Tech Stack Guides

How to Tell If a Website Uses Sentry

Sentry is the leading error- and performance-monitoring platform for web apps. Detect it via the @sentry/browser SDK, the window.Sentry object, the DSN in Sentry.init() and ingest.sentry.io envelope requests.

StackOptic Research Team27 May 20268 min read
Detecting Sentry error monitoring via its browser SDK and ingest endpoint

Sentry is the most widely deployed error- and performance-monitoring platform for web and mobile applications, used by engineering teams to catch exceptions, trace slow transactions and diagnose problems in production. Unlike a marketing tag, it is developer infrastructure — so detecting it tells you something quite specific about the team behind a site. The fastest way to confirm Sentry is to open the Network tab and look for a request to a *.ingest.sentry.io endpoint, or to type Sentry into the browser console. This guide walks through every reliable signal, the SDK mechanics that produce them, the false positives to avoid, and what a Sentry install reveals about the organisation.

What is Sentry?

Sentry is an application-monitoring platform that began as an open-source error tracker and has grown into a broad observability product spanning error monitoring, performance tracing, session replay and profiling. When an unhandled exception occurs in the browser — a JavaScript error, a failed promise, a broken network call — Sentry's SDK captures the error along with a stack trace, the browser environment, breadcrumbs of what the user did beforehand, and the application's release version, then sends it to Sentry for the engineering team to triage. The same SDK can measure performance, recording how long page loads and key transactions take in the field.

Crucially, Sentry is developer infrastructure rather than marketing technology. Nobody installs Sentry to grow traffic or run campaigns; it exists to keep an application healthy. That makes its presence a high-quality signal: a site running Sentry is almost certainly a genuine application maintained by a real engineering team, not a brochure site assembled from a template. Sentry is also frequently self-hosted, because it is open source, which is itself a marker of a technically capable organisation. It is used across the spectrum, from solo developers on the generous free tier to large engineering organisations paying for high event volumes, which is part of what makes it so broadly worth recognising.

How Sentry loads and sends data

A Sentry browser install initialises the SDK — historically @sentry/browser, now often the unified @sentry/react, @sentry/vue, @sentry/nextjs and similar framework packages — by calling Sentry.init({ dsn: '...' }) early in the application's lifecycle. The SDK may be bundled directly into the application's JavaScript (so you will not always see a separate script file) or loaded from Sentry's CDN at browser.sentry-cdn.com. Once initialised, it installs global error and unhandled-rejection handlers and exposes the window.Sentry object for manual capture via Sentry.captureException() and Sentry.captureMessage().

When an event is captured, the SDK sends it to Sentry's ingestion API as an envelope request. The URL takes the form https://o<org-id>.ingest.sentry.io/api/<project-id>/envelope/ (older SDKs used a /store/ path), and the DSN configured in init() determines that destination. Because the DSN embeds both the organisation and project IDs, capturing it tells you not just that Sentry is present but which project is receiving the data. Self-hosted deployments simply replace the ingest.sentry.io host with a first-party domain, keeping the same API path structure. Understanding this flow — SDK init, global handlers, envelope to an ingest endpoint — makes every detection signal below fall into place.

How to tell if a website uses Sentry

Confirm at least two of the following signals.

1. View the page source and bundles. Search the HTML and JavaScript for sentry, @sentry, Sentry.init or a dsn string. Even when the SDK is bundled, the DSN and the string sentry usually survive minification somewhere in the application code.

2. Check the Network tab. This is the most reliable method. Reload the page, interact with it (or deliberately trigger an error), and filter requests for sentry or ingest. The envelope request to *.ingest.sentry.io/api/<project>/envelope/ is the definitive recording call. On a healthy app you may need to cause an error to see it, but performance transactions are often sent on load.

3. Use the console. Type Sentry and press Enter. A Sentry-enabled page returns the global object exposing captureException, captureMessage, init and getCurrentScope. You can frequently read the configured DSN and release version from the active client, which is conclusive.

4. Read the DSN. Wherever you find Sentry.init({ dsn: 'https://[email protected]/456' }), the DSN identifies the organisation and project. A DSN is unambiguous proof of Sentry.

5. Look for framework integrations. Packages like @sentry/nextjs, @sentry/react or @sentry/vue in the bundle tell you both that Sentry is present and which framework the application uses — a useful two-for-one detection.

What the Sentry signals look like

Sentry.init({ dsn: "https://[email protected]/4509876", release: "[email protected]" });
window.Sentry = { captureException: ƒ, captureMessage: ƒ, init: ƒ, getCurrentScope: ƒ, ... }
POST https://o987654.ingest.sentry.io/api/4509876/envelope/   (captured event or transaction)

The combination of the window.Sentry global, a DSN pointing at an ingest.sentry.io org subdomain, and an envelope request to that host is conclusive. No other tool produces that exact trio, so seeing any two of them settles the question immediately.

Sentry versus similar tools — avoiding false positives

Sentry sits in the observability category alongside error and monitoring tools like Bugsnag, Rollbar, Datadog, New Relic, LogRocket and Honeybadger, so match the exact fingerprint rather than assuming "an error tracker" means Sentry. Sentry uses the window.Sentry global, the @sentry/* SDK packages and ingest.sentry.io envelope endpoints; Bugsnag uses window.Bugsnag and notify.bugsnag.com; Rollbar uses window.Rollbar and api.rollbar.com; Datadog uses window.DD_RUM and browser-intake-datadoghq.com; New Relic uses the NREUM global and bam.nr-data.net. They overlap in purpose but never in fingerprint. The main subtlety with Sentry is that errors may not fire on a clean page load, so you sometimes need to trigger an interaction to see the envelope request — and self-hosting moves the host to a first-party domain, so lean on the window.Sentry object and the DSN structure when the host is unfamiliar.

