CONTINUOUS INTERNET TELEMETRY24H DRIFT2,873 material changesacross 2,530 domains · -525 vs yesterdayDNS DRIFT20 domains changed DNS providertop destination cloudflare.com · -7 vs yesterdayEMAIL DRIFT4 domains switched email providertop destination reyrey.com · -2 vs yesterdayCERT DRIFT7 domains switched issuing CA24hNOW3,309 curated domains not answering-6,409 vs yesterdayERRORS10,963 responded with an errorlast probe · 5xx / 404 / 429 / 40324H DRIFT2,873 material changesacross 2,530 domains · -525 vs yesterdayDNS DRIFT20 domains changed DNS providertop destination cloudflare.com · -7 vs yesterdayEMAIL DRIFT4 domains switched email providertop destination reyrey.com · -2 vs yesterdayCERT DRIFT7 domains switched issuing CA24hNOW3,309 curated domains not answering-6,409 vs yesterdayERRORS10,963 responded with an errorlast probe · 5xx / 404 / 429 / 403

zip.co

Observed 2026-07-13T00:02:22.867914159+00:00 (10h ago). Every field below was attested with an Ed25519 signature at scan time.

Up right now
Runs onCloudflare
Email byGoogle Workspace
Secured byGoogle Trust Services
Also usesZoomAtlassianDockerDocuSignGoogle Search ConsoleMiroStripe
IPv6 · fintech
Every line above is a signed observation. Check the math at the bottom of the page.
INFRASTRUCTURE MAPwhat zip.co actually stands on - every host below is a signed observation
zip.co
A / AAAA
172.64.150.121104.18.37.1352a06:98c1:3108::6812:25872606:4700:4407::ac40:9679
Cloudflareserves the site
NS
justin.ns.cloudflare.comsofia.ns.cloudflare.com
cloudflare.comanswers its DNS
MX
aspmx.l.google.comalt3.aspmx.l.google.comalt4.aspmx.l.google.comalt1.aspmx.l.google.com+1 more
Google Workspacereceives its email
TLS
zip.co
Google Trust Servicesissued its certificate

DNS Records

A 2

  • 172.64.150.121
  • 104.18.37.135

AAAA 2

  • 2a06:98c1:3108::6812:2587
  • 2606:4700:4407::ac40:9679

MX 5

  • 1aspmx.l.google.com
  • 10alt3.aspmx.l.google.com
  • 10alt4.aspmx.l.google.com
  • 5alt1.aspmx.l.google.com
  • 5alt2.aspmx.l.google.com

TXT 53

  • 00D2E000001HI3j=1TBUG00000007UX
  • 5dd2bak2h8ke6ktn9lgo7uj9ge
  • 629vcakj759jebp3k10o57vrur
  • D2FD6FD56E
  • Dynatrace-site-verification=64ac3fc1-e60a-4eb3-a212-192d57e41e46__1a8p0t6lde553qlsfgpoeca3h5
  • Dynatrace-site-verification=a1c70914-e42c-40c7-a03b-3cd04107c4b7__6i3qlhog3uqt43c1p6utk1atf8
  • MS=ms41704273
  • ZOOM_verify_E3SPGxQQTKmd_57cOz28gQ
  • _gitlab-pages-verification-code.zip.co TXT gitlab-pages-verification-code=3a9d4d915e74e479cbdc461cd494319e
  • _lclu7s33ivdmjkhwhsx9fbbdzucdqoq

NS 2

  • justin.ns.cloudflare.com
  • sofia.ns.cloudflare.com

SOA 1

  • justin.ns.cloudflare.com dns.cloudflare.com

TLS Certificates (3)

Common NameIssuerExpires
zip.co C=US, O=Google Trust Services, CN=WE1 Sun, 13 Sep 2026 11:03:06 +0000
WE1 C=US, O=Google Trust Services LLC, CN=GTS Root R4 Tue, 20 Feb 2029 14:00:00 +0000
GTS Root R4 C=BE, O=GlobalSign nv-sa, 2.5.4.11=Root CA, CN=GlobalSign Root CA Fri, 28 Jan 2028 00:00:42 +0000

Subdomains (0)

None observed.

The proof

Signed at scan time. Check the math yourself. Every line above is part of one signed observation. Re-hash it and check the Ed25519 signature in your own browser; nothing leaves your machine.

Verify this receipt

Put the receipt on your own site. A live badge showing what DomainDrift observes and signs for zip.co. It updates itself. It attests a signed observation - not that the site is safe.

DomainDrift signed-observation badge for zip.co <a href="https://domaindrift.io/t/zip.co"> <img src="https://domaindrift.io/badge/zip.co.svg" width="300" height="64" alt="DomainDrift signed observations for zip.co"> </a>

Ed25519 Receipt

Receipt ID
44f6a6d1-e5b4-4736-a41a-47af64c27aa5
Output Hash
5d1b152f56f822f1a0aff1dd260c2d4484b434c48c3d13d07b564ab809637683
Signature
ed25519:85fcbeb5cc05a7b892b66d3106c3acbfef24d0d01994e9126701d87a5bb600d54ed4354254c66c7540b6b0055667b73ce32dc242c27745c010ad3f7c6b8fc400
Public Key
ed25519:178c3bd0f57d9d64b83cc4630753381e1a465005a2bbba3d032371f24af0bfd8
Parent
(genesis)
Plane
fast
Verify this in your browser