{"id":13524897,"url":"https://github.com/lissy93/web-check","last_synced_at":"2025-05-12T03:35:59.627Z","repository":{"id":176450704,"uuid":"658364446","full_name":"Lissy93/web-check","owner":"Lissy93","description":"🕵️‍♂️ All-in-one OSINT tool for analysing any website","archived":false,"fork":false,"pushed_at":"2025-04-20T02:20:17.000Z","size":27209,"stargazers_count":24828,"open_issues_count":102,"forks_count":1935,"subscribers_count":144,"default_branch":"master","last_synced_at":"2025-04-22T20:15:26.927Z","etag":null,"topics":["osint","privacy","security","security-tools","sysadmin"],"latest_commit_sha":null,"homepage":"https://web-check.xyz","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Lissy93.png","metadata":{"files":{"readme":".github/README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["lissy93"]}},"created_at":"2023-06-25T14:32:11.000Z","updated_at":"2025-04-22T14:33:43.000Z","dependencies_parsed_at":"2023-09-24T05:21:50.983Z","dependency_job_id":"9a606413-ca9d-4668-9fb4-21f8afdace05","html_url":"https://github.com/Lissy93/web-check","commit_stats":null,"previous_names":["lissy93/web-check"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lissy93%2Fweb-check","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lissy93%2Fweb-check/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lissy93%2Fweb-check/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lissy93%2Fweb-check/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Lissy93","download_url":"https://codeload.github.com/Lissy93/web-check/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251882537,"owners_count":21659291,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["osint","privacy","security","security-tools","sysadmin"],"created_at":"2024-08-01T06:01:14.380Z","updated_at":"2025-05-01T13:39:19.911Z","avatar_url":"https://github.com/Lissy93.png","language":"TypeScript","readme":"\u003ch1 align=\"center\"\u003eWeb-Check\u003c/h1\u003e\n\n\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://i.ibb.co/q1gZN2p/web-check-logo.png\" width=\"96\" /\u003e\u003cbr /\u003e\n\u003cb\u003e\u003ci\u003eComprehensive, on-demand open source intelligence for any website\u003c/i\u003e\u003c/b\u003e\n\u003cbr /\u003e\n\u003cb\u003e🌐 \u003ca href=\"https://web-check.xyz/\"\u003eweb-check.xyz\u003c/a\u003e\u003c/b\u003e\u003cbr /\u003e\n\n\u003c/p\u003e\n\n---\n\u003cp align=\"center\"\u003e\n \u003csup\u003eKindly supported by:\u003c/sup\u003e\u003cbr\u003e\n\u003ca href=\"https://terminaltrove.com/?utm_campaign=github\u0026utm_medium=referral\u0026utm_content=web-check\u0026utm_source=wcgh\"\u003e\n \u003cimg src=\"https://i.ibb.co/8jrrcZ0/IMG-7210.jpg\" width=\"300\" alt=\"Terminal Trove\"\u003e\n \u003cbr\u003e\n \u003cstrong\u003eThe $HOME of all things in the terminal.\u003c/strong\u003e\n\u003c/a\u003e\n\u003cbr\u003e\n\u003ca href=\"https://terminaltrove.com/newsletter?utm_campaign=github\u0026utm_medium=referral\u0026utm_content=web-check\u0026utm_source=wcgh\"\u003e\n \u003csub\u003eFind your next CLI / TUI tool and more at Terminal Trove,\u003c/sub\u003e\n \u003cbr\u003e\n \u003csup\u003eGet updates on new tools on our newsletter.\u003c/sup\u003e\n\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\n#### Contents\n\n- **[About](#about)**\n - [Screenshot](#screenshot)\n - [Live Demo](#live-demo)\n - [Mirror](#mirror)\n - [Features](#features)\n- **[Usage](#usage)**\n - [Deployment](#deployment)\n - [Option#1: Netlify](#deploying---option-1-netlify)\n - [Option#2: Vercel](#deploying---option-2-vercel)\n - [Option#3: Docker](#deploying---option-3-docker)\n - [Option#4: Source](#deploying---option-4-from-source)\n - [Configuration Options](#configuring)\n - [Developer Setup](#developing)\n- **[Community](#community)**\n - [Contributing](#contributing)\n - [Bugs](#reporting-bugs)\n - [Support](#supporting)\n- **[License](#license)**\n\n---\n\n## About\nGet an insight into the inner-workings of a given website: uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using.\n\nCurrently the dashboard will show: IP info, SSL chain, DNS records, cookies, headers, domain info, search crawl rules, page map, server location, redirect ledger, open ports, traceroute, DNS security extensions, site performance, trackers, associated hostnames, carbon footprint. Stay tuned, as I'll add more soon!\n\nThe aim is to help you easily understand, optimize and secure your website.\n\n### Screenshot\n\n\u003cdetails\u003e\n \u003csummary\u003eExpand Screenshot\u003c/summary\u003e\n\n[![Screenshot](https://raw.githubusercontent.com/Lissy93/web-check/master/.github/screenshots/web-check-screenshot1.png)](https://web-check.as93.net/)\n \n\u003c/details\u003e\n\n[![Screenshot](https://i.ibb.co/r0jXN6s/web-check.png)](https://github.com/Lissy93/web-check/tree/master/.github/screenshots)\n\n### Live Demo\nA hosted version can be accessed at: **[web-check.as93.net](https://web-check.as93.net)**\n\n### Mirror\nThe source for this repo is mirrored to CodeBerg, available at: **[codeberg.org/alicia/web-check](https://codeberg.org/alicia/web-check)**\n\n### Status\n\n\nBuild \u0026 Deploys: [![Netlify Status](https://api.netlify.com/api/v1/badges/c43453c1-5333-4df7-889b-c1d2b52183c0/deploy-status)](https://app.netlify.com/sites/web-check/deploys)\n[![Vercel Status](https://therealsujitk-vercel-badge.vercel.app/?app=web-check-ten)](https://vercel.com/as93/web-check/)\n[![🐳 Build + Publish Docker Image](https://github.com/Lissy93/web-check/actions/workflows/docker.yml/badge.svg)](https://github.com/Lissy93/web-check/actions/workflows/docker.yml)\n[![🚀 Deploy to AWS](https://github.com/Lissy93/web-check/actions/workflows/deploy-aws.yml/badge.svg)](https://github.com/Lissy93/web-check/actions/workflows/deploy-aws.yml)\n\u003cbr /\u003e\nRepo Management \u0026 Miscellaneous: [![🪞 Mirror to Codeberg](https://github.com/Lissy93/web-check/actions/workflows/mirror.yml/badge.svg)](https://github.com/Lissy93/web-check/actions/workflows/mirror.yml)\n[![💓 Inserts Contributors \u0026 Sponsors](https://github.com/Lissy93/web-check/actions/workflows/credits.yml/badge.svg)](https://github.com/Lissy93/web-check/actions/workflows/credits.yml)\n\n\n### Features\n\n\u003cdetails open\u003e\n\u003csummary\u003e\u003cb\u003eClick to expand / collapse section\u003c/b\u003e\u003c/summary\u003e\n\n\u003csup\u003e**Note** _this list needs updating, many more jobs have been added since..._\u003c/sup\u003e\n\nThe following section outlines the core features, and briefly explains why this data might be useful for you to know, as well as linking to further resources for learning more.\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eIP Info\u003c/b\u003e\u003c/summary\u003e\n\n###### Description\nAn IP address (Internet Protocol address) is a numerical label assigned to each device connected to a network / the internet. The IP associated with a given domain can be found by querying the Domain Name System (DNS) for the domain's A (address) record.\n\n###### Use Cases\nFinding the IP of a given server is the first step to conducting further investigations, as it allows us to probe the server for additional info. Including creating a detailed map of a target's network infrastructure, pinpointing the physical location of a server, identifying the hosting service, and even discovering other domains that are hosted on the same IP address.\n\n###### Useful Links\n- [Understanding IP Addresses](https://www.digitalocean.com/community/tutorials/understanding-ip-addresses-subnets-and-cidr-notation-for-networking)\n- [IP Addresses - Wiki](https://en.wikipedia.org/wiki/IP_address)\n- [RFC-791 Internet Protocol](https://tools.ietf.org/html/rfc791)\n- [whatismyipaddress.com](https://whatismyipaddress.com/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eSSL Chain\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/kB7LsV1/wc-ssl.png\" align=\"right\" /\u003e\n\n###### Description\nSSL certificates are digital certificates that authenticate the identity of a website or server, enable secure encrypted communication (HTTPS), and establish trust between clients and servers. A valid SSL certificate is required for a website to be able to use the HTTPS protocol, and encrypt user + site data in transit. SSL certificates are issued by Certificate Authorities (CAs), which are trusted third parties that verify the identity and legitimacy of the certificate holder.\n\n###### Use Cases\nSSL certificates not only provide the assurance that data transmission to and from the website is secure, but they also provide valuable OSINT data. Information from an SSL certificate can include the issuing authority, the domain name, its validity period, and sometimes even organization details. This can be useful for verifying the authenticity of a website, understanding its security setup, or even for discovering associated subdomains or other services.