WebsiteCategorizationAPI
Home
Demo Tools - Categorization
Website Categorization Text Classification URL Database Taxonomy Mapper
Demo Tools - Website Intel
Technology Detector Quality Score Competitor Finder
Demo Tools - Brand Safety
Brand Safety Checker Brand Suitability Quality Checker
Demo Tools - Content
Sentiment Analyzer Context Aware Ads
Resources
API Documentation Pricing Login
Try Categorization

Web Technologies Detection

Identify the complete technology stack behind any website — the CMS it runs on, the ecommerce platform behind the cart, every analytics tag, every SSP and header-bidding adapter, the consent management platform, the JavaScript framework, the CDN and the payment provider — through one real-time API call, an interactive lookup tool, a browsable technology directory, and technographic slices of a 102-million-domain database.

700+
technologies fingerprinted with profile pages
8
stack layers: ad-tech, CMS, analytics, CMPs & more
102M
domains with technographic data
2 modes
real-time API + offline database exports
Try the Technology Detector API Documentation

The problem: everyone needs stack intelligence, and everyone gets it the hard way

Knowing what software a website runs is one of the most reused pieces of intelligence in B2B. Sales teams segment prospects by the tools they already pay for. Ad buyers ask which vendors a publisher actually loads before they trust its inventory. Product and strategy teams track competitor migrations. Security teams attribute infrastructure during incident response. Yet in most organizations this single dataset is bought four separate times, from four separate vendors, at four separate price points — and each copy has the same defects: it is a static snapshot of a moving target.

Technographic lists are expensive and stale

List vendors sell "sites running Shopify" as a quarterly export at enterprise prices. Websites replatform, add tags and drop vendors continuously — by the time the CSV reaches your CRM, a meaningful share of rows describe a stack that no longer exists.

Ad-tech supply paths are opaque

A bid request tells you what a seller claims. It does not tell you which SSPs, header-bidding wrappers, resellers and identity vendors the publisher's page actually loads. Supply-path optimization without page-level evidence is negotiation on trust.

Competitive stack research is manual

Analysts still open competitor sites with browser dev-tools and squint at network requests. That works for one site, once. It does not work for fifty competitors tracked monthly, and it misses anything loaded conditionally or behind a consent gate.

Security teams need infrastructure attribution

Phishing kits, scam storefronts and malware distribution sites reuse the same builders, CDNs and analytics IDs. Without automated fingerprinting, connecting a new suspicious domain to a known campaign's infrastructure is slow, expert-only work.

The solution: one detection engine, four delivery surfaces

Our crawler renders pages the way a browser does and fingerprints what it finds — script sources, DOM markers, HTTP headers, cookies, meta generators and outgoing network requests — against a library of more than 700 profiled technologies (drawn from the 4,000+ web technologies we track). The same engine powers a real-time lookup API, a self-serve tool, a browsable directory, and technographic exports from the 102M-domain database, so you consume the intelligence in whichever shape your workflow needs.

Real-time lookup API

POST any URL to the documented endpoint with expanded_categories=1 and receive the detected stack as a structured technologies array — name, confidence, version where identifiable, and the category of each technology — alongside IAB content categorization from the same fetch.

Technographic database

Invert the question: instead of "what does this site run", ask "which sites run this". The technology database slices 102 million domains by detected stack, so you can export every site running Shopify, Prebid.js, OneTrust, HubSpot or any other fingerprinted vendor.

Ad-tech-specific detection

Deep coverage of the advertising layer most fingerprinting tools treat as an afterthought: SSPs and exchanges, header-bidding wrappers and configured adapters, ad servers, CMPs and identity solutions. This is the same ad-stack forensics layer that powers our MFA detection scoring.

Technology directory

Every fingerprinted technology has a research page in the technology directory — 700+ profiles describing what the technology does, its category, and how detection works — useful for analysts validating a result or scoping which vendors to build segments around.

One call, the whole stack

Technology detection ships inside the main categorization endpoint: pass expanded_categories=1 and the response includes the technologies array for the URL, together with content categories from the same page fetch — one request, one credit path, two intelligence layers.

Request (curl)
curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'query=www.apple.com&api_key=your_api_key&data_type=url&expanded_categories=1' \
  'https://www.websitecategorizationapi.com/api/iab/iab_web_content_filtering.php'
Building a technographic segment (Python)
import requests

API = "https://www.websitecategorizationapi.com/api/iab/iab_web_content_filtering.php"

# Which of my target accounts run Shopify but no chat widget?
segment = []
for domain in target_domains:
    r = requests.post(API, data={
        "query": domain,
        "api_key": API_KEY,
        "data_type": "url",
        "expanded_categories": "1",
    }, timeout=120)
    techs = r.json().get("technologies", [])
    slugs = {t["slug"] for t in techs}
    cats  = {c["slug"] for t in techs for c in t["categories"]}
    if "shopify" in slugs and "live-chat" not in cats:
        segment.append(domain)
Response — the technologies array (excerpt, www.apple.com)
{
  "iab_classification": [
    ["Category name: Technology & Computing > ...", "Confidence: 1.0"]
  ],
  "status": 200,
  "technologies": [
    {
      "slug": "cart-functionality",
      "name": "Cart Functionality",
      "description": "Websites that have a shopping cart or checkout page...",
      "confidence": 100,
      "version": null,
      "icon": "Cart-generic.svg",
      "website": "",
      "cpe": null,
      "categories": [{ "id": 6, "slug": "ecommerce", "name": "Ecommerce" }],
      "rootPath": true
    },
    {
      "slug": "adobe-target",
      "name": "Adobe Target",
      "description": "Adobe Target is an A/B testing ... application",
      "confidence": 100,
      "version": "2.3.2",
      "icon": "Adobe.svg",
      "website": "https://www.adobe.com/marketing/target.html",
      "cpe": null,
      "categories": [
        { "id": 74, "slug": "a-b-testing", "name": "A/B Testing" },
        { "id": 76, "slug": "personalisation", "name": "Personalisation" }
      ],
      "rootPath": true
    },
    {
      "slug": "adobe-analytics",
      "name": "Adobe Analytics",
      "confidence": 100,
      "categories": [{ "id": 10, "slug": "analytics", "name": "Analytics" }]
    },
    {
      "slug": "preact",
      "name": "Preact",
      "confidence": 100,
      "categories": [{ "id": 59, "slug": "javascript-libraries",
                       "name": "JavaScript libraries" }]
    }
  ]
}

Each entry carries its own confidence, a version when one is identifiable from the fingerprint, and one or more categories — so downstream filters can work at the vendor level ("Adobe Analytics") or the layer level ("anything in analytics").

Coverage across the stack

Detection spans every layer a modern website assembles — from the platform it is built on down to the widgets bolted onto it. The categories below are the ones enterprise customers query most; the full fingerprint library covers many more.

CategoryWhat it tells youRepresentative technologies
CMS & site buildersPlatform the site is built and published onWordPress, Drupal, Wix, Squarespace, Webflow, Joomla
EcommerceWhere and how the site sellsShopify, WooCommerce, Magento, BigCommerce, PrestaShop
Analytics & tag managersMeasurement maturity and tagging infrastructureGoogle Analytics 4, Adobe Analytics, Matomo, Google Tag Manager, Tealium
Advertising & header biddingMonetization stack and demand partnersGoogle Ad Manager, AdSense, Prebid.js, Amazon TAM, Magnite, PubMatic, Criteo
CMPs & privacyConsent and compliance postureOneTrust, Cookiebot, Didomi, Quantcast Choice, Google Funding Choices
Frameworks & CDNsEngineering stack and delivery infrastructureReact, Preact, Vue.js, Next.js, jQuery, Cloudflare, Akamai, Fastly
Marketing & CRMAutomation and revenue tooling in useHubSpot, Marketo, Salesforce, Klaviyo, Mailchimp, Pardot
Chat, support & paymentsCustomer-facing operations and checkout railsIntercom, Zendesk, Drift, LiveChat, Stripe, PayPal, Klarna

How a technology gets detected

Script and resource fingerprints

Known script URLs, library globals and asset paths — the classic signature. A page loading gtag.js or a Prebid bundle identifies itself.

