.com. No archives. cqcounter.com/whois/www/newskwest.com.html broken.
- 74.254.12.187: efiinvestment.com. Hit.
- 74.254.12.188: first-tee-golf.com. Hit.
- 74.254.12.189: fabu-foto.com. Hit.
- 74.254.12.190: viptravelabroad.com. Hit.
173.208.81.2 LEASEWEB-USA-CHI in Lombard - United States:
- weblognewsinfo.com:
- dnshistory.org/historical-dns-records/a/weblognewsinfo.com 2010-05-10 -> 2010-10-07 64.120.20.234 viewdns.info/reverseip/?t=1&host=64.120.20.234 small virtual:
- web.archive.org/web/20101229135149/http://knightsofx.net/ off
- marvel-mail.com/ no archives, dawhois.com/site/marvel-mail.com.html no results
- viewdns.info/iphistory/?domain=weblognewsinfo.com
- 208.91.197.132 British Virgin Islands CONFLUENCE-NETWORK-INC 2013-09-26 virtual
- 173.208.81.2 Lombard - United States LEASEWEB-USA-CHI 2013-06-30 virtual with newsincirculation.com viewdns.info/reverseip/?t=1&host=173.208.81.2
- dnshistory.org/historical-dns-records/a/weblognewsinfo.com 2010-05-10 -> 2010-10-07 64.120.20.234 viewdns.info/reverseip/?t=1&host=64.120.20.234 small virtual:
- newsincirculation.com
- dnshistory.org/historical-dns-records/a/newsincirculation.com
- 2010-03-10 -> 2010-08-15 64.120.20.234 virtual with weblognewsinfo.com
- 2013-11-26 -> 2013-11-26 70.32.43.226
- viewdns.info/iphistory/?domain=newsincirculation.com
- 70.32.43.226 Lombard - United States LEASEWEB-USA-CHI 2014-01-31
- 50.63.202.77 United States AS-26496-GO-DADDY-COM-LLC 2013-10-19. virutal?
- 70.32.43.226 Lombard - United States LEASEWEB-USA-CHI 2013-09-26 virtual?
- 69.147.228.5 Chicago - United States LEASEWEB-USA-CHI 2012-11-12 unknown. Tested viewdns.info range: 69.147.228.1 69.147.228.15. Nope.
- 173.208.81.2 Lombard - United States LEASEWEB-USA-CHI 2011-04-04 virtual
- dnshistory.org/historical-dns-records/a/newsincirculation.com
199.19.110.7 theworldnewsfeeds.com. Los Angeles - United States FIBER-LOGIC.
- dnshistory.org/historical-dns-records/a/theworldnewsfeeds.com no hits
- viewdns.info/iphistory/?domain=theworldnewsfeeds.com
- 199.19.110.7 2012-01-11 unknown range viewdns.info/reverseip/?t=1&host=199.19.110.7 small virtual:
- Hits
- classymotors.net
- russiansportsworld.com
- urbestbod.com
- Not hits:
- angelesmesapc.org: web.archive.org/web/20110623222054/http://angelesmesapc.org/ seems legit.
- web.archive.org/web/20110701070546/http://www.gralnickandsale.com/ broken
- web.archive.org/web/20110208064143/http://magnoliahousephotography.com/ commercial
- web.archive.org/web/20101229224456/http://rdns13.net/ cgi bin
- Hits
- 74.200.252.212 United States RACKSPACE 2011-11-13 unknown range. viewdns.info/reverseip/?t=1&host=74.200.252.212 small virtual fully explored:
- 199.19.110.7 2012-01-11 unknown range viewdns.info/reverseip/?t=1&host=199.19.110.7 small virtual:
199.85.212.118 just-kidding-news.com. ATT-INTERNET4 in United States.
- 199.85.212.118 rdns source: 2013 DNS Census virtual host cleanup heuristic keyword searches, dnshistory.org (2009-09-23 -> 2011-01-25) and viewdns.info: "location": "United States", "owner": "VIMRO, LLC", "lastseen": "2012-01-11". Tested viewdns.info range: 199.85.212.95 - 199.85.212.128. Not sure worth it given the many 2013 DNS Census misses surrounding.
- 199.85.212.98: colorsxpress.com. Legit
- 199.85.212.104:
- jobindons.com 2013-10-19.
- piogroup.org 2012-12-29.
- 199.85.212.105: mide-news.com. Hit.
- 199.85.212.109: game2be.com. Infinite load loop: web.archive.org/web/20080102074404/http://www.game2be.com/ cqcounter.com/whois/www/game2be.com.html error not found.
- 199.85.212.111:
- newsandsportscentral.com. Hit.
- and many many others, not bothering with it
- 199.85.212.115: veryperi.com. Legit? 2011. Style is similar.
- 199.85.212.116: approselect.com. Legit?
- 199.85.212.117: innovative-software-solutions.com. broken/legit cqcounter.com/whois/www/innovative-software-solutions.com.html broken.
- 199.85.212.118: just-kidding-news.com. Hit.
- 199.85.212.119: invisus.com. Legit
- 199.85.212.120: allurebyjustine.com. Legit?
- 199.85.212.121: stockprouniversity.com cqcounter.com/whois/www/stockprouniversity.com.html legit?
- 199.85.212.122: stjosephswoodshop.com Legit?
- 199.85.212.125: time-spacer.net. Welcome to the US Petabox. cqcounter.com/whois/www/time-spacer.net.html service unavailable
- 199.85.212.132: qualitytrans.net. Legit?
- 199.85.212.134: mywellnessminder.com. Legit?
- 199.85.212.138: crystalglassinc.com
- 199.85.212.140: davistech-llc.com
- 68.178.232.100: see rastadirect.net. rdns source: viewdns.info: "location": "United States", "owner": "GoDaddy.com, LLC", "lastseen": "2012-06-29"
- 209.85.45.84. Tested viewdns.info range: 209.85.45.74 - 209.85.45.94.
- 209.85.45.2: dz8.dailyrazor.com
- 209.85.45.2: jr4consulting.com
- 209.85.45.41: guitarzza.com. No archives of time.
- 209.85.45.46: evergraindecking.com. No archives of time.
- 209.85.45.114: mauritiuspropertyconsultant.com. Legit/ broken.
- 209.85.45.160: bieltvedt.net. No archives of time.
- 209.85.45.160: golfstats.dk. No archives.
- 209.85.45.225: infokus.ca
- 209.85.45.225: mail.tomlatham.net
- 209.85.45.225: mail.tomlatham.org
- 209.85.45.239: flavacationcenter.com
204.176.38.143 noticiassofisticadas.com. UUNET in United States. Found with: 2013 DNS Census virtual host cleanup. Tested viewdns.info range: 204.176.38.125 - 204.176.38.154
- 204.176.38.130: i-pressnews.com. Hit.
- 204.176.38.132: turkishnewslinks.com. Hit.
- 204.176.38.134: photographyarecord.com. Hit.
- 204.176.38.135: breakingthewicket.com. Hit.
- 204.176.38.136: politicalworldtoday.com. Hit.
- 204.176.38.137: hi-tech-today.com. Hit.
- 204.176.38.138: continental-business-news.com. TODO. rss-item, split images. 2011. Cannot find comms. Also header and footer are not limited width which is unusual. Further HTML similarity reversing would be needed.
- 204.176.38.139: bigscreenbattles.com. Hit.
- 204.176.38.141: rakotafootball.com. Hit.
- 204.176.38.142: senderosdemontana.com. Hit.
- 204.176.38.143: noticiassofisticadas.com. Hit.
- 204.176.38.144: techno-today.com. Hit.
- 204.176.38.145: tickettonews.com. Hit.
- 204.176.38.146: dps-digitalphotosharing.com. Hit.
