SARS-CoV-2 E protein Updated 2025-07-16
View more
Envelope.
Read the full article
The alternating groups of degree 5 or greater are simple Updated 2025-07-16
View more
www.youtube.com/watch?v=U_618kB6P1Q GT18.2. A_n is Simple (n ge 5) by MathDoctorBob (2012)
Read the full article
WhatsApp profile information is public by default Updated 2025-07-16
View more
Your profile picture, name and status are public by default as of 2022!!! OMG!!!
This means that all secret services in the world have alrady scraped this information for everyone that uses WhatsApp!!!
They just have to go incrementally through the list of all phone numbers... 001 0000 0000, 001 0000 0001, 001 0000 0002, etc. and then you can deduce who has which phone number.
OMG... it is analogous to the Facebook profile face dump.
Read the full article
Amazon Athena Updated 2025-07-16
View more
Google BigQuery alternative.
Read the full article
Anomalous Zeeman effect Updated 2025-07-16
Read the full article
ATP synthesis mechanism Updated 2025-07-16
View more
ATP is the direct output of all the major forms of "energy generation" in cells:
Read the full article
Geiger-Nuttall law Updated 2025-07-16
Read the full article
Koan Updated 2025-07-16
View more
Read the full article
Calcite Updated 2025-07-16
Read the full article
CC BY-NC-ND 4.0 table of contents Updated 2025-07-16
Read the full article
CIA 2010 covert communication websites / IP and DNS metadata Updated 2025-07-19
View more
Some dumps from us looking for patterns, but could not find any.
Sources of whois history include:
The vast majority of domains seem to be registered either via domainsbyproxy.com which likely intgrates with Godaddy and is widely used, and seems to give zero infromation at all about the registrar.
A much smaller number however uses other methods, some of which sometimes leak a little bit of data:
Big question: webmasters.stackexchange.com/questions/13237/how-do-you-view-domain-whois-history DomainTools also has it.
How on Earth did did Citizen Labs find what seems to be a DNS fingerprint??? Are there simply some very rare badly registered domains? What did they see!
Read the full article
CIA 2010 covert communication websites / IP range search Updated 2025-07-16
View more
One promising way to find more of those would be with IP searches, since it was stated in the Reuters article that the CIA made the terrible mistake of using several contiguous IP blocks for those website. What a phenomenal OPSEC failure!!!
The easiest way would be if Wayback Machine itself had an IP search function, but we couldn't find one: Search Wayback Machine by IP.
viewdns.info was the first easily accessible website that Ciro Santilli could find that contained such information.
Our current results indicate that the typical IP range is about 30 IPs wide.
E.g. searching: viewdns.info/iphistory and considering only hits from 2011 or earlier we obtain:
Neither of these seem to be in the same ranges, the only common nearby hit amongst these ranges is the exact 68.178.232.100, and doing reverse IP search at viewdns.info/reverseip/?host=68.178.232.100&t=1 states that it has 2.5 million hostnames associated to it, so it must be some kind of Shared web hosting service, see also: superuser.com/questions/577070/is-it-possible-for-many-domain-names-to-share-one-ip-address, which makes search hard.
Ciro then tried some of the other IPs, and soon hit gold.
Initially, Ciro started by doing manual queries to viewdns.info/reversip until his IP was blocked. Then he created an account and used his 250 free queries with the following helper script: ../cia-2010-covert-communication-websites/viewdns-info.sh. The output of that script can be seen at: github.com/cirosantilli/media/blob/master/cia-2010-covert-communication-websites/viewdns-info.sh.
Ciro then found 2013 DNS Census which contained data highly disjoint form the viewdns-info one!
Summaries of the IP range exploration done so far follows, combined data from all databases above.
Read the full article
CIA 2010 covert communication websites / Selected screenshots Updated 2025-07-26
View more
This section contains some of the most interesting and a few representative screenshots of the websites found.
We intentionally omit the screenshots already reported by the Reuters article.
Figure 1.
2010 Wayback Machine archive of starwarsweb.net
.
The Star Wars one. Clearly branded websites like this are rare, which makes finding them all the much more fun. The Reuters article had two of them (Carson and rastadirect.net), so these were probably manually selected from the full hit dataset, and did not serve specifically as entry points. Most of the websites are quite boring and forgetful as you'd expect.
The subtitle "Beyond The Unknown" may be a reference to the Unknown Regions, an unexplored area of the galaxy in the Star Wars fictional universe.
Figure 2.
Stock photo of a Jedi boy from Getty Images used on starwarsweb.net
. Source.
Marked as Uploaded 10 October, 2008.
The photo can still be licensed today as of 2025: www.gettyimages.co.uk/detail/photo/little-jedi-royalty-free-image/172984439. We found it by searching for "jedi boy" on gettyimages.co.uk. The photo is credited to a madisonwi, presumably an alias based on the location Madison, Wisconsin. Here's a random website about adoption that uses it: www.adoptionadvocates.net/star-wars-adoption-language/ and where it can be seen without the watermarks.
