Extension Details
Context-Aware Verdict
The extension comes from Ayima UK Ltd, a legitimate SEO and digital marketing company, which adds credibility. With 300,000 users and a solid 4.4-star rating from 195 reviews, it appears to have genuine user adoption. The extension's purpose is to analyze redirect paths for SEO professionals, which explains some of the broad permissions needed for its functionality.
The combination of webRequest and webNavigation permissions with broad host access creates significant privacy risks, as the extension can monitor and potentially modify all web traffic. The clipboardWrite permission is particularly concerning as it could be exploited to inject malicious content. The ability to inject content scripts into all websites means sensitive data like passwords, personal information, or financial details could theoretically be accessed. While these permissions may be necessary for redirect analysis, they create a powerful surveillance capability.
Given the critical risk level, consider running this extension in a dedicated Chrome profile used only for SEO work, isolated from personal browsing. Only enable it when actively performing redirect analysis tasks. Regularly review what data the extension might be collecting and ensure you trust Ayima's data handling practices. Consider alternative tools with more limited permissions if this extension's full feature set isn't essential for your work. Monitor for any unusual network activity when the extension is active.
Findings
Security Analysis Details
Required Permissions:
- webRequest
- webNavigation
- clipboardWrite
- storage
Host Permissions:
- https://*/*
- http://*/*
Embedded URLs (11 total):
| http://meyerweb.com/eric/tools/css/reset/ | https://fonts.googleapis.com/css?family=Lato:400 | |
| https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css | https://clients2.google.com/service/update2/crx | |
| http://ayi.ma/jiy4o | https://www.facebook.com/sharer/sharer.php?u=https://chrome.google.com/webstore/detail/redirect-path/aomidfkchockcldhbkggjokdkkebmdll?hl=en | |
| https://www.linkedin.com/shareArticle?mini=true&url=https://chrome.google.com/webstore/detail/redirect-path/aomidfkchockcldhbkggjokdkkebmdll?hl=en&title=Redirect%20Path&summary=Redirect%20Path%20-%20The%20HTTP%20Header%20%26%20Redirect%20Checker%20for%20SEO&source=https://www.ayima.com | https://twitter.com/intent/tweet?text=Redirect%20Path%20-%20The%20HTTP%20Header%20%26%20Redirect%20Checker%20for%20SEO&via=ayima&url=https://chrome.google.com/webstore/detail/redirect-path/aomidfkchockcldhbkggjokdkkebmdll?hl=en | |
| https://plus.google.com/share?url=https%3A//chrome.google.com/webstore/detail/redirect-path/aomidfkchockcldhbkggjokdkkebmdll?hl=en | http://ayi.ma/pageinsights | |
| https://code.google.com/p/chromium/issues/detail?id=428044 |
Raw Manifest
{ "name": "Redirect Path", "icons": { "16": "assets/images/rpath16.png", "48": "assets/images/rpath48.png", "128": "assets/images/rpath128.png" }, "action": { "default_icon": "assets/images/rpath19_off.png", "default_popup": "popup.html", "default_title": "Click here to see your Redirect Path." }, "version": "3.0", "background": { "service_worker": "background.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "The HTTP Header & Redirect Checker for SEO", "permissions": [ "webRequest", "webNavigation", "clipboardWrite", "storage" ], "version_name": "3", "content_scripts": [ { "js": [ "metaRefreshDetect.js" ], "run_at": "document_start", "matches": [ "<all_urls>" ] } ], "host_permissions": [ "https://*/*", "http://*/*" ], "manifest_version": 3, "minimum_chrome_version": "102" }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.