| Current File : /home/tdmfgi5/.imh/str_2017-12-04_14:43:11 |
>>> /opt/sharedrads/check_user tdmfgi5 --plaintext
#################################################################################
INMOTION HOSTING .:: SHARED RADS ::. SHARED RESOURCE ABUSE DETECTION SCRIPTS
#################################################################################
Mon Dec 4 14:43:02 EST 2017
Displaying today's most recent CPU usage data as recorded by process accounting
CPU minutes: 592.19cp (12.75%) Actual time: 5605.62re (0.40%)
(since my last data poll @ 12:07 EST tdmfgi5 burned another ~122 cp)
# of executions for CPU intensive processes that have been spawned by this user today
php: 3172 perl: 0 imap: 876 pop3: 0 exim: 579 boxtrap: 0 ftp: 0 cron: 0
CPU minutes used today Historical CPU usage data Most expensive processes
12:00AM EST :: 0.80cp Dec 03 :: 896.85cp (15.37%) php-cgi :: 74.89 secs
03:00AM EST :: 113.cp Dec 02 :: 945.93cp (15.00%) php-cgi :: 48.45 secs
06:00AM EST :: 232.cp Dec 01 :: 859.67cp (12.45%) php-cgi :: 43.14 secs
09:00AM EST :: 346.cp Nov 30 :: 1007.47cp (13.33%) php-cgi :: 30.52 secs
12:00PM EST :: 470.cp Nov 29 :: 1068.51cp (14.54%) php-cgi :: 30.02 secs
03:00PM EST :: 83.4cp Nov 28 :: 1146.14cp (15.65%) php-cgi :: 29.85 secs
06:00PM EST :: 102.cp Nov 27 :: 1042.91cp (15.32%) php-cgi :: 29.80 secs
09:00PM EST :: 118.cp Nov 26 :: 1012.78cp (17.29%) php-cgi :: 29.79 secs
Displaying top utilization processes for user as recorded by cPanel and dcpumon
Top Process %CPU 109 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
Top Process %CPU 104 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
Top Process %CPU 103 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
RADS has detected these custom cron jobs currently enabled for this account
SHELL="/bin/bash"
* * * * * cd /home/tdmfgi5/public_html; php /home/tdmfgi5/public_html/cron.php > /dev/null
2 23 * * 0 /usr/local/bin/imap-archiver -p -q
USER QUERIES TIME LOCKTIME ROWSSENT ROWSRECVD
ERROR: Could not locate any bandwidth data for tdmfgi5 in /var/cpanel/bandwidth/
>>> /opt/sharedrads/nlp tdmfgi5 -p -w 80 --today
Using /var/log/apache2/domlogs/tdmfgi5/tdmfginc.com
�[1;35m-Hourly hits (04/Dec/2017)------------------------------------------------------�[0m
07: 30 08: 74 09: 127 10: 127 11: 95 12: 462 13: 776 14: 668
�[1;35m-HTTP response codes------------------------------------------------------------�[0m
200: 2133 206: 11 301: 151 302: 4 304: 10 404: 21 406: 17
500: 1 503: 11
�[1;35m-Duplicate requests + response codes--------------------------------------------�[0m
168 200 GET /
97 301 GET /
67 200 GET /request-a-quote
65 200 POST /wp-admin/admin-ajax.php
61 200 GET /products
57 200 GET /about-us
42 200 GET /portfolio-item/tungsten-carbide-rotary-burrs
38 200 GET /wp-content/cache/autoptimize/js/autoptimize_d4f498d400d65995072
38 200 GET /wp-content/uploads/2017/04/Group-1.png
36 200 GET /wp-includes/js/jquery/jquery.js?ver=1.12.4
�[1;35m-Requests for non-static content------------------------------------------------�[0m
240 200 GET /
103 301 GET /
82 200 GET /request-a-quote
66 200 POST /wp-admin/admin-ajax.php
61 200 GET /products
57 200 GET /about-us
42 200 GET /portfolio-item/tungsten-carbide-rotary-burrs
39 200 POST /wp-cron.php
24 301 GET /request-a-quote
22 200 GET /wp-content/themes/betheme/fonts/mfn-icons.woff
�[1;35m-Top user agents----------------------------------------------------------------�[0m
407 "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko
256 "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
145 "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like
138 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
120 "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)"
92 "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox
83 "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)"
83 "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko"
81 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
62 "Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_3 like Mac OS X) AppleWebKit/603.
