прикинь) beget и timeweb в коме с понедельника

🇷🇺 What Are the Top ISPs Hosting Malware in Russia? During our latest investigation into malicious infrastructure in Russia, hosting patterns started to stand out fast once we mapped malware families against C2 servers. At the provider level, a gap quickly appeared. Yandex[.]Cloud LLC showed 11 malware families but 587 C2 servers, while JSC TIMEWEB followed with 10 families and 102 C2 servers. Similar malware family counts, very different C2 volume. This gap shows where activity is concentrated, not just where variety exists. Provider-level visibility can turn a long list of C2s into something analysts can actually work with. Book a free demo and start mapping attacker infrastructure by ISP and country 👉 hunt.io/get-started #ThreatHunting #ThreatIntelligence #CyberSecurity

🇷🇺 Do You Know What Are the Top Hosting Providers for C2 Servers in Russia? We Do Russian C2 infrastructure isn’t spread evenly. During our latest investigation into malicious infrastructure in the region, we mapped C2 servers across hosting providers and found a clear concentration at the top. TimeWeb led with 311 detected C2 servers, followed by WebHost1 with 140 and REG[.]RU with 138. Altogether, the top 10 providers accounted for 1,252 C2 servers. Individual IOCs disappear fast, but hosting patterns can show where attacker infrastructure keeps reappearing, so this provider-level view matters. This is the kind of context defenders need when tracking malicious infrastructure beyond one-off indicators. Ready to find more Russian malicious infrastructure? Get your free demo 👉 hunt.io/get-started #ThreatHunting #ThreatIntelligence #CyberSecurity

🚨 🇷🇺 We tracked 1,252 active C2 servers across 165 Russian hosting providers over 90 days. Here's what's running inside those networks. C2 traffic accounts for 88.6% of all observed malicious artifacts. The rest splits between malicious open directories (5.3%), phishing infrastructure (4.9%), and public IOCs (1.2%). The hosting concentration is notable: - TimeWeb leads with 311 C2 detections - WebHost1 follows with 140, REG[.]RU with 138 - PROSPERO OOO hosts 80 C2s alongside 30 malicious open directories and 50 phishing sites - Yandex[.]Cloud carries the widest malware diversity: 11 distinct families across 39 C2 endpoints On the malware side: - Keitaro dominates with 587 unique C2 IPs - Hajime (191), Mozi (48), and Mirai (13) show IoT botnet infrastructure is still active - Cobalt Strike, Sliver, and Ligolo-ng are all present across the ecosystem Specific campaigns tied to this infrastructure include Latrodectus via ClickFix on TimeWeb, Lumma Stealer on REG[.]RU, Remcos RAT via SmartApeSG on Hosting Technology LTD, and intrusion activity attributed to Head Mare inside LLC Smart Ape. Full research with Host Radar breakdowns and HuntSQL queries 👇 hunt.io/blog/russian-malicio… #ThreatHunting #ThreatIntelligence #C2 #Malware #CyberSecurity

Что не так? Если кинуть тунель до впс timeweb с локацией мск то будет работать все, что заблочил РКН.

Да, они всё сделали криво. При этом есть две лазейки: 1. Энтузиасты смогли поднять VPN на хостингах из белого списка (Timeweb, Selectel). 2. В некоторых регионах при переключении в 3G (WCDMA/UMTS, HSPA) или 2G всё работает (на более низкой скорости, конечно).

У нас WireGuard сервер в Германии от TimeWeb. Но сегодня подключение по WireGuard сдохло, походу РКН разбушевался. Долго искал решение и разные варики пробовал, пока не пришел к обфускации оригинальных пакетов WG. Новые клиенты на устройствах новый конфиг и вуаля

9. DataPro. 10. Angara Security Cloud. 11. МТС Web Services (MWS). 12. ITGLOBAL.COM. 13. К2 Облако. 14. Beeline Cloud. 15. Cloud.ru. 16. Timeweb Cloud. 17. Cloud4Y. 18.

🚨 New C2 Detected! 🔗 92[.]53[.]96[.]165 ℹ️ ASN: AS9123 ℹ️ ASN Organization: JSC TIMEWEB 📍 Country: RU 📍 City: Saint Petersburg 📅 2026-01-21T17:41:00 ℹ️ Type: #cnc - #c2 ℹ️ Family: #Stealer #ThreatIntelligence #IoCs #Malware

Timeweb 100 рублей в месяц ящик на 100 гб. Ну и плюс домен свой.

2x-Profit - quick sitefacts: ✅ High nominal activity of the site ❌ A very young domain ❌ Hosted on Russian hosting provider Timeweb ❌ Complete lack of legal data ❌ No legal documentation ❌ Unrealistic returns ❌ Lack of transparency ❌ Lack of social media

pradeepprabhu705[.]duckdns[.]org prakashjadha[.]ddnsgeek[.]com prakashjadhav74738[.]hopto[.]org 83[.]147[.]243[.]110:1008 & 1006 AS4213 EVOCATIVE-GLOBAL 🇺🇸 unicorptest[.]vilka[.]cc/rOlQGZoc[.]html 87[.]249[.]43[.]162 AS9123 Jsc timeweb 🇷🇺 botnet_id: MY GOAT #XWorm

Блин, а почему статью о ФИЛЬМЕ публикует ХОСТИНГ Timeweb? Зачем?

