{"report_id":"c5ac0e5c-8796-436f-a7a2-26b70315d18d","version":6,"status":"done","tags":[],"date":"2026-01-05T18:36:16Z","url":{"schema":"http","addr":"revolutiongray.com/","fqdn":"revolutiongray.com","domain":"revolutiongray.com","tld":"com"},"ip":{"addr":"199.16.172.246","port":0,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"revolutiongray.com/","fqdn":"revolutiongray.com","domain":"revolutiongray.com","tld":"com"},"title":"Maintenance Mode","dom":{"size":6802,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"9ddd2608cebfb0c6accac6fdf4b23a12","sha1":"86d603c2f5413d1aadc6a168dc73f9910ad4d29a","sha256":"8817fc1618936421c3dc45e224bfda1d36dcd112db350b73b46f1480f3af6a43","sha512":"75d00c5d3f62dcb63782ae4bc3224f0933a59190991f6f5c832d0cae85b53323dac9b4c6ffc5c599ee4b83e7fc3549fdd17d5d516ed7e6f0f7b6e2b94622ccd9","ssdeep":"192:jENe8eQesbn2+YnQRKERKdjGKpjGKp539:cYD39","tlshash":"0fe1841a5b4f003b610bc4b077756b90661e9023820eddba7dad5524cfc12686efa7ec","dom_hash":"domhashb8e3ae24b374c7623bc110986d9b253e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"revolutiongray.com/","fqdn":"revolutiongray.com","domain":"revolutiongray.com","tld":"com"},"ip":{"addr":"199.16.172.246","port":0,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-09T18:36:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"revolutiongray.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"revolutiongray.com","ip":{"addr":"199.16.173.238","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"domain_registered":"2012-02-24","domain_rank":0,"first_seen":"2026-01-05T18:36:16.87417Z","last_seen":"2026-01-05T18:36:16.87417Z","alert_count":3,"request_count":3,"received_data":15275,"sent_data":1417,"comment":"","tags":null,"fingerprints":[{"name":"wp.cloud","description":"WordPress-first cloud hosting.","website":"https://wp.cloud/","common_platform_enumeration":"","icon":"wp-cloud.png","categories":["PaaS","Hosting"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"revolutiongray.com/","fqdn":"revolutiongray.com","domain":"revolutiongray.com","tld":"com"},"ip":{"addr":"199.16.173.238","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T18:35:54.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tls.automattic.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Dec 2025 11:30:53 GMT","end":"Tue, 03 Mar 2026 11:30:52 GMT"},"fingerprint":{"sha1":"BD:FF:0F:5B:51:CF:67:1B:82:EC:67:1F:65:2E:B9:EE:78:32:51:87","sha256":"1E:9E:98:BC:6D:86:8C:B9:05:E3:AD:37:36:35:BF:26:1F:F0:D8:97:BA:28:AC:6E:2A:A8:6B:27:1B:35:38:63"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: revolutiongray.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 503 Service Unavailable\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 18:35:54 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nstrict-transport-security: max-age=31536000\r\nhost-header: wpcloud\r\nvary: Cookie\r\npragma: no-cache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nx-ac: 35.arn _atomic_ams MISS\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=MISS;dur=266.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"wp.cloud","description":"WordPress-first cloud hosting.","website":"https://wp.cloud/","common_platform_enumeration":"","icon":"wp-cloud.png","categories":["PaaS","Hosting"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6825,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"cec7242a18f88ab5e53619faf8c788dd","sha1":"9060fbc79523025cac774e22e488175d080542bc","sha256":"eac05bfe9a86e6dba371ca66b725eeb0e8766d2de5cfe93e81cb8e8783eb0c8a","sha512":"9da016fe616faae5583e838647d3078649c31e4414d04eb5b463876624323367f82c9acb1834e8046d0524863e5132f264296e077f813a38c23e43e5babc3899","ssdeep":"192:/ANe8eQesbn2+YnQRKERKdjGKpjGKp53o:kYD3o","tlshash":"84e1731a5b4e003b610bc4b077756b91661e9023820eddba7dad5534cfc22686efa7ec","first_seen":"2026-01-05T18:36:18.817943Z","last_seen":"2026-01-05T18:36:18.817943Z","times_seen":1,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":55,"dns":27,"connect":7,"send":0,"wait":273,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"revolutiongray.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"revolutiongray.com/","fqdn":"revolutiongray.com","domain":"revolutiongray.com","tld":"com"},"ip":{"addr":"199.16.173.238","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-05T18:35:55.