Website stack lookup
What is this website built with?
I built WhosBuilt for a question I keep asking while looking at small products, competitors, and client sites: what is this site using, and which clues actually prove it?
Page code
Generator tags, script paths, hydration markers, JSON-LD, and assets that point to a CMS or framework.
Network clues
Headers such as x-powered-by, server, cf-ray, cache hints, redirect chains, and deployment platform headers.
DNS and hosting
Name servers, A and AAAA records, MX records, IP ownership, CDN edges, and email provider records.
Ownership context
WHOIS, registrar, SSL issuer, humans.txt, footer credits, about pages, and public company references.
The short answer
You can usually tell what a website is built with by checking the page source, the HTTP response, and the domain records together. One clue is rarely enough. A Next.js marketing site might be served from Vercel, protected by Cloudflare, use Google Workspace for email, and still link to a WordPress help center on another subdomain.
WhosBuilt is meant to keep those answers honest. If the scan says Vercel, it should show the header or DNS clue. If it says Shopify, it should show the storefront script, theme asset, or hostname that made the match plausible.
How I would check it manually
I start with the source HTML, not because it tells the whole story, but because many sites leave obvious fingerprints there. A page can expose wp-content, a Shopify storefront script, a Webflow asset path, Next.js data, Nuxt hydration markup, Astro islands, Vite chunks, analytics tags, or a plain generator meta tag.
Then I check the request and infrastructure layer. Response headers can point to Vercel, Netlify, Cloudflare, nginx, Caddy, Fly.io, Render, or a managed CMS. DNS can show whether traffic lands on a CDN first, which IP network is behind it, and whether email is handled by Google, Microsoft, Fastmail, or something else entirely.
Doing that by hand works, but it is slow and easy to make messy. WhosBuilt puts the source, headers, DNS, SSL, WHOIS, and ownership clues into one report so I can compare the evidence instead of juggling browser extensions, terminal output, and copied header dumps.
What you get back
The useful answer is not a logo wall. I want a report that says what was found and why: detected technologies, matching source snippets, HTTP headers, DNS records, SSL issuer, registrar, hosting clues, and ownership signals in the same place.
That context changes the decision. For outreach, it helps separate an indie project from a larger company site. For due diligence, it shows whether the stack depends on a hosted platform. For competitor research or a rebuild, it tells you which parts are visible and which parts still need a human check.
I also want the negative evidence. If a page has no generator tag, hides its origin behind a proxy, or serves static HTML without framework markers, the report should make that uncertainty visible instead of pretending the answer is cleaner than it is.
What it cannot know
Some stack choices are private. A static site can hide the CMS that produced it. A reverse proxy can hide the origin server. A company can run marketing on Webflow, docs on GitBook, the app on Next.js, and support on Zendesk. Looking at one URL does not prove the whole company stack.
That is why WhosBuilt treats the result as evidence, not a single overconfident label. If the clues point to Cloudflare and Vercel, I want both. If the generator tag is missing, or if the only clue is a generic server header, I would rather leave that part unresolved than invent a neat answer.
If you mainly care about infrastructure, the hosting lookup page goes deeper on that.