{"ok":1,"crons":["SYSTEM_crontab:SHELL=\/bin\/bash\nPATH=\/sbin:\/bin:\/usr\/sbin:\/usr\/bin\nMAILTO=root\nHOME=\/\n\n# For details see man 4 crontabs\n\n# Example of job definition:\n# .---------------- minute (0 - 59)\n# | .------------- hour (0 - 23)\n# | | .---------- day of month (1 - 31)\n# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...\n# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat\n# | | | | |\n# * * * * * user-name command to be executed\n\n","SYSTEM_0hourly:SHELL=\/bin\/bash\nPATH=\/sbin:\/bin:\/usr\/sbin:\/usr\/bin\nMAILTO=root\nHOME=\/\n01 * * * * root run-parts \/etc\/cron.hourly\n","SYSTEM_cpanel-dovecot-solr:","SYSTEM_cpanel_autossl:","SYSTEM_imunify-antivirus:PATH=\/usr\/local\/sbin:\/usr\/sbin:\/sbin:\/usr\/local\/bin:\/usr\/bin:\/bin\n\n# Every Saturday at 1:25\n25 1 * * 6 root \/usr\/bin\/tmpwatch 168 \/var\/imunify360\/tmp\n# Every 5 minutes. Ignore \"ERROR: imunify360 service is running.\"\n*\/5 * * * * root bash -c \"sleep $((RANDOM \\% 60))\" ; \/opt\/imunify360\/venv\/share\/imunify360\/scripts\/check-detached.py > \/dev\/null 2>&1 || :\n17 4 * * * root \/usr\/libexec\/report-command-error \/opt\/imunify360\/venv\/share\/imunify360\/scripts\/update_components_versions.py > \/dev\/null 2>&1\n","SYSTEM_imunify-notifier:# CONTENT OF THIS FILE IS GENERATED AUTOMATICALLY, DO NOT EDIT\nSHELL=\/bin\/bash\nMAILTO=\"\"\n* * * * * root \/usr\/sbin\/imunify-notifier -update-cron\n","SYSTEM_imunify_scan_schedule:","SYSTEM_kcare-cron:56 *\/4 * * * root \/usr\/bin\/kcarectl --auto-update \n","SYSTEM_kcare-cron.rpmnew:","SYSTEM_libcare-cron:","SYSTEM_mailman:MAILTO=postmaster\n# At 8AM every day, mail reminders to admins as to pending requests.\n# They are less likely to ignore these reminders if they're mailed\n# early in the morning, but of course, this is local time... ;)\n0 8 * * * mailman \/usr\/local\/cpanel\/scripts\/restartsrv_mailman --status &> \/dev\/null && \/usr\/bin\/python2 -S \/usr\/local\/cpanel\/3rdparty\/mailman\/cron\/checkdbs\n#\n# At 9AM, send notifications to disabled members that are due to be\n# reminded to re-enable their accounts.\n0 9 * * * mailman \/usr\/local\/cpanel\/scripts\/restartsrv_mailman --status &> \/dev\/null && \/usr\/bin\/python2 -S \/usr\/local\/cpanel\/3rdparty\/mailman\/cron\/disabled\n#\n# Noon, mail digests for lists that do periodic as well as threshhold delivery.\n0 12 * * * mailman \/usr\/local\/cpanel\/scripts\/restartsrv_mailman --status &> \/dev\/null && \/usr\/bin\/python2 -S \/usr\/local\/cpanel\/3rdparty\/mailman\/cron\/senddigests\n#\n# 5 AM on the first of each month, mail out password reminders.\n0 5 1 * * mailman \/usr\/local\/cpanel\/scripts\/restartsrv_mailman --status &> \/dev\/null && \/usr\/bin\/python2 -S \/usr\/local\/cpanel\/3rdparty\/mailman\/cron\/mailpasswds\n#\n# Every 5 mins, try to gate news to mail. You can comment this one out\n# if you don't want to allow gating, or don't have any going on right now,\n# or want to exclusively use a callback strategy instead of polling.\n#0,5,10,15,20,25,30,35,40,45,50,55 * * * * mailman \/usr\/local\/cpanel\/scripts\/restartsrv_mailman --status &> \/dev\/null && \/usr\/bin\/python2 -S \/usr\/local\/cpanel\/3rdparty\/mailman\/cron\/gate_news\n#\n# At 3:27am every night, regenerate the gzip'd archive file. Only\n# turn this on if the internal archiver is used and\n# GZIP_ARCHIVE_TXT_FILES is false in mm_cfg.py\n27 3 * * * mailman \/usr\/local\/cpanel\/scripts\/restartsrv_mailman --status &> \/dev\/null && \/usr\/bin\/python2 -S \/usr\/local\/cpanel\/3rdparty\/mailman\/cron\/nightly_gzip\n#\n# At 4:30AM daily, cull old entries from the 'bad' and 'shunt' queues.