Linux sh52.ich-4.com 5.14.0-611.26.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Jan 29 05:24:47 EST 2026 x86_64
LiteSpeed
Server IP : 198.143.147.58 & Your IP : 216.73.217.21
Domains :
Cant Read [ /etc/named.conf ]
User : actualbuzz
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
opt /
cpguard /
app /
resources /
email_templates /
Delete
Unzip
Name
Size
Permission
Date
Action
backup
[ DIR ]
drwxr-xr-x
2026-02-05 15:36
daily_report
[ DIR ]
drwxr-xr-x
2026-01-14 15:24
manual_scan
[ DIR ]
drwxr-xr-x
2025-04-29 07:24
account_disable.html
21.23
KB
-rw-r--r--
2024-10-02 12:59
account_suspension.html
29.59
KB
-rw-r--r--
2024-10-26 11:32
cms_update.html
15.03
KB
-rw-r--r--
2025-02-19 17:31
cron.html
19.82
KB
-rw-r--r--
2026-01-14 15:24
general_email.html
16.38
KB
-rw-r--r--
2024-10-02 12:59
infected_files.html
33.74
KB
-rw-r--r--
2024-10-09 12:50
ip_reputation.html
58.53
KB
-rw-r--r--
2024-10-02 12:59
rootkit.html
25.41
KB
-rw-r--r--
2024-10-02 12:59
services_alerts.html
15.04
KB
-rw-r--r--
2025-11-12 10:46
spam_mail.html
25.44
KB
-rw-r--r--
2024-10-02 12:59
user_account_disable.html
8.55
KB
-rw-r--r--
2024-09-27 07:26
user_account_suspension.html
9.51
KB
-rw-r--r--
2024-10-26 11:32
user_cms_threats.html
19.55
KB
-rw-r--r--
2025-04-29 07:24
user_infected_files.html
13.47
KB
-rw-r--r--
2024-10-09 12:50
Save
Rename
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta name="apple-mobile-web-app-capable" content="yes" /> <meta content="yes" name="apple-touch-fullscreen" /> <meta name="apple-mobile-web-app-status-bar-style" content="black" /> <meta name="format-detection" content="telephone=no" /> <meta name="viewport" content="initial-scale=1, maximum-scale=1" /> <title>{{ title }}</title> <style type="text/css"> /* @import url("http://hello.myfonts.net/count/2e6650"); */ .hideme { display: none !important; mso-hide: all; } div, p, a, li, td { -webkit-text-size-adjust: none; -ms-text-size-adjust: none; } body { margin: 0 !important; padding: 0; min-width: 100%; } table td { border-collapse: collapse; } .ExternalClass { width: 100%; } .ExternalClass * { line-height: 110%; } .mobile_width_fix { display: none; } img { -ms-interpolation-mode: bicubic; } div[style*="margin: 16px 0"] { margin: 0 auto !important; } /*This resolves the issue when iphone puts links on dates, etc.*/ a[x-apple-data-detectors=true] { color: inherit !important; text-decoration: none !important; } /*This resolves the issue when Samsung puts links on dates, etc.*/ #MessageViewBody a { color: inherit; text-decoration: none; font-size: inherit; font-family: inherit; font-weight: inherit; line-height: inherit; } /*This resolves the issue when Gmail puts links on dates, etc.*/ #body a { color: inherit; text-decoration: none; font-size: inherit; font-family: inherit; font-weight: inherit; line-height: inherit; } @media only screen and (min-device-width: 320px) and (max-device-width: 1024px) { a[href^="tel"], a[href^="sms"], a { color: inherit; cursor: default; text-decoration: none; } } @media screen and (max-device-width: 600px), screen and (max-width: 640px) { *[class=to100pc] { width: 100% !important; height: auto !important; } *[class=to90pc] { width: 90% !important; height: auto !important; } *[class=nomob] { display: none !important; } *[class=showmob] { display: block !important; } *[class=nominwidth] { min-width: 2px !important; } } @media screen and (max-width: 550px) { .mobile_paddingb { padding: 0 10px !important; } .mobile_padding { padding: 0 30px !important; } .mobile_padding2 { padding: 0 30px !important; } .mobile_padding3 { font-size: 25px !important; line-height: 30px !important; } .mobile22 { font-size: 24px !important; line-height: 30px !important; } .mobile14 { font-size: 16px !important; line-height: 20px !important; } .mobile11 { font-size: 13px !important; line-height: 18px !important; } .mobile_width_fix { display: block; width: 100vw; height: 0px; } } @media yahoo { .desktopSection110 { display: inline !important; } } .status-badge { display: inline-block; background: #e6f4ea; color: #137333; font-weight: 700; padding: 4px 10px; border-radius: 4px; font-size: 13px; } </style> </head> <body id="body" bgcolor="#F4F5F8" style="min-width:100%; padding:0; margin:0; -webkit-text-size-adjust:none; background-color:#F4F5F8;"> <table align="center" bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0" width="100%" style="margin: 0 auto;"> <tr> <td align="center" bgcolor="#ffffff"> <!--spacer force width--> <table class="nomob" bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0" width="100%"> <tr> <td class="nominwidth" style="min-width:600px" height="1" width="600"></td> </tr> </table> <table class="nomob" bgcolor="#F4F5F8" border="0" cellpadding="0" cellspacing="0" width="100%"> <tr> <td height="10" width="100%"></td> </tr> </table> <!--spacer--> <table bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0" width="100%"> <tr> <td align="center" bgcolor="#F4F5F8"> <!--logo--> <table bgcolor="#F4F5F8" border="0" cellpadding="0" cellspacing="0" class="to100pc" width="100%"> <tr> <td align="center"> <table align="center" border="0" cellpadding="0" cellspacing="0" class="to100pc" width="600"> <tr> <td height="20" width="100%" style="line-height: 15px;"> <img alt="" height="20" src="https://opsshield.com/assets/mail/space.gif" style="display:block;" width="1" border="0" /> </td> </tr> <tr> <td align="left"> <table width="100%"> <tr> <td><a href="https://www.opsshield.com" name="Logo" style="text-decoration:none;" target="_blank"> <img alt="cPGuard" src="https://opsshield.com/assets/mail/logo_color.png" style="font-size: 14px; font-weight: bold; font-family: Avenir, Helvetica, sans-serif; color: rgb(0, 200, 112); width: 40%; text-align: center;margin-left:10px;" title="cPGuard Security" width="113" border="0" /> </a></td> <td valign="bottom" align="right"><a href="{{app_url}}" style="text-decoration:none;color:#ccc;text-align: right;font-size: 16px; font-weight: 400; font-family: Avenir, Helvetica, sans-serif;margin-right: 10px;">{{hostname}}</a> </td> </tr> </table> </td> </tr> <tr> <td height="20" width="100%"> <img alt="" height="20" src="https://opsshield.com/assets/mail/space.gif" style="display:block;" width="1" border="0" /> </td> </tr> </table> </td> </tr> </table> <table border="0" cellpadding="0" cellspacing="0" class="to100pc" width="100%"> <tr> <td align="center"> <table align="center" bgcolor="white" border="0" cellpadding="0" cellspacing="0" class="to100pc" width="600" style="max-width: 600px;"> <tr> <td width="76%" style="padding:30px 0 10px 0;background: #DBECF6;padding:40px;"> <h1 style="color:#cd0800;font-family:'Avenir Next', Avenir, Helvetica, sans-serif;font-size:28px;line-height:150%;font-weight:600;"> 🚨 Security Alert:<h1> <h2 style="color:#555C6A;font-family:'Avenir Next', Avenir, Helvetica, sans-serif;font-size:25px;line-height:150%;font-weight:600;"> {{ total_count }} Suspicious cron job{% if total_count > 1 %}s{% endif %} disabled </h2> <p style="color:#555C6A;font-family:'Avenir Next', Avenir, Helvetica, sans-serif;font-size:15px;line-height:150%;font-weight:500;"> {% if total_count > 1 %} We detected <strong>{{ total_count }}</strong> suspicious cron jobs across <strong>{{ total_users }}</strong> user account{% if total_users > 1 %}s{% endif %} on your server. All identified jobs have been <strong>automatically disabled</strong> to prevent potential abuse. {% else %} We detected a suspicious cron job associated with user {{ username }} and have automatically disabled it to prevent potential misuse. {% endif %} </p> </td> </tr> <tr> <td align="center" width="76%" style="padding:20px 0 0 0"> <h2 style="font-size:22px; line-height:22px; font-family:'Avenir Next', Avenir, Helvetica, sans-serif; color:#555C6A; font-weight: 500;"> Details</h2> <p style="font-size:14px; line-height:22px; font-family:'Avenir Next', Avenir, Helvetica, sans-serif; color:#BABEC5; font-weight: 500;"> Detected at {{ check_time|date('F j, Y, g:i a') }}</p> </td> </tr> <tr> <td align="center" style="-webkit-text-size-adjust: none;padding-top: 10px;font-family:Roboto,Arial,sans-serif;font-size:13px;word-break: break-all; "> {% for username, data in crons %} {% set username = crons|keys|first %} {% set cron = crons[username]|first %} <table width="520" style="border:solid 1px #e6e6e6; border-radius:10px;padding:10px;margin-bottom:20px;"> <tr> <td width="30%" style="color:#585858;border-bottom: solid 1px #e6e5e5;padding: 15px 0;"> <strong>User</strong> </td> <td align="right" style="font-weight:500;font-family:Roboto,Arial,sans-serif;font-size:13px;border-bottom: solid 1px #e6e5e5;padding-right: 15px;"> <span>{{ username }}</span> </td> </tr> <tr> <td style="color:#585858;border-bottom: solid 1px #f6f5f5;padding: 15px 0;"> <strong>Cron file</strong> </td> <td align="right" style="font-weight:500;font-family:Roboto,Arial,sans-serif;font-size:13px;border-bottom: solid 1px #f6f5f5;padding-right: 15px;"> <span style="">{{ cron.cron_file }}</span> </td> </tr> <tr> <td style="color:#585858;border-bottom: solid 1px #f6f5f5;padding: 15px 0;"> <strong>User home directory</strong> </td> <td align="right" style="font-weight:500;font-family:Roboto,Arial,sans-serif;font-size:13px;border-bottom: solid 1px #f6f5f5;padding-right: 15px;"> <span>{{ cron.user_directory }}</span> </td> </tr> {% for cron in data %} <tr> <td style="color:#585858;padding: 10px 0;"> <strong>Line #{{ cron.line_no }}</strong> </td> <td align="right" style="font-weight:500;font-family:Roboto,Arial,sans-serif;font-size:13px;padding-right: 15px;"> <span class="status-badge">✓ Disabled</span> </td> </tr> <tr> <td colspan="2" style="color:#585858;padding: 15px 10px;background:#f6f5f5;line-height:1.5;"> <code style="word-wrap:wrap;">{{ cron.infected_command }}</code> </td> </tr> {% endfor %} </table> {% endfor %} </td> </tr> <tr> <td style="padding:20px;color:#585858;font-weight:400;font-size:14px;font-family:Roboto,Arial,sans-serif;"> <h3 style="margin-left:25px;">🔧 <span style="font-weight:50;font-size:20px;">Recommended Actions<span></h3> <ol style="margin-right:20px;"> <li style="margin-bottom: 10px;line-height: 1.6;"> <strong>Inspect site files</strong> for hidden or malicious content in plugins, themes, and core files. </li> <li style="margin-bottom: 10px;line-height: 1.6;"> <strong>Review recently modified files</strong> (last 