﻿>>> /opt/sharedrads/check_user rowdyr7 --plaintext

#################################################################################
  INMOTION HOSTING  .:: SHARED RADS ::.  SHARED RESOURCE ABUSE DETECTION SCRIPTS
#################################################################################
                       Wed Aug 16 17:43:05 EDT 2017  

    Displaying today's most recent CPU usage data as recorded by process accounting 
       CPU minutes:  84.26cp (0.38%)          Actual time:  632.92re (0.00%) 
        (since my last data poll @ 15:07 EDT rowdyr7 burned another ~47 cp) 

  # of executions for CPU intensive processes that have been spawned by this user today 
php:  5654  perl:  0  imap:  0  pop3:  0  exim:  0  boxtrap:  0  ftp:  0  cron:  0  

CPU minutes used today         Historical CPU usage data      Most expensive processes 
12:00AM EDT :: 0.93cp		Aug 15 :: 52.60cp (0.20%)	php-cgi :: 3.26 secs
03:00AM EDT :: 16.7cp		Aug 14 :: 49.28cp (0.20%)	php-cgi :: 1.83 secs
06:00AM EDT :: 21.3cp		Aug 13 :: 55.78cp (0.25%)	php-cgi :: 1.26 secs
09:00AM EDT :: 25.6cp		Aug 12 :: 54.93cp (0.25%)	awstats.pl :: 1.23 secs
12:00PM EDT :: 31.0cp		Aug 11 :: 65.25cp (0.29%)	php-cgi :: 1.20 secs
03:00PM EDT :: 37.5cp		Aug 10 :: 40.40cp (0.17%)	php-cgi :: 1.19 secs
06:00PM EDT :: 3.76cp		Aug 09 :: 52.01cp (0.21%)	php-cgi :: 1.19 secs
09:00PM EDT :: 4.10cp		Aug 08 :: 52.69cp (0.22%)	php-cgi :: 1.17 secs

  Displaying top utilization processes for user as recorded by cPanel and dcpumon 
  Top Process  %CPU 50.0  /opt/php55/bin/php-cgi /home/rowdyr7/public_html/revivedet.com/index.php  
  Top Process  %CPU 48.0  /opt/php55/bin/php-cgi /home/rowdyr7/public_html/revivedet.com/index.php  
  Top Process  %CPU 42.0  /opt/php55/bin/php-cgi /home/rowdyr7/public_html/revivedet.com/index.php  


 RADS has detected these custom cron jobs currently enabled for this account 
SHELL="/bin/bash"

      USER    QUERIES       TIME   LOCKTIME   ROWSSENT  ROWSRECVD
   rowdyr7          2          9          0          1     247197

  ERROR: Could not locate any bandwidth data for rowdyr7 in /var/cpanel/bandwidth/   


>>> /opt/sharedrads/nlp rowdyr7 -p -w 80 --today
Using /var/log/apache2/domlogs/rowdyr7/revivedet.rowdyregime.com

[1;35m-Hourly hits (16/Aug/2017)------------------------------------------------------[0m
02: 183   03: 210   04: 283   05: 166   06: 191   07: 161   08: 190   09: 283   
10: 214   11: 248   12: 257   13: 235   14: 356   15: 231   16: 1374  17: 4507  

[1;35m-HTTP response codes------------------------------------------------------------[0m
200: 5756  301: 144   302: 2866  403: 136   404: 65    405: 2     406: 119   
500: 1     

[1;35m-Duplicate requests + response codes--------------------------------------------[0m
169   200   GET /2016/05/30/hello-world/
158   200   GET /wp-login.php
136   403   GET /register/
113   200   GET /feed/
83    406   POST /wp-login.php
57    302   POST /wp-comments-post.php
48    200   GET /members/alphonsev66118/
46    200   GET /wp-admin/profile.php
46    302   POST /activity/post/
46    302   POST /wp-login.php

[1;35m-Requests for non-static content------------------------------------------------[0m
1284   200   GET /wp-login.php
170    200   GET /2016/05/30/hello-world/
136    403   GET /register/
113    200   GET /feed/
83     406   POST /wp-login.php
64     200   GET /members/
57     302   POST /wp-comments-post.php
48     200   GET /members/alphonsev66118/
46     200   GET /wp-admin/profile.php
46     302   POST /activity/post/

[1;35m-Top user agents----------------------------------------------------------------[0m
1211   "Mozilla/5.0 (compatible; AhrefsBot/5.2; +http://ahrefs.com/robot/)"
799    "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like G
236    "Mozilla/5.0 (compatible; MJ12bot/v1.4.7; http://mj12bot.com/)"
209    "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1
155    "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
111    "Java/1.8.0_121"
104    "Mozilla/5.0 (X11; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0"
102    "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML
94     "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:26.0) Gecko/20100101 Fir
94     "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Geck

[1;35m-Top IPs with PTR records-------------------------------------------------------[0m
5580   82.80.249.137     bzq-82-80-249-137.dcenter.bezeqint.net.
141    144.76.12.66      static.66.12.76.144.clients.your-server.de.
124    62.210.91.19      62-210-91-19.rev.poneytelecom.eu.
111    104.154.198.228   228.198.154.104.bc.googleusercontent.com.
63     14.106.227.55     No Record Found
59     66.249.64.26      crawl-66-249-64-26.googlebot.com.
55     66.249.64.27      crawl-66-249-64-27.googlebot.com.
53     64.62.252.163     No Record Found
51     54.86.27.193      ec2-54-86-27-193.compute-1.amazonaws.com.
50     192.187.104.235   No Record Found


>>> /opt/sharedrads/recent-cp rowdyr7 -b
[2K+---------+------------------+------------------+------------------+------------------+
| command |        1m        |        [4m5m[0m        |       15m        |       60m        |
+---------+------------------+------------------+------------------+------------------+
| php-cgi |     0.69s 100.0% |     4.55s 100.0% |   341.45s 100.0% |  2410.31s 100.0% |
+---------+------------------+------------------+------------------+------------------+
| total   |     0.69s 100.0% |     4.55s 100.0% |   341.45s 100.0% |  2410.31s 100.0% |
+---------+------------------+------------------+------------------+------------------+
s = processs user time in cpu seconds, cp = user time + system time in cpu minutes


>>> Running processes prior to suspension
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND