Events

Filter Events

Event Type

Severity

Hosts

Showing 9901-9950 of 32408 events

Time	Hosts	Type	Server IP	User IP	User	Details	Severity
Dec 1, 22:38:56 3 weeks ago	default-host	Command	`104.238.132.126`	`66.135.25.80`	root	`export HISTCONTROL=`	Info
Dec 1, 22:38:54 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:38:54 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo "--- Unauthorized SSH keys ---"`	Critical
Dec 1, 22:38:54 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`find /root /home -name "authorized_keys" -exec ech...`	Info
Dec 1, 22:38:53 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo "--- Suspicious cron jobs ---"`	Info
Dec 1, 22:38:53 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`cat /etc/crontab 2> /dev/null`	Info
Dec 1, 22:38:53 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`ls -la /etc/cron.d/ 2> /dev/null`	Info
Dec 1, 22:38:53 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`crontab -l 2> /dev/null`	Info
Dec 1, 22:38:52 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:38:51 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`head -20`	Info
Dec 1, 22:38:50 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo "--- Files containing paramiko/ssh exploit pa...`	Critical
Dec 1, 22:38:50 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`grep -r "paramiko\\|fabric\\|pexpect\\|ssh.*connect\\|...`	Critical
Dec 1, 22:38:50 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`grep -v grutu`	Info
Dec 1, 22:38:50 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`grep -v ".log"`	Info
Dec 1, 22:38:49 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:38:40 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`head -20`	Info
Dec 1, 22:38:39 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`grep -v azuracast`	Info
Dec 1, 22:38:39 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`grep -v "/usr/"`	Info
Dec 1, 22:38:38 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo "--- Compiled Python (.pyc) without source --...`	Info
Dec 1, 22:38:38 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`find / -name "*.pyc" 2> /dev/null`	Info
Dec 1, 22:38:38 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`grep -v grutu`	Info
Dec 1, 22:38:37 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:38:28 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`head -30`	Info
Dec 1, 22:38:27 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`grep -v "/usr/"`	Info
Dec 1, 22:38:26 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`grep -v grutu`	Info
Dec 1, 22:38:26 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`grep -v azuracast`	Info
Dec 1, 22:38:25 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:38:25 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo "--- Python files OUTSIDE grutu ---"`	Info
Dec 1, 22:38:25 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`find / -name "*.py" 2> /dev/null`	Info
Dec 1, 22:38:24 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTCONTROL=""`	Info
Dec 1, 22:38:24 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`shopt -s histappend`	Critical
Dec 1, 22:38:24 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTFILE="${HOME}/.bash_history_$(date +%Y%...`	Critical
Dec 1, 22:38:24 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo "=== AZURA1 - DEEP SCAN ==="`	Info
Dec 1, 22:38:23 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`shopt -s histappend`	Critical
Dec 1, 22:38:23 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "`	Critical
Dec 1, 22:38:23 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTSIZE=50000`	Info
Dec 1, 22:38:23 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTFILESIZE=50000`	Info
Dec 1, 22:38:22 3 weeks ago	default-host	Ssh Login	`64.176.212.158`	`66.135.25.80`	root	No details	Warning
Dec 1, 22:38:22 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "`	Critical
Dec 1, 22:38:22 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTSIZE=10000`	Info
Dec 1, 22:38:22 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTFILESIZE=10000`	Info
Dec 1, 22:38:22 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTCONTROL=`	Info
Dec 1, 22:37:46 3 weeks ago	default-host	Ssh Logout	`64.176.194.149`	`N/A`	root	No details	Info
Dec 1, 22:37:46 3 weeks ago	default-host	Ssh Logout	`64.176.194.149`	`N/A`	root	No details	Info
Dec 1, 22:37:46 3 weeks ago	default-host	Ssh Logout	`64.176.194.149`	`N/A`	session_701	No details	Info
Dec 1, 22:37:45 3 weeks ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`grep -i python`	Info
Dec 1, 22:37:45 3 weeks ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`grep -v grep`	Info
Dec 1, 22:37:44 3 weeks ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:37:44 3 weeks ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo "--- Python processes running ---"`	Info
Dec 1, 22:37:44 3 weeks ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`ps aux`	Info