CONTINUOUS INTERNET TELEMETRY24H DRIFT2,272 material changesacross 2,072 domains · -279 vs yesterdayDNS DRIFT14 domains changed DNS providertop destination selectel.ru · -2 vs yesterdayEMAIL DRIFT6 domains switched email providertop destination google.com · +1 vs yesterdayCERT DRIFT1 domains switched issuing CA24h · -4 vs yesterdayNOW3,390 curated domains not answeringlast probe, steadyERRORS10,886 responded with an errorlast probe · 5xx / 404 / 429 / 40324H DRIFT2,272 material changesacross 2,072 domains · -279 vs yesterdayDNS DRIFT14 domains changed DNS providertop destination selectel.ru · -2 vs yesterdayEMAIL DRIFT6 domains switched email providertop destination google.com · +1 vs yesterdayCERT DRIFT1 domains switched issuing CA24h · -4 vs yesterdayNOW3,390 curated domains not answeringlast probe, steadyERRORS10,886 responded with an errorlast probe · 5xx / 404 / 429 / 403

ua.com

Observed 2026-07-13T14:48:40.008Z (18h ago). Every field below was attested with an Ed25519 signature at scan time.

Up right now
Runs onCloudflare
Email byMicrosoft 365
Registered withCSC Corporate Domains, Inc.
Also usesFacebook/MetaGoogle Search Console
6 subdomains · tranco_40k
Every line above is a signed observation. Check the math at the bottom of the page.
INFRASTRUCTURE MAPwhat ua.com actually stands on - every host below is a signed observation
ua.com
A / AAAA
140.248.149.91
Cloudflareserves the site
NS
ns12.dnsmadeeasy.comns15.dnsmadeeasy.comns10.dnsmadeeasy.comns11.dnsmadeeasy.com+2 more
dnsmadeeasy.comanswers its DNS
MX
ua-com.mail.protection.outlook.com
Microsoft 365receives its email

HTTPS probe

redirect Redirecting (3xx) 308 → https://www.underarmour.com/en-us/
HTTP status308
Servercloudflare
TLS protocolHTTP/2
TLS issuernot observed
Behind Cloudflareyes
Response time1824 ms
DNS resolutionNOERROR
Redirect chain
https://www.underarmour.com/en-us/

Every field above is part of the same signed observation as the records below. Blank means not observed, never "none".

DNS Records

A 1

  • 140.248.149.91

MX 1

  • 0ua-com.mail.protection.outlook.com

TXT 7

  • apple-domain-verification=UZa5ckzBUiP5KPa0
  • v=spf1 include:spf.protection.outlook.com -all
  • have-i-been-pwned-verification=243e68d7e85525bcdebedd488795f0d0
  • facebook-domain-verification=ui9r2bgwh8o4kurtviq6o1jpxy1wb8
  • 9DdqACTWDnoKi5LSwVeLwqNm1PxfRMDRCZ4SUPRZQ4iNwQn+FfdCkB4xEC3j1z1TUx7NbNFSMMjzlSaQJw5n2g==
  • MS=ms17390637
  • google-site-verification=jQifk0UPXxnFUMeRcR87o5fyBmv_w0w-GML219vXB_E

NS 6

  • ns12.dnsmadeeasy.com
  • ns15.dnsmadeeasy.com
  • ns10.dnsmadeeasy.com
  • ns11.dnsmadeeasy.com
  • ns14.dnsmadeeasy.com
  • ns13.dnsmadeeasy.com

SOA 1

  • ns20.digicertdns.com dns.digicertdns.com

CAA 12

  • issue letsencrypt.org
  • issuewild awstrust.com
  • issuewild letsencrypt.org
  • issue certainly.com
  • issuewild amazontrust.com
  • issue amazonaws.com
  • issue amazontrust.com
  • issuewild amazonaws.com
  • issue awstrust.com
  • issuewild certainly.com

TLS Certificates (0)

None.

Subdomains (6)

The proof

Signed at scan time. Check the math yourself. Every line above is part of one signed observation. Re-hash it and check the Ed25519 signature in your own browser; nothing leaves your machine.

Verify this receipt

Put the receipt on your own site. A live badge showing what DomainDrift observes and signs for ua.com. It updates itself. It attests a signed observation - not that the site is safe.

DomainDrift signed-observation badge for ua.com <a href="https://domaindrift.io/t/ua.com"> <img src="https://domaindrift.io/badge/ua.com.svg" width="300" height="64" alt="DomainDrift signed observations for ua.com"> </a>

Ed25519 Receipt

Receipt ID
55006811-5c37-4835-8015-d9d5e9371c26
Output Hash
cee4b94eb261f82c817501d7517f6e64d46764f16777df14ea42d5c0f8f96d97
Signature
ed25519:32ed988fd1e5c7cb91fd21285bc1bc9b5c611e2e5149e02998b7dd58208483cd8d402313d62f935066e67aaceab38f0b811f25dd4feeabb18056f982c92cf301
Public Key
ed25519:d610d74ef18f683e5beb859d241d5e67dff0c122e8928b06bec1c2476f4ba27b
Parent
(genesis)
Plane
fast
Verify this in your browser