�[1;35m-Top IPs with PTR records-------------------------------------------------------�[0m
407 69.249.56.194 c-69-249-56-194.hsd1.pa.comcast.net.
92 70.90.218.101 70-90-218-101-mckeesport.pa.hfc.comcastbusiness.net.
74 212.204.125.18 host-212-204-125-18.customer.m-online.net.
63 24.106.122.154 mail.americantestingservices.com.
62 85.107.142.111 85.107.142.111.dynamic.ttnet.com.tr.
60 192.104.67.131 No Record Found
59 70.89.220.253 70-89-220-253-hire-excellence-il.hfc.comcastbusiness.net
57 24.15.132.93 c-24-15-132-93.hsd1.il.comcast.net.
56 189.112.155.51 189-112-155-051.static.ctbctelecom.com.br.
55 148.251.125.231 static.231.125.251.148.clients.your-server.de.
>>> /opt/sharedrads/recent-cp tdmfgi5 -b
�[2K+-------------+------------------+------------------+------------------+------------------+
| command | 1m | �[4m5m�[0m | 15m | 60m |
+-------------+------------------+------------------+------------------+------------------+
| cat | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% |
| dovecot-lda | 0.00s 0.0% | 0.00s 0.0% | 0.01s 0.0% | 0.05s 0.0% |
| proxyexec | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% |
| whoami | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% | 0.00s 0.0% |
| bash | 0.00s 1.6% | 0.01s 0.0% | 0.02s 0.0% | 0.07s 0.0% |
| exim | 0.00s 0.0% | 0.01s 0.0% | 0.07s 0.0% | 0.31s 0.0% |
| imap | 0.00s 0.0% | 0.07s 0.0% | 0.40s 0.1% | 1.54s 0.1% |
| pyzor | 0.00s 0.0% | 0.24s 0.2% | 0.97s 0.1% | 3.30s 0.1% |
| pop3 | 0.00s 0.0% | 0.27s 0.2% | 1.87s 0.3% | 5.29s 0.2% |
| php | 0.06s 98.4% | 0.30s 0.2% | 0.87s 0.1% | 3.37s 0.1% |
| php-cgi | 0.00s 0.0% | 149.52s 99.4% | 728.79s 99.4% | 2977.07s 99.5% |
+-------------+------------------+------------------+------------------+------------------+
| total | 0.06s 100.0% | 150.40s 100.0% | 733.00s 100.0% | 2991.00s 100.0% |
+-------------+------------------+------------------+------------------+------------------+
s = processs user time in cpu seconds, cp = user time + system time in cpu minutes
>>> Running processes prior to suspension
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
tdmfgi5 71643 0.0 0.0 88760 5616 ? S 09:19 0:00 dovecot/imap
tdmfgi5 94128 0.0 0.0 88064 4416 ? S 14:39 0:00 dovecot/imap
tdmfgi5 104756 0.0 0.0 88672 5568 ? S 12:03 0:00 dovecot/imap
tdmfgi5 109394 0.1 0.0 92232 6396 ? S 14:42 0:00 dovecot/imap
tdmfgi5 109471 58.6 0.1 496144 236716 ? R 14:42 0:13 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 110265 52.9 0.1 488132 228784 ? R 14:42 0:05 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 123099 0.0 0.0 88656 5496 ? S 12:58 0:00 dovecot/imap
tdmfgi5 162767 0.0 0.0 88524 5324 ? S 14:04 0:00 dovecot/imap
tdmfgi5 178343 0.0 0.0 88680 5208 ? S 14:08 0:00 dovecot/imap