- 204.176.38.147: theputtingreen.com. Hit.
- 204.176.38.149: sportsnewstodayar.com. Hit.
- 204.176.38.150: kairuafricanews.com. Hit.
204.176.39.115 globalprovincesnews.com. UUNET in United States. Tested viewdns.info range: 204.176.39.93 - 204.176.39.124
- 204.176.39.97: beamingnews.com. Hit.
- 204.176.39.98: cubriendonoticias.com. Hit.
- 204.176.39.100: rowleyworldpost.com. Hit.
- 204.176.39.101: noticiastopicas.com. No archives. cqcounter.com/whois/www/noticiastopicas.com.html not found.
- 204.176.39.103: economicnewsbuzz.com. Hit.
- 204.176.39.104: spectranewsonline.com. Hit.
- 204.176.39.105: entertainmentnewscompany.com. Hit.
- 204.176.39.107: guidetoelectronics.net. Uncertain. 2010. English. tech, electronics. Split images, rss-items. Comms not found, likely CGI comms variant on unarchived login page:. web.archive.org/web/20101230025246/http://guidetoelectronics.net/login.html
- 204.176.39.110: arabnewsatdawn.com. Hit.
- 204.176.39.114: messengergalaxy.com. Uncertain. 2011. Would be the first example of something more commercial/service offering we've seen so far. Possible CGI comms variant.
- 204.176.39.115: globalprovincesnews.com. Hit.
- 204.176.39.116: mahparah-news.com. Hit.
- 204.176.39.119: commercialspacedesign.com. Hit.
207.150.191.68 technologypresstoday.com. Saudi Telecom Company JSC in Saudi Arabia.
- technologypresstoday.com. Hit. 2011. JAR. Farsi. RSS, split images.
- viewdns.info/iphistory/?domain=technologypresstoday.com says 72.13.93.206 Santa Clara - United States EGIHOSTING 2012-01-11. viewdns.info/reverseip/?host=72.13.93.206&t=1 says large virtual.
- dnshistory.org/dns-records/technologypresstoday.com says empty
- securitytrails.com/domain/technologypresstoday.com/history/a
- 72.13.93.203 EGIHosting 2009-07-20 (16 years) 2009-07-27 (16 years) 7 days
- 64.13.159.156 Wave Broadband 2009-05-30 (16 years) 2009-07-16 (16 years) 2 months. viewdns.info/reverseip/?t=1&host=64.13.159.156 empty.
- 207.150.191.68 Saudi Telecom Company JSC 2009-01-21 (16 years) 2009-05-22 (16 years) 4 months
- 68.178.232.100 GoDaddy.com, LLC 2009-01-14 (16 years) 2009-01-20 (16 years) 6 days
- worldofonlinenews.com. Hit.
- dnshistory.org/historical-dns-records/a/worldofonlinenews.com 2015-12-15 -> 2016-04-21 108.167.161.90 presumably from the legit era
- viewdns.info/iphistory/?domain=worldofonlinenews.com
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2011-07-02 virtual
- 207.150.191.68 Saudi Arabia Saudi Telecom Company JSC 2011-04-04 virtual
- mywebofnews.com. Hit.
- dnshistory.org/historical-dns-records/a/mywebofnews.com 2010-03-09 -> 2010-08-14 207.150.191.68 But this has several hits for the same IP on DNS Census 2013 which is unusual:
viewdns.info/reverseip/?host=207.150.191.68&t=1 is medium virtual:3xhunter.com|2012-04-12T07:53:24|207.150.191.68 dreamersoul.net|2012-04-11T22:06:18|207.150.191.68 exdump.com|2012-02-03T11:42:44|207.150.191.68
- world-high.info: cqcounter.com/whois/www/world-high.info.html legit wordpress
- viewdns.info/iphistory/?domain=mywebofnews.com no hits
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2011-07-27 virtual
- 207.150.191.68 Saudi kkkArabia Saudi Telecom Company JSC 2011-06-22 virtual
- viewdns.info/reverseip/?host=207.150.191.68&t=1
- kickofffootballnews.com. Hit. viewdns.info/iphistory/?domain=kickofffootballnews.com to that IP alone
- ithaiproperty.com. Legit. web.archive.org/web/20111001231548/http://www.ithaiproperty.com/
- themaconnightlife.com: no archives: web.archive.org/web/20250000000000*/themaconnightlife.com. cqcounter.com/whois/www/themaconnightlife.com.html sems legit.
- web.archive.org/web/20110202093639/http://theadvancompany.com/ cgi-bin directory
- web.archive.org/web/20091212001404/http://www.toddlerbedrailshop.com/ off
- cqcounter.com/whois/www/texasdavisfive.com.html off
- web.archive.org/web/20250000000000*/geldherrin-lady-estefania.com no archives.
207.210.250.132 aeronet-news.com. AS17378 in United States. This is the Autonomous System Number for TierPoint, LLC. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 207.210.250.126 - 207.210.250.157
- 207.210.250.131: starrynightnews.com. Hit.
- 207.210.250.132: aeronet-news.com. Hit.
- 207.210.250.133: bakaribulletin.com. Hit.
- 207.210.250.134: deprensaenlarevisiondehoy.com. Hit.
- 207.210.250.135: icwb-news.com. Hit.
- 207.210.250.136: sportsreelhighlights.com. Hit.
- 207.210.250.137: fashionforward.info. No archives. cqcounter.com/whois/www/fashionforward.info.html innovative but has a "Member" section. Stock lady visible somwhere at westlahairgrowth.com/?page_id=12158 according to Google images but I couldn't find it easily in the page.
- 207.210.250.138: inquiry-human-past.com. Hit.
- 207.210.250.139: thefairwaysaregreen.com. Hit.
- 207.210.250.142: russiaupdate.com. Hit.
- 207.210.250.143: archaeologyreview.net. Hit.
- 207.210.250.144: highspeed-news.com. No archives. cqcounter.com/whois/www/highspeed-news.com.html not found.
- 207.210.250.146: noticias-caracas.com. Hit.
- 207.210.250.147: bailandstump.com. Hit.
- 207.210.250.148: classicalmusic4arab.com. Hit.
- 207.210.250.149: globalventurestat.com. Hit.
- 207.210.250.152: al-rashidrealestate.com. Hit.
- 207.210.250.153: newsintheworld-ru.com. Hit.
- 207.210.250.154: news-unlimited.info. Hit.
208.93.112.105 fastnews-online.com. TULIP-SYSTEMS in United States. Checked viewdns.info range: 208.93.112.90 - 208.93.112.155
- 208.93.112.101: cketnews.com: web.archive.org/web/20070612034201/http://cketnews.com/. Archives from 2007 and off style. cqcounter.com/whois/www/cketnews.com.html not found.
- 208.93.112.105: fastnews-online.com. Hit.
- 208.93.112.106: travelxtreme.net. Hit.
- 208.93.112.108: nbanewsroundup.com. Hit.
- 208.93.112.110: luxuryfive.net. Hit.
- 208.93.112.111: topfootballnewsonline.com. Hit.
- 208.93.112.112: todaysportscores.com. Hit.
- 208.93.112.113: mostefficientself.com. Uncertain. cqcounter.com/whois/www/mostefficientself.com.html hard to tell. One is reminded of fightorgohome.com.
- 208.93.112.114: dynamicworldnews.com. Hit.
- 208.93.112.116: gazingvoyage.com. Hit.
- 208.93.112.123: garundipost.com. Hit.
- 208.93.112.125: theradioamateurs.com: no archives. cqcounter.com/whois/www/theradioamateurs.com.html not found.
208.254.38.39 todaysengineering.com. COLO-PREM-VZB in United States.
- Tested viewdns.info range: 208.254.38.9 - 208.254.38.86. Weirdly empty, doesn't even show the domain iteslf!
