Stop tab-juggling.
Get complete OSINT in seconds.

TraceTrellis replaces 40 minutes of manual research with a single investigation. Paste a domain, email, or username, get an exposure score, relationship graph, and PDF report. Automatically.

seed →
Investigate

Replace 40 minutes of manual tab-juggling with a single investigation across 16 public sources

Impress

A 0–100 exposure score across 6 risk dimensions, ready to share or keep for yourself

Deliver

Export a branded PDF with your logo. Clean, professional, no TraceTrellis watermark

How It Works

Three steps from seed to finished report

1
Enter a seed

Domain, email, or username, TraceTrellis detects the type automatically

2
Results in under 30 seconds

16 public sources queried in parallel, no waiting, no tab-switching

3
Deliver to your client

Export a branded PDF with your logo, or a plain report. Download, share, or archive it.

Backed by 17 public intelligence sources

17 public intelligence sources, all completely free.

🐙 GitHub Free
🔍 Sherlock Free
🔒 Crt.sh Free
🛡 SSL Certificate Free
📡 HTTP Headers Free
✉️ Email Security Free
🧩 Tech Fingerprint Free
👤 Gravatar Free
📜 Wayback CDX Free
🕵 Google Dorks Free
🛡 LeakCheck Free
📧 Holehe Free
🌐 WHOIS Free
🖥 Port Scan Free

Everything you need to investigate anything, fast

Whether you're a security researcher, a journalist, checking your own footprint, or running a client audit, TraceTrellis gives you professional-grade results without the manual legwork.

Auto seed detection

Drop any input: email, handle, or domain. The type is detected automatically.

40 minutes of research. 30 seconds.

16 sources queried simultaneously. No tab-switching, no copy-pasting. Results arrive as each source responds.

Relationship graph

Pan and zoom an interactive graph showing how entities connect at a glance.

Chronological timeline

Events displayed in time order so patterns become obvious.

Try it before you pitch it

Run an investigation right now, no account, no sign-up. Enough to check a lead or share findings on the spot. Register free when you're ready for port scanning, saved history, and PDF exports.

Breach & account intelligence

Check if an email appeared in known data breaches (LeakCheck) and discover which 120+ services it's registered on (Holehe). WHOIS domain registration and port scanning included, all free.

Understand exactly what's exposed

A 0–100 composite risk score across 6 dimensions, breach exposure, infrastructure footprint, security posture, and more. Ready to headline any report, conversation, or audit.

Instant security posture for any domain

SSL, HTTP headers, SPF/DKIM/DMARC, and tech fingerprint, all free. Show a prospect why their site has problems before the sales call ends.

Reports that look like yours

White-label PDF with your logo and contact info. TraceTrellis branding removed entirely. Looks like it came from your own team.

Saved investigation history

Every completed investigation is saved to your account. Revisit, compare, re-run, or export any previous result, your findings don't disappear.

See What a Finished Report Looks Like

Preview a finished investigation report before you run your own.

Domain Investigation

WHOIS, DNS records, SSL, breach data, subdomains, and more.

View Sample
Email Investigation

Breach exposure, social accounts, domain links, and more.

View Sample
Username Investigation

Social profiles, breach records, account enumeration, and more.

View Sample

What TraceTrellis IS and IS NOT

Transparency matters. Please read this.

Scope & Acceptable Use
  • ✅ Background research & due diligence
  • ✅ Security assessments & external reconnaissance
  • ✅ Digital footprint awareness for yourself
  • ✅ Journalism & public-interest investigation
  • ❌ Surveillance or stalking of individuals
  • ❌ Harassment, doxxing, or intimidation
  • ❌ Law enforcement without legal authority
  • ❌ Any activity illegal in your jurisdiction

TraceTrellis only aggregates publicly available data. You are solely responsible for how you use the information returned. By registering you agree to our Terms of Service.

Frequently Asked Questions

Everything you need to know about TraceTrellis

TraceTrellis is a digital footprint analyzer. Paste in an email address, username, or domain and we automatically search multiple public data sources in parallel. You get back an interactive relationship graph and a chronological timeline showing how that identity connects across the internet.

For domain targets: SSL certificate inspection, HTTP security headers (HSTS, CSP, X-Frame-Options), email authentication (SPF/DKIM/DMARC), technology fingerprinting, subdomains via Crt.sh, Wayback CDX history, Google Dorks, GitHub, Gravatar, WHOIS registration data, and deep port scanning via nmap, all free.

