Overt
Look up a site

Company

Built because our lookups didn't show their work.

Overt exists because we needed it and couldn't buy it.

overt · method how it reads
Public signals only no intrusion · no login scraping
  • HTTP response headers
    server · set-cookie · security headers
  • DNS & CNAME chains
    borowik.pl → e8113.x.akamaiedge.net
  • Certificate transparency
    CT logs · issuer · SANs
  • BGP routing
    own-ASN · upstreams · CDN edges
+ public registries (KRS) GDPR-aligned

The story, short version

Overt began with a simple frustration: every technology lookup we tried was stale on arrival, wrong without explanation, and asked us to take its word for it. None of them showed how they knew.

So we built our own: an engine that reads public infrastructure, keeps its own corpus fresh, and — the part that actually mattered — attaches the exact signal behind every detection. You stop trusting a list and start reading the evidence.

Overt is that engine, productized: a standalone platform for anyone who needs to know what a website runs — and to prove it.

the operating idea

Lists tell you what to believe.

Evidence lets you verify it.

— the difference between a guess and a fact

Principles we can be held to

01

Evidence first

If we can't show the signal, we don't ship the claim. That rule built the product, and it writes this website too — every figure here traces to a query against the live database.

02

Public signals only

Detection reads what companies publish to the internet by operating there. No intrusion, no scraping behind logins, no scan-index purchases. The method survives legal review because there is nothing to hide in it.

03

Honest limits

We publish what the method cannot see, and the product says "none detected", never "none exists". A tool whose confidence you can trust is worth more than one that is always sure.

04

Deep markets, not thin coverage

Depth in one market beats thin coverage of twenty. A market corpus is built the way a local rep would know it — official registries, financials, hiring, routing — and only then does the model move to the next market.

Our GDPR & privacy stance, concretely

What detection reads

Publicly observable infrastructure signals about companies — response headers, DNS, certificates, routing announcements — and company records from public registries. Not individuals.

Where people data comes from

Contact and buying-team enrichment inside the product uses licensed data providers, under their lawful bases, with retention limits enforced in the platform.

Where it runs

On Cloudflare's network, with data stored in the EU. [DPA available at signature] [Sub-processor list available on request]

Talk to the people who built it.

Every live scan is run by the team, not a sales development layer. Bring hard questions — the methodology page is the warm-up.

Book a live scan of your territory