Goblin Times
Verified User
Ok here is the full readout from SSH:
DirectAdmin 1.61.5
Accepting Connections on port 2222
Sockets::handshake - begin
Sockets::handshake - begin
Looking up certificate for domain: goblinbot.xyz
Found alternative name in cerificate for: goblinbot.xyz
SSL CTX loading time duration: 1531sec
Looking up certificate for domain: goblinbot.xyz
Found alternative name in cerificate for: goblinbot.xyz
SSL CTX loading time duration: 1034sec
Sockets::handshake - end
/
GET string: redirect=yes
0: Accept-Encoding: gzip, deflate, br
1: Accept-Language: en-US,en;q=0.9
2: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
3: Cache-Control: no-cache
4: Connection: keep-alive
5: Cookie: MANTIS_secure_session=0; GOBLINBOT_secure_session=0; mw_installer_session=iu1m32rgq95csvlf5s2m31nde6; PHPSESSID=6qivpif1rcglldv3ki1o8nhe1l; GOBLINBOT_STRING_COOKIE=1TauX3uL523kOZvS0A3Sb_9WYL6XFIeFFZwR-LtwDARABVjz_mK6IuWjQ_5J1; PPA_ID=bghpuhps79dvfeh9odpr5s61nb; webfx-tree-cookie-persistence=wfxt-8+wfxt-16+wfxt-14+wfxt-4+wfxt-6+wfxt-12; THEBUGGENIE=6air0jmnjj49hon1hib52bfgsc; session=BJkHPDJzKHJ8QepO75WzBJF11ReO8DgHWQXvbosv6C4WotsvwOv6f87eZm1fxhwR
6: DNT: 1
7: Host: goblinbot.xyz:2222
8: Pragma: no-cache
9: Referer: https://goblinbot.xyz:2222/?redirect=yes
10: Sec-Fetch-Dest: document
11: Sec-Fetch-Mode: navigate
12: Sec-Fetch-Site: same-origin
13: Sec-Fetch-User: ?1
14: Upgrade-Insecure-Requests: 1
15: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Edg/85.0.564.70
Checking referer https://goblinbot.xyz:2222/?redirect=yes to goblinbot.xyz:2222
Referer check passed: goblinbot.xyz=goblinbot.xyz 2222=2222
auth.authenticated
Sockets::handshake - end
Tally::get_user_quota: quotactl() error 38 for /=/dev/vda1: Function not implemented
ENOSYS
User::deny_override:/CMD_DOMAIN: call_level=2, depth1: aborting due to do depth
User::deny_override:/CMD_DOMAIN: call_level=1, depth2: aborting due to do depth
Plugin::addHooks: start
Plugin::addHooks: end
Command::run: finished /
Send::sendSSI:/HTM_HEAD: lookup failed for level 3
Send::sendSSI:/HTM_FOOTER: lookup failed for level 3
/assets/css/app.css
GET string: ver=3621
0: Accept-Encoding: gzip, deflate, br
1: Accept-Language: en-US,en;q=0.9
2: Accept: text/css,*/*;q=0.1
3: Cache-Control: no-cache
4: Connection: keep-alive
5: Cookie: MANTIS_secure_session=0; GOBLINBOT_secure_session=0; mw_installer_session=iu1m32rgq95csvlf5s2m31nde6; PHPSESSID=6qivpif1rcglldv3ki1o8nhe1l; GOBLINBOT_STRING_COOKIE=1TauX3uL523kOZvS0A3Sb_9WYL6XFIeFFZwR-LtwDARABVjz_mK6IuWjQ_5J1; PPA_ID=bghpuhps79dvfeh9odpr5s61nb; webfx-tree-cookie-persistence=wfxt-8+wfxt-16+wfxt-14+wfxt-4+wfxt-6+wfxt-12; THEBUGGENIE=6air0jmnjj49hon1hib52bfgsc; session=BJkHPDJzKHJ8QepO75WzBJF11ReO8DgHWQXvbosv6C4WotsvwOv6f87eZm1fxhwR
6: DNT: 1
7: Host: goblinbot.xyz:2222
8: Pragma: no-cache
9: Referer: https://goblinbot.xyz:2222/?redirect=yes
10: Sec-Fetch-Dest: style
11: Sec-Fetch-Mode: no-cors