- 208.254.38.39: todaysengineering.com. Hit. rdns source: both viewdns.info and 2013 DNS Census
- 208.254.38.56: nejadnews.com. Hit.
- 68.178.232.100: source: securitytrails.com. 2009-11-24 - 2009-12-11, GoDaddy.com, LLC
208.254.40.117 worldnewsandent.com. COLO-PREM-VZB in United States. whois.arin.net/rest/net/NET-208-192-0-0-1/pft?s=208.254.40.117: Net Range 208.192.0.0 - 208.255.255.255. Tested viewdns.info range: 208.254.40.92 - 208.254.40.135
- 208.254.40.96: sixty2media.com. Hit.
- 208.254.40.99: newspoliticssource.com. Hit.
- 208.254.40.110 musical-fortune.net. Hit.
- 208.254.40.113: ashoka-gemstones.com. Hit.
- 208.254.40.117: worldnewsandent.com. Hit.
- 208.254.40.124: riskandrewardnews.com. Hit.
- 208.254.40.129: mailb.casella.com. Legit.
208.254.42.205 driversinternationalgolf.com. COLO-PREM-VZB in United States. Tested viewdns.info range: 208.254.42.178 - 208.254.42.233.
- 208.254.42.35: mystorytimefriends.com. Broken/legit.
- 208.254.42.194: it-proonline.com. Hit.
- 208.254.42.200: riccs.mwcog.org. Legit. Reverse IP source: 2012 Internet Census, 2012-05-14.
- 208.254.42.205: driversinternationalgolf.com. Hit.
- 208.254.42.209: mardelsurnoticias.com. Hit. Reverse IP source: viewdns.info
- 208.254.42.215: nowfreshfinances.com. Hit.
- 208.254.42.216: circulatingnews.net. Hit.
- 208.254.42.219: westingtonpassnews.com. Hit. Reverse IP source: 2013 DNS Census
- 208.254.44.155: brandimpact.com. Legit/broken: web.archive.org/web/20070801000000*/brandimpact.com
- 208.254.45.105: operatorenum.com. Legit/broken: web.archive.org/web/20100301000000*/operatorenum.com
209.162.192.49 rastadirect.net. DF-PTL2-3 in Gresham - United States. Source: securitytrails.com and cqcounter.com/site/rastadirect.net.html. Tested viewdns.info: 209.162.192.30 209.162.192.70
* 209.162.192.44: thejewelofsouthamerica.com. Hit.
* 209.162.192.49: rastadirect.net. Hit.
* 209.162.192.51: yellow-chair-report.com. Hit.
* 209.162.192.54: tutkulu-turu.com. Possible hit. domainsbyproxy.com 2008-03-04. Weird style made up exclusively of cut up images, including the text itself where links would normally be. Turkish. Archive a bit weird with images on top of text. 2011 Copyright 2006. Unarchived link to web.archive.org/web/20110129065840/http://tutkulu-turu.com/login.html with title "Kullanıcı adı" (Username). Headline "Online seyahat etmek acenta" translates to "Online travel agency".
* 209.162.192.57: globalnewsreports.net. Hit.
* 209.162.192.59: easytravelsite.net. Hit.
* 209.162.192.70: phrio.com. Off date. viewdns.info/reverseip/?t=1&host=209.162.192.70
* 209.162.192.44: thejewelofsouthamerica.com. Hit.
* 209.162.192.49: rastadirect.net. Hit.
* 209.162.192.51: yellow-chair-report.com. Hit.
* 209.162.192.54: tutkulu-turu.com. Possible hit. domainsbyproxy.com 2008-03-04. Weird style made up exclusively of cut up images, including the text itself where links would normally be. Turkish. Archive a bit weird with images on top of text. 2011 Copyright 2006. Unarchived link to web.archive.org/web/20110129065840/http://tutkulu-turu.com/login.html with title "Kullanıcı adı" (Username). Headline "Online seyahat etmek acenta" translates to "Online travel agency".
* 209.162.192.57: globalnewsreports.net. Hit.
* 209.162.192.59: easytravelsite.net. Hit.
* 209.162.192.70: phrio.com. Off date. viewdns.info/reverseip/?t=1&host=209.162.192.70
- 68.178.232.100 - United States - GoDaddy.com - 2011-05-02. Reverse IP source: viewdns.infoThere are actualy talk pages about this IP
- +-20 range: several domains on each IP, but can't find any hits easily
210.80.75.55 philippinenewsonline.net. UUNET in Australia. Tested viewdns.info range: 210.80.75.30 - 210.80.75.67
- 210.80.75.35: aroundtheworldnews.net. No archives. ipinf.ru/domains/210.80.75.33/ disagrees and places it at .33.
- 210.80.75.36: e-commodities.net. Hit.
- 210.80.75.37: trekkingtoday.com. Hit.
- 210.80.75.41: multinews-33.com. Hit.
- 210.80.75.42: movimientodenticias.com. No archives. cqcounter.com/whois/www/movimientodenticias.com.html blank.
- 210.80.75.43: gulfandmiddleeastnews.com. Hit.
- 210.80.75.44: whirlybirdinflight.com. Hit.
- 210.80.75.45: kings-game.net. Hit.
- 210.80.75.46: topglobalnewsdaily.com. Hit.
- 210.80.75.49: recipe-dujour.com. Hit.
- 210.80.75.53: sportsman-elite.com. Hit.
- 210.80.75.55: philippinenewsonline.net. Hit.
- 210.80.75.56: technewsforme.com. Hit.
- 210.80.75.59: goldeportesnoticias.com. Hit.
- 210.80.75.68: gigabyte-usa.com. Legit.
212.4.16.232 mynewscheck.com. UUNET in Cassano d'Adda - Italy. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 212.4.16.214 - 212.4.17.198. ipinf.ru/domains/?search=212.4.17.125&cust=1 says they are /19, so .16 and .17 are both the same range from a registration perspective::
- 212.4.16.224: lanoticiasdehoyelinforme.com. Hit.
- 212.4.16.232: mynewscheck.com. Hit.
- 212.4.16.239: saktimarsgolf.com 2012-06-29. Broken/legit/no archives of relevant date: web.archive.org/web/20081031060207/http://saktimarsgolf.com/. cqcounter.com/whois/www/saktimarsgolf.com.html blank.
- 212.4.16.245: financial-crisis-news.com. Hit.
- 212.4.16.252: minutosdenoticias.com. Hit. web.archive.org/web/20100517151612/http://minutosdenoticias.com/
212.4.17.38 fightwithoutrules.com. UUNET in Cassano d'Adda - Italy. whois.arin.net/rest/net/NET-208-192-0-0-1/pft?s=208.254.40.117. Net Range: 208.192.0.0 - 208.255.255.255. Organization: Name: Verizon Business. Tested viewdns.info range: see 212.4.16.* aboveThere were also some other reverse IP hits for fightwithoutrules.com, but no CIA websites there:
- 212.4.17.38: fightwithoutrules.com. Hit.
- 212.4.17.41: newtechfrontier.com. Hit.
- 212.4.17.43: smart-travel-consultant.com. Hit.
- 212.4.17.46: atentlaloc.com. Hit.
- 212.4.17.53: newsresolution.net. Hit.
- 212.4.17.56: lesummumdelafinance.com. Hit.
- 212.4.17.56: thepinnacleoffinance.com. No Wayback machine archives. cqcounter.com/whois/www/thepinnacleoffinance.com.html blank.
- 212.4.17.61: tech-stop.org. Archive: 2011. Feels likely. No commons found. .org hit? Has subdomain "gear.tech-stop.org" according to 2013 DNS Census, which suggests CGI comms, but no links to it
- 212.4.17.98: topbillingsite.com. Hit.
