Company Domain Intelligence - Tech Stack & Enrichment

Deep company enrichment from a domain name — tech stack detection, DNS and SSL security audit, GitHub organization analysis, SEC EDGAR filing lookup, and Wayback Machine history. A free alternative to Clearbit and Apollo ($99+/mo) at $0.05 per domain analyzed.

What does Company Domain Intelligence do?

Company Domain Intelligence takes a domain name as input and runs parallel queries across six data sources to build a structured company intelligence profile. HTTP response headers and homepage HTML reveal the server software, CDN provider, CMS platform, JavaScript frameworks, and analytics tools in use. DNS lookups expose mail exchange records, nameservers, IPv4/IPv6 addresses, and SPF/DMARC email security configuration. SSL certificate data from crt.sh reveals the certificate issuer, expiry, and all subdomains listed in Subject Alternative Names. A GitHub organization search surfaces public repositories, primary languages, and recent activity. SEC EDGAR lookup identifies whether the company is a US public registrant and returns 10-K/10-Q filing links. Wayback Machine history shows when the domain was first archived and how many times it has been snapshotted.

All queries run in parallel — a full profile typically completes in under 15 seconds. No proprietary enrichment API is used; every data point comes from a free, open, or public source that you can independently verify.

Four modes let you scope the analysis to what you need. Full profile combines all sources. Tech stack mode focuses on server, CDN, CMS, framework, and analytics detection. Security audit mode runs DNS, SSL, and email security checks and produces a security score out of 100. Digital footprint mode covers GitHub presence, Wayback Machine history, and social discovery.

Key features

• Tech stack detection — identifies server software, CDN (Cloudflare, Fastly, AWS CloudFront, Akamai, Azure CDN), CMS (WordPress, Shopify, Squarespace, Webflow, Drupal), JS frameworks (Next.js, React, Vue.js, Angular, Nuxt.js, Svelte, Gatsby, Astro), and analytics tools (Google Analytics, Segment, Mixpanel, Amplitude, Hotjar, Intercom)
• DNS and SSL audit — resolves MX, NS, A, and AAAA records; fetches SSL certificate issuer and expiry from crt.sh; discovers subdomains from certificate SAN entries
• Email security check — detects SPF and DMARC records from DNS TXT lookup; flags domains without email authentication
• Security score 0–100 — scored across SSL presence, certificate validity, SPF, DMARC, MX records, nameservers, and IPv6
• GitHub organization lookup — searches GitHub for a matching organization, returns public repo count, languages, and star count
• SEC EDGAR filing lookup — checks whether the domain owner has SEC EDGAR registrations (US public companies only), returns CIK and filing links
• Wayback Machine history — returns first archived date, most recent snapshot, and total archive count
• 4 analysis modes — full profile, tech stack, security audit, digital footprint
• Parallel data fetching — all sources queried simultaneously via Promise.allSettled; partial failures do not block the result
• No API key required — all data sources are open and free

Use cases

• Sales and lead enrichment teams: Enrich a list of prospect domains with tech stack, company size signals, and public filing status before outreach
• Startup investors: Quickly profile a company's technical infrastructure and public footprint from their domain before deeper research
• Security teams: Audit partner or vendor domains for missing SPF/DMARC records, expiring SSL certificates, and subdomain exposure via cert SAN entries
• Recruiters and talent teams: Identify the tech stack of target companies to match engineering candidates with the right opportunities
• Competitive intelligence analysts: Map a competitor's full digital footprint — CDN, CMS, analytics stack, GitHub activity, and website launch date
• Marketing teams: Identify which CMS and analytics tools competitor websites use to inform tooling decisions and positioning

How to use Company Domain Intelligence

1. Configure input — Provide a company domain (e.g., shopify.com, stripe.com). Protocol and www prefix are stripped automatically. Select a mode and optionally disable GitHub, SEC, or Wayback lookups to speed up the run.
2. Run the Actor — Click "Start" in Apify Console or call via the Apify API
3. Get structured results — Output is pushed to the Apify dataset as structured JSON