\n30 4 * * * mailman \/usr\/local\/cpanel\/scripts\/restartsrv_mailman --status &> \/dev\/null && \/usr\/bin\/python2 -S \/usr\/local\/cpanel\/3rdparty\/mailman\/cron\/cull_bad_shunt\n","SYSTEM_run_arping_cron:# Executes arping for all IP's to gateway ever 4 hours\n#0 *\/4 * * * root \/bin\/bash \/opt\/postupcp\/run_arping\n","SYSTEM_sys-snap:23 2 * * * root \/root\/bin\/sys-snap --cron\n","SYSTEM_sysstat:# Run system activity accounting tool every 10 minutes\n* * * * * root \/usr\/lib64\/sa\/sa1 1 1\n# 0 * * * * root \/usr\/lib64\/sa\/sa1 600 6 &\n# Generate a daily summary of process accounting at 23:53\n53 23 * * * root \/usr\/lib64\/sa\/sa2 -A\n\n","SYSTEM_wp-toolkit-update:# This cronjob is responsible for receiving the updates of WordPress Toolkit.\n# It works as following logic:\n# - WPT CLI is called to receive the available update version;\n# - If update is found, then the URLs to the host with repositories are updated and cache is cleared for WPT repos;\n# - If WPT CLI is failed (e.g. unable to communicate with update service or WPT is completely broken), then\n# the cronjob executes wp-toolkit-installer script to set the default URLs to host with repositories;\n# - Finally the yum update is called to install latest available version.\n0 1 * * * root sleep $((1 + RANDOM \\% 5))h $((1 + RANDOM \\% 60))m; \/usr\/local\/bin\/wp-toolkit update-configuration > \/dev\/null 2> \/dev\/null || \/usr\/local\/cpanel\/3rdparty\/wp-toolkit\/bin\/wp-toolkit-installer.sh --generate-configs > \/dev\/null 2> \/dev\/null; \/usr\/bin\/yum -y update wp-toolkit-cpanel > \/dev\/null 2> \/dev\/null\n","SYSTEM_yum:12 20 * * * root \/usr\/bin\/yum -y -R 10 -d 0 -e 0 update yum\n12 20 * * * root \/usr\/bin\/yum -y -R 120 -d 0 -e 0 update\n","HOURLY_0anacron:#!\/bin\/bash\n# Skip excecution unless the date has changed from the previous run \nif test -r \/var\/spool\/anacron\/cron.daily; then\n day=`cat \/var\/spool\/anacron\/cron.daily`\nfi\nif [ `date +%Y%m%d` = \"$day\" ]; then\n exit 0;\nfi\n\n# Skip excecution unless AC powered\nif test -x \/usr\/bin\/on_ac_power; then\n \/usr\/bin\/on_ac_power &> \/dev\/null\n if test $? -eq 1; then\n exit 0\n fi\nfi\n\/usr\/sbin\/anacron -s\n","HOURLY_block_outbound:","DAILY_0yum.cron:#!\/bin\/bash\n\n# Only run if this flag file is set (by \/etc\/rc.d\/init.d\/yum-cron)\nif [ ! -f \/var\/lock\/subsys\/yum-cron ]; then\n exit 0\nfi\n\nDAILYSCRIPT=\/etc\/yum\/yum-daily.yum\nWEEKLYSCRIPT=\/etc\/yum\/yum-weekly.yum\nLOCKDIR=\/var\/lock\/yum-cron.lock\nLOCKFILE=$LOCKDIR\/pidfile\nTSLOCK=$LOCKDIR\/ts.lock\n\n# Grab config settings\nif [ -f \/etc\/sysconfig\/yum-cron ]; then\n source \/etc\/sysconfig\/yum-cron\nfi\n# set default for SYSTEMNAME\n[ -z \"$SYSTEMNAME\" ] && SYSTEMNAME=$(hostname) \n\n# Only run on certain days of the week \ndow=`date +%w` \nDAYS_OF_WEEK=${DAYS_OF_WEEK:-0123456} \nif [ \"${DAYS_OF_WEEK\/$dow\/}\" == \"${DAYS_OF_WEEK}\" ]; then \n exit 0 \nfi \n\n# if DOWNLOAD_ONLY is set then we force CHECK_ONLY too.\n# Gotta check before one can download!\nif [ \"$DOWNLOAD_ONLY\" == \"yes\" ]; then\n CHECK_ONLY=yes\nfi\n\nYUMTMP=$(mktemp \/var\/run\/yum-cron.XXXXXX)\ntouch $YUMTMP \n[ -x \/sbin\/restorecon ] && \/sbin\/restorecon $YUMTMP\n\n# Random wait function\nrandom_wait() {\n sleep $(( $RANDOM % ($RANDOMWAIT * 60) + 1 ))\n}\n\n# Note - the lockfile code doesn't try and use YUMTMP to email messages nicely.\n# Too many ways to die, this gets handled by normal cron error mailing.\n# Try mkdir for the lockfile, will test for and make it in one atomic action\nif mkdir $LOCKDIR 2>\/dev\/null; then\n # store the current process ID in there so we can check for staleness later\n echo \"$$\" >\"${LOCKFILE}\"\n # and clean up locks and tempfile if the script exits or is killed \n trap \"{ rm -f $LOCKFILE $TSLOCK; rmdir $LOCKDIR 2>\/dev\/null; rm -f $YUMTMP; exit 255; }\" INT TERM EXIT\nelse\n # lock failed, check if process exists. First, if there's no PID file\n # in the lock directory, something bad has happened, we can't know the\n # process name, so clean up the old lockdir and restart\n if [ ! -f $LOCKFILE ]; then\n rmdir $LOCKDIR 2>\/dev\/null\n echo \"yum-cron: no lock PID, clearing and restarting myself\" >&2\n exec $0 \"$@\"\n fi\n OTHERPID=\"$(cat \"${LOCKFILE}\")\"\n # if cat wasn't able to read the file anymore, another instance probably is\n # about to remove the lock -- exit, we're *still* locked\n if [ $? != 0 ]; then\n echo \"yum-cron: lock failed, PID ${OTHERPID} is active\" >&2\n exit 0\n fi\n if ! kill -0 $OTHERPID &>\/dev\/null; then\n # lock is stale, remove it and restart\n echo \"yum-cron: removing stale lock of nonexistant PID ${OTHERPID}\" >&2\n rm -rf \"${LOCKDIR}\"\n echo \"yum-cron: restarting myself\" >&2\n exec $0 \"$@\"\n else\n # Remove stale (more than a day old) lockfiles\n find $LOCKDIR -type f -name 'pidfile' -amin +1440 -exec rm -rf $LOCKDIR \\;\n # if it's still there, it wasn't too old, bail\n if [ -f $LOCKFILE ]; then\n # lock is valid and OTHERPID is active - exit, we're locked!\n echo \"yum-cron: lock failed, PID ${OTHERPID} is active\" >&2\n exit 0\n else\n # lock was invalid, restart\n\techo \"yum-cron: removing stale lock belonging to stale PID ${OTHERPID}\" >&2\n echo \"yum-cron: restarting myself\" >&2\n exec $0 \"$@\"\n fi\n fi\nfi\n\n# Then check for updates and\/or do them, as configured\n{\n # First, if this is CLEANDAY, do so\n CLEANDAY=${CLEANDAY:-0}\n if [ ! \"${CLEANDAY\/$dow\/}\" == \"${CLEANDAY}\" ]; then\n \/usr\/bin\/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y shell $WEEKLYSCRIPT\n fi\n\n # Now continue to do the real work\n if [ \"$CHECK_ONLY\" == \"yes\" ]; then\n random_wait\n touch $TSLOCK\n \/usr\/bin\/yum $YUM_PARAMETER -e 0 -d 0 -y check-update 1> \/dev\/null 2>&1\n case $? in\n 1) exit 1;;\n 100) echo \"New updates available for host `\/bin\/hostname`\";\n \/usr\/bin\/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y -C check-update\n if [ \"$DOWNLOAD_ONLY\" == \"yes\" ]; then\n\t \/usr\/bin\/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y --downloadonly update\n\t echo \"Updates downloaded, use \\\"yum -C update\\\" manually to install them.\"\n\t fi\n\t ;;\n esac\n elif [ \"$CHECK_FIRST\" == \"yes\" ]; then\n # Don't run if we can't access the repos\n random_wait\n touch $TSLOCK\n \/usr\/bin\/yum $YUM_PARAMETER -e 0 -d 0 check-update 2>&-\n case $? in\n 1) exit 1;;\n 100) \/usr\/bin\/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y update yum\n \/usr\/bin\/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y shell $DAILYSCRIPT\n ;;\n esac\n else\n random_wait\n touch $TSLOCK\n \/usr\/bin\/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y update yum\n \/usr\/bin\/yum $YUM_PARAMETER -e ${ERROR_LEVEL:-0} -d ${DEBUG_LEVEL:-0} -y shell $DAILYSCRIPT\n fi\n} >> $YUMTMP 2>&1\n\nif [ ! -z \"$MAILTO\" ] && [ -x \/bin\/mail ]; then \n# if MAILTO is set, use mail command (ie better than standard mail with cron output) \n [ -s \"$YUMTMP\" ] && mail -s \"System update: $SYSTEMNAME\" $MAILTO < $YUMTMP \nelse \n# default behavior is to use cron's internal mailing of output from cron-script\n cat $YUMTMP\nfi \nrm -f $YUMTMP \n\nexit 0\n","DAILY_eigid:#!