\n\n###### Useful Links\n- [TLS - Wiki](https://en.wikipedia.org/wiki/Transport_Layer_Security)\n- [What is SSL (via Cloudflare learning)](https://www.cloudflare.com/learning/ssl/what-is-ssl/)\n- [RFC-8446 - TLS](https://tools.ietf.org/html/rfc8446)\n- [SSL Checker](https://www.sslshopper.com/ssl-checker.html)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eDNS Records\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/7Q1kMwM/wc-dns.png\" align=\"right\" /\u003e\n\n###### Description\nThis task involves looking up the DNS records associated with a specific domain. DNS is a system that translates human-readable domain names into IP addresses that computers use to communicate. Various types of DNS records exist, including A (address), MX (mail exchange), NS (name server), CNAME (canonical name), and TXT (text), among others.\n\n###### Use Cases\nExtracting DNS records can provide a wealth of information in an OSINT investigation. For example, A and AAAA records can disclose IP addresses associated with a domain, potentially revealing the location of servers. MX records can give clues about a domain's email provider. TXT records are often used for various administrative purposes and can sometimes inadvertently leak internal information. Understanding a domain's DNS setup can also be useful in understanding how its online infrastructure is built and managed.\n\n###### Useful Links\n- [What are DNS records? (via Cloudflare learning)](https://www.cloudflare.com/learning/dns/dns-records/)\n- [DNS Record Types](https://en.wikipedia.org/wiki/List_of_DNS_record_types)\n- [RFC-1035 - DNS](https://tools.ietf.org/html/rfc1035)\n- [DNS Lookup (via MxToolbox)](https://mxtoolbox.com/DNSLookup.aspx)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eCookies\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/TTQ6DtP/wc-cookies.png\" align=\"right\" /\u003e\n\n###### Description\nThe Cookies task involves examining the HTTP cookies set by the target website. Cookies are small pieces of data stored on the user's computer by the web browser while browsing a website. They hold a modest amount of data specific to a particular client and website, such as site preferences, the state of the user's session, or tracking information.\n\n###### Use Cases\nCookies can disclose information about how the website tracks and interacts with its users. For instance, session cookies can reveal how user sessions are managed, and tracking cookies can hint at what kind of tracking or analytics frameworks are being used. Additionally, examining cookie policies and practices can offer insights into the site's security settings and compliance with privacy regulations.\n\n###### Useful Links\n- [HTTP Cookie Docs (Mozilla)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies)\n- [What are Cookies (via Cloudflare Learning)](https://www.cloudflare.com/learning/privacy/what-are-cookies/)\n- [Testing for Cookie Attributes (OWASP)](https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/06-Session_Management_Testing/02-Testing_for_Cookies_Attributes)\n- [RFC-6265 - Coolies](https://tools.ietf.org/html/rfc6265)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eCrawl Rules\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/KwQCjPf/wc-robots.png\" align=\"right\" /\u003e\n\n###### Description\nRobots.txt is a file found (usually) at the root of a domain, and is used to implement the Robots Exclusion Protocol (REP) to indicate which pages should be ignored by which crawlers and bots. It's good practice to avoid search engine crawlers from over-loading your site, but should not be used to keep pages out of search results (use the noindex meta tag or header instead).\n\n###### Use Cases\nIt's often useful to check the robots.txt file during an investigation, as it can sometimes disclose the directories and pages that the site owner doesn't want to be indexed, potentially because they contain sensitive information, or reveal the existence of otherwise hidden or unlinked directories. Additionally, understanding crawl rules may offer insights into a website's SEO strategies.\n\n###### Useful Links\n- [Google Search Docs - Robots.txt](https://developers.google.com/search/docs/advanced/robots/intro)\n- [Learn about robots.txt (via Moz.com)](https://moz.com/learn/seo/robotstxt)\n- [RFC-9309 - Robots Exclusion Protocol](https://datatracker.ietf.org/doc/rfc9309/)\n- [Robots.txt - wiki](https://en.wikipedia.org/wiki/Robots_exclusion_standard)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eHeaders\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/t3xcwP1/wc-headers.png\" align=\"right\" /\u003e\n\n###### Description\nThe Headers task involves extracting and interpreting the HTTP headers sent by the target website during the request-response cycle. HTTP headers are key-value pairs sent at the start of an HTTP response, or before the actual data. Headers contain important directives for how to handle the data being transferred, including cache policies, content types, encoding, server information, security policies, and more.\n\n###### Use Cases\nAnalyzing HTTP headers can provide significant insights in an OSINT investigation. Headers can reveal specific server configurations, chosen technologies, caching directives, and various security settings. This information can help to determine a website's underlying technology stack, server-side security measures, potential vulnerabilities, and general operational practices.\n\n###### Useful Links\n- [HTTP Headers - Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers)\n- [RFC-7231 Section 7 - Headers](https://datatracker.ietf.org/doc/html/rfc7231#section-7)\n- [List of header response fields](https://en.wikipedia.org/wiki/List_of_HTTP_header_fields)\n- [OWASP Secure Headers Project](https://owasp.org/www-project-secure-headers/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eQuality Metrics\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/Kqg8rx7/wc-quality.png\" align=\"right\" /\u003e\n\n###### Description\nUsing Lighthouse, the Quality Metrics task measures the performance, accessibility, best practices, and SEO of the target website. This returns a simple checklist of 100 core metrics, along with a score for each category, to gauge the overall quality of a given site.\n\n###### Use Cases\nUseful for assessing a site's technical health, SEO issues, identify vulnerabilities, and ensure compliance with standards.\n\n###### Useful Links\n- [Lighthouse Docs](https://developer.chrome.com/docs/lighthouse/)\n- [Google Page Speed Tools](https://developers.google.com/speed)\n- [W3 Accessibility Tools](https://www.w3.org/WAI/test-evaluate/)\n- [Google Search Console](https://search.google.com/search-console)\n- [SEO Checker](https://www.seobility.net/en/seocheck/)\n- [PWA Builder](https://www.pwabuilder.com/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eServer Location\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/cXH2hfR/wc-location.png\" align=\"right\" /\u003e\n\n###### Description\nThe Server Location task determines the physical location of the server hosting a given website based on its IP address. This is done by looking up the IP in a location database, which maps the IP to a lat + long of known data centers and ISPs. From the latitude and longitude, it's then possible to show additional contextual info, like a pin on the map, along with address, flag, time zone, currency, etc.\n\n###### Use Cases\nKnowing the server location is a good first step in better understanding a website. For site owners this aids in optimizing content delivery, ensuring compliance with data residency requirements, and identifying potential latency issues that may impact user experience in specific geographical regions. And for security researcher, assess the risk posed by specific regions or jurisdictions regarding cyber threats and regulations.\n\n###### Useful Links\n- [IP Locator](https://geobytes.com/iplocator/)\n- [Internet Geolocation - Wiki](https://en.wikipedia.org/wiki/Internet_geolocation)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eAssociated Hosts\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/25j1sT7/wc-hosts.png\" align=\"right\" /\u003e\n\n###### Description\nThis task involves identifying and listing all domains and subdomains (hostnames) that are associated with the website's primary domain. This process often involves DNS enumeration to discover any linked domains and hostnames, as well as looking at known DNS records.\n\n###### Use Cases\nDuring an investigation, understanding the full scope of a target's web presence is critical. Associated domains could lead to uncovering related projects, backup sites, development/test sites, or services linked to the main site. These can sometimes provide additional information or potential security vulnerabilities. A comprehensive list of associated domains and hostnames can also give an overview of the organization's structure and online footprint.