Input parameters

Parameter	Type	Required	Default	Description
domain	string	Yes	example.com	Company domain to analyze. Protocol and www are stripped automatically
mode	string	No	full_profile	Analysis mode: full_profile, tech_stack, security_audit, or digital_footprint
includeGithub	boolean	No	true	Fetch GitHub organization repos, languages, and activity
includeSEC	boolean	No	true	Check SEC EDGAR for US public company filings
includeWayback	boolean	No	true	Query Wayback Machine for first and last snapshot dates and total archive count

Output example

{
  "domain": "shopify.com",
  "mode": "full_profile",
  "company": "Shopify Inc.",
  "isPublic": true,
  "firstSeen": "2006-02-14T00:00:00Z",
  "securityScore": "85/100",
  "techStack": {
    "server": "nginx",
    "cdn": "Cloudflare",
    "cms": "Shopify",
    "frameworks": ["React"],
    "analytics": ["Google Analytics", "Segment"],
    "emailProvider": null
  },
  "security": {
    "dns": {
      "mx": ["aspmx.l.google.com", "alt1.aspmx.l.google.com"],
      "ns": ["ns1.shopify.com", "ns2.shopify.com"],
      "a": ["23.227.38.65"],
      "hasIPv6": false
    },
    "ssl": {
      "issuer": "CN=Amazon RSA 2048 M03, O=Amazon, C=US",
      "validFrom": "2025-11-01T00:00:00Z",
      "validTo": "2026-11-30T23:59:59Z",
      "daysRemaining": 254,
      "subdomains": ["help.shopify.com", "partners.shopify.com", "apps.shopify.com"]
    },
    "emailSecurity": {
      "spf": "v=spf1 include:_spf.google.com ~all",
      "dmarc": "v=DMARC1; p=reject; rua=mailto:dmarc@shopify.com",
      "dkim": false
    },
    "securityScore": "85/100"
  },
  "digitalFootprint": {
    "github": {
      "org": "shopify",
      "publicRepos": 312,
      "followers": 18400,
      "topLanguages": ["Ruby", "TypeScript", "Go"]
    },
    "wayback": {
      "firstSeen": "2006-02-14T00:00:00Z",
      "lastSeen": "2026-03-20T12:00:00Z",
      "totalSnapshots": 9847
    }
  },
  "secEdgar": {
    "isPublic": true,
    "companyName": "Shopify Inc.",
    "cik": "0001594805",
    "recentFilings": [
      { "form": "10-K", "filingDate": "2026-02-12" },
      { "form": "10-Q", "filingDate": "2025-11-07" }
    ]
  },
  "timestamp": "2026-03-21T10:00:00.000Z"
}

Pricing

Each successful domain analysis costs $0.05 under Apify's pay-per-event model. You only pay when the result is successfully pushed to the dataset. Failed runs are not charged. Learn more about pay-per-event pricing.

Enriching 2,000 company domains costs $100. Clearbit Enrichment starts at $99/month for 100 lookups ($0.99/lookup) and scales up from there; Apollo.io data plans start at $49/month with per-record credits.

API and integrations

Call this Actor via the Apify API to enrich CRM records in bulk, schedule weekly tech stack re-checks for a competitor watchlist, or pipe results into Google Sheets, HubSpot, or Salesforce via Zapier or Make. Results are available as JSON, CSV, or Excel from the Apify dataset.

Limitations

• Tech stack detection is based on HTTP headers and HTML source analysis. Server-side rendered content or heavily obfuscated JavaScript bundles may not expose all frameworks clearly.
• GitHub organization matching is done by domain name inference. Companies with mismatched GitHub org names (e.g., a company at acme.com with GitHub org acme-inc) may not be found automatically.
• SEC EDGAR lookup applies only to US public companies. International companies, private companies, and subsidiaries without their own filings will return no SEC data.
• Subdomain discovery via crt.sh SSL SAN entries reflects historically issued certificates, not necessarily current active subdomains.