CONTINUOUS INTERNET TELEMETRY24H DRIFT3,160 material changesacross 2,740 domains · -238 vs yesterdayDNS DRIFT24 domains changed DNS providertop destination digicertdns.com + digicertdns.net · -3 vs yesterdayEMAIL DRIFT5 domains switched email providertop destination 365cool.com · -1 vs yesterdayCERT DRIFT8 domains switched issuing CA24h · +1 vs yesterdayNOW3,316 curated domains not answering-6,402 vs yesterdayERRORS10,957 responded with an errorlast probe · 5xx / 404 / 429 / 40324H DRIFT3,160 material changesacross 2,740 domains · -238 vs yesterdayDNS DRIFT24 domains changed DNS providertop destination digicertdns.com + digicertdns.net · -3 vs yesterdayEMAIL DRIFT5 domains switched email providertop destination 365cool.com · -1 vs yesterdayCERT DRIFT8 domains switched issuing CA24h · +1 vs yesterdayNOW3,316 curated domains not answering-6,402 vs yesterdayERRORS10,957 responded with an errorlast probe · 5xx / 404 / 429 / 403

soap2day.day

Observed 2026-07-13T03:52:46.742Z (1h ago). Every field below was attested with an Ed25519 signature at scan time.

Up right now
Runs onCloudflare
Also usesGoogle Search Console
IPv6 · 1 subdomain · tranco_20k
Every line above is a signed observation. Check the math at the bottom of the page.
INFRASTRUCTURE MAPwhat soap2day.day actually stands on - every host below is a signed observation
soap2day.day
A / AAAA
104.26.4.122104.26.5.122172.67.74.2232606:4700:20::ac43:4adf+2 more
Cloudflareserves the site
NS
jewel.ns.cloudflare.comnicolas.ns.cloudflare.com
cloudflare.comanswers its DNS
MX
route3.mx.cloudflare.netroute1.mx.cloudflare.netroute2.mx.cloudflare.net
cloudflare.netreceives its email

HTTPS probe

redirect Redirecting (3xx) 301 → https://ww23.soap2day.day/
HTTP status301
Servercloudflare
TLS protocolHTTP/2
TLS issuernot observed
Behind Cloudflareyes
Response time4 ms
DNS resolutionNOERROR
Redirect chain
https://ww23.soap2day.day/

Every field above is part of the same signed observation as the records below. Blank means not observed, never "none".

DNS Records

A 3

  • 104.26.4.122
  • 104.26.5.122
  • 172.67.74.223

AAAA 3

  • 2606:4700:20::ac43:4adf
  • 2606:4700:20::681a:57a
  • 2606:4700:20::681a:47a

MX 3

  • 28route3.mx.cloudflare.net
  • 88route1.mx.cloudflare.net
  • 52route2.mx.cloudflare.net

TXT 3

  • v=spf1 include:_spf.mx.cloudflare.net ~all
  • google-site-verification=GrGDthjFjd3UPe0Dpe3adE4oLHcU14lMGo534J11poU
  • v=DNSSEC1; (detected)

NS 2

  • jewel.ns.cloudflare.com
  • nicolas.ns.cloudflare.com

SOA 1

  • jewel.ns.cloudflare.com dns.cloudflare.com

CAA 10

  • issue ssl.com
  • issue comodoca.com
  • issuewild pki.goog; cansignhttpexchanges=yes
  • issuewild letsencrypt.org
  • issue pki.goog; cansignhttpexchanges=yes
  • issuewild ssl.com
  • issuewild comodoca.com
  • issue digicert.com; cansignhttpexchanges=yes
  • issue letsencrypt.org
  • issuewild digicert.com; cansignhttpexchanges=yes

TLS Certificates (0)

None.

Subdomains (1)

The proof

Signed at scan time. Check the math yourself. Every line above is part of one signed observation. Re-hash it and check the Ed25519 signature in your own browser; nothing leaves your machine.

Verify this receipt

Put the receipt on your own site. A live badge showing what DomainDrift observes and signs for soap2day.day. It updates itself. It attests a signed observation - not that the site is safe.

DomainDrift signed-observation badge for soap2day.day <a href="https://domaindrift.io/t/soap2day.day"> <img src="https://domaindrift.io/badge/soap2day.day.svg" width="300" height="64" alt="DomainDrift signed observations for soap2day.day"> </a>

Ed25519 Receipt

Receipt ID
f39d090e-c451-4be7-a1e5-6bc051160927
Output Hash
99dff2daea86982676b3366277d5c0d8c48ec44b378379ed4d9ab9708cde00db
Signature
ed25519:3070f713440c6872b29fdf2b3a5412e0a4caa527496cffe82fd04f8e935abe32e33042a68ac8681aa0332ee1a9fe514af8e2b2087b9216ba9bf2a162801f5008
Public Key
ed25519:d610d74ef18f683e5beb859d241d5e67dff0c122e8928b06bec1c2476f4ba27b
Parent
(genesis)
Plane
fast
Verify this in your browser