Is "Spendwise" on Chrome Web Store Safe to Install?
Spendwise — Your All-in-One Expense Tracker for Online Platforms Tired of losing track of how much you spend on food delivery and online shopping? Spendwise automatically tracks your orders and spending across multiple platforms — all without ever sending your data anywhere. CURRENTLY SUPPORTED PLATFORMS: • Zomato — Food delivery orders • Swiggy — Food delivery orders • Blinkit — Grocery orders • Zepto — Grocery orders COMING SOON: • Amazon, Flipkart, Myntra — Online shopping • Uber, Ola — Ride expenses • BigBasket, JioMart — Grocery platforms • And more based on your feedback! KEY FEATURES: • Beautiful interactive dashboard with charts & analytics • Monthly budget tracking with progress indicators • Smart spending insights (month-over-month trends, busiest days, top restaurants) • Filter by date range, platform, or restaurant • Export your data as CSV or JSON • Dark & light theme support • Backup & restore your data anytime 100% PRIVATE & SECURE: • All data stored locally on YOUR device — nothing is sent to any server • No analytics, no tracking, no ads • No account or sign-up required • Open and transparent — your data belongs to you HOW IT WORKS: 1. Add Spendwise to your Chrome browser 2. Visit any supported platform (Zomato, Swiggy, etc.) 3. Click "Sync" — your orders are automatically imported 4. Open the dashboard to see your complete spending breakdown Built for the Indian online shopper who wants to understand and control their spending habits. More platforms coming soon — suggest yours! Feedback & suggestions: [email protected]
Risk Assessment
Analyzed374 security findings detected across all analyzers
Chrome extension requesting 7 permissions
Severity Breakdown
Finding Categories
YARA Rules Matched
9 rules(65 hits)Requested Permissions
7 permissionsAbout This Extension
Detailed Findings
78 totalYARA Rule Matches
9 rulesIndicators of Compromise
Network indicators, suspicious strings, and potential IoCs extracted during analysis
All Indicators · 289
detected Domain: i.data XIOC detected Domain: i.data
extracted_from_files
detected Domain: list.map XIOC detected Domain: list.map
extracted_from_files
detected Domain: apiorders.map XIOC detected Domain: apiorders.map
extracted_from_files
detected Domain: item.total XIOC detected Domain: item.total
extracted_from_files
detected Domain: item.final XIOC detected Domain: item.final
extracted_from_files
detected Domain: item.name XIOC detected Domain: item.name
extracted_from_files
detected Domain: orderitems.map XIOC detected Domain: orderitems.map
extracted_from_files
detected Domain: order.discount XIOC detected Domain: order.discount
extracted_from_files
detected Domain: order.tax XIOC detected Domain: order.tax
extracted_from_files
detected Domain: parsedorder.total XIOC detected Domain: parsedorder.total
extracted_from_files
detected Domain: order.date XIOC detected Domain: order.date
extracted_from_files
detected Domain: ids.map XIOC detected Domain: ids.map
extracted_from_files
detected Domain: www.zomato.com XIOC detected Domain: www.zomato.com
extracted_from_files
detected Domain: order.id XIOC detected Domain: order.id
extracted_from_files
detected Domain: bff-gateway.zepto.com XIOC detected Domain: bff-gateway.zepto.com
extracted_from_files
detected Domain: btn.click XIOC detected Domain: btn.click
extracted_from_files
detected Domain: reactjs.org XIOC detected Domain: reactjs.org
extracted_from_files
detected Domain: parsedorder.date XIOC detected Domain: parsedorder.date
extracted_from_files
detected Domain: parsedorder.restaurant XIOC detected Domain: parsedorder.restaurant
extracted_from_files
detected Domain: product.name XIOC detected Domain: product.name
extracted_from_files
detected Domain: xmlhttprequest.prototype.open XIOC detected Domain: xmlhttprequest.prototype.open
extracted_from_files
detected Domain: loadmorebutton.click XIOC detected Domain: loadmorebutton.click
extracted_from_files
detected Domain: api.zepto.com XIOC detected Domain: api.zepto.com
extracted_from_files
detected Domain: t.call XIOC detected Domain: t.call
extracted_from_files
detected Domain: e.next XIOC detected Domain: e.next
extracted_from_files
detected Domain: u.call XIOC detected Domain: u.call
extracted_from_files
detected Domain: fw.call XIOC detected Domain: fw.call
extracted_from_files
detected Domain: object.prototype.hasownproperty.call XIOC detected Domain: object.prototype.hasownproperty.call
extracted_from_files
detected Domain: redux-toolkit.js.org XIOC detected Domain: redux-toolkit.js.org
extracted_from_files
detected Domain: redux.js.org XIOC detected Domain: redux.js.org
extracted_from_files
detected Domain: e.call XIOC detected Domain: e.call
extracted_from_files
detected Domain: ud.call XIOC detected Domain: ud.call
extracted_from_files
detected Domain: o.now XIOC detected Domain: o.now
extracted_from_files
detected Domain: a.now XIOC detected Domain: a.now
extracted_from_files
detected Domain: performance.now XIOC detected Domain: performance.now
extracted_from_files
detected Domain: t.id-l.id XIOC detected Domain: t.id-l.id
extracted_from_files
detected Domain: ij.call XIOC detected Domain: ij.call
extracted_from_files
detected Domain: t.is XIOC detected Domain: t.is
extracted_from_files
detected Domain: t.style XIOC detected Domain: t.style
extracted_from_files
detected Domain: e.style XIOC detected Domain: e.style
extracted_from_files
detected Domain: a.call XIOC detected Domain: a.call
extracted_from_files
detected Domain: i.call XIOC detected Domain: i.call
extracted_from_files
detected Domain: t.name XIOC detected Domain: t.name
extracted_from_files
detected Domain: e.name XIOC detected Domain: e.name
extracted_from_files
detected Domain: e.top XIOC detected Domain: e.top
extracted_from_files
detected Domain: object.is XIOC detected Domain: object.is
extracted_from_files
detected Domain: t.data XIOC detected Domain: t.data
extracted_from_files
detected Domain: e.data XIOC detected Domain: e.data
extracted_from_files
detected Domain: this.target XIOC detected Domain: this.target
extracted_from_files
detected Domain: array.prototype.slice.call XIOC detected Domain: array.prototype.slice.call
extracted_from_files
detected Domain: e.target XIOC detected Domain: e.target
extracted_from_files
detected Domain: p.call XIOC detected Domain: p.call
extracted_from_files
detected Domain: object.prototype.tostring.call XIOC detected Domain: object.prototype.tostring.call
extracted_from_files
detected Domain: www.swiggy.com XIOC detected Domain: www.swiggy.com
extracted_from_files
detected Domain: data.data XIOC detected Domain: data.data
extracted_from_files
detected Domain: order.net XIOC detected Domain: order.net
extracted_from_files
detected Domain: d.target XIOC detected Domain: d.target
extracted_from_files
detected Domain: t.target XIOC detected Domain: t.target
extracted_from_files
detected Domain: u.next XIOC detected Domain: u.next
extracted_from_files
detected Domain: a.next XIOC detected Domain: a.next
extracted_from_files
detected Domain: t.next XIOC detected Domain: t.next
extracted_from_files
detected Domain: i.next XIOC detected Domain: i.next
extracted_from_files
detected Domain: r.next XIOC detected Domain: r.next
extracted_from_files
detected Domain: ri.next XIOC detected Domain: ri.next
extracted_from_files
detected Domain: b.next XIOC detected Domain: b.next
extracted_from_files
detected Domain: re.next XIOC detected Domain: re.next
extracted_from_files
detected Domain: r.data XIOC detected Domain: r.data
extracted_from_files
detected Domain: d.next XIOC detected Domain: d.next
extracted_from_files
detected Domain: m.call XIOC detected Domain: m.call
extracted_from_files
detected Domain: c.next XIOC detected Domain: c.next
extracted_from_files
detected Domain: l.next XIOC detected Domain: l.next
extracted_from_files
detected Domain: o.next XIOC detected Domain: o.next
extracted_from_files
detected Domain: a.name XIOC detected Domain: a.name
extracted_from_files
detected Domain: n.next XIOC detected Domain: n.next
extracted_from_files
detected Domain: n.is XIOC detected Domain: n.is
extracted_from_files
detected Domain: e.id XIOC detected Domain: e.id
extracted_from_files
detected Domain: r.compare XIOC detected Domain: r.compare
extracted_from_files
detected Domain: s.next XIOC detected Domain: s.next
extracted_from_files
detected Domain: qe.next XIOC detected Domain: qe.next
extracted_from_files
detected Domain: e.map XIOC detected Domain: e.map
extracted_from_files
detected Domain: chrome.runtime.id XIOC detected Domain: chrome.runtime.id
extracted_from_files
detected Domain: indexeddb.open XIOC detected Domain: indexeddb.open
extracted_from_files
detected Domain: r.name XIOC detected Domain: r.name
extracted_from_files
detected Domain: l.call XIOC detected Domain: l.call
extracted_from_files
detected Domain: f.memoizedprops.style XIOC detected Domain: f.memoizedprops.style
extracted_from_files
detected Domain: i.style XIOC detected Domain: i.style
extracted_from_files
detected Domain: n.discount XIOC detected Domain: n.discount
extracted_from_files
detected Domain: n.tax XIOC detected Domain: n.tax
extracted_from_files
detected Domain: n.total XIOC detected Domain: n.total
extracted_from_files
detected Domain: n.restaurant XIOC detected Domain: n.restaurant
extracted_from_files
detected Domain: t.total XIOC detected Domain: t.total
extracted_from_files
detected Domain: t.restaurant XIOC detected Domain: t.restaurant
extracted_from_files
detected Domain: t.date XIOC detected Domain: t.date
extracted_from_files
detected Domain: g.date XIOC detected Domain: g.date
extracted_from_files
detected Domain: g.restaurant XIOC detected Domain: g.restaurant
extracted_from_files
detected Domain: b.total XIOC detected Domain: b.total
extracted_from_files
detected Domain: o.map XIOC detected Domain: o.map
extracted_from_files
detected Domain: a.click XIOC detected Domain: a.click
extracted_from_files
detected Domain: a.download XIOC detected Domain: a.download
extracted_from_files
detected Domain: n.date XIOC detected Domain: n.date
extracted_from_files
detected Domain: i.map XIOC detected Domain: i.map
extracted_from_files
detected Domain: r.map XIOC detected Domain: r.map
extracted_from_files
detected Domain: n.call XIOC detected Domain: n.call
extracted_from_files
detected Domain: yu.prototype.point.call XIOC detected Domain: yu.prototype.point.call
extracted_from_files
detected Domain: propertyisenumerable.call XIOC detected Domain: propertyisenumerable.call
extracted_from_files
detected Domain: hasownproperty.call XIOC detected Domain: hasownproperty.call
extracted_from_files
detected Domain: f.map XIOC detected Domain: f.map
extracted_from_files
detected Domain: n.int XIOC detected Domain: n.int
extracted_from_files
detected Domain: y.name XIOC detected Domain: y.name
extracted_from_files
detected Domain: c.name XIOC detected Domain: c.name
extracted_from_files
detected Domain: e.int XIOC detected Domain: e.int
extracted_from_files
detected Domain: object.prototype.propertyisenumerable.call XIOC detected Domain: object.prototype.propertyisenumerable.call
extracted_from_files
detected Domain: e.property XIOC detected Domain: e.property
extracted_from_files
detected Domain: r.call XIOC detected Domain: r.call
extracted_from_files
detected Domain: o.top-t.top XIOC detected Domain: o.top-t.top
extracted_from_files
detected Domain: a.top XIOC detected Domain: a.top
extracted_from_files
detected Domain: a.map XIOC detected Domain: a.map
extracted_from_files
detected Domain: l.map XIOC detected Domain: l.map
extracted_from_files
detected Domain: f.call XIOC detected Domain: f.call
extracted_from_files
detected Domain: n.name XIOC detected Domain: n.name
extracted_from_files
detected Domain: r.property XIOC detected Domain: r.property
extracted_from_files
detected Domain: co.set.call XIOC detected Domain: co.set.call
extracted_from_files
detected Domain: n.set.call XIOC detected Domain: n.set.call
extracted_from_files
detected Domain: slice.call XIOC detected Domain: slice.call
extracted_from_files
detected Domain: function.tostring.call XIOC detected Domain: function.tostring.call
extracted_from_files
detected Domain: ft.hasownproperty.call XIOC detected Domain: ft.hasownproperty.call
extracted_from_files
detected Domain: t.top XIOC detected Domain: t.top
extracted_from_files
detected Domain: o.top XIOC detected Domain: o.top
extracted_from_files
detected Domain: b.call XIOC detected Domain: b.call
extracted_from_files
detected Domain: r.top XIOC detected Domain: r.top
extracted_from_files
detected Domain: s.map XIOC detected Domain: s.map
extracted_from_files
detected Domain: t.payload.top XIOC detected Domain: t.payload.top
extracted_from_files
detected Domain: e.margin.top XIOC detected Domain: e.margin.top
extracted_from_files
detected Domain: p.id XIOC detected Domain: p.id
extracted_from_files
detected Domain: pv.set.call XIOC detected Domain: pv.set.call
extracted_from_files
detected Domain: d.date XIOC detected Domain: d.date
extracted_from_files
detected Domain: n.map XIOC detected Domain: n.map
extracted_from_files
detected Domain: av.set.call XIOC detected Domain: av.set.call
extracted_from_files
detected Domain: to.set.call XIOC detected Domain: to.set.call
extracted_from_files
detected Domain: object.hasownproperty.call XIOC detected Domain: object.hasownproperty.call
extracted_from_files
detected Domain: i.top XIOC detected Domain: i.top
extracted_from_files
detected Domain: z.gt XIOC detected Domain: z.gt
extracted_from_files
detected Domain: e.date XIOC detected Domain: e.date
extracted_from_files
detected Domain: f.zero XIOC detected Domain: f.zero
extracted_from_files
detected Domain: k0.call XIOC detected Domain: k0.call
extracted_from_files
detected Domain: array.prototype.map XIOC detected Domain: array.prototype.map
extracted_from_files
detected Domain: e.zero XIOC detected Domain: e.zero
extracted_from_files
detected Domain: this.zero XIOC detected Domain: this.zero
extracted_from_files
detected Domain: l.plus XIOC detected Domain: l.plus
extracted_from_files
detected Domain: p.name XIOC detected Domain: p.name
extracted_from_files
detected Domain: e.ln10.sd XIOC detected Domain: e.ln10.sd
extracted_from_files
detected Domain: a.plus XIOC detected Domain: a.plus
extracted_from_files
detected Domain: z.sd XIOC detected Domain: z.sd
extracted_from_files
detected Domain: z.plus XIOC detected Domain: z.plus
extracted_from_files
detected Domain: z.lt XIOC detected Domain: z.lt
extracted_from_files
detected Domain: n.id XIOC detected Domain: n.id
extracted_from_files
detected Domain: e.ticks.map XIOC detected Domain: e.ticks.map
extracted_from_files
detected Domain: l.data XIOC detected Domain: l.data
extracted_from_files
detected Domain: c.map XIOC detected Domain: c.map
extracted_from_files
detected Domain: n.lt XIOC detected Domain: n.lt
extracted_from_files
detected Domain: t.map XIOC detected Domain: t.map
extracted_from_files
detected Domain: t.search XIOC detected Domain: t.search
extracted_from_files
detected Domain: k.name XIOC detected Domain: k.name
extracted_from_files
detected Domain: e.iteminteraction.click XIOC detected Domain: e.iteminteraction.click