\n\n###### Useful Links\n- [DNS Enumeration - Wiki](https://en.wikipedia.org/wiki/DNS_enumeration)\n- [OWASP - Enumerate Applications on Webserver](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/01-Information_Gathering/04-Enumerate_Applications_on_Webserver)\n- [DNS Enumeration - DNS Dumpster](https://dnsdumpster.com/)\n- [Subdomain Finder](https://subdomainfinder.c99.nl/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eRedirect Chain\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/hVVrmwh/wc-redirects.png\" align=\"right\" /\u003e\n\n###### Description\nThis task traces the sequence of HTTP redirects that occur from the original URL to the final destination URL. An HTTP redirect is a response with a status code that advises the client to go to another URL. Redirects can occur for several reasons, such as URL normalization (directing to the www version of the site), enforcing HTTPS, URL shorteners, or forwarding users to a new site location.\n\n###### Use Cases\nUnderstanding the redirect chain can be useful for several reasons. From a security perspective, long or complicated redirect chains can be a sign of potential security risks, such as unencrypted redirects in the chain. Additionally, redirects can impact website performance and SEO, as each redirect introduces additional round-trip-time (RTT). For OSINT, understanding the redirect chain can help identify relationships between different domains or reveal the use of certain technologies or hosting providers.\n\n###### Useful Links\n- [HTTP Redirects - MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Redirections)\n- [URL Redirection - Wiki](https://en.wikipedia.org/wiki/URL_redirection)\n- [301 Redirects explained](https://ahrefs.com/blog/301-redirects/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eTXT Records\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/wyt21QN/wc-txt-records.png\" align=\"right\" /\u003e\n\n###### Description\nTXT records are a type of DNS record that provides text information to sources outside your domain. They can be used for a variety of purposes, such as verifying domain ownership, ensuring email security, and even preventing unauthorized changes to your website.\n\n###### Use Cases\nThe TXT records often reveal which external services and technologies are being used with a given domain. They may reveal details about the domain's email configuration, the use of specific services like Google Workspace or Microsoft 365, or security measures in place such as SPF and DKIM. Understanding these details can give an insight into the technologies used by the organization, their email security practices, and potential vulnerabilities.\n\n###### Useful Links\n- [TXT Records (via Cloudflare Learning)](https://www.cloudflare.com/learning/dns/dns-records/dns-txt-record/)\n- [TXT Records - Wiki](https://en.wikipedia.org/wiki/TXT_record)\n- [RFC-1464 - TXT Records](https://datatracker.ietf.org/doc/html/rfc1464)\n- [TXT Record Lookup (via MxToolbox)](https://mxtoolbox.com/TXTLookup.aspx)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eServer Status\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/V9CNLBK/wc-status.png\" align=\"right\" /\u003e\n\n###### Description\nChecks if a server is online and responding to requests.\n\n###### Use Cases\n\n\n###### Useful Links\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eOpen Ports\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/F8D1hmf/wc-ports.png\" align=\"right\" /\u003e\n\n###### Description\nOpen ports on a server are endpoints of communication which are available for establishing connections with clients. Each port corresponds to a specific service or protocol, such as HTTP (port 80), HTTPS (port 443), FTP (port 21), etc. The open ports on a server can be determined using techniques such as port scanning.\n\n###### Use Cases\nKnowing which ports are open on a server can provide information about the services running on that server, useful for understanding the potential vulnerabilities of the system, or for understanding the nature of the services the server is providing.\n\n###### Useful Links\n- [List of TCP \u0026 UDP Port Numbers](https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers)\n- [NMAP - Port Scanning Basics](https://nmap.org/book/man-port-scanning-basics.html)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eTraceroute\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/M59qgxP/wc-trace-route.png\" align=\"right\" /\u003e\n\n###### Description\nTraceroute is a network diagnostic tool used to track in real-time the pathway taken by a packet of information from one system to another. It records each hop along the route, providing details about the IPs of routers and the delay at each point.\n\n###### Use Cases\nIn OSINT investigations, traceroute can provide insights about the routing paths and geography of the network infrastructure supporting a website or service. This can help to identify network bottlenecks, potential censorship or manipulation of network traffic, and give an overall sense of the network's structure and efficiency. Additionally, the IP addresses collected during the traceroute may provide additional points of inquiry for further OSINT investigation.\n\n###### Useful Links\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eCarbon Footprint\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/5v6fSyw/Screenshot-from-2023-07-29-19-07-50.png\" align=\"right\" /\u003e\n\n###### Description\nThis task calculates the estimated carbon footprint of a website. It's based on the amount of data being transferred and processed, and the energy usage of the servers that host and deliver the website. The larger the website and the more complex its features, the higher its carbon footprint is likely to be.\n\n###### Use Cases\nFrom an OSINT perspective, understanding a website's carbon footprint doesn't directly provide insights into its internal workings or the organization behind it. However, it can still be valuable data in broader analyses, especially in contexts where environmental impact is a consideration. For example, it can be useful for activists, researchers, or ethical hackers who are interested in the sustainability of digital infrastructure, and who want to hold organizations accountable for their environmental impact.\n\n###### Useful Links\n- [WebsiteCarbon - Carbon Calculator](https://www.websitecarbon.com/)\n- [The Green Web Foundation](https://www.thegreenwebfoundation.org/)\n- [The Eco Friendly Web Alliance](https://ecofriendlyweb.org/)\n- [Reset.org](https://en.reset.org/)\n- [Your website is killing the planet - via Wired](https://www.wired.co.uk/article/internet-carbon-footprint)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eServer Info\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/Mk1jx32/wc-server.png\" align=\"right\" /\u003e\n\n###### Description\nThis task retrieves various pieces of information about the server hosting the target website. This can include the server type (e.g., Apache, Nginx), the hosting provider, the Autonomous System Number (ASN), and more. The information is usually obtained through a combination of IP address lookups and analysis of HTTP response headers.\n\n###### Use Cases\nIn an OSINT context, server information can provide valuable clues about the organization behind a website. For instance, the choice of hosting provider could suggest the geographical region in which the organization operates, while the server type could hint at the technologies used by the organization. The ASN could also be used to find other domains hosted by the same organization.\n\n###### Useful Links\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eWhois Lookup\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/89WLp14/wc-domain.png\" align=\"right\" /\u003e\n\n###### Description\nThis task retrieves Whois records for the target domain. Whois records are a rich source of information, including the name and contact information of the domain registrant, the domain's creation and expiration dates, the domain's nameservers, and more. The information is usually obtained through a query to a Whois database server.\n\n###### Use Cases\nIn an OSINT context, Whois records can provide valuable clues about the entity behind a website. They can show when the domain was first registered and when it's set to expire, which could provide insights into the operational timeline of the entity. The contact information, though often redacted or anonymized, can sometimes lead to additional avenues of investigation. The nameservers could also be used to link together multiple domains owned by the same entity.\n\n###### Useful Links\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eDomain Info\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/89WLp14/wc-domain.png\" align=\"right\" /\u003e\n\n###### Description\nThis task retrieves Whois records for the target domain. Whois records are a rich source of information, including the name and contact information of the domain registrant, the domain's creation and expiration dates, the domain's nameservers, and more. The information is usually obtained through a query to a Whois database server.