12: Sec-Fetch-Site: same-origin
13: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Edg/85.0.564.70
Checking referer https://goblinbot.xyz:2222/?redirect=yes to goblinbot.xyz:2222
Referer check passed: goblinbot.xyz=goblinbot.xyz 2222=2222
auth.authenticated
Send::send_images(command='/assets/css/app.css' is_asset=1)
Send::sendFile('./data/skins/evolution/assets/css/app.css', '(null)')
Command::run: finished /assets/css/app.css
Sockets::handshake - begin
Sockets::handshake - begin
Sockets::handshake - begin
Looking up certificate for domain: goblinbot.xyz
Found alternative name in cerificate for: goblinbot.xyz
SSL CTX loading time duration: 1050sec
Looking up certificate for domain: goblinbot.xyz
Found alternative name in cerificate for: goblinbot.xyz
SSL CTX loading time duration: 968sec
Looking up certificate for domain: goblinbot.xyz
Found alternative name in cerificate for: goblinbot.xyz
SSL CTX loading time duration: 1175sec
Sockets::handshake - end
/assets/preloader.js
GET string: ver=3621
0: Accept-Encoding: gzip, deflate, br
1: Accept-Language: en-US,en;q=0.9
2: Accept: */*
3: Cache-Control: no-cache
4: Connection: keep-alive
5: Cookie: MANTIS_secure_session=0; GOBLINBOT_secure_session=0; mw_installer_session=iu1m32rgq95csvlf5s2m31nde6; PHPSESSID=6qivpif1rcglldv3ki1o8nhe1l; GOBLINBOT_STRING_COOKIE=1TauX3uL523kOZvS0A3Sb_9WYL6XFIeFFZwR-LtwDARABVjz_mK6IuWjQ_5J1; PPA_ID=bghpuhps79dvfeh9odpr5s61nb; webfx-tree-cookie-persistence=wfxt-8+wfxt-16+wfxt-14+wfxt-4+wfxt-6+wfxt-12; THEBUGGENIE=6air0jmnjj49hon1hib52bfgsc; session=BJkHPDJzKHJ8QepO75WzBJF11ReO8DgHWQXvbosv6C4WotsvwOv6f87eZm1fxhwR
6: DNT: 1
7: Host: goblinbot.xyz:2222
8: Pragma: no-cache
9: Referer: https://goblinbot.xyz:2222/?redirect=yes
10: Sec-Fetch-Dest: script
11: Sec-Fetch-Mode: no-cors
12: Sec-Fetch-Site: same-origin
13: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Edg/85.0.564.70
Checking referer https://goblinbot.xyz:2222/?redirect=yes to goblinbot.xyz:2222
Referer check passed: goblinbot.xyz=goblinbot.xyz 2222=2222
auth.authenticated
Send::send_images(command='/assets/preloader.js' is_asset=1)
Send::sendFile('./data/skins/evolution/assets/preloader.js', '(null)')
Command::run: finished /assets/preloader.js
Sockets::handshake - end
/assets/vendors.js
GET string: ver=3621
0: Accept-Encoding: gzip, deflate, br
1: Accept-Language: en-US,en;q=0.9
2: Accept: */*
3: Cache-Control: no-cache
4: Connection: keep-alive
5: Cookie: MANTIS_secure_session=0; GOBLINBOT_secure_session=0; mw_installer_session=iu1m32rgq95csvlf5s2m31nde6; PHPSESSID=6qivpif1rcglldv3ki1o8nhe1l; GOBLINBOT_STRING_COOKIE=1TauX3uL523kOZvS0A3Sb_9WYL6XFIeFFZwR-LtwDARABVjz_mK6IuWjQ_5J1; PPA_ID=bghpuhps79dvfeh9odpr5s61nb; webfx-tree-cookie-persistence=wfxt-8+wfxt-16+wfxt-14+wfxt-4+wfxt-6+wfxt-12; THEBUGGENIE=6air0jmnjj49hon1hib52bfgsc; session=BJkHPDJzKHJ8QepO75WzBJF11ReO8DgHWQXvbosv6C4WotsvwOv6f87eZm1fxhwR
6: DNT: 1
7: Host: goblinbot.xyz:2222