\/usr\/bin\/perl\n# do not try to use ssl_opts with LWP::UserAgent to kill certificate warnings. You'll make this script not able to run on half the farm. \n# Just update the certificate on eigid.endurance.com\nuse strict;\nuse lib '\/usr\/lib\/perl5\/vendor_perl\/5.8.8\/';\nuse Sys::Hostname;\nuse Net::Domain qw(hostdomain);\nuse JSON qw(encode_json);\nuse LWP::UserAgent;\nuse HTTP::Request;\nuse Data::Dumper;\n$ENV{'PERL_LWP_SSL_VERIFY_HOSTNAME'} = 0;\n\nmy %data;\n$data{'hostname'} = hostname();\n$data{'hostdomain'} = hostdomain();\nmy %dispatch = (\n 'generic' => \\&get_generic,\n 'cpanel' => \\&get_generic,\n 'virtuozzo' => \\&get_virtuozzo,\n);\n\nmain();\n\nsub main {\n get_brand();\n get_ips();\n $dispatch{get_type()}->();\n submit();\n}\n\nsub get_brand {\n my %brands = (\n 'hostgator.com$' => 'hostgator',\n 'websitewelcome.com$' => 'hostgator',\n 'launchpad.com$' => 'hostgator',\n 'hostgator.com.br$' => 'hostgator_br',\n 'prodns.com.br$' => 'hostgator_br',\n 'accountservergroup.com$' => 'asmallorange',\n 'asmallorange.com$' => 'asmallorange',\n 'asoshared.com$' => 'asmallorange',\n 'apthost.com$' => 'asmallorange',\n 'arvixe.com$' => 'asmallorange',\n 'bluefur.com$' => 'asmallorange',\n 'cirtexhosting.com$' => 'asmallorange',\n 'cloudbyix.com$' => 'asmallorange',\n 'hostnine.com$' => 'asmallorange',\n 'hostv.com$' => 'asmallorange',\n 'ixwebhosting.com$' => 'asmallorange',\n 'myserverhosts.com$' => 'asmallorange',\n 'mysitehosted.com$' => 'asmallorange',\n 'seoboxes.com$' => 'asmallorange',\n 'seohosting.com$' => 'asmallorange',\n 'seohosting.com$' => 'asmallorange',\n 'site5.com$' => 'asmallorange',\n 'weblimitsiz.com$' => 'asmallorange',\n 'webserversystems.com$' => 'asmallorange',\n 'bluehost.com$' => 'bluehost',\n 'domainpro.com$' => 'bluehost',\n 'fastdomain.com$' => 'bluehost',\n 'hostmonster.com$' => 'bluehost',\n 'justhost.com$' => 'bluehost',\n 'supergreenhosting.com$' => 'bluehost',\n 'rhost(bh|jh).com$' => 'bluehost',\n 'unifiedlayer.com$' => 'bluehost',\n 'beta(bh|hm|fd|jh).com$' => 'bluehost',\n 'annulet.com$' => 'buydomains',\n 'azdomainz.com$' => 'buydomains',\n 'azprivatez.com$' => 'buydomains',\n 'buydomains.com$' => 'buydomains',\n 'adlauncher.io$' => 'constantcontact',\n 'constantcontact.com$' => 'constantcontact',\n 'smbinnoloft.com$' => 'constantcontact',\n 'singleplatform.com$' => 'constantcontact',\n 'anytimesites.com$' => 'directi',\n 'bigdomainshop.com$' => 'directi',\n 'bigrock.com$' => 'directi',\n 'bigrock.cn$' => 'directi',\n 'bigrock.in$' => 'directi',\n 'bigrock.com$' => 'directi',\n 'bluefractal.com$' => 'directi',\n 'br.bluehost.com$' => 'directi',\n 'cn.bluehost.com$' => 'directi',\n 'in.bluehost.com$' => 'directi',\n 'bluehost.mx$' => 'directi',\n 'ru.bluehost.com$' => 'directi',\n 'tr.bluehost.com$' => 'directi',\n 'publicdomainregistry.com$' => 'directi',\n 'commerceisland.com$' => 'directi',\n 'coolocean.com$' => 'directi',\n 'crispnames.com$' => 'directi',\n 'crystalcoal.com$' => 'directi',\n 'curiousnet.com$' => 'directi',\n 'desertdevil.com$' => 'directi',\n 'domainband.com$' => 'directi',\n 'domainmantra.com$' => 'directi',\n 'domainshype.com$' => 'directi',\n 'domdrill.com$' => 'directi',\n 'everreadynames.com$' => 'directi',\n 'extendnames.com$' => 'directi',\n 'extremelywild.com$' => 'directi',\n 'findgooddomains.com$' => 'directi',\n 'gamefornames.com$' => 'directi',\n 'gofullhouse.com$' => 'directi',\n 'africa.hostgator.com$' => 'directi',\n 'cn.hostgator.com$' => 'directi',\n 'hostgator.in$' => 'directi',\n 'my.hostgator.com$' => 'directi',\n 'hostgator.mx$' => 'directi',\n 'ru.hostgator.com$' => 'directi',\n 'hostgator.sg$' => 'directi',\n 'hostgator.com.tr$' => 'directi',\n 'hotdomaintrade.com$' => 'directi',\n 'instinctsolutions.com$' => 'directi',\n 'jumboname.com$' => 'directi',\n 'keyregistrar.com$' => 'directi',\n 'logicboxes.com$' => 'directi',\n 'logicboxes.com$' => 'directi',\n 'magicfriday.com$' => 'directi',\n 'mightybay.net$' => 'directi',\n 'nameperfections.com$' => 'directi',\n 'nametofame.com$' => 'directi',\n 'namware.com$' => 'directi',\n 'needservers.com$' => 'directi',\n 'netjuggler.com$' => 'directi',\n 'networksavior.com$' => 'directi',\n 'publicdomainregistry.com$' => 'directi',\n 'platinumregistrar.com$' => 'directi',\n 'powercarrier.com$' => 'directi',\n 'powernamers.com$' => 'directi',\n 'publicdomainregistry.com$' => 'directi',\n 'rankusa.com$' => 'directi',\n 'cn.resellerclub.com$' => 'directi',\n 'resellerclub.com$' => 'directi',\n 'india.resellerclub.com$' => 'directi',\n 'id.resellerclub.com$' => 'directi',\n 'russia.resellerclub.com$' => 'directi',\n 'es.resellerclub.com$' => 'directi',\n 'tr.resellerclub.com$' => 'directi',\n 'uk.resellerclub.com$' => 'directi',\n 'resellersrs.com$' => 'directi',\n 'br.resellerclub.com$' => 'directi',\n 'speedhost.in$' => 'directi',\n 'supernameworld.com$' => 'directi',\n 'techtyrants.com$' => 'directi',\n 'theregistrarservice.com$' => 'directi',\n 'TitanicHosting.com$' => 'directi',\n 'tradestarter.com$' => 'directi',\n 'ultraregistrar.com$' => 'directi',\n 'unifiedservers.com$' => 'directi',\n 'unpower.com$' => 'directi',\n 'vertexnames.com$' => 'directi',\n 'visualmonster.com$' => 'directi',\n 'webhosting.info$' => 'directi',\n 'yellowstart.com$' => 'directi',\n 'yourdomainking.com$' => 'directi',\n 'zonecasting.com$' => 'directi',\n '000domains.com$' => 'directi',\n 'directdomains.com$' => 'directi',\n 'domainbank.com$' => 'directi',\n 'domain.com$' => 'directi',\n 'dominio.com$' => 'directi',\n 'dotster.com$' => 'directi',\n 'enameco.com$' => 'directi',\n 'fortunecity.com$' => 'directi',\n 'hostlane.com$' => 'directi',\n 'namezero.com$' => 'directi',\n 'namesdirect.com$' => 'directi',\n 'vip.domain.com$' => 'directi',\n 'appmachine.com$' => 'eig',\n 'tapp.com$' => 'eig',\n 'emailbrain.com$' => 'eig',\n 'endurance.com$' => 'eig',\n 'impress.ly$' => 'eig',\n 'seogears.com$' => 'eig',\n 'textagrams.com$' => 'eig',\n 're.vu$' => 'eig',\n 'theinstantsurvey.com$' => 'eig',\n 'backupgenie.com$' => 'jdi',\n 'jdibackup.com$' => 'jdi',\n 'justcloud.com$' => 'jdi',\n 'mypcbackup.com$' => 'jdi',\n 'shieldsafe.com$' => 'jdi',\n 'turboyourpc.com$' => 'jdi',\n 'yesbackup.com$' => 'jdi',\n 'zipcloud.com$' => 'jdi',\n 'siteblog.com$' => 'jdi',\n 'sitebuilder.com$' => 'jdi',\n 'sitelio.com$' => 'jdi',\n 'sitey.com$' => 'jdi',\n 'templatesites.com$' => 'jdi',\n 'websitetailor.com$' => 'jdi',\n 'websitebuilder.com$' => 'jdi',\n 'webzai.com$' => 'jdi',\n 'cloudhosted.com$' => 'jdi',\n 'digitalcloud.com$' => 'jdi',\n 'ehost.com$' => 'jdi',\n 'hostclear.com$' => 'jdi',\n 'hostfinity.com$' => 'jdi',\n 'ideahost.com$' => 'jdi',\n 'cvexpert.com$' => 'jdi',\n 'speedyresume.com$' => 'jdi',\n 'standoutresume.com$' => 'jdi',\n 'mysocialsuite.com$' => 'jdi',\n 'social-booster.com$' => 'jdi',\n 'uplift.social$' => 'jdi',\n 'fortifi.co$' => 'jdi',\n 'incognitovpn.com$' => 'jdi',\n 'pseud.io$' => 'jdi',\n 'saferweb.com$' => 'jdi',\n 'supervpn.io$' => 'jdi',\n 'totalvpn.com$' => 