{
    "ok": true,
    "source": "scotnet-dnsbl-public-history",
    "generated_at": 1782324185,
    "generated_at_iso": "2026-06-24T18:03:05Z",
    "requested_limit": 10,
    "history": {
        "code": "127.0.0.4",
        "confidence_band": "high",
        "confidence_score": 85,
        "event_count": 2,
        "events": [
            {
                "category": "observed",
                "code": "127.0.0.4",
                "kind": "observed",
                "severity": "high",
                "source": "apache-security",
                "summary": "Apache security: command_injection_probe; 1 evidence item(s); 1 attack session(s)/7d, 1/30d",
                "time": 1781584210,
                "time_iso": "2026-06-16T04:30:10Z"
            },
            {
                "category": "command_injection_probe",
                "kind": "attack",
                "method": "POST",
                "severity": "high",
                "source": "apache-security",
                "status": 400,
                "summary": "Command-injection probe • POST • HTTP 400",
                "target": "/bin/sh",
                "time": 1781584182,
                "time_iso": "2026-06-16T04:29:42Z"
            }
        ],
        "events_returned": 2,
        "expires_at": 1784176182,
        "first_event_at": 1781584182,
        "ip": "185.38.148.2",
        "last_delisted_at": null,
        "last_event_at": 1781584210,
        "last_expired_at": null,
        "listed": true,
        "primary_source": "apache_security",
        "reason": "Threat Prevention: Web Application Attack / ET WEB_SERVER /bin/sh In URI Possible Shell Command Execution Attempt",
        "repeat_offender": false,
        "sources": [
            "apache-security",
            "threatmail"
        ],
        "status": "listed",
        "suppression_until": null
    }
}