How reliable is each Sentry signal?

The DSN and the ingest.sentry.io envelope request are definitive, because the DSN structure and the ingest host are unique to Sentry and embed the project. The window.Sentry global is equally strong, and being able to read the client's DSN or release from it removes all doubt. The @sentry/* package strings in the bundle are reliable confirmation. The weakest standalone signal is a bare mention of "sentry" somewhere in minified code, which could be a comment or a transitive dependency that is not actually initialised — so prefer the live envelope request, the window.Sentry object, or a concrete DSN before you commit. Because Sentry only reports when it has something to report, treat the absence of an envelope on a clean load as inconclusive rather than as proof of absence.

What a Sentry install reveals about a company

Finding Sentry is one of the cleanest ways to confirm you are looking at a real software product maintained by a genuine engineering team. It is not something marketers or template sites install; it requires a developer to wire it into the application's build and to care about production reliability. The release version often visible in the configuration tells you the team practises versioned deploys, and framework integrations like @sentry/nextjs reveal the underlying stack at the same time. If you sell developer tools, observability or monitoring products, CI/CD or testing services, or engineering staffing, a Sentry install marks a technically mature account that already believes in production monitoring — a buyer you do not have to educate about why reliability matters. A self-hosted Sentry deployment raises that signal further, indicating a team capable of and willing to operate its own infrastructure, often for data-control or compliance reasons.

Sentry in a modern engineering stack

Sentry rarely stands alone; it tends to sit within a coherent engineering toolchain that you can partly infer from its presence. Teams that run Sentry usually also run a modern JavaScript framework (React, Vue, Angular or a meta-framework like Next.js or Nuxt), a CI/CD pipeline, and often a broader observability layer — application performance monitoring, logging and uptime checks — from the same or complementary vendors. Larger organisations may pair Sentry's front-end error tracking with a full APM platform such as Datadog or New Relic for back-end and infrastructure visibility, so finding Sentry should prompt you to look for those too. For an auditor, the things worth recording are the DSN and project, the SDK framework package (which reveals the front-end stack), the release version (which shows deploy discipline), and whether the install is hosted or self-hosted; together these sketch not just a tool choice but the maturity and shape of the engineering organisation behind the site.

A quick Sentry confirmation walkthrough

Open the site in a fresh tab with developer tools on the Console panel and type Sentry — a returned object with captureException and init confirms the SDK regardless of where it is hosted. Switch to the Network tab, filter for ingest or sentry, and interact with the page; if you can, trigger a deliberate error to force an envelope request, which will reveal the org and project IDs in the URL. In the Sources or Network panel, search the bundles for Sentry.init to read the DSN and release version. The window.Sentry global alone is usually enough to confirm presence, with the envelope request providing the project-level detail that makes the finding genuinely useful.

A quick Sentry detection checklist

  • Filter the Network tab for ingest/sentry; an *.ingest.sentry.io/api/<project>/envelope/ request is conclusive.
  • Type Sentry in the console and read the client's DSN and release if available.
  • Search the bundles for Sentry.init and a dsn string.
  • Note any @sentry/<framework> package to identify the front-end stack.
  • For self-hosted installs, look for the envelope/store API path on a first-party domain.
  • Treat the absence of an error event on a clean load as inconclusive, not as proof of absence.

Detecting Sentry at scale

Checking one page is a quick console call, but auditing many domains for observability tooling — for example, to build a list of genuine software products with real engineering teams — calls for automation. StackOptic detects Sentry, including self-hosted deployments, alongside thousands of other technologies from a real browser, so you can identify engineering-led companies across an entire list in one pass. Tracking results over time also reveals when a company adopts or drops error monitoring, which can be a useful signal of changing engineering maturity. For related reading, see our guide to checking what JavaScript libraries a website uses and the full Sentry technology profile.

Frequently asked questions

What is the fastest way to detect Sentry?

Open the browser's Network tab, reload the page, trigger an interaction, and filter for 'sentry' or 'ingest'. Sentry sends captured events to a URL like https://o123456.ingest.sentry.io/api/4509.../envelope/. That envelope (or store) request to an ingest.sentry.io host is the definitive proof that Sentry is actively reporting from the page.

What is window.Sentry?

window.Sentry is the global object created by Sentry's browser SDK. It exposes methods such as Sentry.captureException, Sentry.captureMessage, Sentry.init and Sentry.getCurrentScope. Typing Sentry in the console and getting this object back confirms the SDK is loaded; you can often read the configured DSN and release from the current client too.

What is a Sentry DSN?

A DSN (Data Source Name) is the connection string passed to Sentry.init(). It looks like https://<publicKey>@o<org-id>.ingest.sentry.io/<project-id> and embeds the organisation and project identifiers. Finding the DSN in the page source or the SDK configuration is a definitive Sentry signal and even tells you which project is receiving events.

How do I detect a self-hosted Sentry install?

Sentry is open source and can be self-hosted, in which case the ingest endpoint lives on the company's own domain (for example sentry.example.com/api/1/envelope/) rather than ingest.sentry.io. Look for the same envelope or store API path on a first-party host, plus the window.Sentry global and the @sentry/browser SDK, to confirm a self-hosted deployment.

What does using Sentry say about a company?

Sentry is developer infrastructure for catching and diagnosing errors and performance issues in production. Its presence reliably indicates a genuine engineering team running a real application that they monitor and maintain, which is valuable qualifying information if you sell developer tools, observability products or engineering services.

Analyse any website with StackOptic

Get the full technology stack, performance, security and SEO report in seconds — free.

Analyse a website

Related articles