| Current File : /home/tdmfgi5/.imh/str_2017-07-14_09:43:07 |
>>> /opt/sharedrads/check_user tdmfgi5 --plaintext
#################################################################################
INMOTION HOSTING .:: SHARED RADS ::. SHARED RESOURCE ABUSE DETECTION SCRIPTS
#################################################################################
Fri Jul 14 09:43:02 EDT 2017
Displaying today's most recent CPU usage data as recorded by process accounting
CPU minutes: 224.74cp (7.55%) Actual time: 613.98re (0.08%)
(since my last data poll @ 09:07 EDT tdmfgi5 burned another ~15 cp)
# of executions for CPU intensive processes that have been spawned by this user today
php: 2113 perl: 0 imap: 38 pop3: 0 exim: 185 boxtrap: 0 ftp: 0 cron: 0
CPU minutes used today Historical CPU usage data Most expensive processes
12:00AM EDT :: 2.24cp Jul 13 :: 444.03cp (5.12%) php-cgi :: 28.70 secs
03:00AM EDT :: 61.0cp Jul 12 :: 352.03cp (4.08%) php-cgi :: 28.35 secs
06:00AM EDT :: 131.cp Jul 11 :: 384.82cp (4.54%) php-cgi :: 28.08 secs
09:00AM EDT :: 210.cp Jul 10 :: 321.33cp (3.81%) php-cgi :: 27.79 secs
(no data available) Jul 09 :: 247.17cp (3.52%) php-cgi :: 27.70 secs
(no data available) Jul 08 :: 339.93cp (4.86%) php-cgi :: 27.55 secs
(no data available) Jul 07 :: 309.16cp (3.62%) php-cgi :: 27.52 secs
(no data available) Jul 06 :: 235.56cp (2.54%) php-cgi :: 27.45 secs
Displaying top utilization processes for user as recorded by cPanel and dcpumon
Top Process %CPU 128 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
Top Process %CPU 120 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
Top Process %CPU 104 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
RADS has detected these custom cron jobs currently enabled for this account
SHELL="/bin/bash"
* * * * * cd /home/tdmfgi5/public_html; php /home/tdmfgi5/public_html/cron.php > /dev/null
2 23 * * 0 /usr/local/bin/imap-archiver -p -q
USER QUERIES TIME LOCKTIME ROWSSENT ROWSRECVD
tdmfgi5 5 55 0 0 3
ERROR: Could not locate any bandwidth data for tdmfgi5 in /var/cpanel/bandwidth/
>>> /opt/sharedrads/nlp tdmfgi5 -p -w 80 --today
Using /var/log/apache2/domlogs/tdmfgi5/pur-tungsten.tdmfginc.com
�[1;35m-Hourly hits (14/Jul/2017)------------------------------------------------------�[0m
08: 118 09: 86
�[1;35m-HTTP response codes------------------------------------------------------------�[0m
200: 197 302: 6 406: 1
�[1;35m-Duplicate requests + response codes--------------------------------------------�[0m
108 200 GET /2015/11/02/hello-world/
35 200 GET /2014/07/06/audio-post-format/
11 200 GET /product/flip-test/
6 200 GET /product/pur-tungsten-jigs/
4 200 GET /product/pur-tungsten-putty/
4 200 GET /product/vanity-case/
4 302 POST /wp-comments-post.php
3 200 GET /
3 200 GET /product/pur-tungsten-eyes-for-fly-fishing/
3 200 GET /product/pur-tungsten-jigging-spoon/
�[1;35m-Requests for non-static content------------------------------------------------�[0m
108 200 GET /2015/11/02/hello-world/
35 200 GET /2014/07/06/audio-post-format/
11 200 GET /product/flip-test/
6 200 GET /product/pur-tungsten-jigs/
5 200 GET /wp-login.php
4 200 GET /product/pur-tungsten-putty/
4 200 GET /product/vanity-case/
4 302 POST /wp-comments-post.php
3 200 GET /
3 200 GET /product/pur-tungsten-eyes-for-fly-fishing/
�[1;35m-Top user agents----------------------------------------------------------------�[0m
153 "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
9 "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; en) Opera 8.50"
9 "Mozilla/5.0 (compatible; MJ12bot/v1.4.8; http://mj12bot.com/)"
8 "Mozilla/4.0 (Windows NT 6.2) AppleWebKit/537.17 (KHTML, like Gecko) Chrom
6 "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
6 "Opera/9.80 (Windows NT 6.2; Win64; x64) Presto/2.12.388 Version/12.17"
3 "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0"
2 "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko
2 "WordPress/4.3.11; http://pur-tungsten.com"
1 "Lynx/2.8.3dev.9 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/0.9.6"
�[1;35m-Top IPs with PTR records-------------------------------------------------------�[0m
36 176.9.66.113 static.113.66.9.176.clients.your-server.de.
9 46.165.197.142 No Record Found
9 86.172.201.154 host86-172-201-154.range86-172.btcentralplus.com.
6 154.16.3.55 No Record Found
6 95.211.192.231 No Record Found
3 104.129.40.121 104.129.40.121.static.quadranet.com.
3 128.199.75.94 No Record Found
3 155.94.221.222 155.94.221.222.static.quadranet.com.
3 178.125.244.136 mm-136-244-125-178.mfilial.dynamic.pppoe.byfly.by.
3 178.32.12.113 No Record Found
>>> /opt/sharedrads/recent-cp tdmfgi5 -b
�[2K+-------------+------------------+------------------+------------------+------------------+
| command | 1m | �[4m5m�[0m | 15m | 60m |
+-------------+------------------+------------------+------------------+------------------+
| dovecot-lda | 0.00s 0.0% | 0.00s 0.0% | 0.01s 0.0% | 0.02s 0.0% |
| exim | 0.00s 0.0% | 0.00s 0.0% | 0.04s 0.0% | 0.14s 0.0% |
| pop3 | 0.00s 0.0% | 0.00s 0.0% | 0.54s 0.1% | 2.05s 0.1% |
| bash | 0.00s 2.0% | 0.01s 0.0% | 0.02s 0.0% | 0.06s 0.0% |
| imap | 0.00s 0.0% | 0.01s 0.0% | 0.08s 0.0% | 1.78s 0.1% |
| pyzor | 0.00s 0.0% | 0.07s 0.1% | 0.56s 0.1% | 1.93s 0.1% |
| php | 0.05s 98.0% | 0.35s 0.3% | 1.09s 0.3% | 4.40s 0.2% |
| php-cgi | 0.00s 0.0% | 124.20s 99.6% | 423.25s 99.5% | 1763.01s 99.4% |
+-------------+------------------+------------------+------------------+------------------+
| total | 0.05s 100.0% | 124.64s 100.0% | 425.59s 100.0% | 1773.39s 100.0% |
+-------------+------------------+------------------+------------------+------------------+
s = processs user time in cpu seconds, cp = user time + system time in cpu minutes
>>> Running processes prior to suspension
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
tdmfgi5 245119 0.0 0.0 39360 3784 ? S 08:40 0:00 dovecot/imap
tdmfgi5 454195 0.0 0.0 39472 3884 ? S 09:34 0:00 dovecot/imap