| Current File : /home/tdmfgi5/.imh/str_2018-02-04_14:43:15 |
>>> /opt/sharedrads/check_user tdmfgi5 --plaintext
#################################################################################
INMOTION HOSTING .:: SHARED RADS ::. SHARED RESOURCE ABUSE DETECTION SCRIPTS
#################################################################################
Sun Feb 4 14:43:03 EST 2018
Displaying today's most recent CPU usage data as recorded by process accounting
CPU minutes: 334.68cp (7.43%) Actual time: 4099.87re (0.41%)
(since my last data poll @ 12:07 EST tdmfgi5 burned another ~66 cp)
# of executions for CPU intensive processes that have been spawned by this user today
php: 2431 perl: 0 imap: 268 pop3: 0 exim: 190 boxtrap: 0 ftp: 0 cron: 0
CPU minutes used today Historical CPU usage data Most expensive processes
12:00AM EST :: 1.15cp Feb 03 :: 506.81cp (8.35%) php-cgi :: 30.49 secs
03:00AM EST :: 71.9cp Feb 02 :: 458.11cp (5.56%) php-cgi :: 30.48 secs
06:00AM EST :: 152.cp Feb 01 :: 503.93cp (6.00%) php-cgi :: 30.41 secs
09:00AM EST :: 214.cp Jan 31 :: 619.82cp (7.66%) php-cgi :: 30.21 secs
12:00PM EST :: 268.cp Jan 30 :: 675.00cp (7.76%) php-cgi :: 30.16 secs
03:00PM EST :: 144.cp Jan 29 :: 613.84cp (6.90%) php-cgi :: 30.14 secs
06:00PM EST :: 179.cp Jan 28 :: 544.51cp (7.88%) php-cgi :: 30.11 secs
09:00PM EST :: 202.cp Jan 27 :: 564.91cp (8.52%) php-cgi :: 29.98 secs
Displaying top utilization processes for user as recorded by cPanel and dcpumon
Top Process %CPU 114 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
Top Process %CPU 105 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
Top Process %CPU 104 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
RADS has detected these custom cron jobs currently enabled for this account
SHELL="/bin/bash"
* * * * * cd /home/tdmfgi5/public_html; php /home/tdmfgi5/public_html/cron.php > /dev/null
2 23 * * 0 /usr/local/bin/imap-archiver -p -q
USER QUERIES TIME LOCKTIME ROWSSENT ROWSRECVD
ERROR: Could not locate any bandwidth data for tdmfgi5 in /var/cpanel/bandwidth/
>>> /opt/sharedrads/nlp tdmfgi5 -p -w 80 --today
Using /var/log/apache2/domlogs/tdmfgi5/tdmfginc.com
�[1;35m-Hourly hits (04/Feb/2018)------------------------------------------------------�[0m
07: 21 08: 71 09: 60 10: 163 11: 126 12: 153 13: 186 14: 137
�[1;35m-HTTP response codes------------------------------------------------------------�[0m
200: 831 206: 2 301: 9 304: 41 401: 2 403: 8 404: 13 406: 4
503: 7
�[1;35m-Duplicate requests + response codes--------------------------------------------�[0m
35 200 GET /wp-content/cache/autoptimize/css/autoptimize_2d0098c9224ef4d4d4a
34 200 GET /wp-includes/js/jquery/jquery.js?ver=1.12.4
33 200 GET /wp-content/cache/autoptimize/js/autoptimize_d4f498d400d65995072c
30 200 GET /wp-content/plugins/revslider/public/assets/js/extensions/revolut
30 200 GET /wp-content/uploads/2017/04/Group-1.png
30 200 GET /wp-includes/js/wp-emoji-release.min.js?ver=4.7.9
29 200 GET /
29 200 GET /wp-content/plugins/revslider/public/assets/js/extensions/revolut
28 200 GET /wp-content/themes/betheme/images/box_shadow.png
28 200 GET /wp-content/uploads/2017/01/drill-milling-milling-machine-drillin
�[1;35m-Requests for non-static content------------------------------------------------�[0m
70 200 GET /
27 200 GET /wp-content/themes/betheme/fonts/mfn-icons.woff
23 200 GET /portfolio-item/tungsten-alloy-counterweights-and-balance-weights
21 200 POST /wp-cron.php
8 200 GET /request-a-quote
7 200 GET /portfolio-item/tungsten-alloy-balancing-weights
6 200 GET /products
5 200 GET /portfolio-item/tungsten-recoil-buffer-weights
5 200 POST /
4 200 GET /wp-content/themes/betheme/fonts/mfn-icons.eot
�[1;35m-Top user agents----------------------------------------------------------------�[0m
103 "Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_3 like Mac OS X) AppleWebKit/603.
