| Current File : /home/tdmfgi5/.imh/str_2018-03-06_15:43:13 |
>>> /opt/sharedrads/check_user tdmfgi5 --plaintext
#################################################################################
INMOTION HOSTING .:: SHARED RADS ::. SHARED RESOURCE ABUSE DETECTION SCRIPTS
#################################################################################
Tue Mar 6 15:43:02 EST 2018
Displaying today's most recent CPU usage data as recorded by process accounting
CPU minutes: 440.85cp (1.93%) Actual time: 7068.46re (0.64%)
(since my last data poll @ 15:07 EST tdmfgi5 burned another ~36 cp)
# of executions for CPU intensive processes that have been spawned by this user today
php: 4832 perl: 0 imap: 837 pop3: 0 exim: 1518 boxtrap: 0 ftp: 0 cron: 0
CPU minutes used today Historical CPU usage data Most expensive processes
12:00AM EST :: 0.98cp Mar 05 :: 516.95cp (7.22%) php-cgi :: 36.67 secs
03:00AM EST :: 86.1cp Mar 04 :: 419.93cp (7.67%) php-cgi :: 30.48 secs
06:00AM EST :: 158.cp Mar 03 :: 497.11cp (8.14%) php-cgi :: 30.47 secs
09:00AM EST :: 224.cp Mar 02 :: 567.55cp (8.76%) php-cgi :: 30.46 secs
12:00PM EST :: 298.cp Mar 01 :: 438.45cp (6.95%) php-cgi :: 30.45 secs
03:00PM EST :: 404.cp Feb 28 :: 509.55cp (7.48%) php-cgi :: 30.41 secs
06:00PM EST :: 282.cp Feb 27 :: 535.30cp (7.23%) php-cgi :: 30.41 secs
09:00PM EST :: 322.cp Feb 26 :: 593.48cp (8.27%) php-cgi :: 30.38 secs
Displaying top utilization processes for user as recorded by cPanel and dcpumon
Top Process %CPU 164 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
Top Process %CPU 117 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
Top Process %CPU 104 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
RADS has detected these custom cron jobs currently enabled for this account
SHELL="/bin/bash"
* * * * * cd /home/tdmfgi5/public_html; php /home/tdmfgi5/public_html/cron.php > /dev/null
2 23 * * 0 /usr/local/bin/imap-archiver -p -q
USER QUERIES TIME LOCKTIME ROWSSENT ROWSRECVD
ERROR: Could not locate any bandwidth data for tdmfgi5 in /var/cpanel/bandwidth/
>>> /opt/sharedrads/nlp tdmfgi5 -p -w 80 --today
Using /var/log/apache2/domlogs/tdmfgi5/pur-tungsten.tdmfginc.com
�[1;35m-Hourly hits (06/Mar/2018)------------------------------------------------------�[0m
07: 73 08: 90 09: 126 10: 164 11: 143 12: 173 13: 119 14: 525 15: 407
�[1;35m-HTTP response codes------------------------------------------------------------�[0m
200: 1668 301: 33 302: 68 304: 4 404: 44 405: 1 406: 2
�[1;35m-Duplicate requests + response codes--------------------------------------------�[0m
280 200 GET /2015/11/02/hello-world/
143 200 GET /2014/07/06/audio-post-format/
134 200 GET /product/pur-tungsten-jigging-spoon/
132 200 GET /product/pur-tungsten-salt-water-jigs/
126 200 GET /product/pur-tungsten-rubber-fish/
123 200 GET /product/pur-tungsten-saltwater-sinkers/
118 200 GET /product/glitterglam-belt/
101 200 GET /product/vanity-case/
56 200 GET /product/maxi-belt/
31 200 GET /
�[1;35m-Requests for non-static content------------------------------------------------�[0m
280 200 GET /2015/11/02/hello-world/
143 200 GET /2014/07/06/audio-post-format/
134 200 GET /product/pur-tungsten-jigging-spoon/
132 200 GET /product/pur-tungsten-salt-water-jigs/
126 200 GET /product/pur-tungsten-rubber-fish/
123 200 GET /product/pur-tungsten-saltwater-sinkers/
118 200 GET /product/glitterglam-belt/
101 200 GET /product/vanity-case/
56 200 GET /product/maxi-belt/
34 200 GET /wp-login.php
�[1;35m-Top user agents----------------------------------------------------------------�[0m
752 "Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)"
144 "Mozilla/5.0 (iPhone; CPU iPhone OS 11_2_6 like Mac OS X) AppleWebKit/604.
76 "Opera/9.80 (Windows NT 6.2; Win64; x64) Presto/2.12.388 Version/12.17"
41 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.1.25 (KHT
37 "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
29 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML
28 "Mozilla/5.0 (iPhone; CPU iPhone OS 7_0 like Mac OS X) AppleWebKit/537.51.
27 "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like
17 "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML
17 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
�[1;35m-Top IPs with PTR records-------------------------------------------------------�[0m
689 100.43.85.114 100-43-85-114.spider.yandex.com.
75 107.77.85.123 No Record Found
69 71.13.40.195 71-13-40-195.dhcp.dlth.mn.charter.com.
57 93.158.161.142 93-158-161-142.spider.yandex.com.
55 198.255.114.202 No Record Found
41 54.85.182.120 nat-service2.aws.kontera.com.
35 179.158.31.198 b39e1fc6.virtua.com.br.
28 199.30.24.25 msnbot-199-30-24-25.search.msn.com.
