ESC
🌐

Tech Stack Detector

Detect web server technology, stack, and security headers from HTTP headers.

GET /v1/tech-stack 
curl "https://dns.toolkitapi.io/v1/tech-stack?domain=github.com"

import httpx

resp = httpx.get(
    "https://dns.toolkitapi.io/v1/tech-stack?domain=github.com",
)
print(resp.json())
const resp = await fetch("https://dns.toolkitapi.io/v1/tech-stack?domain=github.com", {
});
const data = await resp.json();
console.log(data);
# See curl example
Response 200 OK 
{
  "domain": "github.com",
  "url": "https://github.com",
  "server": "GitHub.com",
  "powered_by": null,
  "technologies": ["Ruby on Rails", "nginx"],
  "security_headers_present": ["Strict-Transport-Security", "Content-Security-Policy", "X-Frame-Options", "X-Content-Type-Options"],
  "security_headers_missing": ["Permissions-Policy"],
  "headers": {"server": "GitHub.com", "content-type": "text/html; charset=utf-8"},
  "query_time_ms": 312.8
}

Try It Live

Live Demo

Description

Detect web server technology, stack, and security headers from HTTP headers.

How to Use

1

1. Pass the domain in the `domain` parameter. 2. Review `server`, `powered_by`, and `technologies` for stack identification. 3. Check `security_headers_missing` for security gaps.

About This Tool

Tech Stack Detector fetches HTTP headers from a domain and detects the web server, technology stack (PHP, Node.js, ASP.NET, Ruby, etc.), and lists which security headers are present or missing. Quick way to fingerprint a website's technology.

Why Use This Tool

Frequently Asked Questions

How are technologies detected?
From HTTP headers — Server, X-Powered-By, X-Generator, and technology-specific headers like X-Drupal-Cache or X-WordPress.
Does this perform active scanning?
No — it only sends a single HTTP GET request and analyzes the response headers.

Start using Tech Stack Detector now

Get your free API key and make your first request in under a minute.

Get Free API Key View Docs