{ "ok": true, "source": "scotnet-dnsbl-public-history", "generated_at": 1782319685, "generated_at_iso": "2026-06-24T16:48:05Z", "requested_limit": 10, "history": { "code": "127.0.0.4", "confidence_band": "high", "confidence_score": 85, "event_count": 19, "events": [ { "category": "observed", "code": "127.0.0.4", "kind": "observed", "severity": "high", "source": "apache-security", "summary": "Apache security: framework_exploit_probe; 2 evidence item(s); 2 attack session(s)/7d, 2/30d", "time": 1781623216, "time_iso": "2026-06-16T15:20:16Z" }, { "category": "generic_4xx", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "Repeated suspicious 4xx target • GET • HTTP 404", "target": "/.DS_Store", "time": 1781623010, "time_iso": "2026-06-16T15:16:50Z" }, { "category": "generic_4xx", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "Repeated suspicious 4xx target • GET • HTTP 404", "target": "/config/database.yml", "time": 1781623002, "time_iso": "2026-06-16T15:16:42Z" }, { "category": "secret_probe", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 302, "summary": "Secret/configuration probe • GET • HTTP 302", "target": "/.aws/credentials", "time": 1781623002, "time_iso": "2026-06-16T15:16:42Z" }, { "category": "secret_probe", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "Secret/configuration probe • GET • HTTP 404", "target": "/.env.save", "time": 1781622996, "time_iso": "2026-06-16T15:16:36Z" }, { "category": "secret_probe", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "Secret/configuration probe • GET • HTTP 404", "target": "/.env.production", "time": 1781622994, "time_iso": "2026-06-16T15:16:34Z" }, { "category": "secret_probe", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "Secret/configuration probe • GET • HTTP 404", "target": "/.git/config", "time": 1781622991, "time_iso": "2026-06-16T15:16:31Z" }, { "category": "add", "code": "127.0.0.4", "kind": "add", "severity": "high", "source": "apache-security", "summary": "Apache security: framework_exploit_probe; 2 evidence item(s); 1 attack session(s)/7d, 1/30d", "time": 1781566216, "time_iso": "2026-06-15T23:30:16Z" }, { "category": "generic_4xx", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "Repeated suspicious 4xx target • GET • HTTP 404", "target": "/dump.sql", "time": 1781566001, "time_iso": "2026-06-15T23:26:41Z" }, { "category": "generic_4xx", "kind": "attack", "method": "GET", "severity": "medium", "source": "apache-security", "status": 404, "summary": "Repeated suspicious 4xx target • GET • HTTP 404", "target": "/app/config/parameters.yml", "time": 1781565995, "time_iso": "2026-06-15T23:26:35Z" } ], "events_returned": 10, "expires_at": 1784215010, "first_event_at": 1781565959, "ip": "91.199.236.33", "last_delisted_at": null, "last_event_at": 1781623216, "last_expired_at": null, "listed": true, "primary_source": "apache_security", "reason": "Apache security: framework_exploit_probe; 2 evidence item(s); 1 attack session(s)/7d, 1/30d", "repeat_offender": false, "sources": [ "apache-security" ], "status": "listed", "suppression_until": null } }