| Current File : /home/tdmfgi5/.imh/str_2018-10-05_14:43:27 |
>>> /opt/sharedrads/check_user tdmfgi5 --plaintext
#################################################################################
INMOTION HOSTING .:: SHARED RADS ::. SHARED RESOURCE ABUSE DETECTION SCRIPTS
#################################################################################
Fri Oct 5 14:43:05 EDT 2018
Displaying today's most recent CPU usage data as recorded by process accounting
CPU minutes: 127.67cp (1.21%) Actual time: 3935.97re (0.33%)
(since my last data poll @ 12:07 EDT tdmfgi5 burned another ~46 cp)
# of executions for CPU intensive processes that have been spawned by this user today
php: 2292 perl: 0 imap: 440 pop3: 0 exim: 444 boxtrap: 0 ftp: 0 cron: 0
CPU minutes used today Historical CPU usage data Most expensive processes
12:00AM EDT :: 0.00cp Oct 04 :: 192.15cp (1.21%) php-cgi :: 26.68 secs
03:00AM EDT :: 12.2cp Oct 03 :: 187.27cp (1.17%) php-cgi :: 25.19 secs
06:00AM EDT :: 35.0cp Oct 02 :: 229.01cp (1.42%) php-cgi :: 24.10 secs
09:00AM EDT :: 52.1cp Oct 01 :: 168.60cp (1.12%) php-cgi :: 23.30 secs
12:00PM EDT :: 81.5cp Sep 30 :: 160.48cp (1.25%) php-cgi :: 22.87 secs
03:00PM EDT :: 363.cp Sep 29 :: 150.72cp (1.14%) php-cgi :: 20.21 secs
06:00PM EDT :: 454.cp Sep 28 :: 172.30cp (1.22%) php-cgi :: 19.98 secs
09:00PM EDT :: 528.cp Sep 27 :: 251.87cp (1.78%) php-cgi :: 19.73 secs
Displaying top utilization processes for user as recorded by cPanel and dcpumon
Top Process %CPU 138 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/tdmfginc.com/index.php
Top Process %CPU 125 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/wp-admin/admin-ajax.php
Top Process %CPU 120 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
RADS has detected these custom cron jobs currently enabled for this account
SHELL="/bin/bash"
* * * * * cd /home/tdmfgi5/public_html; php /home/tdmfgi5/public_html/cron.php > /dev/null
2 23 * * 0 /usr/local/bin/imap-archiver -p -q
USER QUERIES TIME LOCKTIME ROWSSENT ROWSRECVD
tdmfgi5 2 6 0 0 1
ERROR: Could not locate any bandwidth data for tdmfgi5 in /var/cpanel/bandwidth/
>>> /opt/sharedrads/nlp tdmfgi5 -p -w 80 --today
Using /var/log/apache2/domlogs/tdmfgi5/tdmfginc.com
�[1;35m-Hourly hits (05/Oct/2018)------------------------------------------------------�[0m
08: 122 09: 134 10: 185 11: 125 12: 224 13: 169 14: 218
�[1;35m-HTTP response codes------------------------------------------------------------�[0m
200: 1089 301: 39 304: 9 404: 29 406: 3 503: 8
�[1;35m-Duplicate requests + response codes--------------------------------------------�[0m
39 200 GET /
33 200 GET /wp-content/cache/autoptimize/css/autoptimize_2d0098c9224ef4d4d4a
30 200 GET /wp-content/cache/autoptimize/js/autoptimize_d4f498d400d65995072c
30 200 GET /wp-content/plugins/revslider/public/assets/js/extensions/revolut
30 200 GET /wp-content/plugins/revslider/public/assets/js/extensions/revolut
30 200 GET /wp-includes/js/jquery/jquery.js?ver=1.12.4
30 200 GET /wp-includes/js/wp-emoji-release.min.js?ver=4.7.11
29 200 GET /wp-content/themes/betheme/images/box_shadow.png
29 200 GET /wp-content/uploads/2017/03/favicon.ico
29 200 GET /wp-content/uploads/2017/04/COMPONENTS_001_res.jpg
�[1;35m-Requests for non-static content------------------------------------------------�[0m
68 200 GET /
27 200 GET /wp-content/themes/betheme/fonts/mfn-icons.woff
26 200 POST /wp-cron.php
10 200 GET /contact
10 200 GET /portfolio-item/tungsten-electrodes-tig-welding
10 301 GET /
9 200 GET /about-us
9 200 GET /portfolio-item/tungsten-recoil-buffer-weights
8 200 GET /products
6 200 GET /wp-login.php
�[1;35m-Top user agents----------------------------------------------------------------�[0m
179 "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like
151 "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrom
148 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
82 "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
62 "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like
53 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like
50 "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; TNJB; rv:11.0) li
27 "WordPress/4.7.11; http://tdmfginc.com"
24 "Mozilla/5.0 (iPad; CPU OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML
23 "Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.