'jdi',\n '123domainrenewals.com$' => 'vdeck',\n '1800-website.com$' => 'vdeck',\n '1st-for-domain-names.com$' => 'vdeck',\n '24x7domains.com$' => 'vdeck',\n '995discountdomains.com$' => 'vdeck',\n 'addresscreation.com$' => 'vdeck',\n 'addressontheweb.com$' => 'vdeck',\n 'allaccessdomains.com$' => 'vdeck',\n 'alldomains.com$' => 'vdeck',\n 'apollohosting.com$' => 'vdeck',\n 'austriadomains.com$' => 'vdeck',\n 'austriandomains.com$' => 'vdeck',\n 'bidfordomainnames.com$' => 'vdeck',\n 'bizland.com$' => 'vdeck',\n 'blueboxinternet.com$' => 'vdeck',\n 'bluedomino.com$' => 'vdeck',\n 'CapitalDomains.org$' => 'vdeck',\n 'chinesedomain.cn$' => 'vdeck',\n 'chocolatecovereddomains.com$' => 'vdeck',\n 'claimeddomains.com$' => 'vdeck',\n 'click2site.com$' => 'vdeck',\n 'cocosislandsdomains.cc$' => 'vdeck',\n 'ColumbiaDomains.net$' => 'vdeck',\n 'DecentDomains.net$' => 'vdeck',\n 'department-of-domains.com$' => 'vdeck',\n 'deutchdomains.de$' => 'vdeck',\n 'diggitydot.com$' => 'vdeck',\n 'discountdomainservices.com$' => 'vdeck',\n 'Domain-A-Go-Go.com$' => 'vdeck',\n 'domain.com$' => 'vdeck',\n 'domainadministration.com$' => 'vdeck',\n 'domainbulkregistration.com$' => 'vdeck',\n 'domainbusinessnames.com$' => 'vdeck',\n 'domaincamping.com$' => 'vdeck',\n 'personalnames.com$' => 'vdeck',\n 'domainhost.com$' => 'vdeck',\n 'domainhostingweb.us$' => 'vdeck',\n 'domaininternetname.com$' => 'vdeck',\n 'domainnamebidder.com$' => 'vdeck',\n 'domainnamelookup.us$' => 'vdeck',\n 'dot5hosting.com$' => 'vdeck',\n 'easycgi.com$' => 'vdeck',\n 'vdeck.ehost.com$' => 'vdeck',\n 'enameco.com$' => 'vdeck',\n 'entryhost.com$' => 'vdeck',\n 'fatcow.com$' => 'vdeck',\n 'freeyellow.com$' => 'vdeck',\n 'globat.com$' => 'vdeck',\n 'homestead.com$' => 'vdeck',\n 'hostcentric.com$' => 'vdeck',\n 'hostlane.com$' => 'vdeck',\n 'hypermart.com$' => 'vdeck',\n 'imoutdoorshosting.com$' => 'vdeck',\n 'ipage.com$' => 'vdeck',\n 'ipower.com$' => 'vdeck',\n 'namezero.com$' => 'vdeck',\n 'cadomains.com$' => 'vdeck',\n 'netfirms.com$' => 'vdeck',\n 'networkshosting.com$' => 'vdeck',\n 'niuedomains.nu$' => 'vdeck',\n 'powweb.com$' => 'vdeck',\n 'privacypost.com$' => 'vdeck',\n 'purehost.com$' => 'vdeck',\n 'readyhosting.com$' => 'vdeck',\n 'registernames.com$' => 'vdeck',\n 'samoandomains.com$' => 'vdeck',\n 'spry.com$' => 'vdeck',\n 'startlogic.com$' => 'vdeck',\n 'tuvaludomains.tv$' => 'vdeck',\n 'unitedkingdomdomains.com$' => 'vdeck',\n 'newdentity.com$' => 'vdeck',\n 'usanethosting.com$' => 'vdeck',\n 'vdeck.com$' => 'vdeck',\n 'verio.com$' => 'vdeck',\n 'virtualave.com$' => 'vdeck',\n 'vpslink.com$' => 'vdeck',\n 'webhost4life.com$' => 'vdeck',\n 'webifybiz.com$' => 'vdeck',\n 'xeran.com$' => 'vdeck'\n );\n foreach my $regex ( keys %brands ) {\n if ( $data{'hostdomain'} =~ \/^$regex$\/i ) {\n $data{'brand'} = $brands{$regex};\n last;\n }\n }\n $data{'brand'} = 'Unknown' unless defined($data{'brand'});\n return(1);\n}\n\nsub get_ips {\n open(my $f, '-|', '\/sbin\/ip addr');\n while(<$f>) {\n if ( \/^\\s+inet\\s([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})\\\/\/ ) {\n next if is_rfc1918($1);\n $data{'primaryip'} = $1 unless defined($data{'primaryip'});\n $data{'ips'}->{$1} = [];\n }\n }\n close($f);\n # container IP's aren't bound to the server so we need to grab them from the vz db.\n # If they aren't in our hash then we wont be able to match domains off of them.