Grutu

Host Monitor

Grutu Monitor

API Key Protected

Events

Monitor and analyze security events

System Online

Filter Events

Events

Showing 10851-10900 of 33400 events

Time Hosts Type Server IP User IP User Details Severity Actions
Dec 1, 22:39:32
3 months ago
default-host
Ssh Login 64.176.194.149 66.135.25.80 root
No details
Warning
Dec 1, 22:39:32
3 months ago
default-host
Command 64.176.194.149 66.135.25.80 root
export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "
Critical
Dec 1, 22:39:31
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
find /root /home -name "authorized_keys" -exec ech...
Info
Dec 1, 22:39:30
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
echo ""
Info
Dec 1, 22:39:30
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
echo "--- Unauthorized SSH keys ---"
Critical
Dec 1, 22:39:29
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
echo "--- Suspicious cron jobs ---"
Info
Dec 1, 22:39:29
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
cat /etc/crontab 2> /dev/null
Info
Dec 1, 22:39:29
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
ls -la /etc/cron.d/ 2> /dev/null
Info
Dec 1, 22:39:29
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
crontab -l 2> /dev/null
Info
Dec 1, 22:39:28
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
echo ""
Info
Dec 1, 22:39:27
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
grep -v grutu
Info
Dec 1, 22:39:27
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
grep -v ".log"
Info
Dec 1, 22:39:27
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
head -20
Info
Dec 1, 22:39:26
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
echo ""
Info
Dec 1, 22:39:26
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
echo "--- Files containing paramiko/ssh exploit pa...
Critical
Dec 1, 22:39:26
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
grep -r "paramiko\|fabric\|pexpect\|ssh.*connect\|...
Critical
Dec 1, 22:39:17
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
head -20
Info
Dec 1, 22:39:16
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
grep -v azuracast
Info
Dec 1, 22:39:16
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
grep -v "/usr/"
Info
Dec 1, 22:39:15
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
find / -name "*.pyc" 2> /dev/null
Info
Dec 1, 22:39:15
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
grep -v grutu
Info
Dec 1, 22:39:14
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
echo ""
Info
Dec 1, 22:39:14
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
echo "--- Compiled Python (.pyc) without source --...
Info
Dec 1, 22:39:03
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
grep -v "/usr/"
Info
Dec 1, 22:39:03
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
head -30
Info
Dec 1, 22:39:01
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
grep -v grutu
Info
Dec 1, 22:39:01
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
grep -v azuracast
Info
Dec 1, 22:39:00
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
echo "--- Python files OUTSIDE grutu ---"
Info
Dec 1, 22:39:00
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
find / -name "*.py" 2> /dev/null
Info
Dec 1, 22:38:59
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
export HISTFILE="${HOME}/.bash_history_$(date +%Y%...
Critical
Dec 1, 22:38:59
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
echo "=== AZURA2 - DEEP SCAN ==="
Info
Dec 1, 22:38:59
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
echo ""
Info
Dec 1, 22:38:58
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
export HISTFILESIZE=50000
Info
Dec 1, 22:38:58
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
export HISTCONTROL=""
Info
Dec 1, 22:38:58
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
shopt -s histappend
Critical
Dec 1, 22:38:57
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
shopt -s histappend
Critical
Dec 1, 22:38:57
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "
Critical
Dec 1, 22:38:57
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
export HISTSIZE=50000
Info
Dec 1, 22:38:56
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "
Critical
Dec 1, 22:38:56
3 months ago
default-host
Ssh Login 104.238.132.126 66.135.25.80 root
No details
Warning
Dec 1, 22:38:56
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
export HISTSIZE=10000
Info
Dec 1, 22:38:56
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
export HISTFILESIZE=10000
Info
Dec 1, 22:38:56
3 months ago
default-host
Command 104.238.132.126 66.135.25.80 root
export HISTCONTROL=
Info
Dec 1, 22:38:54
3 months ago
default-host
Command 64.176.212.158 66.135.25.80 root
echo ""
Info
Dec 1, 22:38:54
3 months ago
default-host
Command 64.176.212.158 66.135.25.80 root
echo "--- Unauthorized SSH keys ---"
Critical
Dec 1, 22:38:54
3 months ago
default-host
Command 64.176.212.158 66.135.25.80 root
find /root /home -name "authorized_keys" -exec ech...
Info
Dec 1, 22:38:53
3 months ago
default-host
Command 64.176.212.158 66.135.25.80 root
echo "--- Suspicious cron jobs ---"
Info
Dec 1, 22:38:53
3 months ago
default-host
Command 64.176.212.158 66.135.25.80 root
cat /etc/crontab 2> /dev/null
Info
Dec 1, 22:38:53
3 months ago
default-host
Command 64.176.212.158 66.135.25.80 root
ls -la /etc/cron.d/ 2> /dev/null
Info
Dec 1, 22:38:53
3 months ago
default-host
Command 64.176.212.158 66.135.25.80 root
crontab -l 2> /dev/null
Info