Find Companies Using Google Hosted Libraries (API)
Google Hosted Libraries is one of the oldest free public CDNs still in heavy use. It serves a fixed catalog of popular open-source JavaScript libraries—jQuery, Angular, and a handful of others—straight from ajax.googleapis.com, so a developer can pull in a known-good build with a single <script> tag and lean on Google's global edge for delivery. That convenience is exactly what makes “uses Google Hosted Libraries” a useful technographic signal: it tells you something concrete about how a team ships its front-end dependencies.
This guide explains what Google Hosted Libraries usage reveals about a company, why it is detected differently from an infrastructure CDN like Cloudflare, what the ajax.googleapis.com URL path exposes, and how to turn a raw domain list into a confirmed lead list with the DetectZeStack API—starting with a single curl command you can run right now.
What Google Hosted Libraries Is and Why It Leaves a Detectable Footprint
Google Hosted Libraries is a library-delivery CDN. It exists to serve versioned, open-source assets—a specific build of jQuery, a pinned release of AngularJS—from a single, stable hostname. A company does not put its own domain behind it; it references ajax.googleapis.com from inside its pages to fetch other people's code. That is a different job from an infrastructure CDN, which proxies the company's own traffic.
For technographic work, a confirmed Google Hosted Libraries reference is a small but specific window into a team's front-end habits:
- They lean on a public CDN for dependencies. Loading a library from
ajax.googleapis.comrather than bundling and self-hosting it is a deliberate choice. It often signals a leaner build setup—static sites, server-rendered pages, or CMS templates where dropping a script tag is faster than running a bundler. - It usually comes bundled with the library it delivers. Google Hosted Libraries rarely travels alone. The same page that references it is almost always loading a detectable library—most commonly jQuery—so one detection often hands you a piece of the front-end stack as well.
- It hints at the era and maintenance posture of a site. The Google Hosted Libraries catalog skews toward older, jQuery-era libraries. A site that still pulls jQuery from
ajax.googleapis.comis frequently an established, long-lived property rather than a freshly bundled SPA—useful context for both sales targeting and competitive research.
The same pipeline applies to any detectable technology. We have companion guides for finding companies using jsDelivr and the broader topic of detecting a site's CDN and hosting provider—the filter changes, the workflow stays the same.
Why It Shows Up in HTML, Not DNS or Certificates
It is worth being precise about where Google Hosted Libraries sits, because “CDN” is an overloaded word. There are two very different things both called CDNs:
| Type | Examples | Detected From |
|---|---|---|
| Infrastructure CDN | Cloudflare, Fastly, CloudFront, Akamai | DNS CNAME, response headers, TLS certificate |
| Library-delivery CDN | Google Hosted Libraries, jsDelivr, cdnjs, unpkg | Script & link references in the page HTML |
An infrastructure CDN proxies the whole site, so it shows up in the site's DNS, headers, and certificate—the layer covered in how to detect a website's CDN and hosting provider. Google Hosted Libraries leaves none of those marks, because it never touches the site's own domain. It appears only as a reference inside the served HTML, alongside its peers jsDelivr (cdn.jsdelivr.net), cdnjs (cdnjs.cloudflare.com), and unpkg (unpkg.com).
The flip side is the self-hosted case. A team that runs a bundler and ships its libraries from its own domain will load, say, jQuery from /static/js/jquery.min.js—no ajax.googleapis.com reference at all. The library is still detectable on its own fingerprint, but the delivery signal is absent. In other words: a missing Google Hosted Libraries detection does not mean the site avoids jQuery; it means the site does not fetch jQuery from Google's CDN. Keep that distinction in mind when you read negatives.
How to Detect Google Hosted Libraries on Any Site
Because Google Hosted Libraries lives in the page body, detection is a body-fingerprint match, not a DNS or header lookup. When DetectZeStack fetches a page, it scans the HTML for script and link references to ajax.googleapis.com/ajax/libs/. A match returns Google Hosted Libraries under the CDN category, at confidence 100, with source: "http"—because the evidence came directly from the HTTP response body.
You can spot the same raw signal yourself with a single command:
$ curl -s https://example.com | grep -o "ajax\.googleapis\.com/ajax/libs/[^\"']*" | head -1
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.jsOne match is enough to confirm the page references Google Hosted Libraries. But notice how much the URL itself gives away.
The ajax.googleapis.com Signal and What Versions Reveal
The Google Hosted Libraries URL scheme is rigidly structured: ajax.googleapis.com/ajax/libs/<library>/<version>/<file>. That means the path names both the library and its exact version in plain text. A reference to .../ajax/libs/jquery/3.6.0/jquery.min.js tells you the page loads jQuery 3.6.0; .../ajax/libs/angularjs/1.8.2/angular.min.js tells you AngularJS 1.8.2. You do not have to fingerprint the library separately—the delivery URL already states it.
