Newsletter 2020-03-23

Published on March 23, 2020 by

March 2020 Updates

How we prepared for the current global situation

We have ordered and deployed 180 TB worth of enterprise storage to be prepared for upcoming price increases and shortages of hard disks. We are reading reports that warn of upcoming delivery delays due to disruptions in the supply chain. We tweeted a picture here of how 100 TB storage looks like in our backend.

Czech Republic is restricting travel from and to the country, which means that our employees are not allowed to leave the country. Fortunately, our datacenter is in Prague and we continue to operate as usual.

In order to help local hospitals, we are buying locally produced face masks as well as gloves and cleaning equipment in order to donate to local hospitals. There is a great local website which lists suppliers of handmade face masks (local producers) and those who need them (hospitals, doctors offices): https://www.damerousky.cz/.

🕵🏻 OSINT Tools: Google AdSense ID Reverse Lookup

We have added a Google AdSense ID reverse lookup tab to our free OSINT tools: https://intelx.io/tools?tab=adsense

Google AdSense IDs start with “ca-pub-” and can be found in the HTML code of websites. Since website operators sometimes use the same AdSense code snippet (containing the same ID) across multiple websites, it makes it possible to find those related websites with a reverse lookup. Our newly added tab will redirect to 3rd party sites that perform the reverse lookups.

Updates to the Sci-Hub Search Cateogry

3 weeks ago, we started to index publicly available documents from Sci-Hub, which hosts 81 million documents equaling 70 TB of size.

Since then, we have indexed 17 million documents equaling 9 TB – or about 20%.

Our search indexer extracted so far 20 million selectors, with most of them being email addresses (48%), followed by URLs (26%) and domains (14%).

Decoding the US Death Master File

The United States Death Master File “contains information about persons who had Social Security numbers and whose deaths were reported to the Social Security Administration from 1962 to the present” (quote Wikipedia). The file itself costs $2,930.00 anually, but was published multiple times on the internet for free. For details read our blog post. We have published open source code that converts the file from its proprietary text format to regular CSV: https://github.com/IntelligenceX/DeathMasterFile2CSV

An OSINT investigation into one of our attackers

We are regularly (always unsuccessfully) under attack. We had 3 medium-sized DDoS attacks, many smaller ones, login bruteforce attacks, and regularly observe port scanners, vulnerability scanners and SQL injection attempts.

We took a closer look into one user who thought it was a good idea to first sign up, and then spam us with 31,866 HTTP requests in a short period of time. The full investigation reveals the attackers nickname on hacking forums and is published in this blog post.

Follow Us

Follow-us on Twitter for the latest updates and insight into our operations: https://twitter.com/_IntelligenceX


Kleissner Investments s.r.o., Na Strzi 1702/65, 14000 Prague, Czech Republic

If you don’t wish to receive this newsletter anymore, please click here to unsubscribe.

Related articles

List of buckets

Published on May 5, 2022 by

At Intelligence X we categorize data sources into buckets. Buckets can be used as filters and to broadly identify the source of individual search results. For example, the bucket “Darknet Tor” indicates the result origins from some a Tor hidden service (.onion domain) and was collected by our Tor crawler. Buckets have human readable names


Adding support for new top-level domains

Published on April 6, 2022 by

We just added support for an additional 152 top-level domains (TLDs), increasing the support to 511 TLDs in total. Support means that you can search for those domains across intelx.io and APIs, and internally that our backend supports processing them. While you can start searching for them immediately, it will take some time until our


A word of #OPSEC @theguardian

Published on March 7, 2022 by

Earlier today at 11:24 The Guardian Journalist Shaun Walker posted the security procedure and the security token used to pass makeshift checkpoints in Ukraine related to the Russian Ukrainian war: This is a reminder to journalists – and the public – to take OPSEC (operations security) seriously and not endanger people on the ground. Posting


Search the blog: