Weblyzer - Web Analyzer szerző: R0CKABILLY

Weblyzer tells you exactly what a website is built with - and, unlike most detectors, how its back-end, hosting, security and performance hold up - entirely in your browser. No backend server, no account, no tracking.

Click the toolbar icon on any site and Weblyzer identifies its stack instantly, grouped into clear categories with a real vendor logo, version and confidence for each technology. A number badge on the icon shows the count before you even open the popup.

WHAT IT DETECTS (420+ technologies)
- Front-end: React, Vue, Angular, Svelte, Solid, Qwik, Next.js, Nuxt, Remix, Astro, SvelteKit, Inertia, Livewire, jQuery, Alpine
- UI/CSS: Tailwind, Bootstrap, Material UI, Ant Design, Chakra, Mantine, Radix, Vuetify, Quasar
- Back-end & languages: PHP, Laravel, Symfony, Django, Flask, Rails, Express, ASP.NET, Spring, Go (Fiber), Node.js, Deno
- Servers, cloud, CDN & API gateways: Nginx, Apache, LiteSpeed, Cloudflare, Akamai, Fastly, Google Cloud, AWS, Azure, Vercel, Netlify, Kong, KrakenD
- Cloud storage: AWS S3, Cloudflare R2, Google Cloud Storage, Azure Blob, Backblaze B2, DigitalOcean Spaces, Supabase & Firebase Storage
- CMS & e-commerce: WordPress (+ themes & plugins: Astra, Divi, Elementor, WPForms...), Shopify, WooCommerce, Magento, Webflow, Framer, Strapi
- Analytics & marketing: GA4, GTM, Meta/TikTok/Pinterest pixels, Hotjar, Segment, Mixpanel, PostHog, Plausible, Umami, Branch, AppsFlyer
- Auth & identity: Auth0, Clerk, Okta, Keycloak, Cognito, Microsoft Entra ID, Auth.js
- Payments: Stripe, PayPal, Adyen, Klarna, Midtrans, Xendit, DOKU - and much more

SITE HEALTH, SCORED LOCALLY
- Security grade (A+ to F) - audits HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy and flags version/info leaks
- Performance grade (A to F) - TTFB, FCP, LCP and CLS from the real Core Web Vitals
- Vulnerability hints - matches detected library versions against known CVEs (retire.js-style)

DIG INTO THE BACK-END
- API map - the real REST / GraphQL / WebSocket / SSE calls, with GraphQL operation names and optional schema introspection
- Hosting & network - server IP, ASN, ISP, location and reverse DNS, plus the TLS version & certificate (Firefox)
- DNS & email recon - MX, NS, TXT/SPF, CAA records reveal the email host, DNS host, SaaS senders and certificate authority
- Well-known recon - robots.txt, security.txt and openid-configuration reveal the identity provider (Auth0/Okta/...)
- JWT inspector - decode auth tokens from the page's own storage locally (header + claims; never verified or sent)
- Third-party & tracker map - every external domain the page talks to, grouped by category

WORK THE WAY YOU WANT
- Compact popup for a fast glance; full-page report for the detail
- Export any report as an image, text, Markdown or JSON
- History of the sites you've analyzed
- Chrome, Firefox, and Firefox for Android

PRIVACY FIRST
100% local by default. Weblyzer has no backend and sends nothing to the developer. Every network request is opt-in and reaches only the site you're on or a clearly-labelled public IP/DNS service. See the privacy policy.