Websites often incorporate advertisements into the pages (or other data) that they serve to visitors. The advertisements are often served by a third party. For example, when a visitor accesses a website that serves news articles, the textual content of the website may be served by the news web site, while advertisements may be served by a third party. If the news website is compromised, visitors' client devices may be exposed to unauthorized (and frequently malicious) programs/modifications (hereinafter collectively “malware”). Unfortunately, even if the news website is itself secured, visitors may nonetheless be exposed to malware if the advertisements provided by the third party have been compromised. Performing scans, such as to determine whether a malicious advertisement is being served, can be a resource-intensive process. Therefore, improvements in scanning techniques are desirable.