\n\n###### Use Cases\nIn an OSINT context, Whois records can provide valuable clues about the entity behind a website. They can show when the domain was first registered and when it's set to expire, which could provide insights into the operational timeline of the entity. The contact information, though often redacted or anonymized, can sometimes lead to additional avenues of investigation. The nameservers could also be used to link together multiple domains owned by the same entity.\n\n###### Useful Links\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eDNS Security Extensions\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/J54zVmQ/wc-dnssec.png\" align=\"right\" /\u003e\n\n###### Description\nWithout DNSSEC, it's possible for MITM attackers to spoof records and lead users to phishing sites. This is because the DNS system includes no built-in methods to verify that the response to the request was not forged, or that any other part of the process wasn’t interrupted by an attacker. The DNS Security Extensions (DNSSEC) secures DNS lookups by signing your DNS records using public keys, so browsers can detect if the response has been tampered with. Another solution to this issue is DoH (DNS over HTTPS) and DoT (DNS over TLD).\n\n###### Use Cases\nDNSSEC information provides insight into an organization's level of cybersecurity maturity and potential vulnerabilities, particularly around DNS spoofing and cache poisoning. If no DNS secururity (DNSSEC, DoH, DoT, etc) is implemented, this may provide an entry point for an attacker.\n\n###### Useful Links\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eSite Features\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/gP4P6kp/wc-features.png\" align=\"right\" /\u003e\n\n###### Description\nChecks which core features are present on a site. If a feature as marked as dead, that means it's not being actively used at load time\n\n###### Use Cases\nThis is useful to understand what a site is capable of, and what technologies to look for\n\n###### Useful Links\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eHTTP Strict Transport Security\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/k253fq4/Screenshot-from-2023-07-17-20-10-52.png\" align=\"right\" /\u003e\n\n###### Description\nHTTP Strict Transport Security (HSTS) is a web security policy mechanism that helps protect websites against protocol downgrade attacks and cookie hijacking. A website can be included in the HSTS preload list by conforming to a set of requirements and then submitting itself to the list.\n\n###### Use Cases\nThere are several reasons why it's important for a site to be HSTS enabled:\n 1. User bookmarks or manually types http://example.com and is subject to a man-in-the-middle attacker\n HSTS automatically redirects HTTP requests to HTTPS for the target domain\n 2. Web application that is intended to be purely HTTPS inadvertently contains HTTP links or serves content over HTTP\n HSTS automatically redirects HTTP requests to HTTPS for the target domain\n 3. A man-in-the-middle attacker attempts to intercept traffic from a victim user using an invalid certificate and hopes the user will accept the bad certificate\n HSTS does not allow a user to override the invalid certificate message\n \n\n###### Useful Links\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n- [undefined](function link() { [native code] })\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eDNS Server\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/tKpL8F9/Screenshot-from-2023-08-12-15-43-12.png\" align=\"right\" /\u003e\n\n###### Description\nThis check determines the DNS server(s) that the requested URL / IP resolves to. Also fires off a rudimentary check to see if the DNS server supports DoH, and weather it's vulnerable to DNS cache poisoning.\n\n###### Use Cases\n\n\n###### Useful Links\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eTech Stack\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/bBQSQNz/Screenshot-from-2023-08-12-15-43-46.png\" align=\"right\" /\u003e\n\n###### Description\nChecks what technologies a site is built with. This is done by fetching and parsing the site, then comparing it against a bit list of RegEx maintained by Wappalyzer to identify the unique fingerprints that different technologies leave.\n\n###### Use Cases\nIdentifying a website's tech stack aids in evaluating its security by exposing potential vulnerabilities, informs competitive analyses and development decisions, and can guide tailored marketing strategies. Ethical application of this knowledge is crucial to avoid harmful activities like data theft or unauthorized intrusion.\n\n###### Useful Links\n- [Wappalyzer fingerprints](https://github.com/wappalyzer/wappalyzer/tree/master/src/technologies)\n- [BuiltWith - Check what tech a site is using](https://builtwith.com/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eListed Pages\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/GtrCQYq/Screenshot-from-2023-07-21-12-28-38.png\" align=\"right\" /\u003e\n\n###### Description\nThis job finds and parses a site's listed sitemap. This file lists public sub-pages on the site, which the author wishes to be crawled by search engines. Sitemaps help with SEO, but are also useful for seeing all a sites public content at a glance.\n\n###### Use Cases\nUnderstand the structure of a site's public-facing content, and for site-owners, check that you're site's sitemap is accessible, parsable and contains everything you wish it to.\n\n###### Useful Links\n- [Learn about Sitemaps](https://developers.google.com/search/docs/crawling-indexing/sitemaps/overview)\n- [Sitemap XML spec](https://www.sitemaps.org/protocol.html)\n- [Sitemap tutorial](https://www.conductor.com/academy/xml-sitemap/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eSecurity.txt\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/tq1FT5r/Screenshot-from-2023-07-24-20-31-21.png\" align=\"right\" /\u003e\n\n###### Description\nThe security.txt file tells researchers how they can responsibly disclose any security issues found on your site. The standard was proposed in RFC 9116, and specifies that this file should include a point of contact (email address), as well as optionally other info, like a link to the security disclosure policy, PGP key, proffered language, policy expiry and more. The file should be located at the root of your domain, either at /security.txt or /.well-known/security.txt.\n\n###### Use Cases\nThis is important, as without a defined point of contact a security researcher may be unable to report a critical security issue, or may use insecure or possibly public channels to do so. From an OSINT perspective, you may also glean info about a site including their posture on security, their CSAF provider, and meta data from the PGP public key.\n\n###### Useful Links\n- [securitytxt.org](https://securitytxt.org/)\n- [RFC-9116 Proposal](https://datatracker.ietf.org/doc/html/rfc9116)\n- [RFC-9116 History](https://datatracker.ietf.org/doc/rfc9116/)\n- [Security.txt (Wikipedia)](https://en.wikipedia.org/wiki/Security.txt)\n- [Example security.txt (Cloudflare)](https://www.cloudflare.com/.well-known/security.txt)\n- [Tutorial for creating security.txt (Pieter Bakker)](https://pieterbakker.com/implementing-security-txt/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eLinked Pages\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/LtK14XR/Screenshot-from-2023-07-29-11-16-44.png\" align=\"right\" /\u003e\n\n###### Description\nDisplays all internal and external links found on a site, identified by the href attributes attached to anchor elements.\n\n###### Use Cases\nFor site owners, this is useful for diagnosing SEO issues, improving the site structure, understanding how content is inter-connected. External links can show partnerships, dependencies, and potential reputation risks. From a security standpoint, the outbound links can help identify any potential malicious or compromised sites the website is unknowingly linking to. Analyzing internal links can aid in understanding the site's structure and potentially uncover hidden or vulnerable pages which are not intended to be public. And for an OSINT investigator, it can aid in building a comprehensive understanding of the target, uncovering related entities, resources, or even potential hidden parts of the site.\n\n###### Useful Links\n- [W3C Link Checker](https://validator.w3.org/checklink)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eSocial Tags\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/4srTT1w/Screenshot-from-2023-07-29-11-15-27.png\" align=\"right\" /\u003e\n\n###### Description\nWebsites can include certain meta tags, that tell search engines and social media platforms what info to display. This usually includes a title, description, thumbnail, keywords, author, social accounts, etc.