A study of third-party resources loading on web

Muhammad Ikram, Rahat Masood, Gareth Tyson, Mohamed Ali Kaafar, Roya Ensafi

Research output: Contribution to conferencePaperpeer-review


This paper performs a large-scale study of dependency chains in the web, to find that around 50% of first-party websites render content that they did not directly load. Although the majority (84.91%) of websites have short dependency chains (below 3 levels), we find websites with dependency chains exceeding 30. Using VirusTotal, we show that 1.2% of these third-parties are classified as suspicious — although seemingly small, this limited set of suspicious third-parties have remarkable reach into the wider ecosystem. We find that 73% of websites under-study load resources from suspicious third-parties, and 24.8% of first-party webpages contain at least three third-parties classified as suspicious in their dependency chain. By running sandboxed experiments, we observe a range of
activities with the majority of suspicious JavaScript codes downloading malware.
Original languageEnglish
Publication statusSubmitted - 7 Mar 2022
EventCyber Defence Next Generation Technology and Science Conference - Brisbane, Australia
Duration: 21 Feb 202223 Feb 2022
Conference number: 4


ConferenceCyber Defence Next Generation Technology and Science Conference
Abbreviated titleCDNG
Internet address


Dive into the research topics of 'A study of third-party resources loading on web'. Together they form a unique fingerprint.

Cite this