extracted_from_files
detected Domain: e.axisinteraction.click XIOC detected Domain: e.axisinteraction.click
extracted_from_files
detected Domain: x.map XIOC detected Domain: x.map
extracted_from_files
detected Domain: l.id XIOC detected Domain: l.id
extracted_from_files
detected Domain: t.id XIOC detected Domain: t.id
extracted_from_files
detected Domain: u.id XIOC detected Domain: u.id
extracted_from_files
detected Domain: r.style XIOC detected Domain: r.style
extracted_from_files
detected Domain: bo.off XIOC detected Domain: bo.off
extracted_from_files
detected Domain: l.prototype.off XIOC detected Domain: l.prototype.off
extracted_from_files
detected Domain: fn.call XIOC detected Domain: fn.call
extracted_from_files
detected Domain: y.fn.call XIOC detected Domain: y.fn.call
extracted_from_files
detected Domain: n.cy XIOC detected Domain: n.cy
extracted_from_files
detected Domain: n.cx XIOC detected Domain: n.cx
extracted_from_files
detected Domain: e.cy XIOC detected Domain: e.cy
extracted_from_files
detected Domain: type.name XIOC detected Domain: type.name
extracted_from_files
detected Domain: r.id XIOC detected Domain: r.id
extracted_from_files
detected Domain: t.payload.id XIOC detected Domain: t.payload.id
extracted_from_files
detected Domain: e.cx XIOC detected Domain: e.cx
extracted_from_files
detected Domain: d.map XIOC detected Domain: d.map
extracted_from_files
detected Domain: f.style XIOC detected Domain: f.style
extracted_from_files
detected Domain: n.data XIOC detected Domain: n.data
extracted_from_files
detected Domain: a.cy XIOC detected Domain: a.cy
extracted_from_files
detected Domain: a.cx XIOC detected Domain: a.cx
extracted_from_files
detected Domain: c.cy XIOC detected Domain: c.cy
extracted_from_files
detected Domain: c.cx XIOC detected Domain: c.cx
extracted_from_files
detected Domain: d.cy XIOC detected Domain: d.cy
extracted_from_files
detected Domain: d.cx XIOC detected Domain: d.cx
extracted_from_files
detected Domain: g.map XIOC detected Domain: g.map
extracted_from_files
detected Domain: w.map XIOC detected Domain: w.map
extracted_from_files
detected Domain: k.map XIOC detected Domain: k.map
extracted_from_files
detected Domain: u.map XIOC detected Domain: u.map
extracted_from_files
detected Domain: d.top XIOC detected Domain: d.top
extracted_from_files
detected Domain: de.bar XIOC detected Domain: de.bar
extracted_from_files
detected Domain: i.prev.next XIOC detected Domain: i.prev.next
extracted_from_files
detected Domain: o.date XIOC detected Domain: o.date
extracted_from_files
detected Domain: s.date XIOC detected Domain: s.date
extracted_from_files
detected Domain: i.cy XIOC detected Domain: i.cy
extracted_from_files
detected Domain: i.cx XIOC detected Domain: i.cx
extracted_from_files
detected Domain: i.id XIOC detected Domain: i.id
extracted_from_files
detected Domain: s.id XIOC detected Domain: s.id
extracted_from_files
detected Domain: e.clienty-t.top XIOC detected Domain: e.clienty-t.top
extracted_from_files
detected Domain: s.name XIOC detected Domain: s.name
extracted_from_files
detected Domain: u.total XIOC detected Domain: u.total
extracted_from_files
detected Domain: i.name XIOC detected Domain: i.name
extracted_from_files
detected Domain: a.total XIOC detected Domain: a.total
extracted_from_files
detected Domain: a.restaurant XIOC detected Domain: a.restaurant
extracted_from_files
detected Domain: l.total XIOC detected Domain: l.total
extracted_from_files
detected Domain: l.date XIOC detected Domain: l.date
extracted_from_files
detected Domain: xu.map XIOC detected Domain: xu.map
extracted_from_files
detected Domain: www.zepto.com XIOC detected Domain: www.zepto.com
extracted_from_files
detected Domain: f.total XIOC detected Domain: f.total
extracted_from_files
detected Domain: order.restaurant XIOC detected Domain: order.restaurant
extracted_from_files
detected Domain: n.top XIOC detected Domain: n.top
extracted_from_files
detected Domain: a.to XIOC detected Domain: a.to
extracted_from_files
detected Domain: l.name XIOC detected Domain: l.name
extracted_from_files
detected Domain: y.date XIOC detected Domain: y.date
extracted_from_files
detected Domain: g.total XIOC detected Domain: g.total
extracted_from_files
detected Domain: chrome.storage XIOC detected Domain: chrome.storage
extracted_from_files
detected Domain: v.map XIOC detected Domain: v.map
extracted_from_files
detected Domain: p.map XIOC detected Domain: p.map
extracted_from_files
detected Domain: b.restaurant XIOC detected Domain: b.restaurant
extracted_from_files
detected Domain: b.date XIOC detected Domain: b.date
extracted_from_files
detected Domain: e.page XIOC detected Domain: e.page
extracted_from_files
detected Domain: eu.map XIOC detected Domain: eu.map
extracted_from_files
detected Domain: i.links.map XIOC detected Domain: i.links.map
extracted_from_files
detected Domain: r.info XIOC detected Domain: r.info
extracted_from_files
detected Domain: y.restaurant XIOC detected Domain: y.restaurant
extracted_from_files
detected Domain: y.total XIOC detected Domain: y.total
extracted_from_files
detected Domain: v.total XIOC detected Domain: v.total
extracted_from_files
detected URL: https://blinkit.com/v1/layout/order_history'; XIOC detected URL: https://blinkit.com/v1/layout/order_history';
extracted_from_files
detected URL: https://blinkit.com XIOC detected URL: https://blinkit.com
extracted_from_files
detected Domain: platforms.map XIOC detected Domain: platforms.map
extracted_from_files
detected Domain: status-message.info XIOC detected Domain: status-message.info
extracted_from_files
detected Domain: cursor.value.total XIOC detected Domain: cursor.value.total
extracted_from_files
detected Domain: request.error.name XIOC detected Domain: request.error.name
extracted_from_files
detected Domain: items.map XIOC detected Domain: items.map
extracted_from_files
detected URL: https://prod-api.swiggy.com/api/v4/order/all?order_id=$ XIOC detected URL: https://prod-api.swiggy.com/api/v4/order/all?order_id=$
extracted_from_files
detected URL: https://blinkit.com/account/orders XIOC detected URL: https://blinkit.com/account/orders
extracted_from_files
detected URL: https://blinkit.com/v1/layout/order_history?$ XIOC detected URL: https://blinkit.com/v1/layout/order_history?$
extracted_from_files
detected URL: https://blinkit.com/account/orders', XIOC detected URL: https://blinkit.com/account/orders',
extracted_from_files
detected URL: https://blinkit.com', XIOC detected URL: https://blinkit.com',
extracted_from_files
detected URL: https://prod-api.swiggy.com/api/v4/order/all', XIOC detected URL: https://prod-api.swiggy.com/api/v4/order/all',
extracted_from_files
detected URL: https://blinkit.com/account/orders' XIOC detected URL: https://blinkit.com/account/orders'
extracted_from_files
detected URL: https://www.zomato.com/webroutes/user/orders?page=$ XIOC detected URL: https://www.zomato.com/webroutes/user/orders?page=$
extracted_from_files
detected URL: https://bff-gateway.zepto.com/api/v2/order/?page_number=$ XIOC detected URL: https://bff-gateway.zepto.com/api/v2/order/?page_number=$
extracted_from_files
detected URL: https://www.swiggy.com/dapi/order/all XIOC detected URL: https://www.swiggy.com/dapi/order/all
extracted_from_files
detected URL: https://www.swiggy.com/dapi/order/all?order_id=$ XIOC detected URL: https://www.swiggy.com/dapi/order/all?order_id=$
extracted_from_files
detected URL: https://prod-api.swiggy.com/api/v4/order/all XIOC detected URL: https://prod-api.swiggy.com/api/v4/order/all
extracted_from_files