22 85.195.118.42 No Record Found
19 185.225.104.116 No Record Found
>>> /opt/sharedrads/recent-cp tdmfgi5 -b
�[2K+-------------+------------------+------------------+------------------+------------------+
| command | 1m | �[4m5m�[0m | 15m | 60m |
+-------------+------------------+------------------+------------------+------------------+
| bash | 0.00s 1.4% | 0.01s 0.0% | 0.02s 0.0% | 0.06s 0.0% |
| exim | 0.00s 0.0% | 0.03s 0.1% | 0.04s 0.0% | 0.13s 0.0% |
| dovecot-lda | 0.00s 0.0% | 0.03s 0.1% | 0.03s 0.0% | 0.03s 0.0% |
| imap | 0.00s 0.0% | 0.14s 0.4% | 0.92s 0.1% | 3.25s 0.1% |
| pyzor | 0.00s 0.0% | 0.15s 0.4% | 0.56s 0.1% | 2.84s 0.1% |
| pop3 | 0.00s 0.0% | 0.83s 2.3% | 1.11s 0.2% | 4.47s 0.1% |
| php-cgi | 0.07s 98.6% | 35.67s 96.8% | 627.75s 99.6% | 3308.66s 99.7% |
+-------------+------------------+------------------+------------------+------------------+
| total | 0.07s 100.0% | 36.86s 100.0% | 630.42s 100.0% | 3319.45s 100.0% |
+-------------+------------------+------------------+------------------+------------------+
s = processs user time in cpu seconds, cp = user time + system time in cpu minutes
>>> Running processes prior to suspension
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
tdmfgi5 4268 0.0 0.0 88064 4424 ? S 15:34 0:00 dovecot/imap
tdmfgi5 7032 3.0 0.0 0 0 ? Z 15:35 0:14 [php-cgi] <defunct>
tdmfgi5 8660 3.0 0.0 0 0 ? Z 15:35 0:13 [php-cgi] <defunct>
tdmfgi5 9852 3.6 0.0 0 0 ? Z 15:35 0:15 [php-cgi] <defunct>
tdmfgi5 10753 3.4 0.0 0 0 ? Z 15:36 0:14 [php-cgi] <defunct>
tdmfgi5 12596 4.3 0.0 0 0 ? Z 15:36 0:17 [php-cgi] <defunct>
tdmfgi5 13567 4.3 0.0 0 0 ? Z 15:36 0:16 [php-cgi] <defunct>
tdmfgi5 14839 3.6 0.0 0 0 ? Z 15:36 0:13 [php-cgi] <defunct>
tdmfgi5 15870 4.0 0.0 0 0 ? Z 15:37 0:14 [php-cgi] <defunct>
tdmfgi5 17265 4.9 0.0 0 0 ? Z 15:37 0:16 [php-cgi] <defunct>
tdmfgi5 20065 5.2 0.0 0 0 ? Z 15:38 0:14 [php-cgi] <defunct>
tdmfgi5 21632 6.0 0.1 395472 136308 ? R 15:39 0:15 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 23403 6.0 0.0 388500 129344 ? R 15:39 0:13 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 24006 6.0 0.0 388372 129380 ? R 15:39 0:12 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 24781 6.0 0.1 395840 136888 ? R 15:39 0:11 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 26459 6.0 0.0 385932 126048 ? R 15:40 0:10 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 26904 5.9 0.0 386964 127928 ? R 15:40 0:09 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 27224 5.9 0.0 387604 128532 ? R 15:40 0:08 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 28997 6.6 0.0 361568 103016 ? R 15:41 0:08 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/ipsumseo.com/wp-admin/admin-ajax.php
tdmfgi5 29133 5.9 0.1 394048 135152 ? R 15:41 0:07 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 29566 5.9 0.1 392912 134132 ? R 15:41 0:06 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 30307 5.8 0.0 384652 124804 ? R 15:41 0:05 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 30929 5.8 0.1 396516 137276 ? R 15:41 0:05 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 31649 5.7 0.0 384144 125028 ? R 15:41 0:04 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 32886 5.7 0.0 389580 130760 ? R 15:42 0:03 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 32967 5.7 0.0 390204 131176 ? R 15:42 0:03 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 33620 0.0 0.0 90296 6072 ? S 15:42 0:00 dovecot/imap
tdmfgi5 33830 0.0 0.0 89240 5552 ? S 15:42 0:00 dovecot/imap
tdmfgi5 33854 0.0 0.0 89004 5536 ? S 15:42 0:00 dovecot/imap
tdmfgi5 34200 0.0 0.0 88428 5168 ? S 15:42 0:00 dovecot/imap
tdmfgi5 34536 5.7 0.0 380552 121136 ? R 15:42 0:01 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 35682 5.7 0.0 245448 57964 ? R 15:43 0:00 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 35946 6.5 0.0 321168 62436 ? R 15:43 0:00 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 36491 8.0 0.0 284512 25480 ? R 15:43 0:00 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 103499 0.0 0.0 88404 4676 ? S 15:06 0:00 dovecot/imap
tdmfgi5 113162 0.0 0.0 88488 5368 ? S 15:09 0:00 dovecot/imap
tdmfgi5 128477 0.0 0.0 88968 5568 ? S 12:32 0:00 dovecot/imap
tdmfgi5 177225 0.0 0.0 88648 5560 ? S 11:00 0:00 dovecot/imap
tdmfgi5 182082 0.0 0.0 88416 4652 ? S 01:46 0:00 dovecot/imap