8: Pragma: no-cache
9: Referer: https://goblinbot.xyz:2222/?redirect=yes
10: Sec-Fetch-Dest: script
11: Sec-Fetch-Mode: no-cors
12: Sec-Fetch-Site: same-origin
13: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Edg/85.0.564.70
Checking referer https://goblinbot.xyz:2222/?redirect=yes to goblinbot.xyz:2222
Referer check passed: goblinbot.xyz=goblinbot.xyz 2222=2222
auth.authenticated
Send::send_images(command='/assets/vendors.js' is_asset=1)
Send::sendFile('./data/skins/evolution/assets/vendors.js', '(null)')
Command::run: finished /assets/vendors.js
Sockets::handshake - end
/assets/app.js
GET string: ver=3621
0: Accept-Encoding: gzip, deflate, br
1: Accept-Language: en-US,en;q=0.9
2: Accept: */*
3: Cache-Control: no-cache
4: Connection: keep-alive
5: Cookie: MANTIS_secure_session=0; GOBLINBOT_secure_session=0; mw_installer_session=iu1m32rgq95csvlf5s2m31nde6; PHPSESSID=6qivpif1rcglldv3ki1o8nhe1l; GOBLINBOT_STRING_COOKIE=1TauX3uL523kOZvS0A3Sb_9WYL6XFIeFFZwR-LtwDARABVjz_mK6IuWjQ_5J1; PPA_ID=bghpuhps79dvfeh9odpr5s61nb; webfx-tree-cookie-persistence=wfxt-8+wfxt-16+wfxt-14+wfxt-4+wfxt-6+wfxt-12; THEBUGGENIE=6air0jmnjj49hon1hib52bfgsc; session=BJkHPDJzKHJ8QepO75WzBJF11ReO8DgHWQXvbosv6C4WotsvwOv6f87eZm1fxhwR
6: DNT: 1
7: Host: goblinbot.xyz:2222
8: Pragma: no-cache
9: Referer: https://goblinbot.xyz:2222/?redirect=yes
10: Sec-Fetch-Dest: script
11: Sec-Fetch-Mode: no-cors
12: Sec-Fetch-Site: same-origin
13: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Edg/85.0.564.70
Checking referer https://goblinbot.xyz:2222/?redirect=yes to goblinbot.xyz:2222
Referer check passed: goblinbot.xyz=goblinbot.xyz 2222=2222
auth.authenticated
Send::send_images(command='/assets/app.js' is_asset=1)
Send::sendFile('./data/skins/evolution/assets/app.js', '(null)')
Sockets::handshake - begin
Looking up certificate for domain: goblinbot.xyz
Found alternative name in cerificate for: goblinbot.xyz
SSL CTX loading time duration: 1414sec
Sockets::handshake - end
/assets/img/preloader.svg
0: Accept-Encoding: gzip, deflate, br
1: Accept-Language: en-US,en;q=0.9
2: Accept: image/webp,image/apng,image/*,*/*;q=0.8
3: Cache-Control: no-cache
4: Connection: keep-alive
5: Cookie: MANTIS_secure_session=0; GOBLINBOT_secure_session=0; mw_installer_session=iu1m32rgq95csvlf5s2m31nde6; PHPSESSID=6qivpif1rcglldv3ki1o8nhe1l; GOBLINBOT_STRING_COOKIE=1TauX3uL523kOZvS0A3Sb_9WYL6XFIeFFZwR-LtwDARABVjz_mK6IuWjQ_5J1; PPA_ID=bghpuhps79dvfeh9odpr5s61nb; webfx-tree-cookie-persistence=wfxt-8+wfxt-16+wfxt-14+wfxt-4+wfxt-6+wfxt-12; THEBUGGENIE=6air0jmnjj49hon1hib52bfgsc; session=BJkHPDJzKHJ8QepO75WzBJF11ReO8DgHWQXvbosv6C4WotsvwOv6f87eZm1fxhwR
6: DNT: 1
7: Host: goblinbot.xyz:2222
8: Pragma: no-cache
9: Referer: https://goblinbot.xyz:2222/?redirect=yes
10: Sec-Fetch-Dest: image
11: Sec-Fetch-Mode: no-cors
12: Sec-Fetch-Site: same-origin
13: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Edg/85.0.564.70