detected URL: https://www.zomato.com$ XIOC detected URL: https://www.zomato.com$
extracted_from_files
detected URL: https://bff-gateway.zepto.com/api/v2/order/'; XIOC detected URL: https://bff-gateway.zepto.com/api/v2/order/';
extracted_from_files
detected URL: https://www.swiggy.com/dapi/order/all' XIOC detected URL: https://www.swiggy.com/dapi/order/all'
extracted_from_files
detected URL: https://clients2.google.com/service/update2/crx XIOC detected URL: https://clients2.google.com/service/update2/crx
extracted_from_files
detected URL: https://www.zomato.com/order/history XIOC detected URL: https://www.zomato.com/order/history
extracted_from_files
detected URL: https://redux-toolkit.js.org/Errors?code=$ XIOC detected URL: https://redux-toolkit.js.org/Errors?code=$
extracted_from_files
detected URL: https://bit.ly/3cXEKWf XIOC detected URL: https://bit.ly/3cXEKWf
extracted_from_files
detected URL: https://redux.js.org/Errors?code=$ XIOC detected URL: https://redux.js.org/Errors?code=$
extracted_from_files
detected URL: https://reactjs.org/docs/error-decoder.html?invariant= XIOC detected URL: https://reactjs.org/docs/error-decoder.html?invariant=
extracted_from_files
detected SHA256 Hash: c761ec3633c22afad934fb17a66385c1c06c5472b4898b866b7306186d0bb477 XIOC detected SHA256 Hash: c761ec3633c22afad934fb17a66385c1c06c5472b4898b866b7306186d0bb477
extracted_from_files
detected IP: ::bac XIOC detected IP: ::bac
extracted_from_files
detected Domain: order.delivery XIOC detected Domain: order.delivery
extracted_from_files
detected Domain: container.data XIOC detected Domain: container.data
extracted_from_files
detected Domain: headerwidget.data XIOC detected Domain: headerwidget.data
extracted_from_files
detected Domain: order.total XIOC detected Domain: order.total
extracted_from_files
detected Domain: itemswidget.data XIOC detected Domain: itemswidget.data
extracted_from_files
detected Domain: item.data XIOC detected Domain: item.data
extracted_from_files
detected Domain: max.total XIOC detected Domain: max.total
extracted_from_files
detected Domain: min.total XIOC detected Domain: min.total
extracted_from_files
detected Domain: o.total XIOC detected Domain: o.total
extracted_from_files
detected Domain: cookies.gr XIOC detected Domain: cookies.gr
extracted_from_files
detected Domain: data.is XIOC detected Domain: data.is
extracted_from_files
detected Domain: s.data XIOC detected Domain: s.data
extracted_from_files
detected Domain: pageorders.map XIOC detected Domain: pageorders.map
extracted_from_files
detected Domain: loadmoresnippet.data XIOC detected Domain: loadmoresnippet.data
extracted_from_files
detected Domain: lastorder.data XIOC detected Domain: lastorder.data
extracted_from_files
detected IP: ea:: XIOC detected IP: ea::
extracted_from_files
detected IP: 500:: XIOC detected IP: 500::
extracted_from_files
detected IP: 3.5.7.7 XIOC detected IP: 3.5.7.7
extracted_from_files
detected Domain: payload.map XIOC detected Domain: payload.map
extracted_from_files
detected Domain: date.now XIOC detected Domain: date.now
extracted_from_files
detected Domain: tab.id XIOC detected Domain: tab.id
extracted_from_files
detected Domain: x.target XIOC detected Domain: x.target
extracted_from_files
detected Domain: c.data XIOC detected Domain: c.data
extracted_from_files
detected Domain: f.restaurant XIOC detected Domain: f.restaurant
extracted_from_files
detected Domain: f.date XIOC detected Domain: f.date
extracted_from_files
detected Domain: prod-api.swiggy.com XIOC detected Domain: prod-api.swiggy.com
extracted_from_files
detected Domain: p.plus XIOC detected Domain: p.plus
extracted_from_files
AI Security Report
AI Security Review
Risky Plugins reviewed this extension with an AI-assisted security workflow on 2026-04-22. The review verdict is needs follow up with 50% confidence.
