CONTINUOUS INTERNET TELEMETRY24H DRIFT2,064 material changesacross 1,855 domains · -487 vs yesterdayDNS DRIFT16 domains changed DNS providertop destination cloudflare.comEMAIL DRIFT5 domains switched email providertop destination google.comCERT DRIFT1 domains switched issuing CA24h · -4 vs yesterdayNOW3,391 curated domains not answeringlast probe, steadyERRORS10,887 responded with an errorlast probe · 5xx / 404 / 429 / 40324H DRIFT2,064 material changesacross 1,855 domains · -487 vs yesterdayDNS DRIFT16 domains changed DNS providertop destination cloudflare.comEMAIL DRIFT5 domains switched email providertop destination google.comCERT DRIFT1 domains switched issuing CA24h · -4 vs yesterdayNOW3,391 curated domains not answeringlast probe, steadyERRORS10,887 responded with an errorlast probe · 5xx / 404 / 429 / 403

keepersecurity.eu

Observed 2026-07-13T14:34:10.625Z (15h ago). Every field below was attested with an Ed25519 signature at scan time.

Up right now
Runs onCloudflare
Email byGoogle Workspace
Also usesGoogle Search ConsoleHubSpot
6 subdomains · tranco_40k
Every line above is a signed observation. Check the math at the bottom of the page.
INFRASTRUCTURE MAPwhat keepersecurity.eu actually stands on - every host below is a signed observation
keepersecurity.eu
A / AAAA
18.200.221.2852.18.137.170
Cloudflareserves the site
NS
ns-1561.awsdns-03.co.ukns-868.awsdns-44.netns-13.awsdns-01.comns-1267.awsdns-30.org
awsdns-03.co.uk + awsdns-44.net + moreanswers its DNS
MX
aspmx3.googlemail.comalt2.aspmx.l.google.comaspmx2.googlemail.comalt1.aspmx.l.google.com+1 more
Google Workspacereceives its email

HTTPS probe

redirect Redirecting (3xx) 301 → https://www.keepersecurity.eu/
HTTP status301
Servercloudflare
TLS protocolHTTP/2
TLS issuernot observed
Behind Cloudflareyes
Response time1247 ms
DNS resolutionNOERROR
Redirect chain
https://www.keepersecurity.eu/

Every field above is part of the same signed observation as the records below. Blank means not observed, never "none".

DNS Records

A 2

  • 18.200.221.28
  • 52.18.137.170

MX 5

  • 10aspmx3.googlemail.com
  • 5alt2.aspmx.l.google.com
  • 10aspmx2.googlemail.com
  • 5alt1.aspmx.l.google.com
  • 1aspmx.l.google.com

TXT 6

  • google-site-verification=2WS3Q3Y15L5VD_9AHiG9thqt3IqurBdS4ycYPp9N0G0
  • s61v88cqv1p0v5jcekfgougq0t
  • 3gsn-YUFZc7oheCahr9wt_Wgxw
  • v=spf1 include:amazonses.com include:_spf.google.com include:helpscoutemail.com include:_spf.salesforce.com include:5481240.spf08.hubspotemail.net include:_spf.psm.knowbe4.com -all
  • v=DMARC1; p=reject; rua=mailto:0167f78e@mxtoolbox.dmarc-report.com; ruf=mailto:0167f78e@forensics.dmarc-report.com; fo=1
  • v=DKIM1; (detected)

NS 4

  • ns-1561.awsdns-03.co.uk
  • ns-868.awsdns-44.net
  • ns-13.awsdns-01.com
  • ns-1267.awsdns-30.org

SOA 1

  • ns-868.awsdns-44.net awsdns-hostmaster.amazon.com

CAA 3

  • issue starfieldtech.com
  • issuewild ;
  • issue amazonaws.com

TLS Certificates (0)

None.

Subdomains (6)

The proof

Signed at scan time. Check the math yourself. Every line above is part of one signed observation. Re-hash it and check the Ed25519 signature in your own browser; nothing leaves your machine.

Verify this receipt

Put the receipt on your own site. A live badge showing what DomainDrift observes and signs for keepersecurity.eu. It updates itself. It attests a signed observation - not that the site is safe.

DomainDrift signed-observation badge for keepersecurity.eu <a href="https://domaindrift.io/t/keepersecurity.eu"> <img src="https://domaindrift.io/badge/keepersecurity.eu.svg" width="300" height="64" alt="DomainDrift signed observations for keepersecurity.eu"> </a>

Ed25519 Receipt

Receipt ID
e03a9433-f2a7-4fb9-aec3-380d77f51d99
Output Hash
c93313862b76068540de64bc4905d9b7df137b860e32b52a884ebc231433164d
Signature
ed25519:726bb31cc72a149edd566fe089d264e08ccd6e9f067457639c0746d6c371476904d892c2f86725e2bf41a9cac58c1b2d82560ecee381e19602c61eb096802f08
Public Key
ed25519:d610d74ef18f683e5beb859d241d5e67dff0c122e8928b06bec1c2476f4ba27b
Parent
(genesis)
Plane
fast
Verify this in your browser