{
  "type": "Domain",
  "indicator": "mdlgroup.com",
  "general": {
    "sections": [
      "general",
      "geo",
      "url_list",
      "passive_dns",
      "malware",
      "whois",
      "http_scans"
    ],
    "whois": "http://whois.domaintools.com/mdlgroup.com",
    "alexa": "http://www.alexa.com/siteinfo/mdlgroup.com",
    "indicator": "mdlgroup.com",
    "type": "domain",
    "type_title": "Domain",
    "validation": [],
    "base_indicator": {
      "id": 4042458785,
      "indicator": "mdlgroup.com",
      "type": "domain",
      "title": "",
      "description": "",
      "content": "",
      "access_type": "public",
      "access_reason": ""
    },
    "pulse_info": {
      "count": 1,
      "pulses": [
        {
          "id": "67c586b5bacba874edce2bcb",
          "name": "PROSPERO & Proton66: Tracing Uncovering the links between bulletproof networks",
          "description": "The Russian autonomous system PROSPERO (AS200593) could be linked with a high level of confidence to Proton66 (AS198953), another Russian AS, that we believe to be connected to the bulletproof services named \u2018SecureHost\u2018 and \u2018BEARHOST\u2018. We notably observed that both network\u2019s configurations are almost identical in terms of peering agreements and their respective share of loads throughout time.",
          "modified": "2025-04-29T14:22:22.704000",
          "created": "2025-03-03T10:38:45.845000",
          "tags": [],
          "references": [
            "https://www.intrinsec.com/prospero-proton66-tracing-uncovering-the-links-between-bulletproof-networks/"
          ],
          "public": 1,
          "adversary": "",
          "targeted_countries": [],
          "malware_families": [],
          "attack_ids": [],
          "industries": [],
          "TLP": "white",
          "cloned_from": null,
          "export_count": 5,
          "upvotes_count": 0,
          "downvotes_count": 0,
          "votes_count": 0,
          "locked": false,
          "pulse_source": "web",
          "validator_count": 0,
          "comment_count": 0,
          "follower_count": 0,
          "vote": 0,
          "author": {
            "username": "CyberHunter_NL",
            "id": "171283",
            "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png",
            "is_subscribed": false,
            "is_following": false
          },
          "indicator_type_counts": {
            "CIDR": 13,
            "URL": 20,
            "domain": 100,
            "email": 2,
            "hostname": 9
          },
          "indicator_count": 144,
          "is_author": false,
          "is_subscribing": null,
          "subscriber_count": 862,
          "modified_text": "397 days ago ",
          "is_modified": true,
          "groups": [],
          "in_group": false,
          "threat_hunter_scannable": false,
          "threat_hunter_has_agents": 1,
          "related_indicator_type": "domain",
          "related_indicator_is_active": 1
        }
      ],
      "references": [
        "https://www.intrinsec.com/prospero-proton66-tracing-uncovering-the-links-between-bulletproof-networks/"
      ],
      "related": {
        "alienvault": {
          "adversary": [],
          "malware_families": [],
          "industries": []
        },
        "other": {
          "adversary": [],
          "malware_families": [],
          "industries": []
        }
      }
    },
    "false_positive": []
  },
  "geo": {},
  "geo_ipapicom": {},
  "pulse_count": 1,
  "pulses": [
    {
      "id": "67c586b5bacba874edce2bcb",
      "name": "PROSPERO & Proton66: Tracing Uncovering the links between bulletproof networks",
      "description": "The Russian autonomous system PROSPERO (AS200593) could be linked with a high level of confidence to Proton66 (AS198953), another Russian AS, that we believe to be connected to the bulletproof services named \u2018SecureHost\u2018 and \u2018BEARHOST\u2018. We notably observed that both network\u2019s configurations are almost identical in terms of peering agreements and their respective share of loads throughout time.",
      "modified": "2025-04-29T14:22:22.704000",
      "created": "2025-03-03T10:38:45.845000",
      "tags": [],
      "references": [
        "https://www.intrinsec.com/prospero-proton66-tracing-uncovering-the-links-between-bulletproof-networks/"
      ],
      "public": 1,
      "adversary": "",
      "targeted_countries": [],
      "malware_families": [],
      "attack_ids": [],
      "industries": [],
      "TLP": "white",
      "cloned_from": null,
      "export_count": 5,
      "upvotes_count": 0,
      "downvotes_count": 0,
      "votes_count": 0,
      "locked": false,
      "pulse_source": "web",
      "validator_count": 0,
      "comment_count": 0,
      "follower_count": 0,
      "vote": 0,
      "author": {
        "username": "CyberHunter_NL",
        "id": "171283",
        "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png",
        "is_subscribed": false,
        "is_following": false
      },
      "indicator_type_counts": {
        "CIDR": 13,
        "URL": 20,
        "domain": 100,
        "email": 2,
        "hostname": 9
      },
      "indicator_count": 144,
      "is_author": false,
      "is_subscribing": null,
      "subscriber_count": 862,
      "modified_text": "397 days ago ",
      "is_modified": true,
      "groups": [],
      "in_group": false,
      "threat_hunter_scannable": false,
      "threat_hunter_has_agents": 1,
      "related_indicator_type": "domain",
      "related_indicator_is_active": 1
    }
  ],
  "error": null,
  "vt": {
    "error": "VirusTotal rate limit reached. Try again shortly.",
    "indicator": "mdlgroup.com",
    "type": "Domain"
  },
  "abuseipdb": null,
  "urlhaus": {
    "indicator": "mdlgroup.com",
    "found": false,
    "verdict": "clean",
    "urls": [],
    "error": null
  },
  "from_cache": true,
  "_cached_at": 1780311712.2467813
}