\n\n###### Use Cases\nAdding this data to your site will boost SEO, and as an OSINT researcher it can be useful to understand how a given web app describes itself\n\n###### Useful Links\n- [SocialSharePreview.com](https://socialsharepreview.com/)\n- [The guide to social meta tags](https://css-tricks.com/essential-meta-tags-social-media/)\n- [Web.dev metadata tags](https://web.dev/learn/html/metadata/)\n- [Open Graph Protocol](https://ogp.me/)\n- [Twitter Cards](https://developer.twitter.com/en/docs/twitter-for-websites/cards/overview/abouts-cards)\n- [Facebook Open Graph](https://developers.facebook.com/docs/sharing/webmasters)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eEmail Configuration\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/yqhwx5G/Screenshot-from-2023-07-29-18-22-20.png\" align=\"right\" /\u003e\n\n###### Description\nDMARC (Domain-based Message Authentication, Reporting \u0026 Conformance): DMARC is an email authentication protocol that works with SPF and DKIM to prevent email spoofing and phishing. It allows domain owners to specify how to handle unauthenticated mail via a published policy in DNS, and provides a way for receiving mail servers to send feedback about emails' compliance to the sender. BIMI (Brand Indicators for Message Identification): BIMI is an emerging email standard that enables organizations to display a logo in their customers' email clients automatically. BIMI ties the logo to the domain's DMARC record, providing another level of visual assurance to recipients that the email is legitimate. DKIM (DomainKeys Identified Mail): DKIM is an email security standard designed to make sure that messages were not altered in transit between the sending and recipient servers. It uses digital signatures linked to the domain of the sender to verify the sender and ensure message integrity. SPF (Sender Policy Framework): SPF is an email authentication method designed to prevent email spoofing. It specifies which mail servers are authorized to send email on behalf of a domain by creating a DNS record. This helps protect against spam by providing a way for receiving mail servers to check that incoming mail from a domain comes from a host authorized by that domain's administrators.\n\n###### Use Cases\nThis information is helpful for researchers as it helps assess a domain's email security posture, uncover potential vulnerabilities, and verify the legitimacy of emails for phishing detection. These details can also provide insight into the hosting environment, potential service providers, and the configuration patterns of a target organization, assisting in investigative efforts.\n\n###### Useful Links\n- [Intro to DMARC, DKIM, and SPF (via Cloudflare)](https://www.cloudflare.com/learning/email-security/dmarc-dkim-spf/)\n- [EasyDMARC Domain Scanner](https://easydmarc.com/tools/domain-scanner)\n- [MX Toolbox](https://mxtoolbox.com/)\n- [RFC-7208 - SPF](https://datatracker.ietf.org/doc/html/rfc7208)\n- [RFC-6376 - DKIM](https://datatracker.ietf.org/doc/html/rfc6376)\n- [RFC-7489 - DMARC](https://datatracker.ietf.org/doc/html/rfc7489)\n- [BIMI Group](https://bimigroup.org/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eFirewall Detection\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/MfcxQt2/Screenshot-from-2023-08-12-15-40-52.png\" align=\"right\" /\u003e\n\n###### Description\nA WAF or web application firewall helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others.\n\n###### Use Cases\nIt's useful to understand if a site is using a WAF, and which firewall software / service it is using, as this provides an insight into the sites protection against several attack vectors, but also may reveal vulnerabilities in the firewall itself.\n\n###### Useful Links\n- [What is a WAF (via Cloudflare Learning)](https://www.cloudflare.com/learning/ddos/glossary/web-application-firewall-waf/)\n- [OWASP - Web Application Firewalls](https://owasp.org/www-community/Web_Application_Firewall)\n- [Web Application Firewall Best Practices](https://owasp.org/www-pdf-archive/Best_Practices_Guide_WAF_v104.en.pdf)\n- [WAF - Wiki](https://en.wikipedia.org/wiki/Web_application_firewall)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eHTTP Security Features\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/LP05HMV/Screenshot-from-2023-08-12-15-40-28.png\" align=\"right\" /\u003e\n\n###### Description\nCorrectly configured security HTTP headers adds a layer of protection against common attacks to your site. The main headers to be aware of are: HTTP Strict Transport Security (HSTS): Enforces the use of HTTPS, mitigating man-in-the-middle attacks and protocol downgrade attempts. Content Security Policy (CSP): Constrains web page resources to prevent cross-site scripting and data injection attacks. X-Content-Type-Options: Prevents browsers from MIME-sniffing a response away from the declared content type, curbing MIME-type confusion attacks. X-Frame-Options: Protects users from clickjacking attacks by controlling whether a browser should render the page in a `\u003cframe\u003e`, `\u003ciframe\u003e`, `\u003cembed\u003e`, or `\u003cobject\u003e`. \n\n###### Use Cases\nReviewing security headers is important, as it offers insights into a site's defensive posture and potential vulnerabilities, enabling proactive mitigation and ensuring compliance with security best practices.\n\n###### Useful Links\n- [OWASP Secure Headers Project](https://owasp.org/www-project-secure-headers/)\n- [HTTP Header Cheatsheet](https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Headers_Cheat_Sheet.html)\n- [content-security-policy.com](https://content-security-policy.com/)\n- [resourcepolicy.fyi](https://resourcepolicy.fyi/)\n- [HTTP Security Headers](https://securityheaders.com/)\n- [Mozilla Observatory](https://observatory.mozilla.org/)\n- [CSP Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP)\n- [HSTS Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security)\n- [X-Content-Type-Options Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options)\n- [X-Frame-Options Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)\n- [X-XSS-Protection Docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eArchive History\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/nB9szT1/Screenshot-from-2023-08-14-22-31-16.png\" align=\"right\" /\u003e\n\n###### Description\nFetches full history of archives from the Wayback machine\n\n###### Use Cases\nThis is useful for understanding the history of a site, and how it has changed over time. It can also be useful for finding old versions of a site, or for finding content that has been removed.\n\n###### Useful Links\n- [Wayback Machine](https://archive.org/web/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eGlobal Ranking\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/nkbczgb/Screenshot-from-2023-08-14-22-02-40.png\" align=\"right\" /\u003e\n\n###### Description\nThis check shows the global rank of the requested site. This is only accurate for websites which are in the top 100 million list. We're using data from the Tranco project (see below), which collates the top sites on the web from Umbrella, Majestic, Quantcast, the Chrome User Experience Report and Cloudflare Radar.\n\n###### Use Cases\nKnowing a websites overall global rank can be useful for understanding the scale of the site, and for comparing it to other sites. It can also be useful for understanding the relative popularity of a site, and for identifying potential trends.\n\n###### Useful Links\n- [Tranco List](https://tranco-list.eu/)\n- [Tranco Research Paper](https://tranco-list.eu/assets/tranco-ndss19.pdf)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eBlock Detection\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/M5JSXbW/Screenshot-from-2023-08-26-12-12-43.png\" align=\"right\" /\u003e\n\n###### Description\nChecks access to the URL using 10+ of the most popular privacy, malware and parental control blocking DNS servers.\n\n###### Use Cases\n\n\n###### Useful Links\n- [ThreatJammer Lists](https://threatjammer.com/osint-lists)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eMalware \u0026 Phishing Detection\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/hYgy621/Screenshot-from-2023-08-26-12-07-47.png\" align=\"right\" /\u003e\n\n###### Description\nChecks if a site appears in several common malware and phishing lists, to determine it's threat level.\n\n###### Use Cases\nKnowing if a site is listed as a threat by any of these services can be useful for understanding the reputation of a site, and for identifying potential trends.