Checking referer https://goblinbot.xyz:2222/?redirect=yes to goblinbot.xyz:2222
Referer check passed: goblinbot.xyz=goblinbot.xyz 2222=2222
auth.authenticated
Send::send_images(command='/assets/img/preloader.svg' is_asset=1)
Send::sendFile('./data/skins/evolution/assets/img/preloader.svg', '(null)')
Command::run: finished /assets/img/preloader.svg
Command::run: finished /assets/app.js
Sockets::handshake - begin
Looking up certificate for domain: goblinbot.xyz
Found alternative name in cerificate for: goblinbot.xyz
SSL CTX loading time duration: 1093sec
Sockets::handshake - end
/CMD_JSON_LANG
GET string: json=yes&initial=yes&request=global&show_extra=yes
0: Accept-Encoding: gzip, deflate, br
1: Accept-Language: en-US,en;q=0.9
2: Accept: application/json
3: Cache-Control: no-cache
4: Connection: keep-alive
5: Content-Type: application/json
6: Cookie: MANTIS_secure_session=0; GOBLINBOT_secure_session=0; mw_installer_session=iu1m32rgq95csvlf5s2m31nde6; PHPSESSID=6qivpif1rcglldv3ki1o8nhe1l; GOBLINBOT_STRING_COOKIE=1TauX3uL523kOZvS0A3Sb_9WYL6XFIeFFZwR-LtwDARABVjz_mK6IuWjQ_5J1; PPA_ID=bghpuhps79dvfeh9odpr5s61nb; webfx-tree-cookie-persistence=wfxt-8+wfxt-16+wfxt-14+wfxt-4+wfxt-6+wfxt-12; THEBUGGENIE=6air0jmnjj49hon1hib52bfgsc; session=BJkHPDJzKHJ8QepO75WzBJF11ReO8DgHWQXvbosv6C4WotsvwOv6f87eZm1fxhwR
7: DNT: 1
8: Host: goblinbot.xyz:2222
9: Pragma: no-cache
10: Referer: https://goblinbot.xyz:2222/?redirect=yes
11: Sec-Fetch-Dest: empty
12: Sec-Fetch-Mode: cors
13: Sec-Fetch-Site: same-origin
14: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Edg/85.0.564.70
15: X-Json: yes
Checking referer https://goblinbot.xyz:2222/?redirect=yes to goblinbot.xyz:2222
Referer check passed: goblinbot.xyz=goblinbot.xyz 2222=2222
auth.authenticated
Tally::get_user_quota: quotactl() error 38 for /=/dev/vda1: Function not implemented
ENOSYS
User::deny_override:/CMD_JSON_LANG: call_level=2, depth1: aborting due to do depth
User::deny_override:/CMD_JSON_LANG: call_level=1, depth2: aborting due to do depth
User::deny_override:/CMD_DOMAIN: call_level=2, depth1: aborting due to do depth
User::deny_override:/CMD_DOMAIN: call_level=1, depth2: aborting due to do depth
Sys:setUserPriv(netdata):uid==9999
Plugin::addHooks: start
Sockets::handshake - begin
Looking up certificate for domain: goblinbot.xyz
Found alternative name in cerificate for: goblinbot.xyz
SSL CTX loading time duration: 1410sec
Plugin::addHooks: end
Command::doCommand(/CMD_JSON_LANG)
Sockets::handshake - end
/assets/img/favicon.png
0: Accept-Encoding: gzip, deflate, br
1: Accept-Language: en-US,en;q=0.9
2: Accept: image/webp,image/apng,image/*,*/*;q=0.8
3: Cache-Control: no-cache
4: Connection: keep-alive
5: Cookie: MANTIS_secure_session=0; GOBLINBOT_secure_session=0; mw_installer_session=iu1m32rgq95csvlf5s2m31nde6; PHPSESSID=6qivpif1rcglldv3ki1o8nhe1l; GOBLINBOT_STRING_COOKIE=1TauX3uL523kOZvS0A3Sb_9WYL6XFIeFFZwR-LtwDARABVjz_mK6IuWjQ_5J1; PPA_ID=bghpuhps79dvfeh9odpr5s61nb; webfx-tree-cookie-persistence=wfxt-8+wfxt-16+wfxt-14+wfxt-4+wfxt-6+wfxt-12; THEBUGGENIE=6air0jmnjj49hon1hib52bfgsc; session=BJkHPDJzKHJ8QepO75WzBJF11ReO8DgHWQXvbosv6C4WotsvwOv6f87eZm1fxhwR
