Find out if Firefox add-ons are manipulating websites you visit

Martin Brinkmann
Jul 5, 2013
Updated • Jul 5, 2013

Add-ons are one of Firefox's strongest features. I'd say that the browser is offering the best platform for add-on developers right now, and users of the browser can select from thousands of extensions for the browser in the official store.

I uncovered some shady business practices in the past which did not really cause the echo that I had hoped for, which came as a surprise considering that hundreds of thousands of Firefox users are affected by that.

Some business buy established add-ons from their authors and add forms of monetization like ad injections, replacing of advertisements on web pages, cookie dropping or tools to spy on users, to the extensions.

Neither the change in ownership nor the code modifications are reported transparently to users so that many may end up with add-ons that they would have probably installed otherwise if they knew about the monetization features.

I'd like to provide you with two methods to find out if extensions or scripts manipulate web pages in a way that they have not been designed for initially.

1. NoScript

The NoScript extension blocks all scripts that run on a site by default. This includes first party scripts, that is scripts that run from the domain you are connected to, but also third party scripts which get loaded from other domains or servers.

Manipulations are often loaded from third party web servers or domains which NoScript blocks from happening initially.

But you are also informed about that connection by the extension, so that you know that some extension or plugin that you have installed in the browser is making that connection.

It may sometimes be difficult to find out if an add-on is indeed responsible for that, or if the website makes the request instead. The easiest way to find out is to run Firefox without extensions (but NoScript) and connect to the website again. If you find that connections are no longer listed here, enable your add-ons one by one to find out which is responsible for that.

2. Web Console

If you do not like to run NoScript because you believe that it is to complicated or reduces your browsing experience too much.

The web console displays all connections that the browser makes. It may take you a while to browse through them all, and a suggestion that I have in this regard is to enter http into the filter form to only display connection attempts.

firefox connections

To open the Web Console do the following:

  1. Press Alt on the keyboard. This opens the old menu bar of the browser.
  2. Select Tools > Web Developer > Web Console from the menu.
  3. You can alternatively open it with the keyboard shortcut Ctrl-Shift-K.

The console opens up in a new window that is independent from the Firefox browser window. You can however attach it to the web browser if you prefer to work this way.

Note that a connection is not a surefire way of determining if an add-on injects ads or adds other contents such as cookies to the browser. It can also happen that these scripts only run on select sites, for instance Amazon or eBay so that you may not notice it during other connections that you make.


You can obviously also use network monitors to find out which connections are made by your browser. Wireshark is a popular tool for example that you can use for that purpose. You may need to spend some time getting used to the program however.

If you just want to check up on the add-ons and scripts installed in Firefox, then you can use the two methods mentioned above for that purpose. Especially NoScript is worth mentioning here as it not only detects connection attempts but also blocks them by default.

Closing Words

You can get a good fix on many extensions offered for Firefox by simply reading through the most recent comments posted by users of the browser.  While that may not stop new code from trying to inject ads or other things into websites, it at the very least takes care of several popular add-ons that use this monetization method.


Tutorials & Tips

Previous Post: «
Next Post: «


  1. Steven Foxley said on July 6, 2013 at 8:47 am

    I guess with so many extensions added on a daily basis to the repository Mozilla can’t guarantee some have ulterior motives. But the team usually picks up on the defaulters luckily.
    As you wrote Martin,NoScript really helps control this sort of thing.
    It would be nice if Mozilla proposed NoScript as an essential etension to all Firefox installations.
    I’m glad that NoScript stays totally independant though.

    1. Ken Saunders said on July 7, 2013 at 2:15 am

      NoScript is currently a featured add-on. Featured add-ons get more exposure than others and are usually more easily discoverable.

  2. Transcontinental said on July 6, 2013 at 4:27 am

    There is also the use of a Firefox add-on, even though the feature is not its primary aim :

    SixOrNot Firefox add-on ( )

    “[…] A panel can be opened to provide more detailed information about the remote site’s IP addresses, including information about all the domains contacted in order to load the page.

    Works fine.

  3. Zinc said on July 5, 2013 at 6:40 pm

    Is the console different between the nightly builds and the regular builds?
    I don’t have a “network” tab as shown in the screenshot above.

    Also…the console will also open by right-clicking and choosing “Inspect Element” on mine.

    1. Martin Brinkmann said on July 5, 2013 at 6:42 pm

      The network monitor is available in Firefox 23 and newer (currently beta)

  4. SuilAmhain said on July 5, 2013 at 4:01 pm

    Cheers. I did not know the console did that now. I had been using NoScript and httpfox myself.

  5. Boris said on July 5, 2013 at 2:29 pm

    Fiddler is a tool for me if I feel that something is fishy with Firefox.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.