\n\n###### Useful Links\n- [URLHaus](https://urlhaus-api.abuse.ch/)\n- [PhishTank](https://www.phishtank.com/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eTLS Cipher Suites\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/6ydtH5R/Screenshot-from-2023-08-26-12-09-58.png\" align=\"right\" /\u003e\n\n###### Description\nThese are combinations of cryptographic algorithms used by the server to establish a secure connection. It includes the key exchange algorithm, bulk encryption algorithm, MAC algorithm, and PRF (pseudorandom function).\n\n###### Use Cases\nThis is important info to test for from a security perspective. Because a cipher suite is only as secure as the algorithms that it contains. If the version of encryption or authentication algorithm in a cipher suite have known vulnerabilities the cipher suite and TLS connection may then vulnerable to a downgrade or other attack\n\n###### Useful Links\n- [sslscan2 CLI](https://github.com/rbsec/sslscan)\n- [ssl-enum-ciphers (NPMAP script)](https://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eTLS Security Config\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/FmksZJt/Screenshot-from-2023-08-26-12-12-09.png\" align=\"right\" /\u003e\n\n###### Description\nThis uses guidelines from Mozilla's TLS Observatory to check the security of the TLS configuration. It checks for bad configurations, which may leave the site vulnerable to attack, as well as giving advice on how to fix. It will also give suggestions around outdated and modern TLS configs\n\n###### Use Cases\nUnderstanding issues with a site's TLS configuration will help you address potential vulnerabilities, and ensure the site is using the latest and most secure TLS configuration.\n\n###### Useful Links\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eTLS Handshake Simulation\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/F7qRZkh/Screenshot-from-2023-08-26-12-11-28.png\" align=\"right\" /\u003e\n\n###### Description\nThis simulates how different clients (browsers, operating systems) would perform a TLS handshake with the server. It helps identify compatibility issues and insecure configurations.\n\n###### Use Cases\n\n\n###### Useful Links\n- [TLS Handshakes (via Cloudflare Learning)](https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/)\n- [SSL Test (via SSL Labs)](https://www.ssllabs.com/ssltest/)\n\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003e\u003cb\u003eScreenshot\u003c/b\u003e\u003c/summary\u003e\n\n\u003cimg width=\"300\" src=\"https://i.ibb.co/2F0x8kP/Screenshot-from-2023-07-29-18-34-48.png\" align=\"right\" /\u003e\n\n###### Description\nThis check takes a screenshot of webpage that the requested URL / IP resolves to, and displays it.\n\n###### Use Cases\nThis may be useful to see what a given website looks like, free of the constraints of your browser, IP, or location.\n\n\n\u003c/details\u003e\n\n\u003c/details\u003e\n\nRead more here: **[web-check.xyz/about](https://web-check.xyz/about)**\n\n---\n\n## Usage\n\n### Deployment\n\n### Deploying - Option #1: Netlify\n\nClick the button below, to deploy to Netlify 👇\n\n[![Deploy to Netlify](https://img.shields.io/badge/Deploy-Netlify-%2330c8c9?style=for-the-badge\u0026logo=netlify\u0026labelColor=1e0e41 'Deploy Web-Check to Netlify, via 1-Click Script')](https://app.netlify.com/start/deploy?repository=https://github.com/lissy93/web-check)\n\n### Deploying - Option #2: Vercel\n\nClick the button below, to deploy to Vercel 👇\n\n[![Deploy with Vercel](https://img.shields.io/badge/Deploy-Vercel-%23ffffff?style=for-the-badge\u0026logo=vercel\u0026labelColor=1e0e41)](https://vercel.com/new/clone?repository-url=https%3A%2F%2Fgithub.com%2Flissy93%2Fweb-check\u0026project-name=web-check\u0026repository-name=web-check-fork\u0026demo-title=Web-Check%20Demo\u0026demo-description=Check%20out%20web-check.xyz%20to%20see%20a%20live%20demo%20of%20this%20application%20running.\u0026demo-url=https%3A%2F%2Fweb-check.xyz\u0026demo-image=https%3A%2F%2Fraw.githubusercontent.com%2FLissy93%2Fweb-check%2Fmaster%2F.github%2Fscreenshots%2Fweb-check-screenshot10.png)\n\n### Deploying - Option #3: Docker\n\nRun `docker run -p 3000:3000 lissy93/web-check`, then open [`localhost:3000`](http://localhost:3000)\n\n\u003cdetails\u003e\n\u003csummary\u003eDocker Options\u003c/summary\u003e\n\nYou can get the Docker image from:\n- DockerHub: [`lissy93/web-check`](https://hub.docker.com/r/lissy93/web-check)\n- GHCR: [`ghcr.io/lissy93/web-check`](https://github.com/Lissy93/web-check/pkgs/container/web-check)\n- Or build the image yourself by cloning the repo and running `docker build -t web-check .`\n\n\u003c/details\u003e\n\n### Deploying - Option #4: From Source\n\nInstall the prerequisites listed in the [Developing](#developing) section, then run: \n\n```bash\ngit clone https://github.com/Lissy93/web-check.git # Download the code from GitHub\ncd web-check # Navigate into the project dir\nyarn install # Install the NPM dependencies\nyarn build # Build the app for production\nyarn serve # Start the app (API and GUI)\n```\n\n---\n\n### Configuring\n\nBy default, no configuration is needed.\n\nBut there are some optional environmental variables that you can set to give you access to some additional checks, or to increase rate-limits for some checks that use external APIs.\n\n**API Keys \u0026 Credentials**:\n\nKey | Value\n---|---\n`GOOGLE_CLOUD_API_KEY` | A Google API key ([get here](https://cloud.google.com/api-gateway/docs/authenticate-api-keys)). This can be used to return quality metrics for a site\n`REACT_APP_SHODAN_API_KEY` | A Shodan API key ([get here](https://account.shodan.io/)). This will show associated host names for a given domain\n`REACT_APP_WHO_API_KEY` | A WhoAPI key ([get here](https://whoapi.com/)). This will show more comprehensive WhoIs records than the default job\n\n\u003cdetails\u003e\n \u003csummary\u003e\u003csmall\u003eFull / Upcoming Vals\u003c/small\u003e\u003c/summary\u003e\n \n- `GOOGLE_CLOUD_API_KEY` - A Google API key ([get here](https://cloud.google.com/api-gateway/docs/authenticate-api-keys)). This can be used to return quality metrics for a site\n- `REACT_APP_SHODAN_API_KEY` - A Shodan API key ([get here](https://account.shodan.io/)). This will show associated host names for a given domain\n- `REACT_APP_WHO_API_KEY` - A WhoAPI key ([get here](https://whoapi.com/)). This will show more comprehensive WhoIs records than the default job\n- `SECURITY_TRAILS_API_KEY` - A Security Trails API key ([get here](https://securitytrails.com/corp/api)). This will show org info associated with the IP\n- `CLOUDMERSIVE_API_KEY` - API key for Cloudmersive ([get here](https://account.cloudmersive.com/)). This will show known threats associated with the IP\n- `TRANCO_USERNAME` - A Tranco email ([get here](https://tranco-list.eu/)). This will show the rank of a site, based on traffic\n- `TRANCO_API_KEY` - A Tranco API key ([get here](https://tranco-list.eu/)). This will show the rank of a site, based on traffic\n- `URL_SCAN_API_KEY` - A URLScan API key ([get here](https://urlscan.io/)). This will fetch miscalanious info about a site\n- `BUILT_WITH_API_KEY` - A BuiltWith API key ([get here](https://api.builtwith.com/)). This will show the main features of a site\n- `TORRENT_IP_API_KEY` - A torrent API key ([get here](https://iknowwhatyoudownload.com/en/api/)). This will show torrents downloaded by an IP\n \n\u003c/details\u003e\n\n**Configuration Settings**:\n\nKey | Value\n---|---\n`PORT` | Port to serve the API, when running server.js (e.g. `3000`)\n`API_ENABLE_RATE_LIMIT` | Enable rate-limiting for the /api endpoints (e.g. `true`)\n`API_TIMEOUT_LIMIT` | The timeout limit for API requests, in milliseconds (e.g. `10000`)\n`API_CORS_ORIGIN` | Enable CORS, by setting your allowed hostname(s) here (e.g. `example.com`)\n`CHROME_PATH` | The path the Chromium executable (e.g. `/usr/bin/chromium`)\n`DISABLE_GUI` | Disable the GUI, and only serve the API (e.g. `false`)\n`REACT_APP_API_ENDPOINT` | The endpoint for the API, either local or remote (e.g. `/api`)\n\nAll values are optional.\n\nYou can add these as environmental variables. Either put them directly into an `.env` file in the projects root, or via the Netlify / Vercel UI, or by passing to the Docker container with the --env flag, or using your own environmental variable management system\n\nNote that keys that are prefixed with `REACT_APP_` are used client-side, and as such they must be scoped correctly with minimum privileges, since may be made visible when intercepting browser \u003c-\u003e server network requests\n\n---\n\n### Developing\n\n1. Clone the repo, `git clone git@github.com:Lissy93/web-check.git`\n2. Cd into it, `cd web-check`\n3. Install dependencies: `yarn`\n4. Start the dev server, with `yarn dev`\n\nYou'll need [Node.js](https://nodejs.org/en) (V 18.16.1 or later) installed, plus [yarn](https://yarnpkg.com/getting-started/install) as well as [git](https://git-scm.com/).\nSome checks also require `chromium`, `traceroute` and `dns` to be installed within your environment. These jobs will just be skipped if those packages aren't present.