Sample

What Your Report Looks Like

This is a redacted preview of an actual RedRadar OSINT report. Your full report includes detailed findings, remediation steps, and risk ratings for every item.

OSINT Security Intelligence Report

Target: example-startup.com  •  Generated: 2026-04-03  •  Report ID: RR-2026-04-8841

Risk: High
67
Risk Score
4
High Findings
7
Medium Findings
3
Low Findings
Subdomain Enumeration 3 critical

Discovered 23 subdomains. staging.example-startup.com and dev.example-startup.com are publicly accessible with no authentication. old-api.example-startup.com is serving a deprecated API version with known CVEs.

DNS Security Analysis SPF missing

No SPF record found. DMARC policy set to p=none — domain is spoofable. DKIM not configured for transactional mail subdomain. DNSSEC not enabled.

SSL/TLS Assessment TLS 1.0 active

Main domain: TLS 1.3 configured correctly. api.example-startup.com still accepts TLS 1.0/1.1 connections. Certificate for mail.example-startup.com expires in 11 days.

Reputation Check Clean

Primary IP (203.0.113.42) not listed on any major blocklists. No spam reports. ASN has good reputation. No prior abuse history found.

Data Exposure Scan Credentials leaked

2 credential sets found in public paste sites referencing this domain. A GitHub repository (now deleted) contained an exposed .env file with database credentials — rotation recommended immediately.

Tech Stack CVE Mapping 2 critical CVEs

Detected: Nginx 1.18.0, Node.js 18.12.0, WordPress 6.3.1. CVE-2023-44487 (HTTP/2 Rapid Reset, CVSS 7.5) applicable to Nginx version. WordPress plugin WP-Statistics has CVE-2024-1234 (unauthenticated SQLi, CVSS 9.8).

Ready to See Your Real Report?

Your full report includes complete finding details, step-by-step remediation guidance, and CVSS scoring for every vulnerability — all delivered as a professional PDF in 24 hours.

Order Your Report →