63 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
57 "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
54 "Mozilla/5.0 (iPad; CPU OS 11_2_5 like Mac OS X) AppleWebKit/604.5.6 (KHTM
51 "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
48 "Mozilla/5.0 (X11; CrOS x86_64 10032.86.0) AppleWebKit/537.36 (KHTML, like
47 "Mozilla/5.0 (iPhone; CPU iPhone OS 11_2_2 like Mac OS X) AppleWebKit/604.
27 "Mozilla/5.0 (Linux; Android 6.0.1; SM-T807V Build/MMB29M) AppleWebKit/537
26 "Mozilla/5.0 (Linux; Android 7.0; SAMSUNG SM-G935A Build/NRD90M) AppleWebK
26 "WordPress/4.7.9; http://tdmfginc.com"
�[1;35m-Top IPs with PTR records-------------------------------------------------------�[0m
103 71.162.185.22 pool-71-162-185-22.phlapa.fios.verizon.net.
54 76.241.45.35 Query Timed Out
48 107.203.151.104 107-203-151-104.lightspeed.nworla.sbcglobal.net.
27 174.235.148.63 63.sub-174-235-148.myvzw.com.
26 144.208.76.152 ecld208.inmotionhosting.com.
26 24.171.109.127 24-171-109-127.dhcp.stls.mo.charter.com.
25 172.7.165.118 172-7-165-118.lightspeed.sndgca.sbcglobal.net.
22 40.77.167.177 msnbot-40-77-167-177.search.msn.com.
20 184.100.148.85 184-100-148-85.ptld.qwest.net.
20 97.32.9.6 6.sub-97-32-9.myvzw.com.
>>> /opt/sharedrads/recent-cp tdmfgi5 -b
�[2K+---------+------------------+------------------+------------------+------------------+
| command | 1m | �[4m5m�[0m | 15m | 60m |
+---------+------------------+------------------+------------------+------------------+
| pyzor | 0.00s 0.0% | 0.00s 0.0% | 0.41s 0.1% | 1.40s 0.1% |
| exim | 0.00s 0.0% | 0.00s 0.0% | 0.01s 0.0% | 0.03s 0.0% |
| imap | 0.00s 0.0% | 0.00s 0.0% | 0.01s 0.0% | 0.10s 0.0% |
| bash | 0.02s 25.0% | 1.02s 2.5% | 1.07s 0.2% | 1.46s 0.1% |
| php-cgi | 0.06s 75.0% | 39.45s 97.5% | 439.58s 99.7% | 1897.81s 99.8% |
+---------+------------------+------------------+------------------+------------------+
| total | 0.08s 100.0% | 40.47s 100.0% | 441.09s 100.0% | 1900.80s 100.0% |
+---------+------------------+------------------+------------------+------------------+
s = processs user time in cpu seconds, cp = user time + system time in cpu minutes
>>> Running processes prior to suspension
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
tdmfgi5 12723 0.0 0.0 89656 5108 ? S 14:11 0:00 dovecot/imap
tdmfgi5 40710 0.0 0.0 88064 4336 ? S 14:24 0:00 dovecot/imap
tdmfgi5 75807 23.7 0.2 541904 282172 ? S 14:42 0:17 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 76039 38.3 0.3 672916 410700 ? S 14:42 0:27 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 163097 0.0 0.0 88508 4908 ? S 13:50 0:00 dovecot/imap