CONTINUOUS INTERNET TELEMETRY24H DRIFT2,851 material changesacross 2,531 domains · -547 vs yesterdayDNS DRIFT21 domains changed DNS providertop destination cloudflare.com · -6 vs yesterdayEMAIL DRIFT3 domains switched email providertop destination h-email.net · -3 vs yesterdayCERT DRIFT7 domains switched issuing CA24hNOW3,330 curated domains not answering-6,388 vs yesterdayERRORS10,947 responded with an errorlast probe · 5xx / 404 / 429 / 40324H DRIFT2,851 material changesacross 2,531 domains · -547 vs yesterdayDNS DRIFT21 domains changed DNS providertop destination cloudflare.com · -6 vs yesterdayEMAIL DRIFT3 domains switched email providertop destination h-email.net · -3 vs yesterdayCERT DRIFT7 domains switched issuing CA24hNOW3,330 curated domains not answering-6,388 vs yesterdayERRORS10,947 responded with an errorlast probe · 5xx / 404 / 429 / 403

hema.com

Observed 2026-07-13T00:16:03.502458994+00:00 (16h ago). Every field below was attested with an Ed25519 signature at scan time.

Up right now
Runs onCloudflare
Email byMicrosoft 365
Secured byLet's Encrypt
Also usesMiroFacebook/MetaGoogle Search ConsoleAtlassian
push_legacy
Every line above is a signed observation. Check the math at the bottom of the page.
INFRASTRUCTURE MAPwhat hema.com actually stands on - every host below is a signed observation
hema.com
A / AAAA
104.18.36.112172.64.151.144
Cloudflareserves the site
NS
ns01.brandshelter.comns02.brandshelter.net
brandshelter.com + brandshelter.netanswers its DNS
MX
hema-com.mail.protection.outlook.com
Microsoft 365receives its email
TLS
hema.com
Let's Encryptissued its certificate

DNS Records

A 2

  • 104.18.36.112
  • 172.64.151.144

MX 1

  • 50hema-com.mail.protection.outlook.com

TXT 14

  • MS=ms73420107
  • amazonses:3mbs3s3+U8G0VaNIhcWLaqoHfKzeYQKHdzQXZyRTAxQ=
  • miro-verification=39fbc1e6894e7e9dc4a92550aa2d58cb04c8a004
  • facebook-domain-verification=147ofs3iqi34npar8g4yr3mxrr3ubk
  • pinterest-site-verification=2216f730baea60eb65ebe1b928262e52
  • google-site-verification=3PTzR7lIdW1J4mJ-ECczDhBTYZW_y8Mf1ARLFgK4jjg
  • google-site-verification=8RoY14yMM7kBDXhgb2ED6YadNYJKAy9s7Pl2iSO7RKc
  • google-site-verification=EFRFmG5r6Y-yHubJfVYkXf8gUVKECZ3OeraEnngDoTg
  • google-site-verification=u8iqH1mzgEXyyGfA4RFnJ74wJz9E4jGMvbi8EgZqtBU
  • google-site-verification=yreKVgG526mHcrUPgNj96HAn2UDwodxu1R5aAX_CevM

NS 2

  • ns01.brandshelter.com
  • ns02.brandshelter.net

SOA 1

  • ns01.brandshelter.com tech.brandshelter.com

TLS Certificates (2)

Common NameIssuerExpires
hema.com C=US, O=Let's Encrypt, CN=E8 Mon, 17 Aug 2026 05:36:57 +0000
E8 C=US, O=Internet Security Research Group, CN=ISRG Root X1 Fri, 12 Mar 2027 23:59:59 +0000

Subdomains (0)

None observed.

The proof

Signed at scan time. Check the math yourself. Every line above is part of one signed observation. Re-hash it and check the Ed25519 signature in your own browser; nothing leaves your machine.

Verify this receipt

Put the receipt on your own site. A live badge showing what DomainDrift observes and signs for hema.com. It updates itself. It attests a signed observation - not that the site is safe.

DomainDrift signed-observation badge for hema.com <a href="https://domaindrift.io/t/hema.com"> <img src="https://domaindrift.io/badge/hema.com.svg" width="300" height="64" alt="DomainDrift signed observations for hema.com"> </a>

Ed25519 Receipt

Receipt ID
242215ad-1e5a-4891-b7e4-46ed585dd192
Output Hash
9fee4a9a84586f5f7ef7524311e1f00c39f91229e78faee9b8aa424cc1372b39
Signature
ed25519:c7a50def8053f13e123dd6eb1d023bdcc5ffebcf12375e79dfba691c054e72fdd2137b9920e7fe1cfefda8ef3fb495ce34e08621fd63abebdd07ee2c69b24802
Public Key
ed25519:178c3bd0f57d9d64b83cc4630753381e1a465005a2bbba3d032371f24af0bfd8
Parent
(genesis)
Plane
fast
Verify this in your browser