{ "ok": true, "source": "scotnet-dnsbl-public-history", "generated_at": 1782311585, "generated_at_iso": "2026-06-24T14:33:05Z", "requested_limit": 10, "history": { "code": "127.0.0.8", "confidence_band": "very-high", "confidence_score": 95, "event_count": 92, "events": [ { "category": "promoted", "code": "127.0.0.8", "kind": "promoted", "previous_code": "127.0.0.4", "severity": "high", "source": "apache-security", "summary": "Apache security: shell_backdoor_probe; 31 evidence item(s); 3 attack session(s)/7d, 3/30d", "time": 1781833511, "time_iso": "2026-06-19T01:45:11Z" }, { "category": "shell_backdoor_probe", "kind": "attack", "method": "GET", "severity": "high", "source": "apache-security", "status": 200, "summary": "Web-shell/backdoor probe • GET • HTTP 200", "target": "/rip.php", "time": 1781833364, "time_iso": "2026-06-19T01:42:44Z" }, { "category": "shell_backdoor_probe", "kind": "attack", "method": "GET", "severity": "high", "source": "apache-security", "status": 200, "summary": "Web-shell/backdoor probe • GET • HTTP 200", "target": "/sf.php", "time": 1781833361, "time_iso": "2026-06-19T01:42:41Z" }, { "category": "shell_backdoor_probe", "kind": "attack", "method": "GET", "severity": "high", "source": "apache-security", "status": 200, "summary": "Web-shell/backdoor probe • GET • HTTP 200", "target": "/wso.php", "time": 1781833359, "time_iso": "2026-06-19T01:42:39Z" }, { "category": "shell_backdoor_probe", "kind": "attack", "method": "GET", "severity": "high", "source": "apache-security", "status": 200, "summary": "Web-shell/backdoor probe • GET • HTTP 200", "target": "/shell.php", "time": 1781833358, "time_iso": "2026-06-19T01:42:38Z" }, { "category": "shell_backdoor_probe", "kind": "attack", "method": "GET", "severity": "high", "source": "apache-security", "status": 200, "summary": "Web-shell/backdoor probe • GET • HTTP 200", "target": "/wp-content/shell.php", "time": 1781833356, "time_iso": "2026-06-19T01:42:36Z" }, { "category": "shell_backdoor_probe", "kind": "attack", "method": "GET", "severity": "high", "source": "apache-security", "status": 200, "summary": "Web-shell/backdoor probe • GET • HTTP 200", "target": "/class-t.api.php", "time": 1781833352, "time_iso": "2026-06-19T01:42:32Z" }, { "category": "shell_backdoor_probe", "kind": "attack", "method": "GET", "severity": "high", "source": "apache-security", "status": 200, "summary": "Web-shell/backdoor probe • GET • HTTP 200", "target": "/wp-good.php", "time": 1781833351, "time_iso": "2026-06-19T01:42:31Z" }, { "category": "shell_backdoor_probe", "kind": "attack", "method": "GET", "severity": "high", "source": "apache-security", "status": 200, "summary": "Web-shell/backdoor probe • GET • HTTP 200", "target": "/shell.php", "time": 1781833350, "time_iso": "2026-06-19T01:42:30Z" }, { "category": "shell_backdoor_probe", "kind": "attack", "method": "GET", "severity": "high", "source": "apache-security", "status": 200, "summary": "Web-shell/backdoor probe • GET • HTTP 200", "target": "/rip.php", "time": 1781833349, "time_iso": "2026-06-19T01:42:29Z" } ], "events_returned": 10, "expires_at": 1789609364, "first_event_at": 1781805581, "ip": "20.12.202.181", "last_delisted_at": null, "last_event_at": 1781833511, "last_expired_at": null, "listed": true, "primary_source": "apache_security", "reason": "Apache security: shell_backdoor_probe; 31 evidence item(s); 3 attack session(s)/7d, 3/30d", "repeat_offender": true, "sources": [ "apache-security" ], "status": "listed", "suppression_until": null } }