Newsletter 2020-03-23

Published on March 23, 2020 by

March 2020 Updates

How we prepared for the current global situation

We have ordered and deployed 180 TB worth of enterprise storage to be prepared for upcoming price increases and shortages of hard disks. We are reading reports that warn of upcoming delivery delays due to disruptions in the supply chain. We tweeted a picture here of how 100 TB storage looks like in our backend.

Czech Republic is restricting travel from and to the country, which means that our employees are not allowed to leave the country. Fortunately, our datacenter is in Prague and we continue to operate as usual.

In order to help local hospitals, we are buying locally produced face masks as well as gloves and cleaning equipment in order to donate to local hospitals. There is a great local website which lists suppliers of handmade face masks (local producers) and those who need them (hospitals, doctors offices): https://www.damerousky.cz/.

🕵🏻 OSINT Tools: Google AdSense ID Reverse Lookup

We have added a Google AdSense ID reverse lookup tab to our free OSINT tools: https://intelx.io/tools?tab=adsense

Google AdSense IDs start with “ca-pub-” and can be found in the HTML code of websites. Since website operators sometimes use the same AdSense code snippet (containing the same ID) across multiple websites, it makes it possible to find those related websites with a reverse lookup. Our newly added tab will redirect to 3rd party sites that perform the reverse lookups.

Updates to the Sci-Hub Search Cateogry

3 weeks ago, we started to index publicly available documents from Sci-Hub, which hosts 81 million documents equaling 70 TB of size.

Since then, we have indexed 17 million documents equaling 9 TB – or about 20%.

Our search indexer extracted so far 20 million selectors, with most of them being email addresses (48%), followed by URLs (26%) and domains (14%).

Decoding the US Death Master File

The United States Death Master File “contains information about persons who had Social Security numbers and whose deaths were reported to the Social Security Administration from 1962 to the present” (quote Wikipedia). The file itself costs $2,930.00 anually, but was published multiple times on the internet for free. For details read our blog post. We have published open source code that converts the file from its proprietary text format to regular CSV: https://github.com/IntelligenceX/DeathMasterFile2CSV

An OSINT investigation into one of our attackers

We are regularly (always unsuccessfully) under attack. We had 3 medium-sized DDoS attacks, many smaller ones, login bruteforce attacks, and regularly observe port scanners, vulnerability scanners and SQL injection attempts.

We took a closer look into one user who thought it was a good idea to first sign up, and then spam us with 31,866 HTTP requests in a short period of time. The full investigation reveals the attackers nickname on hacking forums and is published in this blog post.

Follow Us

Follow-us on Twitter for the latest updates and insight into our operations: https://twitter.com/_IntelligenceX


Kleissner Investments s.r.o., Na Strzi 1702/65, 14000 Prague, Czech Republic

If you don’t wish to receive this newsletter anymore, please click here to unsubscribe.

Related articles

Decoding the US Death Master File

Published on March 19, 2020 by

“The Death Master File (DMF) is a computer database file made available by the United States Social Security Administration since 1980″ according to Wikipedia. It is available here https://ladmf.ntis.gov/ but costs $2,930.00 anually. The file has since been posted on the internet for free, including here: http://ssdmf.info/download.html November 30, 2011 http://cancelthesefunerals.com/ May 31, 2013 https://archive.org/details/DeathMasterFile May 31, 2013 This file can


An OSINT investigation into one of our attackers

Published on March 5, 2020 by

On December 11, 2019 we have received 31,866 HTTP requests from the IP 81.171.107.57. Below are few sample log entries: 81.171.107.57 – – [11/Dec/2019:13:52:37 +0000] “POST /login HTTP/1.1” 200 7448 81.171.107.57 – – [11/Dec/2019:13:52:37 +0000] “POST /login HTTP/1.1” 200 7443 81.171.107.57 – – [11/Dec/2019:13:52:37 +0000] “POST /login HTTP/1.1” 200 7447 81.171.107.57 – – [11/Dec/2019:13:52:37 +0000]


Newsletter 2020-03-02

Published on March 2, 2020 by

March 2020: New Data Categories Stay up to date with us on Twitter: https://twitter.com/_IntelligenceX Private Data Leaks We have revised our license system and launched a new data category exclusively for paid Professional users: Private Data Leaks. Trial accounts will see a preview, but you must be a paid member to fully access the category.


Search the blog: