|
Nov 26, 12:56:32
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
sort -rn
|
Info
|
|
|
Nov 26, 12:56:32
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
head -20
|
Info
|
|
|
Nov 26, 12:56:31
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
cat /var/log/grutu/collected_logs.jsonl
|
Info
|
|
|
Nov 26, 12:56:31
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
jq -r 'select(.timestamp >= "2025-11-24" and .time...
|
Info
|
|
|
Nov 26, 12:56:31
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
sort
|
Info
|
|
|
Nov 26, 12:56:30
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
shopt -s histappend
|
Critical
|
|
|
Nov 26, 12:56:30
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTFILE="${HOME}/.bash_history_$(date +%Y%...
|
Critical
|
|
|
Nov 26, 12:56:30
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
eval "cat /var/log/grutu/collected_logs.jsonl | jq...
|
Info
|
|
|
Nov 26, 12:56:29
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTSIZE=50000
|
Info
|
|
|
Nov 26, 12:56:29
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTFILESIZE=50000
|
Info
|
|
|
Nov 26, 12:56:29
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTCONTROL=""
|
Info
|
|
|
Nov 26, 12:56:28
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTCONTROL=
|
Info
|
|
|
Nov 26, 12:56:28
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
shopt -s histappend
|
Critical
|
|
|
Nov 26, 12:56:28
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "
|
Critical
|
|
|
Nov 26, 12:56:27
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTSIZE=10000
|
Info
|
|
|
Nov 26, 12:56:27
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTFILESIZE=10000
|
Info
|
|
|
Nov 26, 12:56:26
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
true
|
Info
|
|
|
Nov 26, 12:56:26
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
source /etc/profile.d/honeypot.sh 2> /dev/null
|
Critical
|
|
|
Nov 26, 12:56:26
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "
|
Critical
|
|
|
Nov 26, 12:56:25
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTCONTROL=""
|
Info
|
|
|
Nov 26, 12:56:25
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
shopt -s histappend
|
Critical
|
|
|
Nov 26, 12:56:25
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTFILE="${HOME}/.bash_history_$(date +%Y%...
|
Critical
|
|
|
Nov 26, 12:56:25
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
mesg n 2> /dev/null
|
Info
|
|
|
Nov 26, 12:56:24
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "
|
Critical
|
|
|
Nov 26, 12:56:24
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTSIZE=50000
|
Info
|
|
|
Nov 26, 12:56:24
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTFILESIZE=50000
|
Info
|
|
|
Nov 26, 12:56:23
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTFILESIZE=10000
|
Info
|
|
|
Nov 26, 12:56:23
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTCONTROL=
|
Info
|
|
|
Nov 26, 12:56:23
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
shopt -s histappend
|
Critical
|
|
|
Nov 26, 12:56:22
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
. ~/.bashrc
|
Critical
|
|
|
Nov 26, 12:56:22
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "
|
Critical
|
|
|
Nov 26, 12:56:22
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTSIZE=10000
|
Info
|
|
|
Nov 26, 12:56:21
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
unset i
|
Info
|
|
|
Nov 26, 12:56:21
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
[ "$BASH" ]
|
Critical
|
|
|
Nov 26, 12:56:21
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
[ -f ~/.bashrc ]
|
Critical
|
|
|
Nov 26, 12:56:20
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTCONTROL=""
|
Info
|
|
|
Nov 26, 12:56:20
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
shopt -s histappend
|
Critical
|
|
|
Nov 26, 12:56:20
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTFILE="${HOME}/.bash_history_$(date +%Y%...
|
Critical
|
|
|
Nov 26, 12:56:19
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTSIZE=50000
|
Info
|
|
|
Nov 26, 12:56:19
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTFILESIZE=50000
|
Info
|
|
|
Nov 26, 12:56:18
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTFILESIZE=10000
|
Info
|
|
|
Nov 26, 12:56:18
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTCONTROL=
|
Info
|
|
|
Nov 26, 12:56:18
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
shopt -s histappend
|
Critical
|
|
|
Nov 26, 12:56:18
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "
|
Critical
|
|
|
Nov 26, 12:56:17
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "
|
Critical
|
|
|
Nov 26, 12:56:17
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
export HISTSIZE=10000
|
Info
|
|
|
Nov 26, 12:56:01
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
pwd -P >| /tmp/claude-b175-cwd
|
Info
|
|
|
Nov 26, 12:56:00
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
head -50
|
Info
|
|
|
Nov 26, 12:55:59
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
eval "journalctl --since '2025-11-24 00:00:00' --u...
|
Critical
|
|
|
Nov 26, 12:55:59
3 weeks ago
|
default-host
|
Command
|
104.238.132.126
|
209.6.216.95
|
root
|
journalctl --since '2025-11-24 00:00:00' --until '...
|
Critical
|
|