�[1;35m-Top IPs with PTR records-------------------------------------------------------�[0m
62 69.249.56.194 c-69-249-56-194.hsd1.pa.comcast.net.
55 12.187.117.50 No Record Found
54 98.103.83.178 rrcs-98-103-83-178.central.biz.rr.com.
53 98.117.216.4 pool-98-117-216-4.bltmmd.fios.verizon.net.
51 187.191.25.109 fixed-187-191-25-109.totalplay.net.
50 24.123.119.230 rrcs-24-123-119-230.central.biz.rr.com.
49 110.54.247.211 Resolver Error
48 103.252.24.3 No Record Found
44 189.222.120.192 189.222.120.192.dsl.dyn.telnor.net.
33 197.246.58.183 No Record Found
>>> /opt/sharedrads/recent-cp tdmfgi5 -b
�[2K+-------------+------------------+------------------+------------------+------------------+
| command | 1m | �[4m5m�[0m | 15m | 60m |
+-------------+------------------+------------------+------------------+------------------+
| bash | 0.00s 0.2% | 0.01s 0.0% | 0.02s 0.0% | 0.06s 0.0% |
| pop3 | 0.01s 2.3% | 0.02s 0.1% | 11.07s 8.3% | 32.37s 1.6% |
| dovecot-lda | 0.00s 0.0% | 0.05s 0.1% | 0.05s 0.0% | 0.05s 0.0% |
| exim | 0.00s 0.2% | 0.08s 0.2% | 0.11s 0.1% | 0.18s 0.0% |
| imap | 0.01s 2.1% | 0.08s 0.2% | 2.82s 2.1% | 6.36s 0.3% |
| webmaild | 0.00s 0.0% | 0.14s 0.3% | 0.36s 0.3% | 0.82s 0.0% |
| pyzor | 0.28s 59.2% | 0.28s 0.6% | 1.87s 1.4% | 9.45s 0.5% |
| php-cgi | 0.17s 35.9% | 43.28s 98.5% | 117.38s 87.8% | 1944.53s 97.5% |
+-------------+------------------+------------------+------------------+------------------+
| total | 0.47s 100.0% | 43.94s 100.0% | 133.68s 100.0% | 1993.81s 100.0% |
+-------------+------------------+------------------+------------------+------------------+
s = processs user time in cpu seconds, cp = user time + system time in cpu minutes
>>> Running processes prior to suspension
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
tdmfgi5 952358 0.0 0.0 89120 5876 ? S 14:35 0:00 dovecot/imap
tdmfgi5 952883 0.0 0.0 88464 5120 ? S 14:35 0:00 dovecot/imap
tdmfgi5 952972 0.0 0.0 88132 4404 ? S 14:35 0:00 dovecot/imap
tdmfgi5 954422 0.0 0.0 88496 5148 ? S 14:35 0:00 dovecot/imap
tdmfgi5 954778 0.0 0.0 88628 4932 ? S 14:35 0:00 dovecot/imap
tdmfgi5 958913 0.0 0.0 88740 5400 ? S 14:36 0:00 dovecot/imap
tdmfgi5 979637 7.5 0.0 395580 128788 ? S 14:42 0:05 /opt/php55/bin/php-cgi /home/tdmfgi5/public_html/pur-tungsten.com/index.php
tdmfgi5 980959 0.4 0.0 89364 6092 ? S 14:42 0:00 dovecot/imap
tdmfgi5 983501 0.0 0.0 88488 5152 ? S 14:43 0:00 dovecot/imap
tdmfgi5 983983 0.1 0.0 88944 5444 ? S 14:43 0:00 dovecot/imap
tdmfgi5 983984 0.2 0.0 88948 5084 ? S 14:43 0:00 dovecot/imap