{"ok":true,"diagnostics":{"status":"partial","request":{"host":"cpa.tg","scheme":"https","request_uri":"/check/blacklist-diagnostics.php","client_ip":"216.73.216.171","observed_at":"2026-04-17T18:10:19+00:00"},"config":{"enabled":true,"cache_ttl_seconds":1800,"timeout_seconds":3},"provider_catalog":[{"id":"spamhaus_zen","kind":"dnsbl","label":"Spamhaus ZEN","enabled":false,"configured":true,"zone":"zen.spamhaus.org","requires_key":false,"url_template":"","threshold":null,"notes":"Classic DNSBL zone. Disabled by default and only runs when explicitly enabled."},{"id":"spamcop_bl","kind":"dnsbl","label":"Spamcop BL","enabled":false,"configured":true,"zone":"bl.spamcop.net","requires_key":false,"url_template":"","threshold":null,"notes":"Optional DNSBL scaffold for a second provider."},{"id":"abuseipdb","kind":"http_json","label":"AbuseIPDB","enabled":false,"configured":false,"zone":"","requires_key":true,"url_template":"https://api.abuseipdb.com/api/v2/check?ipAddress=%s&maxAgeInDays=90&verbose","threshold":25,"notes":"HTTP JSON scaffold. Only runs when an API key is configured and the provider is explicitly enabled."}],"summary":{"catalog_count":3,"configured_count":2,"enabled_count":0,"active_count":0},"local_reputation":{"available":true,"state":"detected","headline":"Local reputation signals detected","summary":"Existing IP intelligence sees route traits that should be reviewed together with DNS, WebRTC and transport.","signals":["datacenter","cloud:AWS"],"risk_score":null,"source":"ipwho.is","proxy":null,"vpn":null,"tor":null,"datacenter":true,"cloud_provider":"AWS","hostname":""},"missing_requirements":["Provider not configured: AbuseIPDB"],"recommendations":["Enable at least one provider flag to move from limited mode to real blacklist lookups.","Use local reputation as route triage, but keep it visually separate from confirmed DNSBL hits."]}}