The malicious code runs on the website visitor’s computer and directs their available computational resources to generate an abnormal number of requests to attack objects (URLs) defined in the code.