6: DNT: 1
7: Host: goblinbot.xyz:2222
8: Pragma: no-cache
9: Referer: https://goblinbot.xyz:2222/?redirect=yes
10: Sec-Fetch-Dest: image
11: Sec-Fetch-Mode: no-cors
12: Sec-Fetch-Site: same-origin
13: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Edg/85.0.564.70
Checking referer https://goblinbot.xyz:2222/?redirect=yes to goblinbot.xyz:2222
Referer check passed: goblinbot.xyz=goblinbot.xyz 2222=2222
auth.authenticated
Send::send_images(command='/assets/img/favicon.png' is_asset=1)
Send::sendFile('./data/skins/evolution/assets/img/favicon.png', '(null)')
Command::run: finished /assets/img/favicon.png
Command::doCommand(/CMD_JSON_LANG) : finished
Command::run: finished /CMD_JSON_LANG
Sockets::handshake - begin
Looking up certificate for domain: goblinbot.xyz
Found alternative name in cerificate for: goblinbot.xyz
SSL CTX loading time duration: 966sec
Sockets::handshake - end
/CMD_JSON_LANG
GET string: json=yes&domain=goblinbot.xyz&initial=no&request=global&dynamic=yes
0: Accept-Encoding: gzip, deflate, br
1: Accept-Language: en-US,en;q=0.9
2: Accept: application/json
3: Connection: keep-alive
4: Content-Type: application/json
5: Cookie: MANTIS_secure_session=0; GOBLINBOT_secure_session=0; mw_installer_session=iu1m32rgq95csvlf5s2m31nde6; PHPSESSID=6qivpif1rcglldv3ki1o8nhe1l; GOBLINBOT_STRING_COOKIE=1TauX3uL523kOZvS0A3Sb_9WYL6XFIeFFZwR-LtwDARABVjz_mK6IuWjQ_5J1; PPA_ID=bghpuhps79dvfeh9odpr5s61nb; webfx-tree-cookie-persistence=wfxt-8+wfxt-16+wfxt-14+wfxt-4+wfxt-6+wfxt-12; THEBUGGENIE=6air0jmnjj49hon1hib52bfgsc; session=BJkHPDJzKHJ8QepO75WzBJF11ReO8DgHWQXvbosv6C4WotsvwOv6f87eZm1fxhwR
6: DNT: 1
7: Host: goblinbot.xyz:2222
8: Pragma: no-cache
9: Referer: https://goblinbot.xyz:2222/?redirect=yes
10: Sec-Fetch-Dest: empty
11: Sec-Fetch-Mode: cors
12: Sec-Fetch-Site: same-origin
13: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36 Edg/85.0.564.70
14: X-DirectAdmin-Session-ID: BJkHPDJzKHJ8QepO75WzBJF11ReO8DgHWQXvbosv6C4WotsvwOv6f87eZm1fxhwR
15: X-Json: yes
Checking referer https://goblinbot.xyz:2222/?redirect=yes to goblinbot.xyz:2222
Referer check passed: goblinbot.xyz=goblinbot.xyz 2222=2222
auth.authenticated
Tally::get_user_quota: quotactl() error 38 for /=/dev/vda1: Function not implemented
ENOSYS
User::deny_override:/CMD_JSON_LANG: call_level=2, depth1: aborting due to do depth
User::deny_override:/CMD_JSON_LANG: call_level=1, depth2: aborting due to do depth
User::deny_override:/CMD_DOMAIN: call_level=2, depth1: aborting due to do depth
User::deny_override:/CMD_DOMAIN: call_level=1, depth2: aborting due to do depth
Plugin::addHooks: start
Plugin::addHooks: end
Command::doCommand(/CMD_JSON_LANG)
Command::doCommand(/CMD_JSON_LANG) : finished
Command::run: finished /CMD_JSON_LANG