- 212.4.17.122: b2bworldglobal.com. Hit.
- 212.4.17.125: worldaroundyunnan.com. Hit.
- 212.4.17.160: localtoglobalnews.com. Hit.
Other hits:
- 208.91.197.132. rdns source: viewdns.info: "location" : "British Virgin Islands", "owner" : "Confluence Networks Inc", "lastseen" : "2013-09-26". So this is after the previous one, unlikely to be correct.
- 205.178.189.131. source: securitytrails.com
212.4.18.129 sightseeingnews.com. UUNET in Cassano d'Adda - Italy. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 212.4.18.115 - 212.4.18.148. TODO expand. Interesting wide/sparse range? Or perhaps it's two separate ranges?
212.209.74.105 globalbaseballnews.com. UUNET in Sweden. Tested viewdns.info range: 212.209.74.100 - 212.209.74.132. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches
- 212.209.74.105: globalbaseballnews.com. Hit.
- 212.209.74.106: football-de-luxe.com. Hit.
- 212.209.74.111: worldconcerns.info. No archives. cqcounter.com/whois/www/worldconcerns.info.html empty.
- 212.209.74.112: developmental-league.com. Unclear. CGI comms variant? 2010. English. CGI. American football.
- 212.209.74.115: mediocampodefutbol.com. Hit.
- 212.209.74.117: myengineeringaffinity.com. Hit.
- 212.209.74.122: atthemovies.biz. Hit.
- 212.209.74.123: worldfinancialexchangenews.com. Hit.
- 212.209.74.124: urouttahere.com. Hit.
- 212.209.74.125: avoilurefixe.com. Hit.
- 212.209.74.126: headlines2day.com. Hit.
- 118.139.174.11. Reverse IP source: viewdns.info
- 118.139.174.11: 712 domain hits on it
- 118.139.174.21: theargentineanwineco.com 2013-09-26. No Wayback machine archive. cqcounter.com/whois/www/theargentineanwineco.com.html not found.
- nothing else on the +-20 range
- 184.168.221.91. Reverse IP source: 2013 DNS Census
- 184.168.221.91: 40k hits on 2013 DNS Census
- 118.139.174.11. Reverse IP source: viewdns.info
- 212.209.74.127: construction-zones.com. Unclear. CGI comms variant? 2009. No known comms found. English. construction. Has a login page: web.archive.org/web/20091130144158/http://construction-zones.com/login.html so maybe CGI comms variant
212.209.79.40 hydradraco.com. UUNET in Sweden. Found with: visual inspection of full 2013 DNS Census virtual host cleanup list just after globalbaseballnews.com. Tested viewdns.info range: 212.209.79.35 - 212.209.79.63
- 212.209.79.34: fgnl.net. Hit. securitytrails.com provides IP history:both under MCI Communications Services, Inc. d/b/a Verizon Business.
- 212.209.79.37: fitness-sources.com. Hit.
- 212.209.79.40: hydradraco.com. Hit.
- 212.209.79.41: noticiasdelmundolatino.com. Hit.
- 212.209.79.42: suparakuvi.com. Hit.
- 212.209.79.44: myigadgets.net. Unclear. 2010. tech. Contains some helpers to: iGoogle. This page is very interesting. and quite different from the others, as it contains highly specialized functionality. No known comms found. The choice of homepage languages is also very suspicious: Arabic, Farsi, French, Chinese and Spanish.
- 212.209.79.46: cetusdelph.com. Hit.
- 212.209.79.47: willtoworship.com. Hit. domainsbyproxy.com
- 212.209.79.48: themvconnection.com. Hit.
- 212.209.79.51: pi-resources.net. Hit.
- 212.209.79.52: newel-adserver.com. Redirects to newel.com which is legit. cqcounter.com/whois/www/newel-adserver.com.html blank.
- 212.209.79.53: ourscubaworld.com. Hit.
- 212.209.79.58: tech-love-home.com. Hit.
- 212.209.79.60: first-solo-aviation.com. Hit.
- 212.209.79.61: china-destinations.org. Hit.
212.209.90.84 thenewseditor.com. UUNET in Sweden. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 212.209.90.64 - 212.209.90.99
- 212.209.90.69: worldedgenews.com. Hit.
- 212.209.90.72: talkingpointnews.info. Hit.
- 212.209.90.74: globalinvestmentnews.net. Hit.
- 212.209.90.75: prebitinvestment.com. Hit.
- 212.209.90.77: energy-bulb.com 2011. English. energy. Comms not found, but has unarchived link to: web.archive.org/web/20110128182345/https://webmail.energy-bulb.com/login.html. CGI comms variant?
- 212.209.90.79: freeblink.com. No archives for timerange, then legit. cqcounter.com/whois/www/freeblink.com.html off-style
- 212.209.90.80: nsmovies.net. Hit.
- 212.209.90.82: middleeastjournal.net. Hit.
- 212.209.90.84: thenewseditor.com. Hit.
- 212.209.90.87: newsandweathersource.com. Hit.
- 212.209.90.89: pakisports.com. Hit.
- 212.209.90.90: vriha-aesthetics.com. Hit.
- 212.209.90.92: amishkanews.com. Hit.
- 212.209.90.93: theentertainbiz.com. Hit.
- 212.209.90.94: eurosportssummary.com. Hit.
- 212.209.91.14: teracom.net. Legit
216.93.248.194 esmundonoticias.com. TWDX in Chelmsford - United States.
- dnshistory.org/historical-dns-records/a/esmundonoticias.com 2010-02-05 -> 2010-08-02 216.93.248.194. Tested viewdns.info range: 216.93.248.184 216.93.248.204. viewdns.info/reverseip/?host=216.93.248.194&t=1 gives:
- hits:
- esmundonoticias.com 2012-01-11
- kukrinews.com 2011-06-22
- dnshistory.org/historical-dns-records/a/kukrinews.com 2010-02-26 -> 2010-08-07 216.93.248.194
- viewdns.info/iphistory/?domain=kukrinews.com 216.93.248.194 Malden - United States TWDX 2011-06-22
- lasthournews.com 2010-02-27 -> 2010-08-07
- tech-geek-news.com 2012-01-11
- not hits;
- 216.93.248.194: coxsackielive.com 2012-06-29. No archives. dawhois.com/www/coxsackielive.com.html off.
- 216.93.248.194: datapakassociates.org 2012-04-27. No rachives. dawhois.com/www/datapakassociates.org.html off.
- 216.93.248.194: easywebworld.net 2012-02-27. Broken: web.archive.org/web/20101229051406/http://easywebworld.net/ "This Site Is Under Construction. Come Back Soon!" so seems legit. dawhois.com/www/easywebworld.net.html same.
- 216.93.248.194: librarianhelper.com 2013-06-30. Parked domain girl. dawhois.com/www/librarianhelper.com.html not found.
- 216.93.248.194: ualbanycornerstone.org 2012-04-13. Legit.
- hits:
- viewdns.info/iphistory/?domain=esmundonoticias.com 216.93.248.194 Malden - United States TWDX 2012-01-11. Tested. viewdns.info/reverseip/?t=1&host=216.93.248.194 small virtual.
216.104.38.114 all-sport-headlines.com. SINGLEHOP-LLC in United States.
- viewdns.info/iphistory/?domain=all-sport-headlines.com
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2012-11-12 virtual
- 216.104.38.114 United States SINGLEHOP-LLC 2012-09-21. Tested viewdns.info range: 216.104.38.104 216.104.38.124
- viewdns.info/reverseip/?t=1&host=216.104.38.114
- hits:
* wahidfutbol.com
* wildbirds-seasia.com - not hits:
- web.archive.org/web/0/oaksathighlandlakes.com no archives
- web.archive.org/web/20110208080756/http://www.weathersbyhoa.com/cgi-bin/index.pl?action=main
- web.archive.org/web/20110202205540/http://www.themeadowssubdivisionhoa.com/cgi-bin/index.pl?action=main
- web.archive.org/web/20110208074306/http://bsheroics.com/ humm off there is a chance. They have actual twitter: x.com/bsheroics nevermind. And: www.facebook.com/profile.php?id=100078200499209
- afterawhilecrocodile.info 2011-07-26. Legit.