DOM structure and meta markers

Generator tags, characteristic class names, embedded configuration objects and platform-specific markup — how CMS and site-builder platforms are identified even when assets are proxied.

Rendered network requests

Pages are fetched with full rendering, so vendors injected at runtime — tag-manager containers, header-bidding adapters, consent-gated pixels — are observed, not just those in the raw HTML.

HTTP headers and cookies

Server headers, security headers such as HSTS, and vendor cookies reveal CDNs, hosting platforms and backend technology that never appears in page markup.

Version extraction

Where a fingerprint exposes it, the response includes the running version — relevant for security teams tracking exposure to known-vulnerable releases via the cpe field.

Per-technology confidence

Every detection carries its own confidence score, so pipelines can require certainty for enforcement decisions while accepting weaker evidence for exploratory research.

How teams use it

The same detection output serves four very different buyers — which is exactly why it belongs in a shared data layer rather than in four departmental vendor contracts.

Technographic sales targeting

Build account lists from the stack itself: every store on a competitor's ecommerce platform, every site running a tool your product replaces or integrates with. Start from the technology database and enrich inbound leads via lead enrichment.

Competitive intelligence

Track competitor replatformings, new martech adoptions and vendor churn on a schedule instead of by rumor. See the competitive intelligence use case and compare adoption head-to-head with the technology comparison tool.

Ad-tech auditing

Verify which SSPs, wrappers and CMPs a publisher actually loads before trusting its bid requests — evidence for supply-path decisions, sellers.json reconciliation and inventory-quality reviews. See DSP & SSP optimization.

Security attribution

Cluster suspicious domains by shared builders, kits, CDNs and analytics infrastructure; flag known-vulnerable versions via cpe data. Detection composes with malware and social-engineering flags in the same response — see cyber security.

A pattern worth copying from our largest deployments: run the real-time endpoint for anything user-facing or time-sensitive (a lead hits the form, a placement needs vetting today), and refresh standing segments from the database on a monthly cadence. The two modes share fingerprints and taxonomy, so a domain scored live and the same domain in an export never disagree about what "running Prebid" means.

Frequently asked

Is technology detection a separate endpoint and a separate credit?

No. It is delivered by the main categorization endpoint (/api/iab/iab_web_content_filtering.php) when you pass expanded_categories=1 — the response then carries the technologies array alongside IAB and web-filtering taxonomies from the same page fetch. One request enriches a URL across every layer at once.

How is this different from free browser extensions?

Extensions inspect the one page you are looking at, in your browser, right now. This is the same fingerprinting delivered as infrastructure: a rendered, consent-aware crawl; a stable JSON contract with per-technology confidence and versions; batch capability across the 102M-domain database; and the inverted index — listing every site that runs a technology — which no extension can offer.

Can I get every website that runs a specific technology?

Yes — that is the technographic database. Pick any fingerprinted technology (Shopify, Prebid.js, OneTrust, HubSpot, a specific SSP) and export the matching slice of 102 million domains, optionally combined with content categories, so "ecommerce sites on WooCommerce in Health & Fitness" is one filter, not a data-science project.

How does this relate to MFA detection?

The ad-tech layer of this engine — SSP, header-bidding, ad-server and CMP fingerprinting — is the structural-forensics input to our MFA detection score. If you buy media, the two features are designed to be used together: technology detection tells you what a publisher loads, MFA scoring tells you whether that publisher exists for audiences or for arbitrage.

Related resources

See any stack — or every site running one

Tell us the technologies that define your market and get back a sample technographic export, or start calling the real-time endpoint today.

Request a Sample Export Read the API Docs
Stay in the loop

You are on the list!

We will send you updates that matter — no spam.