A free, local-first alternative to Netcraft

Overview

Netcraft predates all of the alternatives on this page by more than a decade. Founded in 1995, it started as a web-server-survey service — the quarterly 'who hosts what, which HTTP server, which SSL certificate' report that the early web relied on for infrastructure research. Over the years it expanded into phishing detection, brand protection, cybercrime takedown and adjacent security services, but the free 'Site Report' page — where you paste a domain and get a hosting-and-history dashboard — remains what most casual users know Netcraft for. It's reputable, it's thorough on hosting and SSL history, and it's almost unrelated to the question 'what JavaScript framework does this site use'.

The Site Report is the surface developers usually encounter, and it is genuinely useful for what it covers. You paste a domain and get back a structured page: current and historical hosting providers, IP and netblock history, the SSL certificate chain (issuer, validity, recent rotations), the HTTP server software and version, the operating system family, the reverse-DNS pattern, and a curated set of 'site technologies' that lean heavily towards infrastructure (CDN, load balancer, DDoS protection) rather than client-side stack. If your question is 'who hosts this and how has that changed over the last five years', Netcraft is the right product. If your question is 'what JavaScript framework is bundled into the homepage and at what version', Netcraft was never built to answer that and Sourcemap Explorer was built specifically to answer that — the products complement rather than compete.

History

Netcraft's web-server survey has been running since 1995 and is one of the longest-continuously-published datasets about the web. Its historical snapshots of HTTP server popularity (Apache overtaking NCSA; nginx overtaking Apache; Cloudflare as an interesting confounder; the rise of Caddy and Bun servers as a long-tail signal) are a recurring citation in infrastructure journalism. The dataset is structurally similar to W3Techs in cadence and intent, except scoped to server-side rather than client-side technologies, and Netcraft predates the W3Techs brand by more than a decade.

The shift into security products happened in the 2000s and has been the main revenue driver since. Phishing takedown — 'we found a domain pretending to be your bank, please remove it' — became the load-bearing product for the Netcraft business, and the brand-protection, certificate-abuse and cybercrime-investigation services followed. Today the company is primarily a security vendor with a free hosting-survey product attached for legacy and brand-equity reasons, and the engineering investment has tracked that shift: the security side of the product has had decades of careful work, while the public Site Report has been left in a stable, well-curated steady state.

Who uses it and for what

Security teams use Netcraft's paid products for phishing takedown workflows and brand-protection monitoring; the customer base skews towards banks, payment processors, large brand-vulnerable enterprises and government agencies. Researchers and journalists use the free Site Report for hosting-history lookups when writing up 'who is behind this domain' or 'how has the hosting of this site evolved' stories — Netcraft's IP-and-cert history is usually the cleanest single source for that line of investigation.

Infrastructure-curious developers occasionally hit the Site Report when investigating who hosts a given domain, especially during incidents (a prospect's site is down — is it Cloudflare, AWS, their own DC?) or competitive due diligence (which CDN does this competitor use, and have they migrated recently?). For frontend-focused developers Netcraft is rarely the right starting point — the page-level technology section is intentionally minimal, and the questions a frontend developer cares about (frameworks, libraries, plugin slugs, exact versions) live entirely outside Netcraft's lane. Sourcemap Explorer fills that gap.

Pricing in detail

What Netcraft does well

Where Netcraft falls short

These are the gaps a developer-first, sourcemap-aware workflow cares about.

Where Sourcemap Explorer wins

Not across the board — we don't run bulk API queries and we don't publish market-share dashboards. These are the things we do that Netcraftdoesn't.

Netcraft vs Sourcemap Explorer

Side-by-side on the dimensions a developer studying a single page actually cares about.

A concrete workflow example

You're investigating an e-commerce fraud case as part of a brand-protection engagement. Netcraft's Site Report tells you the suspect domain is behind Cloudflare in front of an AWS US-East origin, with a Let's Encrypt certificate issued three weeks ago and a registration record consistent with a throwaway entity — genuinely useful attribution data and exactly what Netcraft is built for. You hand that off to the takedown workflow.

In parallel you open the suspect site in your browser with Sourcemap Explorer running. The popup surfaces a custom Next.js app bundling Stripe Elements (the live payment form is real, not a screenshot proxy), with a `/wp-admin/` subdirectory that turns out to host a stock Magento installation behind a redirect. The framework version, the Stripe SDK version and the Magento plugin slugs all add a different axis of evidence to the case — the kind of detail that helps the security team decide whether they are dealing with a single-actor scam or a kit-driven operation. Netcraft answered the infrastructure half of the investigation; Sourcemap Explorer answered the application half. Both belong in the kit.

Which one should you use?

FAQ

Other alternatives to compare

Keep reading