- hits:
- viewdns.info/reverseip/?t=1&host=216.104.38.114
- securitytrails.com/domain/all-sport-headlines.com/history/a adds
- 66.246.218.219 Cologix, Inc 2008-09-01 (17 years) 2008-11-25 (16 years) 3 months. viewdns.info/reverseip/?t=1&host=66.246.218.219 empty.
216.105.98.152: modernarabicnews.com. SAVVY-NET in United States. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches. Tested viewdns.info range: 216.105.98.125 - 216.105.98.167
- 216.105.98.118:
- estudashboard.com: broken cqcounter.com/whois/www/estudashboard.com.html not found
- fintrade.us: legit
- 216.105.98.132: europeantravelcafe.com. Hit.
- 216.105.98.134: fuenteneta.com. Hit.
- 216.105.98.135: ilat-news.com. Hit.
- 216.105.98.136: etherealinspirations.net. Hit.
- 216.105.98.137: the-news-zone.com. Hit.
- 216.105.98.138: photozoomnews.com. No archives. cqcounter.com/whois/www/photozoomnews.com.html empty
- 216.105.98.139: cultura-digital.net. Hit.
- 216.105.98.140: uaeshoppingspree.com. Hit.
- 216.105.98.141: jabarifootball.com. No archives. "Jabari" is a Swahili/Arabic name[ref]. cqcounter.com/whois/www/jabarifootball.com.html not found.
- 216.105.98.142: globalreview-ar.com. No archives. Shame, could have been our first Argentinian site. cqcounter.com/whois/www/globalreview-ar.com.html empty.
- 216.105.98.144: garanziadellasicurezza.com. Hit.
- 216.105.98.145: montanismoaventura.com. Hit.
- 216.105.98.146: large-format-news.com. Hit.
- 216.105.98.147: nepalnewsbrief.com. Hit. dnshistory.org marks it as having IP 2010-03-10 -> 2010-08-15 216.169.148.94 [ref]. This range does feel a bit different from the others, too many broken archives, and relatively early ones too. Explored viewdns.info range: 216.169.148.84 - 216.169.148.104, empty for period. domainsbyproxy.com.
- 216.105.98.148: teclafinance.com. Hit.
- 216.105.98.149: entreman.com. Hit.
- 216.105.98.152: modernarabicnews.com. Hit.
- 216.105.98.153: global-headlines.com. Hit.
- 216.105.98.154: everythingcricket.org. Hit.
- 216.105.98.156: familyhealthonline.net. Hit.
- 216.105.98.157: delacorne.com. Hit.
- 216.105.98.158: econfutures.com. Hit.
- 216.105.98.161: kstcloud.com. No archives. cqcounter.com/whois/www/kstcloud.com.html not found
219.90.61.123 journeystravelled.com. UUNET in Taiwan. Tested viewdns.info range: 219.90.61.100 - 219.90.61.133
- 219.90.61.100: pressstory.com: "Under construction". web.archive.org/web/20110128124548/http://pressstory.com/. cqcounter.com/whois/www/pressstory.com.html same
- 219.90.61.103: bet2plays.com. "Under construction". Unlikely thematic, too spicy. cqcounter.com/whois/www/bet2plays.com.html same
- 219.90.61.110: surya-brahma.com. Hit
- 219.90.61.111: classicalmusicboxonline.com. Hit.
- 219.90.61.116: athletepro.net. Hit.
- 219.90.61.117: lajornadanow.com. Hit.
- 219.90.61.119: aviation-navigation.com. Hit.
- 219.90.61.120: theinternationalworld.com. Hit.
- 219.90.61.121: thepyramidnews.com. Hit.
- 219.90.61.122: iran-newslink-today.com. Hit.
- 219.90.61.123: journeystravelled.com. Hit.
219.90.62.243 fitness-dawg.com. UUNET in Taiwan. whois.arin.net/rest/net/NET-219-0-0-0-1/pft?s=219.90.62.243. Net Type: Allocated to APNIC. Tested viewdns.info range: unknown - 219.90.62.255
- 219.90.62.173:
- dominatingduos.com: 2013-08-12T17:53:09. No archive. cqcounter.com/whois/www/dominatingduos.com.html empty
- has other domains
- 219.90.62.193: centralnewsreleasers.com. Only a 2018 of the robots.txt: web.archive.org/web/*/http://centralnewsreleasers.com/* so likely not a hit. cqcounter.com/whois/www/centralnewsreleasers.com.html not found.
- 219.90.62.209: penniesbythemillions.com. No archives. cqcounter.com/whois/www/penniesbythemillions.com.html not found.
- 219.90.62.229: information-junky.com. Hit.
- 219.90.62.231: todosperuahora.com. Hit.
- 219.90.62.232: race26point2.com. Hit. No archives, but has subdomain: secure.race26point2.com, so likely CGI comms. cqcounter.com/whois/www/race26point2.com.html somewaht in-style and also a "members" link, presumably linking to secure.race26point2.com. The "26" and "2" are not very clear, but tagline clarifies "leading the race on the latest running news and events" so it's a running news website
- 219.90.62.233: theworld-news.net. Hit.
- 219.90.62.234: recuerdosdeviajeonline.com. Hit
- 219.90.62.235: ordenpolicial.com. Hit.
- 219.90.62.240: cityworldnewsnow.com. Hit. No archives but has subdomain: secure.cityworldnewsnow.com so likely CGI comms. cqcounter.com/whois/www/cityworldnewsnow.com.html in-style, arab world mentions.
- 219.90.62.237: elcorreodenoticias.com. Hit.
- 219.90.62.238: freshtechonline.com. Hit.
- 219.90.62.240: cityworldnewsnow.com. Hit.
- 219.90.62.241: newscentertoday.com. Hit.
- 219.90.62.242: ride-captain.com. Hit.
- 219.90.62.244: easytraveleurope.com. Hit.
- 219.90.62.245: world-news-now.net. Hit.
- 219.90.62.246: negativeaperture.com. Hit.
- 219.90.62.247: conquermstoday.com. Hit
- 219.90.62.249: forensic-exchange.com. 2013 archive: web.archive.org/web/20130714094026/http://forensic-exchange.com/. Appears to be a buggy Wayback Machine archive somehow, so inconclusive. cqcounter.com/whois/www/forensic-exchange.com.html in-style, clarifies focus on computer.
CIA 2010 covert communication websites Hits without nearby IP hits Updated 2025-04-24 +Created 1970-01-01
Here we list domains for which the correct IP was apparently not found since there are no neighbouring hits.
These are suspicious, and suggest either that we didn't obtain the correct reverse IP, or a change in CIA methodology from an older time at which they were not yet using the obscene IP ranges.
For example, in the case of inews-today.com, 2013 DNS Census gave one IP 193.203.49.212, but then viewdns.info gave another one 66.175.106.146 which fit into an existing IP range, and which assumed to be the correct IP of interest.
A similar case happened when we found IP 212.209.74.126 for headlines2day.com with dnshistory.org: dnshistory.org/historical-dns-records/a/headlines2day.com.
It is interesting to note that Reuters seems to have featured disproportionately many hits from that range, one wonders why that happened. It is possible that they chose these because they actually didn't have any nearby hits to give away less obvious information, though they did pick some from the ranges as wel.
