| Current File : /home/tdmfgi5/.imh/str_2017-09-04_15:43:10 |
>>> /opt/sharedrads/check_user tdmfgi5 --plaintext
#################################################################################
INMOTION HOSTING .:: SHARED RADS ::. SHARED RESOURCE ABUSE DETECTION SCRIPTS
#################################################################################
Mon Sep 4 15:43:02 EDT 2017
Displaying today's most recent CPU usage data as recorded by process accounting
CPU minutes: 251.79cp (6.69%) Actual time: 2740.47re (0.22%)
(since my last data poll @ 15:07 EDT tdmfgi5 burned another ~20 cp)
# of executions for CPU intensive processes that have been spawned by this user today
php: 3707 perl: 0 imap: 171 pop3: 0 exim: 176 boxtrap: 0 ftp: 0 cron: 0
CPU minutes used today Historical CPU usage data Most expensive processes
12:00AM EDT :: 0.88cp Sep 03 :: 263.82cp (5.42%) php-cgi :: 28.06 secs
03:00AM EDT :: 47.6cp Sep 02 :: 333.47cp (6.43%) php-cgi :: 26.42 secs
06:00AM EDT :: 85.1cp Sep 01 :: 377.29cp (6.72%) php-cgi :: 26.36 secs
09:00AM EDT :: 133.cp Aug 31 :: 365.04cp (6.32%) php-cgi :: 26.31 secs
12:00PM EDT :: 177.cp Aug 30 :: 410.71cp (6.13%) php-cgi :: 26.18 secs
03:00PM EDT :: 231.cp Aug 29 :: 381.06cp (1.25%) php-cgi :: 26.12 secs
(no data available) Aug 28 :: 359.86cp (5.48%) php-cgi :: 26.11 secs
(no data available) Aug 27 :: 331.50cp (6.11%) php-cgi :: 26.10 secs
Displaying top utilization processes for user as recorded by cPanel and dcpumon
Top Process %CPU 114 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
Top Process %CPU 111 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
Top Process %CPU 107 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
RADS has detected these custom cron jobs currently enabled for this account
SHELL="/bin/bash"
* * * * * cd /home/tdmfgi5/public_html; php /home/tdmfgi5/public_html/cron.php > /dev/null
2 23 * * 0 /usr/local/bin/imap-archiver -p -q
USER QUERIES TIME LOCKTIME ROWSSENT ROWSRECVD
tdmfgi5 3 11 0 0 2
ERROR: Could not locate any bandwidth data for tdmfgi5 in /var/cpanel/bandwidth/
>>> /opt/sharedrads/nlp tdmfgi5 -p -w 80 --today
Using /var/log/apache2/domlogs/tdmfgi5/tdmfginc.com
�[1;35m-Hourly hits (04/Sep/2017)------------------------------------------------------�[0m
08: 19 09: 1501 10: 27 11: 144 12: 30 13: 65 14: 12 15: 12
�[1;35m-HTTP response codes------------------------------------------------------------�[0m
200: 300 301: 9 304: 10 404: 22 406: 1465 503: 4
�[1;35m-Duplicate requests + response codes--------------------------------------------�[0m
1464 406 POST /wp-login.php
28 200 GET /robots.txt
21 200 GET /
5 200 GET /wp-content/uploads/2017/01/crankshaft.png
5 200 GET /wp-content/uploads/2017/01/royal.png
5 200 GET /wp-content/uploads/2017/01/tkk.png
5 301 GET /
4 200 GET /wp-content/cache/autoptimize/css/autoptimize_2d0098c9224ef4d4d
4 200 GET /wp-content/cache/autoptimize/js/autoptimize_f9e9878191cf52e841
4 200 GET /wp-content/uploads/2017/01/CAT-FINAL-LOGO_Lg_03.png
�[1;35m-Requests for non-static content------------------------------------------------�[0m
1464 406 POST /wp-login.php
26 200 GET /
20 200 POST /wp-cron.php
7 404 GET /
5 301 GET /
4 200 GET /wp-login.php
3 200 GET /portfolio-types/heavy-tungsten-alloy-copper-tungsten
3 200 GET /wp-content/themes/betheme/fonts/mfn-icons.woff
2 200 GET /careers
2 200 GET /contact
�[1;35m-Top user agents----------------------------------------------------------------�[0m
1470 "Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.5
54 "Mozilla/5.0 (Linux; Android 5.1.1; Nexus 5 Build/LMY48B) AppleWebKit/537
45 "Mozilla/5.0 (Linux; Android 7.0; LG-V521 Build/NRD90U) AppleWebKit/537.3
45 "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chro
29 "Mozilla/5.0 (compatible; DotBot/1.1; http://www.opensiteexplorer.org/dot
22 "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
22 "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/53
20 "WordPress/4.7.5; http://tdmfginc.com"
10 "Mozilla/5.0 (compatible; SeznamBot/3.2; +http://napoveda.seznam.cz/en/se
9 "Mozilla/5.0 (compatible; AhrefsBot/5.2; +http://ahrefs.com/robot/)"
�[1;35m-Top IPs with PTR records-------------------------------------------------------�[0m
1473 198.204.225.114 No Record Found
54 73.81.199.194 c-73-81-199-194.hsd1.de.comcast.net.
45 172.58.233.226 No Record Found
45 39.45.180.103 No Record Found
20 144.208.76.152 ecld208.inmotionhosting.com.
15 66.249.70.9 crawl-66-249-70-9.googlebot.com.
14 216.244.66.247 Query Timed Out
14 66.249.89.41 rate-limited-proxy-66-249-89-41.google.com.
13 216.244.66.195 Query Timed Out
11 66.249.70.11 crawl-66-249-70-11.googlebot.com.
>>> /opt/sharedrads/recent-cp tdmfgi5 -b
�[2K+-----------+------------------+------------------+------------------+------------------+
| command | 1m | �[4m5m�[0m | 15m | 60m |
+-----------+------------------+------------------+------------------+------------------+
| rm | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% |
| sendmail | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% |
| imap | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.05s 0.0% |
| cat | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% |
| exim | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.01s 0.0% |
| proxyexec | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% |
| whoami | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% |
| bash | 0.00s 1.2% | 0.01s 0.0% | 0.02s 0.0% | 0.06s 0.0% |
| pop3 | 0.00s 0.0% | 0.27s 0.2% | 0.74s 0.1% | 0.74s 0.0% |
| php | 0.08s 98.8% | 0.33s 0.3% | 0.90s 0.2% | 3.31s 0.2% |
| php-cgi | 0.00s 0.0% | 121.68s 99.5% | 515.73s 99.7% | 1785.93s 99.8% |
+-----------+------------------+------------------+------------------+------------------+
| total | 0.08s 100.0% | 122.29s 100.0% | 517.39s 100.0% | 1790.38s 100.0% |
+-----------+------------------+------------------+------------------+------------------+
s = processs user time in cpu seconds, cp = user time + system time in cpu minutes
>>> Running processes prior to suspension
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
tdmfgi5 52332 24.1 0.0 0 0 ? Z 15:42 0:12 [php-cgi] <defunct>
tdmfgi5 54720 73.0 0.1 459148 200136 ? R 15:43 0:04 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 171416 0.0 0.0 86264 5024 ? S 12:52 0:00 dovecot/imap
tdmfgi5 180356 0.0 0.0 85888 4336 ? S 15:16 0:00 dovecot/imap