Identify the complete technology stack behind any website — the CMS it runs on, the ecommerce platform behind the cart, every analytics tag, every SSP and header-bidding adapter, the consent management platform, the JavaScript framework, the CDN and the payment provider — through one real-time API call, an interactive lookup tool, a browsable technology directory, and technographic slices of a 102-million-domain database.
Knowing what software a website runs is one of the most reused pieces of intelligence in B2B. Sales teams segment prospects by the tools they already pay for. Ad buyers ask which vendors a publisher actually loads before they trust its inventory. Product and strategy teams track competitor migrations. Security teams attribute infrastructure during incident response. Yet in most organizations this single dataset is bought four separate times, from four separate vendors, at four separate price points — and each copy has the same defects: it is a static snapshot of a moving target.
List vendors sell "sites running Shopify" as a quarterly export at enterprise prices. Websites replatform, add tags and drop vendors continuously — by the time the CSV reaches your CRM, a meaningful share of rows describe a stack that no longer exists.
A bid request tells you what a seller claims. It does not tell you which SSPs, header-bidding wrappers, resellers and identity vendors the publisher's page actually loads. Supply-path optimization without page-level evidence is negotiation on trust.
Analysts still open competitor sites with browser dev-tools and squint at network requests. That works for one site, once. It does not work for fifty competitors tracked monthly, and it misses anything loaded conditionally or behind a consent gate.
Phishing kits, scam storefronts and malware distribution sites reuse the same builders, CDNs and analytics IDs. Without automated fingerprinting, connecting a new suspicious domain to a known campaign's infrastructure is slow, expert-only work.
Our crawler renders pages the way a browser does and fingerprints what it finds — script sources, DOM markers, HTTP headers, cookies, meta generators and outgoing network requests — against a library of more than 700 profiled technologies (drawn from the 4,000+ web technologies we track). The same engine powers a real-time lookup API, a self-serve tool, a browsable directory, and technographic exports from the 102M-domain database, so you consume the intelligence in whichever shape your workflow needs.
POST any URL to the documented endpoint with expanded_categories=1 and receive
the detected stack as a structured technologies array — name, confidence,
version where identifiable, and the category of each technology — alongside IAB content
categorization from the same fetch.
Invert the question: instead of "what does this site run", ask "which sites run this". The technology database slices 102 million domains by detected stack, so you can export every site running Shopify, Prebid.js, OneTrust, HubSpot or any other fingerprinted vendor.
Deep coverage of the advertising layer most fingerprinting tools treat as an afterthought: SSPs and exchanges, header-bidding wrappers and configured adapters, ad servers, CMPs and identity solutions. This is the same ad-stack forensics layer that powers our MFA detection scoring.
Every fingerprinted technology has a research page in the technology directory — 700+ profiles describing what the technology does, its category, and how detection works — useful for analysts validating a result or scoping which vendors to build segments around.
Technology detection ships inside the main categorization endpoint: pass
expanded_categories=1 and the response includes the technologies array for the
URL, together with content categories from the same page fetch — one request, one credit path, two
intelligence layers.
curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \ -d 'query=www.apple.com&api_key=your_api_key&data_type=url&expanded_categories=1' \ 'https://www.websitecategorizationapi.com/api/iab/iab_web_content_filtering.php'
import requests
API = "https://www.websitecategorizationapi.com/api/iab/iab_web_content_filtering.php"
# Which of my target accounts run Shopify but no chat widget?
segment = []
for domain in target_domains:
r = requests.post(API, data={
"query": domain,
"api_key": API_KEY,
"data_type": "url",
"expanded_categories": "1",
}, timeout=120)
techs = r.json().get("technologies", [])
slugs = {t["slug"] for t in techs}
cats = {c["slug"] for t in techs for c in t["categories"]}
if "shopify" in slugs and "live-chat" not in cats:
segment.append(domain)
technologies array (excerpt, www.apple.com){
"iab_classification": [
["Category name: Technology & Computing > ...", "Confidence: 1.0"]
],
"status": 200,
"technologies": [
{
"slug": "cart-functionality",
"name": "Cart Functionality",
"description": "Websites that have a shopping cart or checkout page...",
"confidence": 100,
"version": null,
"icon": "Cart-generic.svg",
"website": "",
"cpe": null,
"categories": [{ "id": 6, "slug": "ecommerce", "name": "Ecommerce" }],
"rootPath": true
},
{
"slug": "adobe-target",
"name": "Adobe Target",
"description": "Adobe Target is an A/B testing ... application",
"confidence": 100,
"version": "2.3.2",
"icon": "Adobe.svg",
"website": "https://www.adobe.com/marketing/target.html",
"cpe": null,
"categories": [
{ "id": 74, "slug": "a-b-testing", "name": "A/B Testing" },
{ "id": 76, "slug": "personalisation", "name": "Personalisation" }
],
"rootPath": true
},
{
"slug": "adobe-analytics",
"name": "Adobe Analytics",
"confidence": 100,
"categories": [{ "id": 10, "slug": "analytics", "name": "Analytics" }]
},
{
"slug": "preact",
"name": "Preact",
"confidence": 100,
"categories": [{ "id": 59, "slug": "javascript-libraries",
"name": "JavaScript libraries" }]
}
]
}
Each entry carries its own confidence, a
version when one is identifiable from the fingerprint, and one or more
categories — so downstream filters can work at the vendor level
("Adobe Analytics") or the layer level ("anything in analytics").