It later ocurred to Ciro Santilli that perhaps Reuters chose not to showcase this website because it features the photograph of a minor. But Ciro is sure that that minor is now a handsome young man in his 20's and would find the entire story very amusing if he ever finds out about it!
The images of the droids can be seen e.g. at: www.amazon.co.uk/04-Kampf-Droiden-Superheftig-Jedi/dp/B004TINSW6, a promotional material for a 2008 The Clone Wars television series audio CD and available as transparent PNGs without background in several sources. The Yoda art also seems to come from that show: rpggamer.org/page.php?page=4229.
One can almost picture the contractor who made that site seeing his children watching that show or playing the video game one evening, when a lightbulb popped over their head: tomorrow I'm going to have some fun at work.
In retrospect however, this website was likely a bad idea, since the massive pop culture appeal of Star Wars meant that when The CIA Secretly Ran a Star Wars Fan Site by Joseph Cox was published in 2025 the combination of "CIA" and "Star Wars" on a single sentence produced an irresistible clickbait that amplified knowledge of the fiasco to general public in a way that poor Johnny Carson and Bob Marley could never do. That's why you just can't have fun while working for the secret services anymore.
Figure 3.
2011 Wayback Machine archive of alljohnny.com
. Source. Although alljohnny.com is one of the original Reuters examples, we are highlighting this screenshot here because the Reuters provided screenshot is from the extremely early 2004 version of the site, and it is interesting to see how this unique example was later updated in this 2011 version, the only known such case so far. The lack of OPSEC awareness is mind blowing, them reusing a domain like that after so many years in a completely new threat environment and possibly for a new asset.
Figure 4.
2011 Wayback Machine archive of webofcheer.com scrolled to show Johnny Carson
. Source. This website is a fansite for various comedians. It is the second known reference to Johnny Carson after alljohnny.com, which was one of the original screenshots given in the Reuters article. There must have been some massive Johnny Carson fan among the CIA contractors a that time!
Figure 5.
2011 Wayback Machine archive of iranfootballsource.com
.
The third Iranian football on top of the two other published by Reuters: iraniangoalkicks.com and iraniangoals.com! Admittedly, this one is the most generic and less well designed one. But still. They pushed the theme too far!
The goalkeeper can be seen at: www.pixtastock.com/illustration/7323632.
Figure 6.
2010 Wayback Machine archive of dedrickonline.com
.
The German one.
The CIA has had a few Germany espionage scandals in the 2010s:
Figure 7.
2010 Wayback Machine archive of lesummumdelafinance.com
.
A French one. Because it mentions VTT (Mountain Biking in French), it must focus France.
The arrow graph is very popular can be seen at: www.financialexpress.com/money/top-4-global-market-risks-for-2024-that-may-impact-your-finances-3346284/ and many other sites. Source unknown.
Figure 8.
2011 Wayback Machine archive of attivitaestremi.com
. An Italian one about extreme sports.
Figure 9.
2010 Wayback Machine archive of noticiasmusica.net
.
The Brazilian one.
Figure 10.
2011 Wayback Machine archive of economicnewsbuzz.com
. The Korean one. Love the kawaii style!
Figure 11.
2011 Wayback Machine archive of snapnewsfront.net
.
The Japanese one.
Figure 12.
2010 Wayback Machine archive of philippinenewsonline.net
. The Philippine one one.
Figure 13.
2011 Wayback Machine archive of feedsdemexicoyelmundo.com
. The Mexican one.
Figure 14.
2012 Wayback Machine archive of easytraveleurope.com
.
Figure 15.
2011 Wayback Machine archive of tee-shot.net
. One of the many golf-themed sites. Golf appears to be quite popular over in Langley. It's exactly what you'd expect for a mid-level spook to do in their free time!
Figure 16.
2011 Wayback Machine archive of nouvellesetdesrapports.com
.
Figure 17.
2011 Wayback Machine archive of pangawana.com
.
Figure 18.
2011 Wayback Machine archive of recuerdosdeviajeonline.com
.
Figure 19.
2011 Wayback Machine archive of theworld-news.net
.
Figure 20.
2011 Wayback Machine archive of kessingerssportsnews.com
.
Figure 21.
2011 Wayback Machine archive of negativeaperture.com
.
Read the full article
CIA 2010 covert communication websites / Wakatime redirects Updated 2025-07-16
View more
Summary: this is just a red herring. Wakatime owner likely registered the domains just after this article was published as a publicity stunt. Fair play though.
As raised at: news.ycombinator.com/item?id=36280666, many, but not all, of the domains currently redirect to wakatime.com/ as of 2023, and apparently they were taken up in 2013 (TODO how to confirm that). TODO what is the explanation for that? Some examples that do:
But some failed resolution examples:
Even more suspiciously, according to his LinkedIn: www.linkedin.com/in/alanhamlett/, the owner of Wakatime, Alan Hamlett, worked at WhiteHat Security, Inc from Aug 2011 - Sep 2013. The company was then acquired by Synopsys in 2022. Holy crap!!! As shown at: web.archive.org/web/20131013193406/https://www.whitehatsec.com/ that company made website security tools. Did that dude use the tools to find the vulnerabilty and then just gobble up all the domains??? What a fucking legend if he did!!!