For email and username targets: GitHub, Sherlock, Gravatar, Keybase, Reddit, Google Dorks, LeakCheck breach checks, and Holehe account enumeration across 120+ services, all free.

All data comes from publicly available sources, no private databases, no hacking, nothing behind authentication.

Yes, completely free. You can run investigations right now without any account, just go to the investigate page and start. Results are available for 24 hours.

If you want port scanning, saved investigation history, or branded PDF exports, create a free account. Registration is instant, no email verification, no waiting. You're in immediately.

No credits, no subscription, no credit card. Ever.

TraceTrellis is built for anyone who needs to understand a digital footprint quickly. Security researchers, journalists, IT teams, due diligence analysts, or curious individuals checking their own exposure. If you currently open 8–10 browser tabs to research a domain and paste results into a document, this replaces that workflow.

Yes. Run an investigation, export a PDF, and use the results however you need, share it with a client, include it in a report, or keep it for your own records. The branded export lets you add your own logo and contact info so the report looks like it came from your team.

Most investigations complete in under 30 seconds. All data sources are queried in parallel using background job queues, so you get results from every source as fast as each one responds, no waiting for one to finish before the next starts.

It depends on whether you have an account. Guest investigations (no sign-in) are automatically deleted after 24 hours. Account investigations are saved to your dashboard indefinitely, you can revisit, re-run, or export them any time.

In either case, your data is never sold, shared, or monetized.

Every completed investigation gives you a full suite of outputs:

  • Digital Footprint Exposure Score an automatic 0-100 composite risk score across 6 weighted dimensions (breach exposure, account proliferation, infrastructure footprint, digital history, graph connectivity, and security posture). Gives you an instant headline metric for any subject.
  • Findings overview a count-by-type summary of every artifact found, so you see at a glance how much data was discovered across all sources.
  • Domain security sections domain investigations include dedicated sections for SSL certificate details, security issues with severity ratings (from HTTP headers, email authentication, and SSL checks), open ports discovered via port scan, and detected technologies with versions and categories.
  • Artifacts list a structured listing of every signal found across all queried sources, categorised by type (subdomains, certificates, breach records, etc.).
  • Inline JSON viewer a formatted, syntax-highlighted preview of the complete investigation data, readable right in your browser before you download anything.
  • JSON export a pretty-printed download of the full investigation payload, including all raw artifacts, confidence scores, relationship metadata, and source responses, ready for external tooling or archiving.
  • PDF report a comprehensive, print-ready report capturing all findings, the relationship graph snapshot, exposure score, timeline events, and source details. Can be exported as a white-label branded report with your own logo and contact info.
  • WHOIS data domain registration details (registrar, dates, nameservers, registrant where not privacy-protected) are surfaced automatically when a domain is part of your investigation target.
  • Relationship graph an interactive graph showing every discovered node and how they connect. Click any node to open a detail modal with its full data, source, type, confidence, and linked artifacts.
  • Timeline a chronological view of all events found during the investigation. To navigate:
    • Mouse wheel zoom in or out across the time axis (years to days).
    • Click and hold, then drag left/right scroll horizontally through time. This is the primary pan gesture; a standard horizontal scroll will not work.
    • Click any event marker to expand its full detail panel.

Yes. The Branded PDF export lets you white-label the investigation report with your own logo, name, and contact info, TraceTrellis branding is removed entirely. The report looks like it came from your own firm.

Ideal for anyone who wants a polished, professional-looking report, whether for personal use, sharing with a team, or handing to a client.

Set up your brand profile once under Report Settings, then export branded PDFs on any completed investigation.

Free to use. No account needed to start.

Run an investigation right now. Create a free account when you need more.

No account needed

Jump straight in. No sign-up, no email, nothing.

  • Domain, email, or username investigations
  • 16 sources queried in parallel
  • Exposure score, graph & timeline
  • Results available for 24 hours
Try it now
Free account

Everything above, plus the features that need a home base.

  • Everything in the left column
  • Port scanning (nmap across common ports)
  • Saved investigation history & dashboard
  • Re-run or revisit any past result
  • Branded PDF exports with your logo
Create free account

No email verification. Instant access.

© 2026 Designed & Developed by Juan Cadima. All rights reserved.