In what follows we list the domains with possible reverse IPs and what was explored so far for each. We consider IPs not in a range to be uncertain, and that instead their domains might have been previously in a range which we
dailynewsandsports.com. Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches
- 216.119.129.94. rdns source: viewdns.info "location": "United States", "owner": "A2 Hosting, Inc.", "lastseen": "2012-04-13". Tested viewdns.info range: 216.119.129.85 - 216.119.129.86, 216.119.129.89 - 216.119.129.99, ran out of queries for 87 and 88
- 216.119.129.90: eastdairies.com 2011-04-04. Promising name and date, but no archives alas.
- 216.119.129.97: miideaco.com 2016-02-01
- 216.119.129.114 Found with: 2013 DNS Census virtual host cleanup heuristic keyword searches, also present on viewdns.info but at a later date from previous "location": "United States", "owner": "A2 Hosting, Inc.", "lastseen": "2013-11-29". Tested viewdns.info range: 216.119.129.109 - 216.119.129.119
- 216.119.129.110: dommoejmechty.com.ua. Legit.
- 216.119.129.111: dailybeatz.com: Legit
- 216.119.129.113:
- audreygeneve.com
- reyzheng.com
- jacintorey.com
- 216.119.129.114: dailynewsandsports.com. hit.
- 216.119.129.115: afxchange.com legit/broken
- 216.119.129.116: danafunkfinancial.com: legit
- 208.73.33.194 on securitytrails.com
iranfootballsource.com:
- 34.98.99.30 Kansas City - United States Google LLC 2021-05-24
- 184.168.221.94 United States GoDaddy.com 2020-07-21
- 50.63.202.66 United States GoDaddy.com 2020-07-07
- 50.63.202.86 United States GoDaddy.com 2020-05-28
- 184.168.221.94 United States GoDaddy.com 2020-05-13
- 50.63.202.74 United States GoDaddy.com 2020-04-29
- 50.18.223.191 San Jose - United States Amazon.com 2015-03-23. Sources: 2013 DNS Census and viewdns.info
- no viewdns.info hits +- 10
- 85.13.200.108 United Kingdom Coreix Dedicated Customer Allocation 2013-06-30. Source: viewdns.info
- 85.13.200.108: 1000 hits, so unlikely to be the one
iraniangoalkicks.com:
- 68.178.232.100: treverse IP source: viewdns.info. see rastadirect.net.
- 208.71.138.130 2010-02-22 -> 2010-08-06, QWK.net Hosting, L.L.C.. source: dnshistory.org/historical-dns-records/a/iraniangoalkicks.com. Large shared hosting domain, no good nearby hits, several legit sites.
- securitytrails.com/domain/iraniangoalkicks.com/history/a says:
- 2011-03-31 68.178.232.100
- 2008-09-01 208.71.138.130
iraniangoals.com:
- 68.178.232.100: see rastadirect.net
- 69.65.33.21 - Flushing - United States - GigeNET - 2011-09-08. Also at: dnshistory.org/historical-dns-records/a/iraniangoals.com 2009-08-03 -> 2011-01-12 69.65.33.21 viewdns.info/reverseip/?t=1&host=69.65.33.21 80 virtual nothing pops to eye on quick read:
- 69.65.33.2: onemincustomerservice.com. web.archive.org/web/20091015044922/http://www.onemincustomerservice.com/. Doesn't feel like a hit. cqcounter.com/whois/www/onemincustomerservice.com.html error
- 69.65.33.5: 400+ domains
- 69.65.33.6: 4 domains but recent resolutions only
- similar status for everything else withing +-20. A couple of domains, no easy hits
- securitytrails.com/domain/iraniangoals.com/history/a same from 2008-09-17
football-enthusiast.com:
- 212.4.18.14: Tested viewdns.info range: 212.4.18.1 - 212.4.18.29. This is a curious case, rather close to 212.4.18.129 sightseeingnews.com, but not quite in the same range apparently. Viewdns.info also agrees on its history with only "212.4.18.14", "location" : "Milan - Italy", "owner" : "MCI Worldcom Italy Spa", "lastseen" : "2013-06-30" of interest.
cyhiraeth-intlnews.com:
news-latina.com: domainsbyproxy.com 2007-12-17
- dnshistory.org/historical-dns-records/a/news-latina.com 2010-03-11 -> 2010-08-16 64.92.111.3. this has several hits for the same IP on DNS Census 2013 which is unusual. Tested viewdns.info range: 64.92.111.1 - 64.92.111.13
- viewdns.info/iphistory/?domain=news-latina.com
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2011-08-11 virtual
- 64.92.111.3 United States MASSIVE-NETWORKS 2011-07-27 mdeium virtual viewdns.info/reverseip/?t=1&host=64.92.111.3
- web.archive.org/web/20110211133905/http://tipsypotpole.com/ off
- web.archive.org/web/20250000000000*/quantumhealing.com popular
- web.archive.org/web/20110202114353/http://outdoortradition.com/ redirecting. dawhois.com/www/outdoortradition.com.html not found.
- web.archive.org/web/20250000000000*/gtinvestigations.com popular
- web.archive.org/web/20250000000000*/dig-itmag.com big
europeannewsflash.com:
- viewdns.info/iphistory/?domain=europeannewsflash.com
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2011-10-09 virtual
- 216.131.66.209 San Francisco - United States STRTEC 2011-09-08. Tested viewdns.info range: 216.131.66.201 216.131.66.219
- dnshistory.org/historical-dns-records/a/europeannewsflash.com 2010-02-06 -> 2010-08-02 216.131.66.209. Tested.
outlooknewscast.com:
- dnshistory.org/historical-dns-records/a/outlooknewscast.com
- 2009-08-08 -> 2011-02-11 74.53.159.130. Tested viewdns.info range: 74.53.159.120 - 74.53.159.140
- 74.53.159.130: aeromedhistory.org 2014-11-29
- 74.53.159.130: mariposahorticultural.com 2022-11-28
- 74.53.159.130: thewritestuffresume.com 2011-04-04. Legit.
- 2009-08-08 -> 2011-02-11 74.53.159.130. Tested viewdns.info range: 74.53.159.120 - 74.53.159.140
- viewdns.info/iphistory/?domain=outlooknewscast.com
- 204.93.178.121 Chicago - United States SERVERCENTRAL 2011-09-08. Tested viewdns.info range: 204.93.178.111 - 204.93.178.131. Skimmed through, nothing of great interest.
- 74.53.159.130 United States SOFTLAYER 2011-04-04. Tested.
24hoursprimenews.com:
- dnshistory.org/historical-dns-records/a/24hoursprimenews.com 2009-12-14 -> 2011-10-04 216.9.68.24. Mid virtual: viewdns.info/reverseip/?t=1&host=216.9.68.24 had a quick look but no hits:
- viewdns.info/iphistory/?domain=24hoursprimenews.com 216.9.68.24 United States VONAGE-BUSINESS 2012-01-11. Tested.
- securitytrails.com/domain/24hoursprimenews.com/history/a same
farsi-newsandweather.com:
- dnshistory.org/historical-dns-records/a/farsi-newsandweather.com 2010-02-07 -> 2010-08-03 69.49.101.19. Tested viewdns.info range: 69.49.101.9 - 69.49.101.19
- viewdns.info/iphistory/?domain=farsi-newsandweather.com
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2012-01-11 virtual
- 69.49.101.19 Canada INFB-AS 2011-11-13. Tested.
global-view-news.com:
- dnshistory.org/historical-dns-records/a/global-view-news.com 2010-02-13 -> 2010-08-04 67.220.228.130. Tested viewdns.info range: 67.220.228.120 - 67.220.228.160:
- 67.220.228.150: investfromhome.co.uk 2011-09-05. No archives.