2 days):<br /> <span style="background:#f6f6f6;display:block;padding:5px;font-size:12px"> <code>find {{ cron.user_directory }} -type f -mtime -2 -printf '%TY-%Tm-%Td %TH:%TM %p\n' | sort</code> </span> </li> <li style="margin-bottom: 10px;line-height: 1.6;"> <strong>For WordPress installations</strong>, review plugins, themes, and wp-config.php for unauthorized changes. </li> <li style="margin-bottom: 10px;line-height: 1.6;"> <strong>Update and secure</strong> all core files, plugins, and themes. Rotate passwords and access keys immediately. </li> <li style="margin-bottom: 10px;line-height: 1.6;"> <strong>Review remaining cron jobs</strong> for the user: </li> <li style="margin-bottom: 10px;line-height: 1.6;"> <strong>Tighten security</strong> Run a manual scan on the account, see if the user or domain is whitelisted, Ensure all cPGuard modules are enabled and check settings. </li> </ol> </td> </tr> <!-- T&BP paragraph 1 start --> <tr> <td height="20" style="height:20px;"> </td> </tr> </table> </td> </tr> <!-- T&BP paragraph 1 start --> <tr> <td height="20" style="height:20px;"> </td> </tr> </table> </td> </tr> <tr> <td colspan="3" bgcolor="#F4F5F8" style="line-height: 10px;"> <!--footer begin--> <table border="0" cellpadding="0" cellspacing="0" class="to100pc" width="100%"> <tr> <td align="center"> <table align="center" bgcolor="#F4F5F8" border="0" cellpadding="0" cellspacing="0" class="to100pc" width="600"> <tr> <td colspan="2" align="center" width="90%" style="padding:10px;"> <span style="font-size:12px; line-height:1.6; font-family:Avenir, Helvetica, sans-serif; color:#999999;"> You've received this email because you have cPGuard security on your server - {{ hostname }}. <br /> You may turn off notification from <a href="{{app_url}}" style="color:#999999;font-weight:500;">cPGuard settings</a> on your server <br /> <br /> </span> </td> </tr> <tr> <td style="padding-left:10px; vertical-align: top; text-align: left;"> <a href="https://www.opsshield.com"> <img height="46" alt="cPGuard logo" style="margin-top: 0; margin-right: 0; margin-bottom: 10px; margin-left: 0px;" src="https://www.opsshield.com/assets/img/opsshield-logo.png" /> </a> </td> <td style="padding-right:10px; vertical-align: top; text-align: right;padding-top: 7px;"> <a href="https://x.com/opsshieldllp" style="margin-left: 20px;"> <img height="27" width="27" title="Twitter" alt="X" src="https://opsshield.com/assets/img/twitter.png" /></a> <a href="https://www.facebook.com/opsshield" style="margin-left: 20px;"> <img height="32" width="32" title="Facebook" alt="fb" src="https://opsshield.com/assets/img/facebook.png" /></a> </td> </tr> <tr> <td colspan="2" style="padding:10px; "> <div style="font-family:'Avenir Next', Avenir, Helvetica, sans-serif;font-size:12px; opacity:0.5; color:#696969; text-align:left; line-height:10px; margin-bottom:50px; text-align: left;"> <a style="color: #696969 !important;" href="https://www.opsshield.com/blog/">Our Blog</a> | <a style="color: #696969 !important;" href="https://opsshield.com/privacy-policy.html">Privacy Policy</a> | <a style="color: #696969 !important;" href="https://opsshield.com/help/">Help Center</a> <br /><br /> <div>©{{ __year }} OPSSHIELD LLP www.opsshield.com </div> </div> </td> </tr> <tr> <td colspan="2" height="25" width="100%"> </td> </tr> </table> </td> </tr> </table> <!--footer end--> </td> </tr> </table> <div class="mobile_width_fix"></div> </td> </tr> </table> </body> </html>