194[.]87[.]238[.]216 AS48347 JSC Mediasoft ekspert 🇷🇺 8eh18dhq9wd[.]click ou5757[.]com safetyback[.]click cr748129[.]click safetybackups[.]click hkfasfsafg[.]click 185[.]221[.]215[.]43 AS62082 Hostland LTD 🇷🇺 host1881845-1[.]hostland[.]pro ou841944[.]click pergamentgroup[.]ru 2[.]59[.]161[.]75 AS207713 Global Internet Solutions LLC 🇷🇺 alertbinance[.]com autodiscover[.]binancetrustwallet[.]com binanceprivate[.]com chat[.]livehelp-crypto[.]com diagnose-ledger[.]com diagnose-trezor[.]io evri-shipping[.]com gitlab[.]livehelp-ledger[.]com ildcard[.]evri-shipping[.]com livehelp-crypto[.]com livehelp-ledger[.]com portal[.]diagnose-trezor[.]io repair-trezor[.]io shk[.]evri-shipping[.]com ww16[.]evri-shipping[.]com ww25[.]evri-shipping[.]com ww25[.]shk[.]evri-shipping[.]com ww25[.]ww25[.]evri-shipping[.]com ww38[.]evri-shipping[.]com binancetrustwallet[.]com wildcard[.]evri-shipping[.]com bookvrfsd[.]com admin[.]mxvfb[.]com mxvfb[.]com portal[.]mxvfb[.]com canadapost-replanifier[.]com _dmarc[.]stckl[.]com _mta-sts[.]stckl[.]com banquelaurentienneprotection[.]com bmopreventionetprotection[.]com cibc-online-security[.]com cibc-prevention[.]com cibconlineaccess[.]com compensationgrevequebec[.]com crataxpayer[.]com dhlinfo-shipment-online[.]com et-lnterac-accept[.]com gigadatconnect[.]online grevecompensationqc[.]com icr-000b[.]com interac-alberta[.]com interac-easyweb-td[.]com lnterac-depot[.]com login-canadagst[.]com mam62wo834[.]com mobiletransfergigadat[.]com myself-identity[.]com national-quebec[.]com phpdgsmtp[.]postparcel-orderinfo[.]com postparcel-orderinfo[.]com rogers-sl[.]com royalbanksecure[.]com royalbanksecuredaccess[.]com rvnuagntfeb[.]co secured-pcfinancial[.]com stckl[.]com strbowhm[.]interac-easyweb-td[.]com taxrebateont[.]com txreturncan25gc[.]com webdisk[.]cibconlineaccess[.]com 1redirect0ab[.]me wl2oem0nrypi0g0[.]in cra-revenueagency2025[.]com interac-canpostdelayedorders[.]com sco-direct-serv[.]com auth-rbcroyalbank-online[.]com gerermesobjets[.]com gestion-monarticle[.]com processusdexpedition[.]com progressfollowup[.]com statutdetransport[.]com theretrievalcenter[.]com traceyourgoods[.]com testapitest[.]millyid[.]ru rbc-onlineregistration[.]com 10easyweb[.]com 11easyweb[.]com 16easyweb[.]com apitest[.]millyid[.]ru clbcm0bilecanada[.]com clbcm0bilewebcand[.]com cyberspace-web[.]ru e4trnsf3ert6inte7rac[.]com e5tr4nsfert01in2trac[.]com etr4a1nsfer5inte9rac[.]com millyid[.]ru rbcmobile-registration[.]com test[.]10easyweb[.]com test[.]millyid[.]ru test1[.]millyid[.]ru alligatorsbaloon[.]ru 213[.]171[.]5[.]199 AS9123 Jsc timeweb 🇷🇺 vskemerovo[.]ru api[.]neurallux[.]com api[.]neurallux[.]ru neurallux[.]ru neurallux[.]com 195[.]66[.]114[.]70 AS204997 First Server Limited 🇷🇺 imap[.]mxvfb[.]com mail[.]mxvfb[.]com demo[.]mxvfb[.]com @500mk500 @k3dg3 @JAMESWT_WT

Да, конечно расскажи. Но мне redis помог обойти ограничения golang для удобной передачи состояний пользователей, а docker уже ограничения хостера: деплоил nextjs, но у timeweb ngnix сервер для фронтенда, следовательно, дефолтные страницу как not-found.tsx не отображаются 💁🏻‍♂️

Hello! The domain you have referenced, checkaml.help, is not registered with any of our brands or hosted with us. The domain appears to be registered through Web Commerce Communications Ltd and hosted with Timeweb, LLP. Please reach out to them to report your findings.

VPS-сервер по цене пачки чипсов Узнаем, как себя ведут самые дешёвые (в ценовом диапазоне от 100 до 300 рублей) предложения от популярных хостеров. В качестве подопытных возьмём VDS от RUVDS, Timeweb, FirstVDS, Ultravds и Selectel: u.habr.com/lMUl2

Timeweb?

213[.]226[.]125[.]85 AS9123 Jsc timeweb 🇷🇺 hfjaohf9q3[.]click:7777 hkfasfsafg[.]click:7777 lkjzmxnqpwer[.]click:7777 xpoiwnzqlaks[.]click:7777 #AsyncRAT