- viewdns.info/iphistory/?domain=global-view-news.com
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2012-01-11 virtual
- 69.90.161.195 Canada COGECO-PEER1 2011-09-08. Unknown. Tested viewdns.info range: 69.90.161.185 69.90.161.205. Some virtual misses. viewdns.info/reverseip/?t=1&host=69.90.161.195 medium virtual, canada.
health-men-today.com:
- dnshistory.org/historical-dns-records/a/health-men-today.com
- 2011-01-07 -> 2011-01-07 69.90.162.165. Tested viewdns.info range: 69.90.162.155 - 69.90.162.175. Virtuals.
- 2009-11-30 -> 2010-05-27 67.220.228.224. New range with global-view-news.com? Tested viewdns.info range: 67.220.228.214 67.220.228.234
- 2009-08-01 -> 2009-09-19 69.42.58.50. Tested viewdns.info range: 69.42.58.40 - 69.42.58.60. Virtuals, canada.
- viewdns.info/iphistory/?domain=health-men-today.com
- securitytrails.com/domain/health-men-today.com/history/a
- 69.42.58.50 Aptum Technologies 2008-09-01 (17 years) 2008-09-04 (17 years) 3 days
firstnewssource.com:
pars-technews.com:
- dnshistory.org/historical-dns-records/a/pars-technews.com 2009-08-08 -> 2011-02-13 74.220.219.104 Tested viewdns.info range: 74.220.219.94 74.220.219.114. viewdns.info/reverseip/?t=1&host=74.220.219.104 medium virtual haven't bothered much.
- viewdns.info/iphistory/?domain=pars-technews.com 74.220.219.104 United States UNIFIEDLAYER-AS-1 2012-11-12. Tested.
newdaynewsonline.com:
- dnshistory.org/historical-dns-records/a/newdaynewsonline.com 2010-03-10 -> 2010-08-15 76.163.54.16. Tested viewdns.info range: 76.163.54.6 76.163.54.26. viewdns.info/reverseip/?t=1&host=76.163.54.16 empty.
- 76.163.54.23: leewoodwork.com 2014-07-05
- viewdns.info/iphistory/?domain=newdaynewsonline.com
- 74.91.154.56 United States INTERNAP-BLOCK-4 2012-11-12 unknown range. Tested viewdns.info range: 74.91.154.46 74.91.154.66
- 74.91.154.61: benefitsla.com 2013-04-21. Legit.
- 76.163.54.16 United States WINDSTREAM 2011-09-08 unknown range. Tested.
- 74.91.154.56 United States INTERNAP-BLOCK-4 2012-11-12 unknown range. Tested viewdns.info range: 74.91.154.46 74.91.154.66
sportsnewsfinder.com:
- dnshistory.org/historical-dns-records/a/sportsnewsfinder.com 2009-08-11 -> 2011-02-24 66.113.196.128. Tested viewdns.info range: 66.113.196.118 66.113.196.138. viewdns.info/reverseip/?t=1&host=66.113.196.128 empty.
- viewdns.info/iphistory/?domain=sportsnewsfinder.com
- 50.63.202.58 United States AS-26496-GO-DADDY-COM-LLC 2013-03-23 some similar hits on other sites, possibly all flukes
- 207.150.219.159 United States AFFINITY-INTER 2013-03-02
- 66.113.196.128 United States NETNATION 2012-01-11. Tested.
newsworldsite.com:
- viewdns.info/iphistory/?domain=newsworldsite.com
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2013-05-20 big virtual
- 204.93.159.80 Chicago - United States SERVERCENTRAL 2013-04-21. Tested viewdns.info range: 204.93.159.70 204.93.159.90. viewdns.info/reverseip/?t=1&host=204.93.159.80 medium virtual.
- 204.93.159.84: team-merk.com 2011-08-11. No archives.
todaysnewsreports.net:
- viewdns.info/iphistory/?domain=todaysnewsreports.net
- 208.91.197.132 British Virgin Islands CONFLUENCE-NETWORK-INC 2013-07-01
- 205.178.189.129 United States NETWORK-SOLUTIONS-HOSTING 2013-05-20 likely virtual
- 173.255.131.72 Reno - United States UK-2 Limited 2012-08-27. Tested viewdns.info range: 173.255.131.62 173.255.131.82. Virtual and modern hits only.
- 67.213.211.232 United States UK-2 Limited 2011-09-07 unknown. Tested viewdns.info range: 67.213.211.222 67.213.211.242. viewdns.info/reverseip/?t=1&host=67.213.211.232 empty.
- 67.213.211.236: icf-finan.com 2015-01-20
- 67.213.211.237: playinside.me 2016-02-04. Nice domain hack, but no.
- 67.213.211.239: reality-sexxx.com 2011-09-08
hassannews.net:
- viewdns.info/iphistory/?domain=hassannews.net
- 208.91.197.132 British Virgin Islands CONFLUENCE-NETWORK-INC 2013-07-08
- 205.178.189.131 United States NETWORK-SOLUTIONS-HOSTING 2013-07-01. Likely virtual.
todayoutdoors.com:
- dnshistory.org/historical-dns-records/a/todayoutdoors.com
- 2009-08-11 -> 2010-07-07 174.133.44.90. Tested viewdns.info range: 174.133.44.80 174.133.44.100. Virtual and modern. viewdns.info/reverseip/?t=1&host=174.133.44.90 two modern domains.
- 2011-03-01 -> 2011-03-01 174.123.172.82 unknown. Tested viewdns.info range: 174.123.172.72 174.123.172.92. Virtuals.
- viewdns.info/iphistory/?domain=todayoutdoors.com
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2011-07-02 virtual
- 174.123.172.82 United States SOFTLAYER 2011-04-04. Tested.
globaltourist.net:
- dnshistory.org/historical-dns-records/a/ 2009-07-30 -> 2011-01-01 69.59.20.215 unknown. Tested viewdns.info range: 69.59.20.205 69.59.20.225. Virtuals.
- viewdns.info/iphistory/?domain=globaltourist.net
- 216.172.170.14 United States NETWORK-SOLUTIONS-HOSTING 2013-07-08
- 216.21.239.197 United States NETWORK-SOLUTIONS-HOSTING 2012-06-25
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2012-04-09 big virtual
- 174.136.34.154 United States IHNET 2012-03-12 unknown. Tested viewdns.info range: 174.136.34.144 174.136.34.164
- 74.119.145.101 Frankfurt am Main - Germany PERFORMIVE 2011-09-07. Tested viewdns.info range: 74.119.145.91 74.119.145.111. One virtual.
- 69.59.20.215 United States ATLRETAIL 2011-06-22. Tested viewdns.info/reverseip/?t=1&host=69.59.20.215
terrain-news.com:
- JAR
- viewdns.info/iphistory/?domain=terrain-news.com None in simple ranges.
- 204.11.56.25 British Virgin Islands CONFLUENCE-NETWORK-INC 2013-11-08. Virtuals.
- 208.91.197.19 British Virgin Islands CONFLUENCE-NETWORK-INC 2013-05-20. Virtual 167. viewdns.info/reverseip/?host=208.91.197.19&t=1 not very promising.
- eurotravelnyc.com legit web.archive.org/web/20110201195411/http://eurotravelnyc.com/
- 208.187.167.20 United States DATANOC 2012-01-11. Tested viewdns.info range: 208.187.167.10 208.187.167.30. Newer domains. viewdns.info/reverseip/?t=1&host=208.187.167.20 only has one conck.ooo. WTF.
- securitytrails.com/domain/terrain-news.com/history/a same:
intlnewsdaily.com
- dnshistory.org/historical-dns-records/a/intlnewsdaily.com 2010-02-21 -> 2010-08-06 75.126.136.179. unknown range. viewdns.info/reverseip/?t=1&host=75.126.136.179 empty checked 75.126.136.171 - 75.126.136.179
- viewdns.info/iphistory/?domain=intlnewsdaily.com
- 208.91.197.19 British Virgin Islands CONFLUENCE-NETWORK-INC 2013-05-20. Virtual. Tested.