Running e.g.
curl -vvv dedrickonline.com
gives:
*   Trying 162.255.119.197:80...
* Connected to dedrickonline.com (162.255.119.197) port 80 (#0)
> GET / HTTP/1.1
> Host: dedrickonline.com
> User-Agent: curl/7.88.1
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Date: Mon, 12 Jun 2023 20:30:19 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 55
< Connection: keep-alive
< Location: https://wakatime.com
< X-Served-By: Namecheap URL Forward
< Server: namecheap-nginx
<
<a href='https://wakatime.com'>Moved Permanently</a>.

* Connection #0 to host dedrickonline.com left intact
so we see that he must have setup redirection with Namecheap as mentioned at: www.namecheap.com/support/knowledgebase/article.aspx/385/2237/how-to-redirect-a-url-for-a-domain/
Let's also try DNS history
  • whoisrequest.com/history/:
    • dedrickonline.com: registered: 1 Nov, 2010, dropped: 24 Nov, 2013
    • activegaminginfo.com : registered: 1 Feb, 2010, dropped: 1 Apr, 2012
  • tools.whoisxmlapi.com/whois-history-search
    • dedrickonline.com:
      • CIA (registrar: Godaddy, registrant name: domainsbyproxy.com)
        • Created Date: October 27, 2010 00:00:00 UTC
        • Updated Date: October 28, 2013 00:00:00 UTC
        • Expires Date: October 27, 2014 00:00:00 UTC
      • Alan (namecheap):
        • Created Date: June 11, 2023 09:59:25 UTC
        • Expires Date: June 11, 2024 09:59:25 UTC
    • activegaminginfo.com:
      • CIA (Network Solutions, registrant name: LLC. Corral, Elizabeth|ATTN ACTIVEGAMINGINFO.COM|care of Network Solutions)
        • Created Date: January 26, 2010 00:00:00 UTC
        • Updated Date: November 27, 2010 00:00:00 UTC
        • Expires Date: January 26, 2012 00:00:00 UTC
      • Alan:
        • Created Date: June 11, 2023 09:59:40 UTC
        • Expires Date: June 11, 2024 09:59:40 UTC
    • iraniangoalkicks.com:
      • CIA (registrar: Godaddy, registrant name: domainsbyproxy.com)
        • Created Date: April 9, 2007 00:00:00 UTC
        • Updated Date: March 2, 2011 00:00:00 UTC
        • Expires Date: April 9, 2011 00:00:00 UTC
      • Alan:
        • Created Date: June 11, 2023 09:59:20 UTC
        • Expires Date: June 11, 2024 09:59:20 UTC
    • iraniangoals.com:
      • CIA (registrar: Godaddy, registrant name: domainsbyproxy.com):
        • Created Date: March 6, 2008 00:00:00 UTC
        • Updated Date: March 7, 2011 00:00:00 UTC
        • Expires Date: March 6, 2014 00:00:00 UTC
      • Reuters:
        • Created Date: September 29, 2022 11:16:09 UTC
        • Updated Date: September 29, 2022 11:16:09 UTC
        • Expires Date: September 29, 2023 11:16:09 UTC
So these suggest Alan might have just come along in 2023 way after the 2022 Reuters article and did the same basic IP range search that Ciro is doing now, so possibly no new tech. Let's ask... twitter.com/cirosantilli/status/1668369786865164289
The domain name history presented is however of interest, and could lead to patterns being found.
Searching tools.whoisxmlapi.com/reverse-whois-search with term "Corral, Elizabeth" gave no results unfortunately.
Basic search under tools.whoisxmlapi.com/reverse-whois-search for "Corral" also empty. They can't see their own data? Ah, need advanced. Marked "Historic" and selected "Corral, Elizabeth", ony one hit, activegaminginfo.com.
Read the full article
David Tong's 2009 Quantum Field Theory lectures at the Perimeter Institute / Lecture 1 Updated 2025-07-16
View more
Read the full article
Digital quantum computer Updated 2025-07-16
View more
As of 2022, this tends to be the more "default" when you talk about a quantum computer.
But there are some serious analog quantum computer contestants in the field as well.
Read the full article
Electron transport chain Updated 2025-07-16
View more
Read the full article
F-Droid Updated 2025-07-16
Read the full article
reCAPTCHA Updated 2025-07-16
Read the full article
Ryzen Updated 2025-07-16
View more
This was the CPU architecure that saved AMD in the 2010's, see also: Video "How AMD went from nearly Bankrupt to Booming by Brandon Yen (2021)"
Read the full article

Unlisted articles are being shown, click here to show only listed articles.