{ "ok": true, "source": "scotnet-dnsbl-public-history", "generated_at": 1782319685, "generated_at_iso": "2026-06-24T16:48:05Z", "requested_limit": 10, "history": { "code": "127.0.0.4", "confidence_band": "high", "confidence_score": 85, "event_count": 10, "events": [ { "category": "Successful Credential Theft Detected", "kind": "attack", "severity": "high", "source": "threatmail", "summary": "ET WEB_SPECIFIC_APPS Wordpress LiteSpeed Cache Plugin debug.log Access Attempt (CVE-2024-44000)", "time": 1781619116, "time_iso": "2026-06-16T14:11:56Z" }, { "category": "observed", "code": "127.0.0.4", "kind": "observed", "severity": "high", "source": "threatmail", "summary": "Threat Prevention: Successful Credential Theft Detected / ET WEB_SPECIFIC_APPS Wordpress LiteSpeed Cache Plugin debug.log Access Attempt (CVE-2024-44000)", "time": 1781615705, "time_iso": "2026-06-16T13:15:05Z" }, { "category": "add", "code": "127.0.0.4", "kind": "add", "severity": "high", "source": "apache-security", "summary": "Apache security: repeated explicit application probes; 45 evidence item(s); 1 attack session(s)/7d, 1/30d", "time": 1781573110, "time_iso": "2026-06-16T01:25:10Z" }, { "category": "generic_4xx", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 403, "summary": "Repeated suspicious 4xx target • GET • HTTP 403", "target": "/", "time": 1781573085, "time_iso": "2026-06-16T01:24:45Z" }, { "category": "generic_4xx", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 403, "summary": "Repeated suspicious 4xx target • GET • HTTP 403", "target": "/", "time": 1781573084, "time_iso": "2026-06-16T01:24:44Z" }, { "category": "secret_probe", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "Secret/configuration probe • GET • HTTP 404", "target": "/.git/FETCH_HEAD", "time": 1781573083, "time_iso": "2026-06-16T01:24:43Z" }, { "category": "generic_4xx", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "Repeated suspicious 4xx target • GET • HTTP 404", "target": "/.env~", "time": 1781573083, "time_iso": "2026-06-16T01:24:43Z" }, { "category": "generic_4xx", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "Repeated suspicious 4xx target • GET • HTTP 404", "target": "/.openclaw/openclaw.json", "time": 1781573082, "time_iso": "2026-06-16T01:24:42Z" }, { "category": "secret_probe", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "Secret/configuration probe • GET • HTTP 404", "target": "/.env.local", "time": 1781573082, "time_iso": "2026-06-16T01:24:42Z" }, { "category": "wordpress_probe", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "WordPress application probe • GET • HTTP 404", "target": "/wp-content/debug.log", "time": 1781573082, "time_iso": "2026-06-16T01:24:42Z" } ], "events_returned": 10, "expires_at": 1784211116, "first_event_at": 1781573082, "ip": "207.241.173.113", "last_delisted_at": null, "last_event_at": 1781619116, "last_expired_at": null, "listed": true, "primary_source": "threatmail", "reason": "Apache security: repeated explicit application probes; 45 evidence item(s); 1 attack session(s)/7d, 1/30d", "repeat_offender": false, "sources": [ "apache-security", "threatmail" ], "status": "listed", "suppression_until": null } }