DetectZeStack uses that to your advantage. Many of the libraries delivered over Google Hosted Libraries have their own fingerprints, so a single scan typically returns Google Hosted Libraries plus whatever it is delivering. A page that loads jQuery from an ajax.googleapis.com path, for example, comes back with both Google Hosted Libraries (under CDN) and jQuery as separate entries—often with a version parsed straight from the URL.
| Signal | Example | What It Tells You |
|---|---|---|
| Google Hosted Libraries source | ajax.googleapis.com/ajax/libs/ | Google Hosted Libraries confirmed (CDN) |
| Delivered library + version | .../libs/jquery/3.6.0/jquery.min.js | jQuery 3.6.0 confirmed |
| Self-hosted library | /static/js/jquery.min.js | Library detected, no Google Hosted Libraries signal |
| No reference | (none in HTML) | Site does not load assets from Google Hosted Libraries |
The honest limitation: Google Hosted Libraries detection depends on the HTML actually containing the reference. If a script is injected later by client-side JavaScript that never runs during a server-side fetch, or if the reference sits behind a tag manager, it may not appear in the fetched body. As with any body-fingerprint signal, absence of a detection is an unknown, not proof the site never touches Google Hosted Libraries.
Find Companies Using Google Hosted Libraries With the DetectZeStack API
Manual grep is fine for one domain. To qualify a list, you want the structured detection an API returns—the library, the category, and the co-detected stack—in a shape you can filter programmatically.
Live curl Example Against the /analyze Endpoint
You can try detection right now against the public demo endpoint—no API key required. The demo is IP-rate-limited, so use it for spot checks rather than bulk scans:
$ curl -s "https://detectzestack.com/demo?url=example.com" \
| jq '.technologies[] | select(.name == "Google Hosted Libraries")'
{
"name": "Google Hosted Libraries",
"categories": ["CDN"],
"confidence": 100,
"description": "Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.",
"website": "https://developers.google.com/speed/libraries",
"icon": "Google Developers.svg",
"source": "http",
"version": "",
"cpe": ""
}Google Hosted Libraries is matched directly off the ajax.googleapis.com/ajax/libs/ reference in the page and categorized under CDN. It carries source: "http" because the evidence came from the HTTP response body, and its own version field is empty—Google Hosted Libraries is a delivery network, not a versioned library, so there is nothing to read a version from. The libraries it delivers are where versions show up.
When you want the full stack for a domain rather than a filtered slice, call /analyze with your API key. The complete response is shaped like this:
$ curl -s "https://detectzestack.p.rapidapi.com/analyze?url=example.com" \
-H "X-RapidAPI-Key: YOUR_KEY" \
-H "X-RapidAPI-Host: detectzestack.p.rapidapi.com"
{
"url": "https://example.com",
"domain": "example.com",
"technologies": [
{
"name": "Google Hosted Libraries",
"categories": ["CDN"],
"confidence": 100,
"description": "Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.",
"website": "https://developers.google.com/speed/libraries",
"icon": "Google Developers.svg",
"source": "http",
"version": "",
"cpe": ""
},
{
"name": "jQuery",
"categories": ["JavaScript libraries"],
"confidence": 100,
"description": "jQuery is a JavaScript library designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.",
"website": "https://jquery.com",
"icon": "jQuery.svg",
"source": "http",
"version": "3.6.0",
"cpe": ""
}
],
"categories": {
"CDN": ["Google Hosted Libraries"],
"JavaScript libraries": ["jQuery"]
},
"meta": { "status_code": 200, "tech_count": 2, "scan_depth": "full" },
"cached": false,
"response_ms": 1842
}Two entries from one page: Google Hosted Libraries as the delivery method and jQuery as the thing being delivered, with its version parsed from the script URL. The top-level categories map groups every detection so you can pull all CDNs with .categories["CDN"] without iterating the array. The meta object carries the HTTP status_code, the tech_count, and the scan_depth; response_ms and cached sit at the top level.
One field to watch for list building is meta.scan_depth. A value of "full" means the HTTP fetch succeeded and body detection ran. A value of "partial" means the site blocked or timed out the HTTP request and only DNS and TLS layers completed—and since Google Hosted Libraries lives in the body, an absent entry on a "partial" scan tells you nothing. Those domains belong in a retry queue, not your rejects file.