\n if ( -f '\/usr\/sbin\/vzlist' ) {\n open(my $f, '-|', '\/usr\/sbin\/vzlist -a -H -o ip');\n while(<$f>) {\n foreach my $ip ( split(\/\\s+\/, $_) ) {\n next if is_rfc1918($ip);\n $data{'ips'}->{$ip} = [];\n }\n }\n close($f);\n }\n return(1);\n}\n\nsub get_type {\n my %types = (\n '\/var\/cpanel' => 'cpanel',\n '\/usr\/sbin\/vzctl' => 'virtuozzo',\n );\n foreach my $file ( keys %types ) {\n if (( -f $file ) || ( -d $file )) {\n return($types{$file});\n }\n }\n return('generic');\n}\n\nsub get_generic {\n my $named_dir = get_named_dir('\/etc\/named.conf');\n opendir(my $d, $named_dir);\n foreach my $file ( map { $named_dir . '\/' . $_ } grep { ! \/^\\.(\\.)?$\/ } readdir($d) ) {\n next unless $file =~ \/\\.db$\/;\n read_zone($file);\n }\n closedir($d);\n return(1);\n}\n\nsub get_virtuozzo {\n open(my $f, '-|', '\/usr\/sbin\/vzlist -a -H');\n while(<$f>) {\n my ( undef, $ctid ) = split(\/\\s+\/, $_);\n next unless $ctid =~ \/^[0-9]+$\/;\n my $partition;\n open(my $fh, '<', '\/etc\/vz\/conf\/' . $ctid . '.conf');\n while(<$fh>) {\n my ( $key, $value ) = split('=', $_);\n next unless $key eq 'VE_PRIVATE';\n $value =~ s\/(\\\"|\\')\/\/g;\n ( undef, $partition ) = split('\/', $value);\n last unless $partition =~ \/^vz([0-9]+)?$\/;\n }\n close($fh);\n my $named_dir = get_named_dir(\"\/$partition\/private\/$ctid\/fs\/root\/etc\/named.conf\");\n # this is to get around plesk having a chrooted named dir.\n if (( ! $named_dir ) && ( -d \"\/$partition\/private\/$ctid\/fs\/root\/etc\/psa\" )) {\n $named_dir = '\/var\/named\/run-root\/var\/';\n }\n next unless $named_dir;\n opendir(my $d, \"\/$partition\/private\/$ctid\/fs\/root\/$named_dir\");\n foreach my $file ( map { \"\/$partition\/private\/$ctid\/fs\/root\/$named_dir\" . '\/' . $_ } grep { ! \/^\\.(\\.)?$\/ } readdir($d) ) {\n\n\n read_zone($file);\n }\n closedir($d);\n }\n close($f);\n return(1);\n}\n\nsub submit {\n my $json = encode_json(\\%data);\n my $auth = 'U0euhTxP1kc2BMRtN6IPG3aakhcfp8sMqwQ4Kcwk09VyngQPcK36jjMgGOOrg4rQTrwp1DREzs1DA66a4zd2R3V8G9uPfify4nR2lbUeebOIxd7v9y0u22vwlI4KLGRF';\n my $url = 'https:\/\/eigid.endurance.com\/eigid.php';\n my $ua = LWP::UserAgent->new();\n my $req = HTTP::Request->new( POST => $url );\n $req->header('Content-Type' => 'application\/json');\n $req->header('X-Auth-Token' => $auth);\n $req->content($json);\n my $response = $ua->request($req);\n unless ( $response->is_success ) {\n print '[!] Unable to post data to eigid:', $response->code, $response->message, \"\\n\";\n exit();\n }\n}\n\nsub is_rfc1918 {\n my $ip = shift;\n my @private_subnets = (\n '^127\\.',\n '^10\\.',\n '^172\\.1[6-9]\\.',\n '^172\\.2[0-9]\\.',\n '^172\\.3[0-1]\\.',\n '^192\\.168\\.',\n );\n foreach my $regex ( @private_subnets ) {\n if ( $ip =~ \/$regex\/ ) {\n return(1);\n }\n }\n return(0);\n}\n\nsub get_named_dir {\n my $file = shift;\n my $dir;\n open(my $fh, '<', $file);\n while(<$fh>) {\n if ( \/^\\s+?directory\\s+(\\'|\\\")([a-z0-9\\\/]+)(\\'|\\\")\/ ) {\n $dir = $2;\n last;\n }\n }\n close($fh);\n return($dir);\n}\n\nsub read_zone {\n my $file = shift;\n open(my $f, '<', $file);\n while(<$f>) {\n my ( $one, $two, $three, $four, $five ) = split(\/\\s+\/);\n my ( $domain, $type, $record );\n # if a TTL is there\n if ( $two =~ \/^[0-9]+$\/ ) {\n ( $domain, $type, $record ) = ( $one, $four, $five );\n } else {\n ( $domain, $type, $record ) = ( $one, $three, $four );\n }\n next unless $type =~ \/^a$\/i;\n next unless $domain =~ \/\\.$\/;\n next unless $data{'ips'}->{$record};\n $domain =~ s\/\\.$\/\/g;\n push(@{$data{'ips'}->{$record}}, $domain);\n }\n close($f);\n}\n\n__END__\n","DAILY_imunify-antivirus.cron:#!\/bin\/bash\n#\n# imunify-antivirus daily cron jobs.\n#\n# Usage:\n# .