\n\n\n---\n\n## Community\n\n### Contributing\n\nContributions of any kind are very welcome, and would be much appreciated.\nFor Code of Conduct, see [Contributor Convent](https://www.contributor-covenant.org/version/2/1/code_of_conduct/).\n\nTo get started, fork the repo, make your changes, add, commit and push the code, then come back here to open a pull request. If you're new to GitHub or open source, [this guide](https://www.freecodecamp.org/news/how-to-make-your-first-pull-request-on-github-3#let-s-make-our-first-pull-request-) or the [git docs](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request) may help you get started, but feel free to reach out if you need any support.\n\n[![Submit a PR](https://img.shields.io/badge/Submit_a_PR-GitHub-%23060606?style=for-the-badge\u0026logo=github\u0026logoColor=fff)](https://github.com/Lissy93/web-check/compare)\n\n\n### Reporting Bugs\n\nIf you've found something that doesn't work as it should, or would like to suggest a new feature, then go ahead and raise a ticket on GitHub.\nFor bugs, please outline the steps needed to reproduce, and include relevant info like system info and resulting logs.\n\n[![Raise an Issue](https://img.shields.io/badge/Raise_an_Issue-GitHub-%23060606?style=for-the-badge\u0026logo=github\u0026logoColor=fff)](https://github.com/Lissy93/web-check/issues/new/choose)\n\n### Supporting\n\nThe app will remain 100% free and open source.\nBut due to the amount of traffic that the hosted instance gets, the lambda function usage is costing about $25/month.\nAny help with covering the costs via GitHub Sponsorship would be much appreciated.\nIt's thanks to the support of the community that this project is able to be freely available for everyone :)\n\n[![Sponsor Lissy93 on GitHub](https://img.shields.io/badge/Sponsor_on_GitHub-Lissy93-%23ff4dda?style=for-the-badge\u0026logo=githubsponsors\u0026logoColor=ff4dda)](https://github.com/sponsors/Lissy93)\n\n\n### Contributors\n\nCredit to the following users for contributing to Web-Check\n\n\u003c!-- readme: contributors -start --\u003e\n\u003ctable\u003e\n\t\u003ctbody\u003e\n\t\t\u003ctr\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/Lissy93\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/1862727?v=4\" width=\"80;\" alt=\"Lissy93\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eAlicia Sykes\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/liss-bot\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/87835202?v=4\" width=\"80;\" alt=\"liss-bot\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eAlicia Bot\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/n0a\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/14150948?v=4\" width=\"80;\" alt=\"n0a\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eDenis Simonov\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/muni106\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/65845442?v=4\" width=\"80;\" alt=\"muni106\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eMounir Samite\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/ChrisCarini\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/6374067?v=4\" width=\"80;\" alt=\"ChrisCarini\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eChris Carini\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/bolens\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/1218380?v=4\" width=\"80;\" alt=\"bolens\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eMichael Bolens\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n\t\t\u003c/tr\u003e\n\t\t\u003ctr\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/HeroGamers\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/15278940?v=4\" width=\"80;\" alt=\"HeroGamers\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eMarcus Sand\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/jinnabaalu\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/11784253?v=4\" width=\"80;\" alt=\"jinnabaalu\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eJinna Baalu\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/GreyXor\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/79602273?v=4\" width=\"80;\" alt=\"GreyXor\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eGreyXor\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/brianteeman\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/1296369?v=4\" width=\"80;\" alt=\"brianteeman\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eBrian Teeman\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/vitalykarasik\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/7628795?v=4\" width=\"80;\" alt=\"vitalykarasik\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eVitaly Karasik\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/Its-Just-Nans\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/56606507?v=4\" width=\"80;\" alt=\"Its-Just-Nans\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003en4n5\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n\t\t\u003c/tr\u003e\n\t\t\u003ctr\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/robinson\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/237874?v=4\" width=\"80;\" alt=\"robinson\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eLth\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/abhishekMuge\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/49590582?v=4\" width=\"80;\" alt=\"abhishekMuge\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eAbhishek Muge\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/UlisesGascon\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/5110813?v=4\" width=\"80;\" alt=\"UlisesGascon\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eUlises Gascón\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/PhiRequiem\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/1323576?v=4\" width=\"80;\" alt=\"PhiRequiem\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003ePhiRequiem\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/ntaiko\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/108784453?v=4\" width=\"80;\" alt=\"ntaiko\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eNikolaos G. Ntaiko\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/Myzel394\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/50424412?v=4\" width=\"80;\" alt=\"Myzel394\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eMyzel394\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n\t\t\u003c/tr\u003e\n\t\t\u003ctr\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/murrple-1\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/5559656?v=4\" width=\"80;\" alt=\"murrple-1\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eMurray Christopherson\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/t3chn0m4g3\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/4318452?v=4\" width=\"80;\" alt=\"t3chn0m4g3\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eMarco Ochse\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/treatmesubj\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/39680353?v=4\" width=\"80;\" alt=\"treatmesubj\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eJohn Hupperts\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/eltociear\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/22633385?v=4\" width=\"80;\" alt=\"eltociear\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eIkko Eltociear Ashimine\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/Gertje823\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/36937387?v=4\" width=\"80;\" alt=\"Gertje823\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eGertje823\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/epreston\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/347224?v=4\" width=\"80;\" alt=\"epreston\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eEd Preston\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n\t\t\u003c/tr\u003e\n\t\t\u003ctr\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/dimitri-kandassamy\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/21193806?v=4\" width=\"80;\" alt=\"dimitri-kandassamy\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eDimitri Kandassamy\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/0xflotus\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/26602940?v=4\" width=\"80;\" alt=\"0xflotus\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003e0xflotus\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n\t\t\u003c/tr\u003e\n\t\u003ctbody\u003e\n\u003c/table\u003e\n\u003c!-- readme: contributors -end --\u003e\n\n### Sponsors\n\nHuge thanks to these wonderful people, who sponsor me on GitHub, their support helps cover the costs required to keep Web-Check and my other projects free for everyone. Consider joining them, by [sponsoring me on GitHub](https://github.com/sponsors/Lissy93) if you're able.