- 63.247.95.50 Austell - United States NTHL 2012-06-29 unknown. Tested viewdns.info range: 63.247.95.40 63.247.95.60
- 63.247.95.50: 2b-sports.com 2013-04-21
- 63.247.95.50: caldentalinsurance.com 2014-07-05
- 63.247.95.50: cameronbal-photography.com 2012-06-29
- 63.247.95.50: congbetham.com 2014-07-05
- 63.247.95.50: essentialintelligenceagency.com 2023-03-07
- 63.247.95.50: isabellavalentina.com 2014-07-05
- 63.247.95.50: jhraccounting.com.au 2021-05-03
- 63.247.95.50: missouribreaks294.com 2012-06-29
- 63.247.95.50: startorganize.com 2011-08-11
- 63.247.95.50: tifocus.net 2011-08-11
- 63.247.95.50: tifocus.org 2011-08-10
- 63.247.95.50: whitepartyorlando.com 2012-01-11
- 204.11.56.25 (ipinf.ru) viewdns.info/reverseip/?t=1&host=204.11.56.25 Virtual 2,999
- securitytrails.com/domain/intlnewsdaily.com/history/a empty on dates
opensourcenewstoday.com:
- viewdns.info/iphistory/?domain=opensourcenewstoday.com
- 68.178.232.100 United States AS-26496-GO-DADDY-COM-LLC 2011-11-13 virtual
- 64.16.193.48 Riyadh - Saudi Arabia Saudi Telecom Company JSC 2011-09-08. Tested viewdns.info range: 64.16.193.38 64.16.193.55. Ran out. viewdns.info/reverseip/?t=1&host=64.16.193.48 virtual 55, lots of porn
- securitytrails.com/domain/opensourcenewstoday.com/history/a
techwatchtoday.com:
- viewdns.info/iphistory/?domain=techwatchtoday.com
- 208.91.197.132 British Virgin Islands CONFLUENCE-NETWORK-INC 2013-11-29 virtual
- 66.11.225.226 United States TNWEB-LEW-001 2012-01-11 unknown. Checked 66.11.225.220 - 66.11.225.233
- dnshistory.org/historical-dns-records/a/techwatchtoday.com 2009-08-11 -> 2011-02-26 66.11.225.226 big shared host
- securitytrails.com/domain/techwatchtoday.com/history/a same
CIA 2010 covert communication websites iraniangoalkicks.com Updated 2025-04-24 +Created 1970-01-01
whoisxmlapi WHOIS history March 23, 2011:
whoisrequest.com/history/ mentions:
1 May, 2007: Domain created*, nameservers added. Nameservers:
1 May, 2007: Domain created*, nameservers added. Nameservers:
- ns1.qwknetllc.com
- ns2.qwknetllc.com
CIA 2010 covert communication websites JavaScript reverse engineering Updated 2025-04-24 +Created 1970-01-01
The input script of the Coinbase transaction can be anything, and this can be used as a Bitcoin inscription method.
Notable examples:
- Genesis block message
- Prayer side of the Prayer wars
en.wikipedia.org/w/index.php?title=Mathieu_group&oldid=1034060469#Multiply_transitive_groups is a nice characterization of 4 of the Mathieu groups.
Besides ASCII art, the huge majority of images is encoded with the AtomSea & EMBII system/format. All images in that system will be documented in that section.
Cool data embedded in the Bitcoin blockchain Protests against larger block sizes Updated 2025-04-24 +Created 1970-01-01
Protesters were posting large chunks of text multiple times into the blockchain as a way to protest against the controversial increase of block size.
tx 08893442680a20c4d0548dec2c8c421fa43336528b4e274dbf2652774f9c9f2d has the first copy of:which is the first line of a parody on:from the Baby Got Back hip-hop song.
tx 52159222289cd0a5afe0644150d0e23d5d272a57365627d5e869fdb458289858 has the first copy of:which is likely a copy of an email from the bitcoin development mailing list. This message is repeated dozens of times in other transactions.
Time to roll out bigger blocks
Cool data embedded in the Bitcoin blockchain Rickrolling Updated 2025-04-24 +Created 1970-01-01
The first currently known instance is as a link right during the prayer wars on block 142573 (2011-08-25) as the miner message:which redirects to www.youtube.com/watch?v=mGDuExhS6Nw&blockchain
Militant atheists, bit.ly/naNhG2 -- happy now?"
Around block block 246k (e.g. 27b7c526489dac8245747fa1c425a2e3eb07dea57b294eb4ae583fec9b859fcf, 2013-10-17) we note several transactions starting with a XML format followed by lyrics also base64 encoded as part of the XML metadata. Hidden surprises in the Bitcoin blockchain by Ken Shirriff (2014) was not able to identify the exact format either. At twitter.com/EMBII4U/status/1655831533750562816 EMBII mentions that this was part of an upload test.
<CG SZ="1156"><MG>...
the first one being 0b4efe49ea1454020c4d51a163a93f726a20cd75ad50bb9ed0f4623c141a8008 As mentioned not very clearly at www.righto.com/2014/02/ascii-bernanke-wikileaks-photographs.html#ref12 the content of the first <MG><payload></MG>
is a Base64 encoded stringCatagory: Poetry
Title: Never Gonna Give You Up
Performer: Rick Astley
Writer: Mike Stock, Matt Aitken, Pete Waterman
Label: RCA Records
tx d29c9c0e8e4d2a9790922af73f0b8d51f0bd4bb19940d9cf910ead8fbe85bc9b (2013-11-13) contains a plaintext Rickroll lyric in an output script via OP_RETURN.
tx 15b11e8d4e5b9425f024b381ba0cb7a54a35e52389bb4855f505772ce685b39c (2014-06-24): starting from this transaction, the lyrics were inscribed several times via input scripts. Then again:They were mega obnoxious!!! Who does this kind of crap for more than one year!!!
- 8bb9db70e24202fdfd0e48b57a11a407e6c8c0e76d879634b801b4345b8810b2
- b881afa519804a3c93a3c99481517ca8ae070b84c04e8e7a2bfb808e043f9771
- 70c8405bd0ec10bea49b78a819dfbf46c1082e7e620588f9da65a90b71e52bbd
- fc4e382793757858bec4b87527caa4bf2e6f71bb2f5a77bb41a45ddb9ed9d409
- f011e71b711aa54a0c824244fff83fb8b1e1921804624fa0523a6e61612b7f6f
- a8691cdbca5b82e4e48812e48b7a09e4757801fd3909a09975de957d1bfb52dc
- d8946aa464be464674bba6d15729d75572ec75dda49fe7ff0ede1a25ca054941
- d02864cd57c9d041dbd9d6f24327f347b92697a8bc3c86cdf8b738063c6ad002
- 9b78962d840f1ff681e5042264e4d0359cda98ce49d97569df14ce956622b966
- 7bdc22fb35f0a8eb6241782a306a8904fb6f793126ff106a04a96f9f223cb8e1
- e24a4085c54a6362e615f8eab758c12d80e488b73757e6d2b8ab6bfc8be7007e
- 4257f4980955d8376ee1c6bccb4396da726e4ae13d758e47dc4e0775019723f5
- a09b49e9374d43386a6a986944e3dcf515c7e1c38324836df5333b8adbe57797
- 03096688dbb874f7c571691e4241a298284bf4184be339b148f1b48f383a1d7c
- 62f8b228b6126354736d36d9f3b91882bb81eca7702b74fba6471abc7db96a03 (2015-09-30)
There are unlisted articles, also show them or only show them.