Events

Filter Events

Event Type

Severity

Hosts

Showing 10801-10850 of 33400 events

Time	Hosts	Type	Server IP	User IP	User	Details	Severity
Dec 1, 22:44:31 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTCONTROL=`	Info
Dec 1, 22:44:31 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`shopt -s histappend`	Critical
Dec 1, 22:44:30 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "`	Critical
Dec 1, 22:44:30 3 months ago	default-host	Ssh Login	`140.82.46.49`	`66.135.25.80`	root	No details	Warning
Dec 1, 22:44:30 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTSIZE=10000`	Info
Dec 1, 22:40:06 3 months ago	default-host	Ssh Logout	`64.176.194.149`	`N/A`	root	No details	Info
Dec 1, 22:40:06 3 months ago	default-host	Ssh Logout	`64.176.194.149`	`N/A`	session_703	No details	Info
Dec 1, 22:40:06 3 months ago	default-host	Ssh Logout	`64.176.194.149`	`N/A`	root	No details	Info
Dec 1, 22:40:04 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo "--- Unauthorized SSH keys ---"`	Critical
Dec 1, 22:40:04 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`find /root /home -name "authorized_keys" -exec ech...`	Info
Dec 1, 22:40:01 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:40:00 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`cat /etc/crontab 2> /dev/null`	Info
Dec 1, 22:40:00 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`ls -la /etc/cron.d/ 2> /dev/null`	Info
Dec 1, 22:40:00 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`crontab -l 2> /dev/null`	Info
Dec 1, 22:39:59 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:39:59 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo "--- Suspicious cron jobs ---"`	Info
Dec 1, 22:39:58 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`head -20`	Info
Dec 1, 22:39:57 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`grep -v grutu`	Info
Dec 1, 22:39:57 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`grep -v ".log"`	Info
Dec 1, 22:39:56 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:39:56 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo "--- Files containing paramiko/ssh exploit pa...`	Critical
Dec 1, 22:39:56 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`grep -r "paramiko\\|fabric\\|pexpect\\|ssh.*connect\\|...`	Critical
Dec 1, 22:39:47 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`grep -v grutu`	Info
Dec 1, 22:39:47 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`grep -v azuracast`	Info
Dec 1, 22:39:47 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`grep -v "/usr/"`	Info
Dec 1, 22:39:47 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`head -20`	Info
Dec 1, 22:39:46 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:39:46 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo "--- Compiled Python (.pyc) without source --...`	Info
Dec 1, 22:39:46 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`find / -name "*.pyc" 2> /dev/null`	Info
Dec 1, 22:39:37 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`grep -v "/usr/"`	Info
Dec 1, 22:39:37 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`head -30`	Info
Dec 1, 22:39:36 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo "--- Python files OUTSIDE grutu ---"`	Info
Dec 1, 22:39:36 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`find / -name "*.py" 2> /dev/null`	Info
Dec 1, 22:39:36 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`grep -v grutu`	Info
Dec 1, 22:39:36 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`grep -v azuracast`	Info
Dec 1, 22:39:35 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`shopt -s histappend`	Critical
Dec 1, 22:39:35 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`export HISTFILE="${HOME}/.bash_history_$(date +%Y%...`	Critical
Dec 1, 22:39:35 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo "=== AZURA5 - DEEP SCAN ==="`	Info
Dec 1, 22:39:35 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:39:34 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "`	Critical
Dec 1, 22:39:34 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`export HISTSIZE=50000`	Info
Dec 1, 22:39:34 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`export HISTFILESIZE=50000`	Info
Dec 1, 22:39:34 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`export HISTCONTROL=""`	Info
Dec 1, 22:39:33 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`export HISTSIZE=10000`	Info
Dec 1, 22:39:33 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`export HISTFILESIZE=10000`	Info
Dec 1, 22:39:33 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`export HISTCONTROL=`	Info
Dec 1, 22:39:33 3 months ago	default-host	Command	`64.176.194.149`	`66.135.25.80`	root	`shopt -s histappend`	Critical
Dec 1, 22:39:32 3 months ago	default-host	Ssh Logout	`104.238.132.126`	`N/A`	root	No details	Info
Dec 1, 22:39:32 3 months ago	default-host	Ssh Logout	`104.238.132.126`	`N/A`	root	No details	Info
Dec 1, 22:39:32 3 months ago	default-host	Ssh Logout	`104.238.132.126`	`N/A`	session_853	No details	Info