\n\n\u003c!-- readme: sponsors -start --\u003e\n\u003ctable\u003e\n\t\u003ctbody\u003e\n\t\t\u003ctr\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/vincentkoc\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/25068?v=4\" width=\"80;\" alt=\"vincentkoc\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eVincent Koc\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/AnandChowdhary\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/2841780?u=747e554b3a7f12eb20b7910e1c87d817844f714f\u0026v=4\" width=\"80;\" alt=\"AnandChowdhary\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eAnand Chowdhary\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/shrippen\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/2873570?v=4\" width=\"80;\" alt=\"shrippen\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eShrippen\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/bile0026\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/5022496?u=aec96ad173c0ea9baaba93807efa8a848af6595c\u0026v=4\" width=\"80;\" alt=\"bile0026\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eZach Biles\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/UlisesGascon\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/5110813?u=3c41facd8aa26154b9451de237c34b0f78d672a5\u0026v=4\" width=\"80;\" alt=\"UlisesGascon\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eUlises Gascón\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/digitalarche\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/6546135?u=564756d7f44ab2206819eb3148f6d822673f5066\u0026v=4\" width=\"80;\" alt=\"digitalarche\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eDigital Archeology\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n\t\t\u003c/tr\u003e\n\t\t\u003ctr\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/InDieTasten\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/7047377?u=8d8f8017628b38bc46dcbf3620e194b01d3fb2d1\u0026v=4\" width=\"80;\" alt=\"InDieTasten\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eInDieTasten\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/araguaci\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/7318668?v=4\" width=\"80;\" alt=\"araguaci\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eAraguaci\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/bmcgonag\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/7346620?u=2a0f9284f3e12ac1cc15288c254d1ec68a5081e8\u0026v=4\" width=\"80;\" alt=\"bmcgonag\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eBrian McGonagill\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/arcestia\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/7936962?v=4\" width=\"80;\" alt=\"arcestia\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eLaurensius Jeffrey\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/vlad-tim\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/11474041?u=eee43705b54d2ec9f51fc4fcce5ad18dd17c87e4\u0026v=4\" width=\"80;\" alt=\"vlad-tim\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eVlad\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/helixzz\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/12218889?u=d06d0c103dfbdb99450623064f7da3c5a3675fb6\u0026v=4\" width=\"80;\" alt=\"helixzz\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eHeliXZz\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n\t\t\u003c/tr\u003e\n\t\t\u003ctr\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/mryesiller\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/24632172?u=0d20f2d615158f87cd60a3398d3efb026c32f291\u0026v=4\" width=\"80;\" alt=\"mryesiller\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eGöksel Yeşiller\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/sushibait\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/26634535?v=4\" width=\"80;\" alt=\"sushibait\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eShiverme Timbers\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/getumbrel\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/59408891?v=4\" width=\"80;\" alt=\"getumbrel\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eUmbrel\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/OlliVHH\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/84959562?v=4\" width=\"80;\" alt=\"OlliVHH\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eHamburgerJung\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/frankdez93\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/87549420?v=4\" width=\"80;\" alt=\"frankdez93\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eFrankdez93\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/terminaltrove\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/121595180?v=4\" width=\"80;\" alt=\"terminaltrove\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eTerminal Trove\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n\t\t\u003c/tr\u003e\n\t\t\u003ctr\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/st617\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/128325650?v=4\" width=\"80;\" alt=\"st617\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003est617\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/hudsonrock-partnerships\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/163282900?u=5f2667f7fe5d284ac7a2da6b0800ea8970b0fcbf\u0026v=4\" width=\"80;\" alt=\"hudsonrock-partnerships\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003ehudsonrock-partnerships\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n \u003ctd align=\"center\"\u003e\n \u003ca href=\"https://github.com/CarterPerez-dev\"\u003e\n \u003cimg src=\"https://avatars.githubusercontent.com/u/188120068?v=4\" width=\"80;\" alt=\"CarterPerez-dev\"/\u003e\n \u003cbr /\u003e\n \u003csub\u003e\u003cb\u003eCarter Perez\u003c/b\u003e\u003c/sub\u003e\n \u003c/a\u003e\n \u003c/td\u003e\n\t\t\u003c/tr\u003e\n\t\u003ctbody\u003e\n\u003c/table\u003e\n\u003c!-- readme: sponsors -end --\u003e\n\n---\n\n## License\n\n\u003e _**[Lissy93/Web-Check](https://github.com/Lissy93/web-check)** is licensed under [MIT](https://github.com/Lissy93/web-check/blob/HEAD/LICENSE) © [Alicia Sykes](https://aliciasykes.com) 2023._\u003cbr\u003e\n\u003e \u003csup align=\"right\"\u003eFor information, see \u003ca href=\"https://tldrlegal.com/license/mit-license\"\u003eTLDR Legal \u003e MIT\u003c/a\u003e\u003c/sup\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eExpand License\u003c/summary\u003e\n\n```\nThe MIT License (MIT)\nCopyright (c) Alicia Sykes \u003calicia@omg.com\u003e \n\nPermission is hereby granted, free of charge, to any person obtaining a copy \nof this software and associated documentation files (the \"Software\"), to deal \nin the Software without restriction, including without limitation the rights \nto use, copy, modify, merge, publish, distribute, sub-license, and/or sell \ncopies of the Software, and to permit persons to whom the Software is furnished \nto do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included install \ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,\nINCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANT ABILITY, FITNESS FOR A\nPARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT\nHOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION\nOF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE\nSOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n```\n\n[![View Dependency Licenses \u0026 SBOM on FOSSA](https://app.fossa.com/api/projects/git%2Bgithub.com%2FLissy93%2Fweb-check.svg?type=large\u0026issueType=license)](https://app.fossa.com/projects/git%2Bgithub.com%2FLissy93%2Fweb-check?ref=badge_large\u0026issueType=license)\n\n\u003c/details\u003e\n\n\n\u003c!-- License + Copyright --\u003e\n\u003cp align=\"center\"\u003e\n \u003ci\u003e© \u003ca href=\"https://aliciasykes.com\"\u003eAlicia Sykes\u003c/a\u003e 2023\u003c/i\u003e\u003cbr\u003e\n \u003ci\u003eLicensed under \u003ca href=\"https://gist.github.com/Lissy93/143d2ee01ccc5c052a17\"\u003eMIT\u003c/a\u003e\u003c/i\u003e\u003cbr\u003e\n \u003ca href=\"https://github.com/lissy93\"\u003e\u003cimg src=\"https://i.ibb.co/4KtpYxb/octocat-clean-mini.png\" /\u003e\u003c/a\u003e\u003cbr\u003e\n \u003csup\u003eThanks for visiting :)\u003c/sup\u003e\n\u003c/p\u003e\n\n\u003c!-- Dinosaurs are Awesome --\u003e\n\u003c!-- \n . - ~ ~ ~ - .\n .. _ .-~ ~-.\n //| \\ `..~ `.\n || | } } / \\ \\\n(\\ \\\\ \\~^..' | } \\\n \\`.-~ o / } | / \\\n (__ | / | / `.\n `- - ~ ~ -._| /_ - ~ ~ ^| /- _ `.\n | / | / ~-. ~- _\n |_____| |_____| ~ - . _ _~_-_\n--\u003e\n\n","funding_links":["https://github.com/sponsors/lissy93","https://github.com/sponsors/Lissy93"],"categories":["Monitor"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flissy93%2Fweb-check","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flissy93%2Fweb-check","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flissy93%2Fweb-check/lists"}