Build a Technographic List of Google Hosted Libraries Users
For list building, POST /analyze/batch accepts up to 10 URLs per request and analyzes them concurrently. Each entry in the response carries either a full analysis result or an error for domains that could not be fetched:
$ curl -s -X POST "https://detectzestack.p.rapidapi.com/analyze/batch" \
-H "X-RapidAPI-Key: YOUR_KEY" \
-H "X-RapidAPI-Host: detectzestack.p.rapidapi.com" \
-H "Content-Type: application/json" \
-d '{"urls": ["example.com", "jquery.com", "wordpress.org"]}'The response wraps one result object per URL, each with the same shape as a single /analyze response:
{
"results": [
{ "url": "example.com", "result": { "...full analysis..." : "" } },
{ "url": "jquery.com", "result": { "...full analysis..." : "" } },
{ "url": "wordpress.org", "result": { "...full analysis..." : "" } }
],
"total_ms": 2341,
"successful": 3,
"failed": 0
}Because each result matches the single-domain shape, the filtering logic is identical whether you scan one domain or a thousand. Here is a complete, copy-pasteable pipeline using nothing but bash, curl, and jq. It reads domains.txt (one domain per line), sends batches of 10 to /analyze/batch, and appends every domain where Google Hosted Libraries is detected to ghl_leads.csv, recording the tech count alongside it:
#!/usr/bin/env bash
# find-ghl.sh — filter a domain list down to Google Hosted Libraries leads
KEY="YOUR_KEY"
HOST="detectzestack.p.rapidapi.com"
echo "domain,tech_count" > ghl_leads.csv
# Process domains.txt in batches of 10 (the /analyze/batch maximum)
xargs -n 10 < domains.txt | while read -r batch; do
urls=$(printf '%s\n' $batch | jq -R . | jq -s '{urls: .}')
curl -s -X POST "https://$HOST/analyze/batch" \
-H "X-RapidAPI-Key: $KEY" \
-H "X-RapidAPI-Host: $HOST" \
-H "Content-Type: application/json" \
-d "$urls" |
jq -r '.results[]
| select(.result != null)
| .result as $r
| select([$r.technologies[].name] | index("Google Hosted Libraries"))
| [$r.domain, ($r.meta.tech_count | tostring)]
| @csv' >> ghl_leads.csv
done
wc -l ghl_leads.csvA 1,000-domain list becomes 100 batch calls. The index("Google Hosted Libraries") guard keeps a domain whenever the technology appears in its list, and select(.result != null) skips domains that failed to resolve (those come back with an error field instead of a result). For a deeper treatment of batch throughput, retries, and a production Python scanner, see how to batch scan 1,000 websites.
If you want to segment by the library being delivered rather than just the delivery method, widen the filter to capture the co-detected technologies—the same technologies array already carries jQuery and whatever else the page pulls in, with versions parsed from the URL. Our guide on detecting jQuery on a website covers that fingerprint in detail, and it pairs especially well here since jQuery is the single most common library served over Google Hosted Libraries.
Use Cases: Sales, Competitive Intelligence, and Security
A Google Hosted Libraries-confirmed list is rarely the end goal on its own—it is the entry point to a more specific segment:
- Sales and prospecting. Pair the delivery flag with the library and version it loads. A list of sites still pulling an older jQuery from Google's CDN is a precise audience if you sell modernization, front-end tooling, or a migration service. The delivery method narrows the list; the delivered version qualifies it.
- Competitive intelligence. Scanning a market segment for public-CDN usage tells you how teams in that space build. A cohort that leans on Google Hosted Libraries and the jQuery era is shipping differently than one that bundles a modern framework—useful context when you are studying how an entire market makes front-end decisions.
- Security and supply-chain mapping. Every live third-party script is part of a site's dependency surface, and the exact version is right there in the URL. Security teams use technographic scans to inventory which external CDNs a domain pulls executable code from and at which version, which feeds subresource-integrity audits and third-party-risk reviews.
Two practical enrichment moves once the list is built: cross-reference the infrastructure CDN to separate “loads libraries from Google” from “proxied through Cloudflare”—they are independent signals and a site commonly has both—and score by meta.tech_count, a rough proxy for how built-out a company's front end is. Feeding those signals into a scoring model is covered in our lead enrichment pipeline guide.
Conclusion and Next Steps
Finding companies using Google Hosted Libraries comes down to reading one thing well: an ajax.googleapis.com/ajax/libs/ reference in the page HTML. Because it is a library-delivery CDN rather than an infrastructure one, it is detected from the body, not from DNS or headers—and the structured URL path hands you the delivered library and its exact version for free. A single /analyze call answers the one-domain question; /analyze/batch turns a raw domain list into a confirmed lead list; and meta.scan_depth tells you which negatives are real and which are unknowns worth a retry. Swap the jq filter and the same pipeline segments by infrastructure CDN, front-end library, or backend runtime instead.
The free tier includes 100 requests per month with no credit card—enough to validate the pipeline on a sample of your prospect list before scaling up:
- Get a key at rapidapi.com/mlugoapx/api/detectzestack.
- Spot-check a domain you know:
curl -s "https://detectzestack.com/demo?url=yourdomain.com" | jq '.technologies[].name' - Run the batch script above against your first 100 domains.
Related Reading
- Find Companies Using jsDelivr — The same batch workflow for another library-delivery CDN, detected from the page HTML
- How to Detect cdnjs on Any Website — The Cloudflare-hosted library-delivery CDN (cdnjs.cloudflare.com), with the delivered library and version encoded in the URL path
- How to Detect jQuery on a Website — The library most often served over Google Hosted Libraries, and its own fingerprints
- How to Detect the CDN and Hosting Provider of Any Website — The infrastructure-CDN layer that sits in front of a site, detected via DNS, headers, and TLS
- How to Batch Scan 1,000 Websites for Tech Stack Data — Deep dive on /analyze/batch throughput, retries, and a Python scanner
- Lead Enrichment Pipeline with Tech Detection — Turning raw detections into scored, routable leads
Try DetectZeStack Free
100 requests per month, no credit card required. Header, DNS, and TLS detection included on every plan.
Get Your Free API Key