Public Surface Audit
Discover what attackers see about your company. Subdomains, certificates, exposed services — all from public sources. No agent. No setup.
What you'll see after a scan
72
/100
high risk
Subdomains discovered
5
via Certificate Transparency logs (crt.sh)
Currently resolving
4 / 5
live A/AAAA records — likely intentional exposure
Findings
- Found 3 subdomains with risky tokens [dev(1), staging(1), vpn(1)] — review for exposed dev/admin surfaces.
- 4 subdomains currently resolve to live IPs — confirm each is intentional.
Subdomains
Sorted by most recent certificate| Subdomain | First seen | IPs | Issuer |
|---|---|---|---|
| www.example.com | 2024-01-12 | 93.184.216.34 | DigiCert TLS RSA SHA256 |
| api.example.com | 2023-09-08 | 93.184.216.35 | Let's Encrypt R3 |
| dev.example.com | 2024-02-01 | 93.184.216.36 | Let's Encrypt R3 |
| staging.example.com | 2024-06-04 | doesn't resolve | Let's Encrypt R3 |
| vpn.example.com | 2025-01-08 | 93.184.216.37 | DigiCert TLS RSA SHA256 |
This MVP scan uses Certificate Transparency only.
Upgrade to Pro for Shodan port + service detection, HIBP breach search, and weekly delta alerts — or a one-time $4.99 scan (coming soon).
