CONTINUOUS INTERNET TELEMETRY24H DRIFT2,861 material changesacross 2,518 domains · -537 vs yesterdayDNS DRIFT21 domains changed DNS providertop destination cloudflare.com · -6 vs yesterdayEMAIL DRIFT4 domains switched email providertop destination reyrey.com · -2 vs yesterdayCERT DRIFT7 domains switched issuing CA24hNOW3,306 curated domains not answering-6,412 vs yesterdayERRORS10,966 responded with an errorlast probe · 5xx / 404 / 429 / 40324H DRIFT2,861 material changesacross 2,518 domains · -537 vs yesterdayDNS DRIFT21 domains changed DNS providertop destination cloudflare.com · -6 vs yesterdayEMAIL DRIFT4 domains switched email providertop destination reyrey.com · -2 vs yesterdayCERT DRIFT7 domains switched issuing CA24hNOW3,306 curated domains not answering-6,412 vs yesterdayERRORS10,966 responded with an errorlast probe · 5xx / 404 / 429 / 403

cert.org

Observed 2026-07-13T05:00:30.203Z (4h ago). Every field below was attested with an Ed25519 signature at scan time.

Up right now
Runs onCloudflare
Also usesGoogle Search Console
2 subdomains · tranco_20k
Every line above is a signed observation. Check the math at the bottom of the page.
INFRASTRUCTURE MAPwhat cert.org actually stands on - every host below is a signed observation
cert.org
A / AAAA
147.72.252.242
Cloudflareserves the site
NS
ns-1403.awsdns-47.orgns-916.awsdns-50.netns-28.awsdns-03.comns-1794.awsdns-32.co.uk
awsdns-47.org + awsdns-50.net + moreanswers its DNS
MX
tingley.sei.cmu.edutilton.sei.cmu.edu
cmu.edureceives its email

HTTPS probe

redirect Redirecting (3xx) 301 → https://www.sei.cmu.edu/certsite/
HTTP status301
Servercloudflare
TLS protocolHTTP/2
TLS issuernot observed
Behind Cloudflareyes
Response time205 ms
DNS resolutionNOERROR
Redirect chain
https://www.sei.cmu.edu/certsite/

Every field above is part of the same signed observation as the records below. Blank means not observed, never "none".

DNS Records

A 1

  • 147.72.252.242

MX 2

  • 10tingley.sei.cmu.edu
  • 10tilton.sei.cmu.edu

TXT 5

  • MS=ms99326395
  • v=spf1 ip4:147.72.252.0/27 include:spf.protection.office365.us ?all
  • google-site-verification=XOhFzgbzrxnwXF_zY4WWTJSkIyRfIjEI8eaOJCx4WiI
  • GjlKiHz4O+yqufLrRIiCkmyaNeKDsFtlP0EdfJ5Hd0ERRCB3rBFfT0hjRz5KpuVbK7z1iW6Vh6MtnSK/dHi1Lg==
  • v=DMARC1; p=none; adkim=r; aspf=r; fo=0; rf=afrf; rua=mailto:brndm82m-aen4zffh@sei.cmu.edu; ruf=mailto:zahuj14e-0jwboxgg@sei.cmu.edu

NS 4

  • ns-1403.awsdns-47.org
  • ns-916.awsdns-50.net
  • ns-28.awsdns-03.com
  • ns-1794.awsdns-32.co.uk

SOA 1

  • ns-1403.awsdns-47.org awsdns-hostmaster.amazon.com

CAA 3

  • issuewild sectigo.com
  • issue sectigo.com
  • iodef mailto:caa-reports@sei.cmu.edu

TLS Certificates (0)

None.

Subdomains (2)

The proof

Signed at scan time. Check the math yourself. Every line above is part of one signed observation. Re-hash it and check the Ed25519 signature in your own browser; nothing leaves your machine.

Verify this receipt

Put the receipt on your own site. A live badge showing what DomainDrift observes and signs for cert.org. It updates itself. It attests a signed observation - not that the site is safe.

DomainDrift signed-observation badge for cert.org <a href="https://domaindrift.io/t/cert.org"> <img src="https://domaindrift.io/badge/cert.org.svg" width="300" height="64" alt="DomainDrift signed observations for cert.org"> </a>

Ed25519 Receipt

Receipt ID
d4416160-e460-4fb1-8734-4a787a9e5e95
Output Hash
c460a1f8c08e7e5910c662a9f5dd3ef4b10ec2c3c0af8136a1cc1ec8712b106e
Signature
ed25519:8226eded6b5f46d8249f1f1457cc305ea80294af8ebe2935def787a3f825af073b6e611869fa2afc5043c127a5fc4c99b329f5949c42df46799998d5c534e003
Public Key
ed25519:d610d74ef18f683e5beb859d241d5e67dff0c122e8928b06bec1c2476f4ba27b
Parent
(genesis)
Plane
fast
Verify this in your browser