CONTINUOUS INTERNET TELEMETRY24H DRIFT1,428 material changesacross 1,215 domains · +974 vs yesterdayDNS DRIFT25 domains changed DNS providertop destination parity.domains · +21 vs yesterdayEMAIL DRIFT7 domains switched email providertop destination pphosted.com · +5 vs yesterdayNOW414 curated domains not answering-1,801 vs yesterdayERRORS2,538 responded with an errorlast probe · 5xx / 404 / TLSTHROTTLED8,082 throttled or blocked our scanner429 rate-limit / 403 bot-blockMOVERtiktok.comDMARC enforcement downgraded: p=reject → no DMARC record24H DRIFT1,428 material changesacross 1,215 domains · +974 vs yesterdayDNS DRIFT25 domains changed DNS providertop destination parity.domains · +21 vs yesterdayEMAIL DRIFT7 domains switched email providertop destination pphosted.com · +5 vs yesterdayNOW414 curated domains not answering-1,801 vs yesterdayERRORS2,538 responded with an errorlast probe · 5xx / 404 / TLSTHROTTLED8,082 throttled or blocked our scanner429 rate-limit / 403 bot-blockMOVERtiktok.comDMARC enforcement downgraded: p=reject → no DMARC record

haven.com

Observed 2026-07-17T14:32:53.921182868+00:00 (7h ago). Every field below was attested with an Ed25519 signature at scan time.

Up right now
Email byMimecast
Secured byAmazon
Also usesDocuSignMiroFacebook/MetaGoogle Search Console
tranco_100k
Every line above is a signed observation. Check the math at the bottom of the page.
INFRASTRUCTURE MAPwhat haven.com actually stands on - every host below is a signed observation
haven.com
A / AAAA
52.215.121.352.208.164.3334.250.156.74
unattributedserves the site
NS
udns1.cscdns.netudns2.cscdns.uk
cscdns.net + cscdns.ukanswers its DNS
MX
eu-smtp-inbound-1.mimecast.comeu-smtp-inbound-2.mimecast.com
Mimecastreceives its email
TLS
*.haven.com
Amazonissued its certificate

DNS Records

A 3

  • 52.215.121.3
  • 52.208.164.33
  • 34.250.156.74

MX 2

  • 10eu-smtp-inbound-1.mimecast.com
  • 10eu-smtp-inbound-2.mimecast.com

TXT 12

  • TAILSCALE=eePVckpas3EyNkjM82Ts
  • CS45htd6mV5e2A26FCbCira5MnSnNd51
  • v=spf1 redirect=5vf9rekq._spf._d.mim.ec
  • apple-domain-verification=HGLRBoCtJnhC1ImI
  • docusign=c6402294-a8cb-4c56-924f-52d578c3d891
  • miro-verification=31080799db4e662204a3e1b308996de05c6c86fa
  • facebook-domain-verification:56zet6eiaj06tmsuwjzy2rwie0teum
  • smartsheet-site-validation=T47p39oCmo_IgentDerSG6w59P3oxz2K
  • onetrust-domain-verification=39734f5fffab4fb787a209989d9eacb8
  • google-site-verification=mZ6zL_5e3LOjlm-PdYNFo_6kfOmOR-D_1tcJBZk-K1k

NS 2

  • udns1.cscdns.net
  • udns2.cscdns.uk

SOA 1

  • udns1.cscdns.net hostmaster.cscdns.net

TLS Certificates (3)

Common NameIssuerExpires
*.haven.com C=US, O=Amazon, CN=Amazon RSA 2048 M01 Thu, 12 Nov 2026 23:59:59 +0000
Amazon RSA 2048 M01 C=US, O=Amazon, CN=Amazon Root CA 1 Fri, 23 Aug 2030 22:21:28 +0000
Amazon Root CA 1 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2 Thu, 31 Dec 2037 01:00:00 +0000

Subdomains (0)

None observed.

The proof

Signed at scan time. Check the math yourself. Every line above is part of one signed observation. Re-hash it and check the Ed25519 signature in your own browser; nothing leaves your machine.

Verify this receipt

Put the receipt on your own site. A live badge showing what DomainDrift observes and signs for haven.com. It updates itself. It attests a signed observation - not that the site is safe.

DomainDrift signed-observation badge for haven.com <a href="https://domaindrift.io/t/haven.com"> <img src="https://domaindrift.io/badge/haven.com.svg" width="300" height="64" alt="DomainDrift signed observations for haven.com"> </a>

Ed25519 Receipt

Receipt ID
c3f64b68-0987-4c78-8b58-941af1be4509
Output Hash
6e8c4f8f5854601f9385f77278cee2ec0a1d8914392da6684f90f7f01b7d6b80
Signature
ed25519:9b6f7a23a1b0d8012541626204f2c6a3619b48e5fdf7d031d19f201bd0fb35f240757b7f296d72484669d28f3c34ba59267eb8015b3f9391de01bc90a5933e05
Public Key
ed25519:178c3bd0f57d9d64b83cc4630753381e1a465005a2bbba3d032371f24af0bfd8
Parent
(genesis)
Plane
fast
Verify this in your browser