\/imunify-antivirus.cron []\n#\n# if logfile is not specified, the output will be discarded\n# If imunify360-firewall is installed, doing nothing\nlog=${1:-\/dev\/null}\n\nmain()\n{\n echo \"Checking if imunify360-firewall is installed\"\n if rpm -qi imunify360-firewall; then\n echo \"Imunify360-installed, skipping antivirus cron\"\n exit 0\n fi\n\n echo \"Starting daily imunify-antivirus cron jobs at $(date)\"\n \/usr\/bin\/imunify360-agent check-domains\n\n PACKAGES=\"imunify-antivirus \\\n ai-bolit \\\n alt-php-hyperscan \\\n imunify-common \\\n imunify-notifier \\\n imunify-core \\\n imunify-ui \\\n imunify360-venv \\\n minidaemon \\\n alt-php-internal \\\n app-version-detector\"\n \/usr\/libexec\/report-command-error \/usr\/bin\/yum update --assumeyes $PACKAGES\n\n \/usr\/bin\/imunify-antivirus version\n echo \"Finished daily imunify-antivirus cron jobs at $(date)\"\n}\n\nmain >> \"$log\" 2>&1\n","DAILY_logrotate:#!\/bin\/sh\nexport TMPDIR=\/var\/spool\/logrotate\/tmp\n\n\/usr\/sbin\/logrotate \/etc\/logrotate.conf >\/dev\/null 2>&1\nEXITVALUE=$?\nif [ $EXITVALUE != 0 ]; then\n \/usr\/bin\/logger -t logrotate \"ALERT exited abnormally with [$EXITVALUE]\"\nfi\nexit 0\n","DAILY_logrotate.rpmnew:","DAILY_makewhatis.cron:","DAILY_mlocate.cron:","DAILY_rkhunter:#!\/bin\/sh\n# 01-rkhunter A shell script to update and run rkhunter via CRON\n\nXITVAL=0\n\n# Get a secure tempfile\nTMPFILE1=`\/bin\/mktemp -p \/var\/lib\/rkhunter rkhcronlog.XXXXXXXXXX` || exit 1\n\nif [ ! -e \/var\/lock\/subsys\/rkhunter ]; then\n\n # Try to keep the SysInit boot scan from colliding with us (highly unlikely)\n \/bin\/touch \/var\/lock\/subsys\/rkhunter\n\n # Source system configuration parameters.\n if [ -e \/etc\/sysconfig\/rkhunter ] ; then\n . \/etc\/sysconfig\/rkhunter\n else\n MAILTO=root@localhost\n fi\n\n # If a diagnostic mode scan was requested, setup the parameters\n if [ \"$DIAG_SCAN\" == \"yes\" ]; then\n RKHUNTER_FLAGS=\"--checkall --skip-keypress --nocolors --quiet --appendlog --display-logfile\"\n else\n RKHUNTER_FLAGS=\"--cronjob --nocolors --report-warnings-only\"\n fi\n\n # Set a few critical parameters\n RKHUNTER=\/usr\/bin\/rkhunter\n LOGFILE=\/var\/log\/rkhunter\/rkhunter.log\n\n # Run RootKit Hunter if available\n if [ -x $RKHUNTER ]; then\n \/bin\/echo -e \"\\n--------------------- Start Rootkit Hunter Update ---------------------\" \\\n > $TMPFILE1\n \/bin\/nice -n 10 $RKHUNTER --update --nocolors 2>&1 >> $TMPFILE1\n \/bin\/echo -e \"\\n---------------------- Start Rootkit Hunter Scan ----------------------\" \\\n >> $TMPFILE1\n \/bin\/nice -n 10 $RKHUNTER $RKHUNTER_FLAGS 2>&1 >> $TMPFILE1\n XITVAL=$?\n \/bin\/echo -e \"\\n----------------------- End Rootkit Hunter Scan -----------------------\" \\\n >> $TMPFILE1\n\n if [ $XITVAL != 0 ]; then\n \/bin\/cat $TMPFILE1 | \/bin\/mail -s \"rkhunter Daily Run on $(hostname)\" $MAILTO\n fi\n \/bin\/cat $TMPFILE1 >> $LOGFILE\n fi\n\n # Delete the gating lockfile\n \/bin\/rm -f \/var\/lock\/subsys\/rkhunter\nfi\n\n# Delete the secure tempfile\n\/bin\/rm -f $TMPFILE1\n\nexit $XITVAL\n","DAILY_summarize-api1-logs:","DAILY_tmpwatch:#! \/bin\/sh\nflags=-umc\n\/usr\/sbin\/tmpwatch \"$flags\" -x \/tmp\/.X11-unix -x \/tmp\/.XIM-unix \\\n\t-x \/tmp\/.font-unix -x \/tmp\/.ICE-unix -x \/tmp\/.Test-unix \\\n\t-X '\/tmp\/hsperfdata_*' -X '\/tmp\/.hdb*lock' -X '\/tmp\/.sapstartsrv*.log' \\\n\t-X '\/tmp\/pymp-*' 10d \/tmp\n\/usr\/sbin\/tmpwatch \"$flags\" 30d \/var\/tmp\nfor d in \/var\/{cache\/man,catman}\/{cat?,X11R6\/cat?,local\/cat?}; do\n if [ -d \"$d\" ]; then\n\t\/usr\/sbin\/tmpwatch \"$flags\" -f 30d \"$d\"\n fi\ndone\n"]}