React
React is a leading JavaScript UI library used to build single-page and server-rendered front ends. ScanMalware detects it from its runtime globals, hydration markers in the DOM, and its bundled asset signatures.
Because React apps render much of their content with JavaScript, a real headless-browser scan — rather than a plain HTML fetch — is needed to see what the page actually does. That matters for catching client-side redirects and dynamically injected malicious code.
Commonly deployed alongside React
Of the 5,424 public scans where React was detected, these are the technologies most often present on the same site. The share is the percentage of React sites that also ran each one.
| Technology | Category | Share of React sites |
|---|---|---|
| HSTS | wappalyzer | 63.84% |
| HTTP/3 | wappalyzer | 52.41% |
| MetaGenerator | miscellaneous | 45.74% |
| Open-Graph-Protocol | miscellaneous | 33.07% |
| Google Cloud | wappalyzer | 32.22% |
| Google Cloud CDN | wappalyzer | 32% |
| Wix | cms | 29.38% |
| Google Tag Manager | wappalyzer | 23.08% |
| X-UA-Compatible | miscellaneous | 22.7% |
| Google Analytics | wappalyzer | 18% |
| Cloudflare | wappalyzer | 14.31% |
| Cloudflare Bot Management | wappalyzer | 13.43% |
| Script | miscellaneous | 12.69% |
| PoweredBy | miscellaneous | 11.66% |
How ScanMalware detects React
React is detected by analysing the response headers, HTML markup, JavaScript runtime and asset URLs captured when ScanMalware loads the site in a real headless browser.
From any scan you can pivot into related signals — JARM TLS fingerprints, ASN ownership and BGP routing, certificate history, JavaScript analysis and the overall security verdict — to understand not just that React is present, but how it is being used. Open the full search interface for React →
Recent public scans featuring React
A rolling sample of recent public scans where React was detected. Listing a site here is not a safety judgement — open a scan to see its full verdict.
| Site | Scanned |
|---|---|
| Startsidan | Kronofogden https://www.kronofogden.se | 2026-06-16 |
| Homepage - Comune della Spezia https://www.comune.sp.it | 2026-06-16 |
| My Framer Site https://simple-brand-124884.framer.app/ | 2026-06-16 |
| Getting™ Started | Ledger.com/start® https://startapps-ledgr.wixstudio.com/en-us | 2026-06-16 |
| Home Page - Comune di Mordano https://www.comune.mordano.bo.it | 2026-06-16 |
| HOME | Ilmiosito https://www.casaripososangiuseppe.it | 2026-06-16 |
| Ordine TSRM PSTRP Abruzzo https://www.tsrmabruzzo.it/ | 2026-06-16 |
| Gävleborg | Länsstyrelsen Gävleborg https://www.lansstyrelsen.se/gavleborg | 2026-06-16 |
Frequently asked questions about React
- Does using React mean a website is unsafe?
- No. React is a stack component, not a verdict. ScanMalware scores the whole page — its scripts, redirects, certificates, threat-intelligence matches and behaviour — so a site using React can be perfectly safe or actively malicious.
- How many sites using React has ScanMalware scanned?
- React has been detected in 5,424 public scans on ScanMalware.com. Each scan is a real headless-browser visit, and the figure updates as new URLs are submitted.
- What technologies are commonly used with React?
- Across scanned sites, React is most often seen alongside HSTS, HTTP/3 and MetaGenerator. The full co-occurrence breakdown is listed on this page.
Browse all profiled technologies on the technology index, or scan a URL to see its full stack.