9

Hello I have a react project which is working full and functional but when I look into network form console I find an unexpected script called

chrome-extension://gppongmhjkpfnbhagpmjfkannfbllamg/js/inject.js

which is not associated with my project. Is that a virus or an extension ??

In my

chrome://extensions/

there is nothing called inject. Can anyone tell me what is this? This script loading for all site in my browser. Is my browser compromised?? I am walking totally in dark.

ANIK ISLAM SHOJIB
  • 3,002
  • 1
  • 27
  • 36

3 Answers3

12

The string gppongmhjkpfnbhagpmjfkannfbllamg is the Chrome extension ID. You can search this ID in the Chrome Web Store to find that it is Wappalyzer.

The inject.js file is not inherently malicious because of its name. To look at the javascript yourself, you can look at the contents of js/inject.js by finding the
gppongmhjkpfnbhagpmjfkannfbllamg folder in your Chrome Extension directory.

Ross Jacobs
  • 2,962
  • 1
  • 17
  • 27
1

The extention id gppongmhjkpfnbhagpmjfkannfbllamg Is Wappalyzer - Technology profiler

It uses the inject.js to discover what technologies the page has and send it back to the extension

Inglan
  • 51
  • 5
0

gppongmhjkpfnbhagpmjfkannfbllamg is the ID of the Wappalyzer - Technology profiler extension. Remove it if you want the call to go away