| Current File : /home/tdmfgi5/.imh/str_2016-10-16_08:43:09 |
>>> /opt/sharedrads/check_user tdmfgi5 --plaintext
#################################################################################
INMOTION HOSTING .:: SHARED RADS ::. SHARED RESOURCE ABUSE DETECTION SCRIPTS
#################################################################################
Sun Oct 16 08:43:04 EDT 2016
Displaying today's most recent CPU usage data as recorded by process accounting
CPU minutes: 157.21cp (1.98%) Actual time: 9770637.00re (0.44%)
(since my last data poll @ 06:07 EDT tdmfgi5 burned another ~68 cp)
# of executions for CPU intensive processes that have been spawned by this user today
php: 1613 perl: 0 imap: 20 pop3: 0 exim: 12 boxtrap: 0 ftp: 0 cron: 364
CPU minutes used today Historical CPU usage data Most expensive processes
12:00AM EDT :: 0.09cp Oct 15 :: 327.25cp (1.41%) php-cgi :: 27.24 secs
03:00AM EDT :: 23.7cp Oct 14 :: 281.96cp (1.18%) php-cgi :: 26.96 secs
06:00AM EDT :: 89.0cp Oct 13 :: 411.67cp (1.73%) php-cgi :: 26.00 secs
(no data available) Oct 12 :: 245.64cp (1.06%) php-cgi :: 25.82 secs
(no data available) Oct 11 :: 210.47cp (0.92%) php-cgi :: 25.75 secs
(no data available) Oct 10 :: 318.44cp (1.41%) php-cgi :: 25.74 secs
(no data available) Oct 09 :: 272.04cp (1.29%) php-cgi :: 25.72 secs
(no data available) Oct 08 :: 381.37cp (1.71%) php-cgi :: 25.60 secs
Displaying top utilization processes for user as recorded by cPanel and dcpumon
Top Process %CPU 96.8 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
Top Process %CPU 87.6 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
RADS has detected these custom cron jobs currently enabled for this account
SHELL="/bin/bash"
* * * * * cd /home/tdmfgi5/public_html; php /home/tdmfgi5/public_html/cron.php > /dev/null
2 23 * * 0 /usr/local/bin/imap-archiver -p -q
USER QUERIES TIME LOCKTIME ROWSSENT ROWSRECVD
ERROR: Could not locate any bandwidth data for tdmfgi5 in /var/cpanel/bandwidth/
>>> /opt/sharedrads/nlp tdmfgi5 -p -w 80 --today
Using /usr/local/apache/domlogs/tdmfgi5/pur-tungsten.tdmfginc.com
�[1;35m-Hourly hits (16/Oct/2016)------------------------------------------------------�[0m
08: 336
�[1;35m-HTTP response codes------------------------------------------------------------�[0m
200: 309 301: 1 302: 22 400: 1 429: 3
�[1;35m-Duplicate requests + response codes--------------------------------------------�[0m
131 200 POST /contact-us/
25 200 GET /2014/07/06/audio-post-format/
24 200 GET /product/pur-tungsten-worm-weights/
22 302 POST /wp-comments-post.php
8 200 GET /
8 200 GET /product/pur-tungsten-ice-fishing-jigs/
8 200 GET /product/pur-tungsten-rubber-fish/
8 200 GET /product/pur-tungsten-saltwater-sinkers/
7 200 GET /contact-us/
7 200 GET /product/pur-tungsten-jigging-spoon/
�[1;35m-Requests for non-static content------------------------------------------------�[0m
131 200 POST /contact-us/
25 200 GET /2014/07/06/audio-post-format/
24 200 GET /product/pur-tungsten-worm-weights/
22 302 POST /wp-comments-post.php
14 200 GET /
8 200 GET /product/pur-tungsten-ice-fishing-jigs/
8 200 GET /product/pur-tungsten-rubber-fish/
8 200 GET /product/pur-tungsten-saltwater-sinkers/
7 200 GET /contact-us/
7 200 GET /product/pur-tungsten-jigging-spoon/
�[1;35m-Top user agents----------------------------------------------------------------�[0m
255 "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
18 "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
14 "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chro
6 "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.2 (KHTML,
5 "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0"
5 "Mozilla/5.0 (Windows; U; Windows NT 5.1; pl; rv:1.9.1.3) Gecko/20090824 F
5 "Opera/9.64(Windows NT 5.1; U; en) Presto/2.1.1"
4 "-"
4 "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.1.3) Gecko/20090824 F
3 "&as_qdr=all"
�[1;35m-Top IPs with PTR records-------------------------------------------------------�[0m
45 188.143.232.72 No Record Found
33 188.143.232.11 No Record Found
33 188.143.232.16 No Record Found
33 188.143.232.21 No Record Found
33 188.143.232.41 No Record Found
33 188.143.232.70 No Record Found
16 188.143.232.22 No Record Found
15 37.233.27.142 37-233-27-142.starnet.md.
14 88.231.205.179 88.231.205.179.dynamic.ttnet.com.tr.
11 157.55.39.35 msnbot-157-55-39-35.search.msn.com.
>>> /opt/sharedrads/recent-cp tdmfgi5 -b
�[2K+------------+------------------+------------------+------------------+------------------+
| command | 1m | �[4m5m�[0m | 15m | 60m |
+------------+------------------+------------------+------------------+------------------+
| english | 0.00s 0.0% | 0.00s 0.0% | 0.69s 0.1% | 0.69s 0.0% |
| awstats.pl | 0.00s 0.0% | 0.00s 0.0% | 1.31s 0.3% | 1.31s 0.1% |
| logrunner | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% |
| pop3 | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.57s 0.0% |
| cpanellogd | 0.00s 0.0% | 0.00s 0.0% | 0.06s 0.0% | 0.06s 0.0% |
| crond | 0.00s 0.0% | 0.01s 0.0% | 0.02s 0.0% | 0.06s 0.0% |
| bash | 0.00s 0.0% | 0.01s 0.0% | 0.02s 0.0% | 0.06s 0.0% |
| exim | 0.00s 0.0% | 0.01s 0.0% | 0.03s 0.0% | 0.04s 0.0% |
| pyzor | 0.00s 0.0% | 0.13s 0.1% | 0.37s 0.1% | 0.43s 0.0% |
| php | 0.06s 1.3% | 0.38s 0.4% | 1.33s 0.3% | 4.92s 0.3% |
| php-cgi | 4.39s 98.6% | 105.81s 99.5% | 502.22s 99.2% | 1785.17s 99.5% |
+------------+------------------+------------------+------------------+------------------+
| total | 4.45s 100.0% | 106.34s 100.0% | 506.05s 100.0% | 1793.32s 100.0% |
+------------+------------------+------------------+------------------+------------------+
s = processs user time in cpu seconds, cp = user time + system time in cpu minutes
>>> Running processes prior to suspension
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
tdmfgi5 81614 0.0 0.0 36964 3660 ? S Oct14 0:00 dovecot/imap
tdmfgi5 656700 0.0 0.0 36108 2464 ? S 08:28 0:00 dovecot/imap
tdmfgi5 695024 0.0 0.0 40828 4756 ? S 08:36 0:00 dovecot/imap
tdmfgi5 695173 0.0 0.0 37320 3696 ? S 08:36 0:00 dovecot/imap
tdmfgi5 727961 29.0 0.0 324416 74784 ? R 08:43 0:00 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php