Resize my Image Blog

How to Detect Shopify Stores Using Source Code and Technology Signals

Jame Miller

Spotting a Shopify store is like finding a secret sticker on a laptop. The store may look unique. It may have fancy fonts. It may even feel custom built. But under the hood, Shopify often leaves little clues. You just need to know where to look.

TLDR: You can detect many Shopify stores by checking their source code, network requests, and technology signals. Look for clues like cdn.shopify.com, myshopify.com, Shopify JavaScript objects, cart endpoints, theme assets, and checkout patterns. Tools can help, but manual checks are often more fun and more reliable. Some stores hide the clues, especially headless stores, so use several signals together.

Why Detect Shopify Stores?

There are many good reasons to know if a site uses Shopify.

Shopify powers a huge number of online stores. Some are tiny shops. Some are giant brands. The front end can look very different from store to store. But the backend often leaves patterns. These patterns are your breadcrumbs.

Important note: only inspect public information. Do not try to break into anything. Do not scan aggressively. Be polite to websites. We are detectives, not villains.

Start With “View Source”

The easiest place to begin is the page source.

In most browsers, right click on the page. Then choose View Page Source. You can also press Ctrl + U on Windows or Command + Option + U on Mac.

Now search the code. Use Ctrl + F or Command + F. Try these words:

If you find several of these, you probably found a Shopify store.

One clue is nice. Three clues are better. Think of it like a sandwich. One slice of bread is not lunch. Two slices and a filling? Now we are talking.

The Big Clue: Shopify CDN

One of the strongest signs is the Shopify content delivery network.

Look for URLs like this:

https://cdn.shopify.com/...

This domain is used to serve images, scripts, style files, fonts, and theme files. If a store loads many files from cdn.shopify.com, that is a very strong signal.

You may see image links like:

cdn.shopify.com/s/files/1/...

You may also see asset links like:

cdn.shopify.com/s/files/1/.../t/.../assets/theme.css

That /assets/ folder is especially useful. Shopify themes often load files from there. These files may include:

These file names are not proof by themselves. But together with the CDN path, they make a loud Shopify-shaped noise.

Look for Shopify JavaScript Objects

Shopify stores often place JavaScript data in the page. This helps themes, carts, analytics, and apps work correctly.

In the source code, search for:

Shopify

You may find code like:

window.Shopify = window.Shopify || {};
Shopify.shop = "example.myshopify.com";
Shopify.theme = {"name":"Dawn","id":123456789};

This is a bright neon sign.

You may also see:

ShopifyAnalytics.meta

Or:

Shopify.routes = Shopify.routes || {};

These objects are common on Shopify sites. They may include product IDs, currency data, page type, theme info, and shop info.

Fun tip: if the source code says myshopify.com, the store is almost certainly related to Shopify. Many merchants use a custom domain, like coolshoes.com. But behind the scenes, their original Shopify domain may still appear as coolshoes.myshopify.com.

Use Developer Tools Like a Friendly Spy

Browser Developer Tools are your magnifying glass.

Open the website. Then open DevTools:

Now click the Network tab. Refresh the page. Watch the requests load.

Search the Network panel for:

You are looking for requests that connect to Shopify services.

Common Shopify requests include:

/cart.js
/cart/add.js
/cart/change.js
/products.json
/recommendations/products.json
/search/suggest.json

These are part of Shopify’s storefront behavior. The cart endpoints are especially useful. Many Shopify themes use Ajax cart features. That means the site can add items to the cart without a full page reload.

If you see /cart/add.js after adding a product to the cart, smile. You likely have a Shopify store.

Check the Cart Endpoints

Here is a simple manual test.

Take the store domain. Add /cart.js to the end.

For example:

https://example.com/cart.js

If the site is Shopify, you may get a JSON response. It may show cart data. If the cart is empty, it may show an empty cart object.

You can also try:

https://example.com/products.json

Some stores allow this. Some limit it. Some hide it. So do not treat failure as proof that the site is not Shopify.

Think of these endpoints as doorbells. Sometimes they ring. Sometimes the owner turned the bell off. The house may still be there.

Look at Product Page URLs

Shopify has familiar URL patterns. They are not always used, but they are common.

Look for paths like:

Many ecommerce platforms have similar pages. So this is a soft signal. Still, when you combine it with Shopify CDN files and JavaScript objects, the picture gets clear.

Peek at Checkout Behavior

Shopify checkout can be another clue.

Add an item to the cart. Click checkout. Watch the URL. Many Shopify checkouts use Shopify-related domains or paths. You may see references to checkout, shopify, or a secure checkout flow tied to the platform.

Be careful here. Do not place fake orders. Do not enter payment details. You only need to observe the public checkout flow.

Some large brands use customized checkout setups. Shopify Plus stores may look different. Headless stores may route traffic in unusual ways. So again, use checkout as one clue, not the whole case.

Use DNS and Domain Clues

DNS can reveal Shopify too.

Many custom domains point to Shopify infrastructure. If you check DNS records, you may find hints like:

You can use public DNS lookup tools. Search for the domain’s CNAME records. Some stores will point a subdomain to Shopify. For example, shop.example.com may point toward a Shopify host.

This is a good backend signal. It is not visible in the page design. That makes it useful when the source code is clean or heavily customized.

Technology Detection Tools

You do not have to do everything by hand. Technology detection tools can help.

These tools scan public signals and guess what a site uses. They may detect:

Tools are fast. They are also not perfect. They can miss headless setups. They can be fooled by old scripts. They can detect a Shopify app on a non-Shopify site. That happens.

The best method is simple. Use tools for speed. Then confirm with manual checks.

Tool says Shopify? Great. Now check source code.

Source code says Shopify? Great. Now check network requests.

Network requests say Shopify? You probably have your answer.

Look for Shopify Theme Names

Theme names are another fun clue.

Shopify themes may expose their name or ID in JavaScript. Search source code for:

Shopify.theme

You may find something like:

Shopify.theme = {
  "name": "Dawn",
  "id": 987654321,
  "theme_store_id": 887
};

Dawn is a well-known Shopify theme. Other themes may appear too. Custom themes may use brand-specific names. But the object itself is the giveaway.

Theme asset paths can also include version numbers, theme IDs, and file names. These paths are often easy to spot in the source.

Check for Shopify Apps

Shopify stores often use apps. Apps can leave scripts, widgets, and tracking snippets.

Common app clues include:

Search the source code for app-like domains. You may see scripts loaded from third-party services that are popular in the Shopify app ecosystem.

This is a weaker signal. Many apps also support other ecommerce platforms. But if a site has Shopify CDN files plus several Shopify app scripts, that is useful evidence.

Do Not Trust One Signal Alone

One clue can lie.

A blog post may contain the word Shopify. A site may hotlink an image from Shopify CDN. A developer may copy code from an old Shopify theme. A headless store may hide almost everything.

So use a scoring mindset.

Give the site one point for each strong signal:

If you get four or more strong signals, the site is very likely Shopify. If you get one weak signal, keep looking.

Watch Out for Headless Shopify

Headless Shopify is trickier.

In a headless setup, Shopify may power the products, cart, and checkout. But the visible website may be built with another framework. It might use React, Next.js, Vue, or another front-end system.

This can hide normal Shopify theme clues. You may not see typical theme assets. You may not see Shopify.theme. The page may not look like Shopify at all.

So what can you check?

Headless stores are like ninjas. Still visible. Just less obvious.

A Simple Detection Workflow

Here is a quick process you can use.

  1. Open the site. Browse a product page.
  2. View source. Search for shopify, cdn.shopify.com, and myshopify.
  3. Open DevTools. Watch the Network tab while refreshing.
  4. Add a product to cart. Look for /cart/add.js or similar requests.
  5. Try /cart.js. See if it returns cart JSON.
  6. Check product and collection URLs. Look for familiar Shopify paths.
  7. Use a tech detection tool. Compare its result with your findings.
  8. Check DNS if needed. Look for Shopify hosting clues.

This workflow is quick. It is also clear. You can usually get an answer in a few minutes.

Final Thoughts

Detecting Shopify stores is not magic. It is pattern spotting. Shopify leaves fingerprints in source code, assets, scripts, URLs, checkout flows, and DNS records.

The strongest clues are cdn.shopify.com, myshopify.com, Shopify JavaScript objects, and Shopify cart endpoints. The weaker clues are URL shapes, app widgets, and tool guesses. Put them together and you get a reliable answer.

So the next time you visit a cool online store, take a peek under the hood. Open the source. Check the network. Follow the breadcrumbs. You may find Shopify waving back at you from the code.

Exit mobile version