Detect the technology stack of a target, in one call.
Pass a URL. Get back the full technology stack detected: web server, language, framework, CDN, analytics, CMS, and the version inferences underneath each finding.
Technology fingerprinting, at version granularity.
The Technology Lookup API runs the same fingerprinting pipeline that drives Deepinfo's vulnerability matching. Pass a target URL and the API returns the technology stack detected on the page along with version inferences for each technology where confident.
Detected technologies span web server, programming language and runtime, framework, CMS, CDN, analytics, tag manager, and JavaScript libraries. Each finding carries a confidence signal, the evidence used to infer it (header, body content, fingerprint pattern), and a version inference where the evidence supports one.
Use this when the target URL is in scope and the question is about its technology footprint. Pair with Vulnerability Finder for end-to-end CVE discovery.
One endpoint, one required parameter.
Endpoint:
GET https://api.deepinfo.com/v1/lookup/technology?url={url}Parameters (placeholder, awaiting confirmation):
Authentication is by API token in the request header. See docs.deepinfo.com for the full request reference.
See what the API returns.
Real response structure for the Detect the technology stack of a target, in one call endpoint. Field coverage may vary based on query parameters and data availability.
{
"url": "https://www.example.com",
"check_date": "2026-05-02T08:30:11Z",
"technologies": [
{"name": "nginx", "category": "web_server", "version": "1.18.0", "confidence": 0.98, "evidence": "Server header"},
{"name": "PHP", "category": "language", "version": "8.1.12", "confidence": 0.92, "evidence": "X-Powered-By header"},
{"name": "WordPress", "category": "cms", "version": "6.1.0", "confidence": 0.96, "evidence": "Generator meta tag"},
{"name": "Cloudflare", "category": "cdn", "version": null, "confidence": 0.99, "evidence": "Server header"},
{"name": "Google Analytics", "category": "analytics", "version": "GA4", "confidence": 0.94, "evidence": "Inline script"}
]
}Sample response shown. Real responses depend on query parameters, data availability, and API version. Talk to us for full schema documentation.
Workflows this API plugs into directly.
Vulnerability Management
Run continuous technology fingerprinting to feed your CVE-matching pipeline.
Read the use caseAttack Surface Management
Enrich every discovered asset with its full technology footprint for risk scoring.
Read the use caseThird-Party Risk Management
Score vendor technology stacks against shared exposure patterns.
Read the use case“Stack detection for vulnerability scoping pulls into our exposure scoring directly. Version inference under each detected technology is the depth most fingerprinting libraries don't reach.”
Other lookup APIs.
Current Whois state for any domain, in one call.
The Whois Lookup API returns the registration record for a domain right now: registrar, dates, registrant, name servers, and status codes.
See API APICurrent IP allocation state, in one call.
Pass an IP address.
See API APICurrent DNS state for an FQDN, in one call.
Pass an FQDN and one or more record types.
See API APICurrent TLS state for a host, in one call.
Pass a domain or IP.
See API APIFind every domain on an MX record.
Pass an MX record value.
See API APIFind every domain on a name server.
Pass a name server hostname.
See API APIFind every domain on an IP.
Pass an IP address or CIDR.
See API APICapture a target page as the user sees it.
Pass a URL.
See API APILive web-page data for a target, in one call.
Pass a URL.
See API APIScan a target's open ports, in one call.
Pass a target.
See APIRun a sample call, or batch lookup your asset set.
We'll set up token access and answer schema questions on a call.