Pricing

from $16.00 / 1,000 results

Try for free

Go to Apify Store

Website Intelligence Analyzer (OSINT)

Try for free

All-in-one website analysis tool. Run 30 OSINT checks on any URL — DNS, SSL, WHOIS, tech stack, security headers, email security, open ports, and more. Get a complete site profile in seconds.

Pricing

from $16.00 / 1,000 results

Rating

5.0

(2)

Developer

One Scales

Actor stats

Bookmarked

Total users

Monthly active users

3 hours ago

Last modified

Features

Category	Checks
Domain	WHOIS, registrar, age, expiry, nameservers
DNS	A/AAAA/MX/NS/CNAME/TXT/SOA/CAA, DNSSEC, DoH support, cache poisoning check
SSL/TLS	Certificate chain, cipher suites, protocol assessment, 5-client handshake simulation
Security	HTTP security headers, full raw headers, WAF detection, open ports, HSTS preload, security.txt, 17 DNS blocklists
Email	SPF, DKIM (7 selectors), DMARC, BIMI, MX records
Tech Stack	CMS, frameworks, analytics, CDN — 40+ signatures
SEO & Content	robots.txt, sitemap, Open Graph/Twitter Cards, internal/external links, redirect chain
Reputation	Global Tranco ranking, URLHaus + PhishTank threat checks
Server	IP geolocation, ASN, hosting provider, traceroute
Extras	Cookies, site features (PWA/WebSocket/Canvas/WebRTC), quality metrics

How to Use

Input

Paste one or more URLs in any format — example.com, https://www.example.com, or full URLs with paths. The actor normalizes everything automatically. Separate multiple URLs with commas, semicolons, or newlines. Optionally configure a residential proxy to avoid rate limits on large batches.

Output

Results are available as JSON, CSV, or Excel from the Apify console. Each URL takes 30–90 seconds and produces one dataset row with the following fields:

Field	Type	Description
`url`	string	Input URL
`finalUrl`	string	URL after redirects
`ip`	string	Resolved IP
`domain`	string	Domain name
`serverStatus`	object	Status code, response time, online/offline
`whois`	object	Registrar, dates, nameservers
`domainInfo`	object	Age in days, TLD
`serverInfo`	object	Server software, ASN, hosting provider
`serverLocation`	object	Country, city, lat/lng, timezone, ISP
`dnsRecords`	object	A, AAAA, MX, NS, CNAME, TXT, SOA, CAA
`txtRecords`	array	Raw TXT records
`dnsServer`	object	Resolver IPs, DoH support, cache poisoning check
`dnssec`	object	DNSSEC enabled/disabled
`sslCert`	object	Issuer, validity, protocol, chain
`tlsCipherSuites`	array	Cipher suites
`tlsSecurityConfig`	object	modern / intermediate / outdated
`tlsHandshakeSimulation`	array	5-client compatibility results
`securityHeaders`	object	CSP, HSTS, X-Frame-Options, etc.
`hsts`	object	Enabled, preloaded, max-age, includeSubDomains
`securityTxt`	object	Contact, policy, expiry
`firewall`	object	WAF detected, provider
`malwarePhishing`	object	URLHaus + PhishTank threat checks
`blockLists`	object	Status across 17 DNS blocklists
`openPorts`	array	Port, protocol, service, state
`traceroute`	array	Hop, IP, latency
`associatedHosts`	array	Reverse DNS hostnames
`emailConfig`	object	SPF, DKIM, DMARC, BIMI, MX
`techStack`	array	Technology, category, confidence
`siteFeatures`	object	PWA, AMP, WebSocket, WebGL, Canvas, WebRTC, iframe
`cookies`	array	Name, domain, path, flags, expiry
`crawlRules`	string	robots.txt content
`sitemapUrls`	array	URLs from sitemap.xml
`socialTags`	object	Open Graph, Twitter Card
`linkedPages`	object	Internal/external links and counts
`redirectChain`	array	Each redirect hop
`rawHeaders`	object	Full raw HTTP response headers
`globalRank`	number	Tranco ranking
`qualityMetrics`	object	Viewport, charset, title, H1, page size
`checkedAt`	string	ISO 8601 timestamp
`checksCompleted`	array	Modules that succeeded
`checksFailed`	array	Modules that errored or timed out
`runDurationMs`	number	Total runtime

API

This actor can also be called via the Apify API for programmatic access — pass your URLs as input and retrieve structured JSON results.

