Google-Tag-Manager
Google Tag Manager is a container that lets site operators deploy analytics and marketing tags without editing page code. It is detected from the gtm.js loader and the dataLayer object.
Because GTM can inject arbitrary scripts after page load, it materially expands what a page can do — a key reason to scan with a real browser rather than a static HTML fetch.
Commonly deployed alongside Google-Tag-Manager
Of the 5,048 public scans where Google-Tag-Manager was detected, these are the technologies most often present on the same site. The share is the percentage of Google-Tag-Manager sites that also ran each one.
| Technology | Category | Share of Google-Tag-Manager sites |
|---|---|---|
| Google-Analytics | miscellaneous | 100% |
| Google Analytics | wappalyzer | 67.8% |
| Open-Graph-Protocol | miscellaneous | 54.6% |
| JQuery | miscellaneous | 51.97% |
| jQuery | wappalyzer | 50.37% |
| X-UA-Compatible | miscellaneous | 41.16% |
| MetaGenerator | miscellaneous | 38.06% |
| PHP | wappalyzer | 36.04% |
| WordPress | cms | 34.63% |
| Cloudflare | wappalyzer | 29.09% |
| MySQL | wappalyzer | 29.03% |
| HSTS | wappalyzer | 28.3% |
| HTTP/3 | wappalyzer | 23.55% |
| Cloudflare Bot Management | wappalyzer | 22.18% |
How ScanMalware detects Google-Tag-Manager
Google-Tag-Manager is detected by analysing the response headers, HTML markup, JavaScript runtime and asset URLs captured when ScanMalware loads the site in a real headless browser.
From any scan you can pivot into related signals — JARM TLS fingerprints, ASN ownership and BGP routing, certificate history, JavaScript analysis and the overall security verdict — to understand not just that Google-Tag-Manager is present, but how it is being used. Open the full search interface for Google-Tag-Manager →
Recent public scans featuring Google-Tag-Manager
A rolling sample of recent public scans where Google-Tag-Manager was detected. Listing a site here is not a safety judgement — open a scan to see its full verdict.
| Site | Scanned |
|---|---|
| 502 Bad Gateway http://www.walsallhealthcare.nhs.uk/ | 2026-06-16 |
| CGU — Controladoria-Geral da União https://www.cgu.gov.br | 2026-06-16 |
| En gave de aldri glemmer 🎁 https://mailchi.mp/b7a01ed095c9/en-gave-de-aldri-glemmer?e=e061ddc635 | 2026-06-16 |
| ShorelineHp.com is for sale | HugeDomains http://www.shorelinehp.com | 2026-06-16 |
| Littlehampton Town Council http://www.littlehampton-tc.gov.uk | 2026-06-16 |
| getAddress() - Simple APIs for UK Addresses https://getaddress.io | 2026-06-16 |
| ZetTrans | Shetland's Transport Partnership http://www.zettrans.org.uk | 2026-06-15 |
| UFSM – Universidade Federal de Santa Maria https://www.ufsm.br/ | 2026-06-15 |
Frequently asked questions about Google-Tag-Manager
- Does using Google-Tag-Manager mean a website is unsafe?
- No. Google-Tag-Manager is a stack component, not a verdict. ScanMalware scores the whole page — its scripts, redirects, certificates, threat-intelligence matches and behaviour — so a site using Google-Tag-Manager can be perfectly safe or actively malicious.
- How many sites using Google-Tag-Manager has ScanMalware scanned?
- Google-Tag-Manager has been detected in 5,048 public scans on ScanMalware.com. Each scan is a real headless-browser visit, and the figure updates as new URLs are submitted.
- What technologies are commonly used with Google-Tag-Manager?
- Across scanned sites, Google-Tag-Manager is most often seen alongside Google-Analytics, Google Analytics and Open-Graph-Protocol. The full co-occurrence breakdown is listed on this page.
Browse all profiled technologies on the technology index, or scan a URL to see its full stack.