Every scan analyzes up to 5 types of technical signals across 180+ builders, CMS platforms, and frameworks. Here is exactly how detection works — and its limitations.
When you submit a URL, our scanner fetches the page and analyzes five independent signal channels. Each match contributes to the confidence score. Multiple matching signals from different channels confirm the detection with high certainty.
JavaScript files loaded into a page often have paths or filenames tied to the platform that generated the site. We match against a database of known script URL patterns — for example, a file loaded from a Framer-specific CDN subdomain confirms a Framer build. Script patterns are the most common signal type: most AI builders and CMS platforms load at least one proprietary JS bundle that cannot be substituted without breaking core functionality.
Generated HTML markup often contains platform-specific attributes, class names, data attributes, or structural conventions. These are injected by the builder's rendering pipeline and persist across custom themes. For example, Webflow injects `data-wf-site` attributes; Lovable embeds specific React root wrapper class names; Gamma outputs recognizable card container structures across all generated content.
Most builders host static assets — images, fonts, CSS, JavaScript — on their own content delivery networks. When a page loads resources from a known builder CDN domain, that is a strong, low-ambiguity signal. CDN domains are reliable because builders cannot easily move assets off their own infrastructure without breaking existing sites. We monitor CDN signals even for custom-domain deployments, where the user-facing URL gives no hint of the underlying platform.
HTTP response headers are returned by the server before any page content loads. Some platforms inject custom headers that identify their infrastructure — for example, Cloudflare adds `CF-Ray` headers; Vercel adds `x-vercel-id`. These server-layer signals are valuable because they are independent of the HTML content and cannot be removed by theme customization. Header analysis is especially important for CDN and hosting provider detection.
The `<head>` section of a web page often contains meta tags that builders inject automatically — generator tags, custom property tags, or platform-specific metadata. Jekyll and Eleventy embed a `generator` meta tag by default. Many AI builders add custom meta attributes during the build pipeline. These tags are lightweight but reliable fingerprints, particularly for static site generators where script signals are minimal.
Each builder in our database has a weighted set of expected signals. When a scan matches a signal, the confidence score increases by that signal's weight. Signals that are highly unique to a builder (a proprietary CDN domain, a distinctive meta tag) carry higher weight than generic patterns that multiple platforms might share.
80–100%
High Confidence
Multiple independent signals confirmed. Result is reliable.
50–79%
Moderate Confidence
Partial signal match. Likely correct but worth verifying manually.
Below 50%
Low Confidence
Weak match. Site may be using a different platform or obscuring signals.
180+
Builders tracked
5
Signal channels
1,000+
Unique patterns
Our fingerprint database covers website builders, CMS platforms, static site generators, e-commerce platforms, JavaScript frameworks, CDN providers, and third-party analytics tools. Detection patterns are added or updated when a platform releases new infrastructure, changes its script delivery, or modifies its HTML output conventions.
Browse the complete list of supported builders and their detection signal counts on the Builders page.
Signals embedded exclusively in server-side rendering without client-side artifacts are invisible to passive HTML analysis. Fully server-rendered frameworks using custom CDN setups may produce lower confidence scores.
Some enterprises route all third-party assets through their own CDN or reverse proxy. This can mask CDN domain signals — though script and HTML patterns typically still surface in the page source.
Sites that combine multiple platforms — for example, a Next.js frontend with a Webflow CMS backend, or an embedded HubSpot form on a Framer page — may produce detections for several technologies simultaneously. This is expected and reported accurately.
Builders that have recently launched or significantly updated their infrastructure may have lower detection accuracy until our fingerprint database is updated. We monitor major builder releases and update detection patterns accordingly.
Accuracy varies by builder. For platforms that host on their own infrastructure — like Framer, Webflow, Gamma, and Lovable — detection accuracy is typically above 95% because the CDN domain and HTTP header signals are unambiguous. For builders that allow code export and self-hosting, accuracy depends on how many structural fingerprints the exported code retains. We report a confidence score (0–100%) with every scan to communicate certainty level.
It is possible but rarely done in practice. A developer could strip all meta tags, rename CDN assets, and proxy all requests through their own domain — but this requires significant ongoing maintenance and breaks many platform features. Most sites retain detectable fingerprints because removing them is either impossible (HTTP headers injected by the CDN) or would require rebuilding core functionality.
We currently track 180 website builders, CMS platforms, frameworks, and analytics tools. The fingerprint database is updated when builders change their CDN infrastructure, release new script bundles, or modify their HTML output — typically within days of a major platform change. Builder additions are prioritized by search interest and user requests.
We store the scan result — the domain, detected builder, confidence score, and scan timestamp — but not the full page HTML or screenshots. Scan history is used to power the 'Recent Detections' feature and aggregate statistics. We do not crawl sites proactively; every scan is triggered by a user entering a URL.
Ready to see it in action?
Scan a Website Free →