Example Input

{
    "proxyConfiguration": {
        "useApifyProxy": true,
        "apifyProxyGroups": [
            "RESIDENTIAL"
        ]
    },
    "urls": [
        "https://example.com"
    ]
}

Limitations

WHOIS privacy — some domains hide registration details behind privacy protection.
Open ports & traceroute — require nmap and traceroute in the Docker image (included). Results depend on network conditions.
Quality metrics — basic HTML-based assessment only; full Lighthouse scores would require a Google Cloud API key.
Tech stack — signature-based fingerprinting with 40+ patterns. For deeper detection, the full Wappalyzer engine would be needed.

Credits & Licenses

Based on Lissy93/web-check (MIT © Alicia Sykes 2023). Adapted by One Scales Inc.

External APIs used (no keys required): ip-api.com · hstspreload.org · tranco-list.eu · dns.google · urlhaus-api.abuse.ch · checkurl.phishtank.com

System tools in Docker: nmap · traceroute · whois · dnsutils (dig)

Support

Contact Support — feature requests and custom integrations welcome.

Built with care by One Scales Inc.

osint website-analysis dns ssl whois tech-stack security-headers email-security seo web-check reconnaissance domain-intelligence open-ports waf-detection certificate traceroute hsts dmarc spf dkim phishtank blocklists

𝕏(twitter) User Profile

cheapget/x-user-profile

Extract 35+ X/Twitter profile fields: verification status, follower analytics, engagement metrics, pinned tweets. Advanced anti-detection, smart proxy rotation, bulk processing for lead generation & market research.

CheapGET

SaaS Pricing Intelligence — Competitive Pricing Analysis & M...

apricot_blackberry/saas-pricing-intelligence

Monitor competitor SaaS pricing in real-time. Plan changes, feature shifts, and positioning moves — instant alerts.

Creator Fusion

Business OSINT Intelligence — 15-Source Dossier Generator

apricot_blackberry/small-business-osint

One company name in. Full dossier out. 15 sources, 1 API call, zero manual research. Be the first to know.

Creator Fusion

Marketing Intelligence Scanner — SEO, Ad Share & Traffic Ana...

apricot_blackberry/marketing-intel-scanner

Full marketing x-ray for any business: SEO health, ad spend signals, traffic estimates, social engagement. Competitive analysis done right.

Creator Fusion

Digital Infrastructure Exposure MCP Server

ryanclinton/digital-infrastructure-exposure-mcp

Passive infrastructure reconnaissance and misconfiguration detection intelligence for AI agents via the Model Context Protocol.

ryan clinton

Contact Email Finder — B2B Email Discovery & Verification

apricot_blackberry/contact-email-finder

Company domain in, verified email addresses out. MX checks, pattern detection, deliverability scoring. Stop bouncing.

Creator Fusion

Super Stealth Scraper — Anti-Detection Web Data Extraction

apricot_blackberry/super-stealth-scraper

Anti-detection web scraping: fingerprint rotation, residential proxies, human-like behavior. Scrape sites that block scrapers.

Creator Fusion

Medium Public Post Parser Script

hello.datawizards/medium-public-post-parser-script

“A powerful Apify Actor that intelligently parses and extracts clean, structured content from Medium articles. It captures titles, authors, metadata, images, publishers, and fully cleaned article text, delivering accurate, ready-to-use datasets for automation and analysis.”