Recommended action: reanalyze.
Risk context: CRITICAL risk, score 88/100.
Evidence context: threat category none; evidence quality weak.
Security Analysis: Spendwise (v3.2)
Overview
The Spendwise extension (UUID: 04368d11-599b-599d-a6cf-ecca85994c54) presents an unusual security profile. The extension claims to track expenses across food delivery platforms (Zomato, Swiggy, Blinkit, Zepto) with a description stating "Fully local, all data stays on your device."
Critical Data Gap
The most significant issue is the complete absence of security findings. The findings_by_category field is empty ({}), meaning the CVEQ scanner detected zero IoCs, zero code-smell patterns, zero malware signatures, and zero obfuscation indicators. For an expense-tracking extension that would need to interact with multiple websites and manage data, this complete absence of findings is anomalous.
Developer Attribution
The developer is listed as [email protected] - a personal Gmail address rather than a verified organization or company domain. This anonymous attribution pattern is common among both legitimate indie developers and malicious actors seeking to avoid accountability.
User Adoption
The extension shows 0 users in the Chrome Web Store. This indicates either a brand-new publication or extremely low adoption. Without community vetting through user reviews and reported issues, there is no social proof of the extension's legitimacy.
Assessment
With zero findings to analyze, I cannot identify specific malicious behavior. However, the combination of anonymous development, zero users, and zero findings creates genuine ambiguity. The findings could be absent because:
- The extension is genuinely minimal and clean
- The analysis failed to scan the files properly
- The extension uses techniques that bypass the scanner
Counterargument
A skeptic might argue that zero findings should be interpreted as "clean" - if there were malware, the scanner would have found it. However, this ignores the possibility of analysis failure. A legitimate expense tracker interacting with multiple e-commerce sites would typically generate at least some code-smell findings (even benign code triggers patterns like postinstall_* or credential_* rules) and some IoC findings (even if just localhost or common CDNs). The complete absence of ANY findings is itself a data quality concern.
Recommendation
This extension requires reanalysis to verify the scanner completed properly. Until findings data is populated, no confident security assessment is possible.
Key Reasons
- Zero security findings detected - anomalous for an expense tracking extension
- Anonymous developer attribution (Gmail address)
- Zero user count - no community vetting
- Cannot distinguish between genuinely clean code and analysis failure
Source Code Not Available
Source code is not available for this version of the extension.
Frequently Asked Questions
Similar Extensions
Related extensions from the same publisher or marketplace
Ship Xanh copy sản phẩm, nhân bản shop, hiển thị % phí sàn, lượt bán tháng
[email protected]
SVG to AVIF Converter [ShiftShift]
[email protected]
ChromeCompare
[email protected]
CAI Tools
[email protected]
Auto Gmail - ChatGPT AI for email inbox
[email protected]
EC Seller Tools
[email protected]