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tls.automattic.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Dec 2025 11:30:53 GMT","end":"Tue, 03 Mar 2026 11:30:52 GMT"},"fingerprint":{"sha1":"BD:FF:0F:5B:51:CF:67:1B:82:EC:67:1F:65:2E:B9:EE:78:32:51:87","sha256":"1E:9E:98:BC:6D:86:8C:B9:05:E3:AD:37:36:35:BF:26:1F:F0:D8:97:BA:28:AC:6E:2A:A8:6B:27:1B:35:38:63"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: revolutiongray.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 503 Service Unavailable\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 18:35:55 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nstrict-transport-security: max-age=31536000\r\nhost-header: wpcloud\r\nvary: Cookie\r\npragma: no-cache\r\nexpires: Wed, 11 Jan 1984 05:00:00 GMT\r\ncache-control: no-cache, must-revalidate, max-age=0, no-store, private\r\nx-ac: 35.arn _atomic_ams MISS\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=MISS;dur=422.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"503","status_text":"Service Unavailable","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"wp.cloud","description":"WordPress-first cloud hosting.","website":"https://wp.cloud/","common_platform_enumeration":"","icon":"wp-cloud.png","categories":["PaaS","Hosting"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6823,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"515f225fad20a1adf85dfd4997b31b95","sha1":"976a26a7a73feb7ccc995143db6e6a507e86ddda","sha256":"52c4358398905126241ea9b36f3eacd4a927e15b281968b33c041617483cbdac","sha512":"f2e556b75b6635ef011fe8b9d735e7b58b9317d70b9096b6a9dc76ddc7120200e1b3dbb3ebb04b966557bce53ed2a66270e40a08a7b2133bd574c9cd004ae8f6","ssdeep":"192:/ANe8eQesbn2+YnQRKERKdjGKpjGKp53r:kYD3r","tlshash":"bee1731a5b4e003b610bc4b077756b91661e9023820eddba7dad5534cfc22686efa7ec","first_seen":"2026-01-05T18:36:18.820604Z","last_seen":"2026-01-05T18:36:18.820604Z","times_seen":1,"resource_available":false,"data":null}},"time_used":429,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":429,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"revolutiongray.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"revolutiongray.com/favicon.ico","fqdn":"revolutiongray.com","domain":"revolutiongray.com","tld":"com"},"ip":{"addr":"199.16.173.238","port":443,"asn":2635,"as":"AUTOMATTIC","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://revolutiongray.com/","date":"2026-01-05T18:35:55.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tls.automattic.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Dec 2025 11:30:53 GMT","end":"Tue, 03 Mar 2026 11:30:52 GMT"},"fingerprint":{"sha1":"BD:FF:0F:5B:51:CF:67:1B:82:EC:67:1F:65:2E:B9:EE:78:32:51:87","sha256":"1E:9E:98:BC:6D:86:8C:B9:05:E3:AD:37:36:35:BF:26:1F:F0:D8:97:BA:28:AC:6E:2A:A8:6B:27:1B:35:38:63"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: revolutiongray.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://revolutiongray.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Mon, 05 Jan 2026 18:35:55 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 198\r\nstrict-transport-security: max-age=31536000\r\nlast-modified: Fri, 08 Jul 2022 16:54:02 GMT\r\netag: \"62c8612a-c6\"\r\nexpires: Mon, 05 Jan 2026 18:50:55 GMT\r\ncache-control: max-age=900\r\nx-ac: 26.arn _atomic_ams MISS\r\naccept-ranges: bytes\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: a8c-cdn, dc;desc=arn, cache;desc=MISS;dur=235.0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":198,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 2 colors","md5":"c6acedaff906029fc5455d9ec52c7f42","sha1":"92cbd806ca421aa2c9ff5e1ff76bbc20913a2f81","sha256":"9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b","sha512":"7a8d002ca6b607e38860ad4485493e109cb7d3bef241b0e5bf2a65c2e316e6185ded8ec74e3fcbd78745ab302c6d876657abc178ee028d1b8b9a5572f429d972","ssdeep":"","tlshash":"99d002433104c014c0100635c407dbf407546c018d94274731503f5f7c505c81c64650","first_seen":"2023-04-08T04:59:04Z","last_seen":"2026-04-03T13:35:16.032681Z","times_seen":7135,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-05","alert":"Sinkholed","trigger":"revolutiongray.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}