Detection spans every layer a modern website assembles — from the platform it is built on down to the widgets bolted onto it. The categories below are the ones enterprise customers query most; the full fingerprint library covers many more.
| Category | What it tells you | Representative technologies |
|---|---|---|
| CMS & site builders | Platform the site is built and published on | WordPress, Drupal, Wix, Squarespace, Webflow, Joomla |
| Ecommerce | Where and how the site sells | Shopify, WooCommerce, Magento, BigCommerce, PrestaShop |
| Analytics & tag managers | Measurement maturity and tagging infrastructure | Google Analytics 4, Adobe Analytics, Matomo, Google Tag Manager, Tealium |
| Advertising & header bidding | Monetization stack and demand partners | Google Ad Manager, AdSense, Prebid.js, Amazon TAM, Magnite, PubMatic, Criteo |
| CMPs & privacy | Consent and compliance posture | OneTrust, Cookiebot, Didomi, Quantcast Choice, Google Funding Choices |
| Frameworks & CDNs | Engineering stack and delivery infrastructure | React, Preact, Vue.js, Next.js, jQuery, Cloudflare, Akamai, Fastly |
| Marketing & CRM | Automation and revenue tooling in use | HubSpot, Marketo, Salesforce, Klaviyo, Mailchimp, Pardot |
| Chat, support & payments | Customer-facing operations and checkout rails | Intercom, Zendesk, Drift, LiveChat, Stripe, PayPal, Klarna |
Known script URLs, library globals and asset paths — the classic signature. A page loading gtag.js or a Prebid bundle identifies itself.
Generator tags, characteristic class names, embedded configuration objects and platform-specific markup — how CMS and site-builder platforms are identified even when assets are proxied.
Pages are fetched with full rendering, so vendors injected at runtime — tag-manager containers, header-bidding adapters, consent-gated pixels — are observed, not just those in the raw HTML.
Server headers, security headers such as HSTS, and vendor cookies reveal CDNs, hosting platforms and backend technology that never appears in page markup.
Where a fingerprint exposes it, the response includes the running version — relevant for security teams tracking exposure to known-vulnerable releases via the cpe field.
Every detection carries its own confidence score, so pipelines can require certainty for enforcement decisions while accepting weaker evidence for exploratory research.
The same detection output serves four very different buyers — which is exactly why it belongs in a shared data layer rather than in four departmental vendor contracts.
Build account lists from the stack itself: every store on a competitor's ecommerce platform, every site running a tool your product replaces or integrates with. Start from the technology database and enrich inbound leads via lead enrichment.
Track competitor replatformings, new martech adoptions and vendor churn on a schedule instead of by rumor. See the competitive intelligence use case and compare adoption head-to-head with the technology comparison tool.
Verify which SSPs, wrappers and CMPs a publisher actually loads before trusting its bid requests — evidence for supply-path decisions, sellers.json reconciliation and inventory-quality reviews. See DSP & SSP optimization.
Cluster suspicious domains by shared builders, kits, CDNs and analytics infrastructure; flag known-vulnerable versions via cpe data. Detection composes with malware and social-engineering flags in the same response — see cyber security.
A pattern worth copying from our largest deployments: run the real-time endpoint for anything user-facing or time-sensitive (a lead hits the form, a placement needs vetting today), and refresh standing segments from the database on a monthly cadence. The two modes share fingerprints and taxonomy, so a domain scored live and the same domain in an export never disagree about what "running Prebid" means.
No. It is delivered by the main categorization endpoint (/api/iab/iab_web_content_filtering.php) when you pass expanded_categories=1 — the response then carries the technologies array alongside IAB and web-filtering taxonomies from the same page fetch. One request enriches a URL across every layer at once.
Extensions inspect the one page you are looking at, in your browser, right now. This is the same fingerprinting delivered as infrastructure: a rendered, consent-aware crawl; a stable JSON contract with per-technology confidence and versions; batch capability across the 102M-domain database; and the inverted index — listing every site that runs a technology — which no extension can offer.
Yes — that is the technographic database. Pick any fingerprinted technology (Shopify, Prebid.js, OneTrust, HubSpot, a specific SSP) and export the matching slice of 102 million domains, optionally combined with content categories, so "ecommerce sites on WooCommerce in Health & Fitness" is one filter, not a data-science project.
The ad-tech layer of this engine — SSP, header-bidding, ad-server and CMP fingerprinting — is the structural-forensics input to our MFA detection score. If you buy media, the two features are designed to be used together: technology detection tells you what a publisher loads, MFA scoring tells you whether that publisher exists for audiences or for arbitrage.
Tell us the technologies that define your market and get back a sample technographic export, or start calling the real-time endpoint today.
Request a Sample Export Read the API Docs