Extension Details
Context-Aware Verdict
The extension has a solid user base of 300,000 users and maintains a good rating of 4.4/5 from 196 reviews. Ayima UK Ltd appears to be a legitimate company in the digital marketing/SEO space, which aligns with the extension's purpose of tracking redirects and analyzing website paths. The name "Redirect Path" clearly indicates its functionality.
The extension's permission set is extremely broad for its stated purpose. The webRequest and webNavigation permissions allow complete monitoring of all web traffic, while clipboardWrite enables modification of clipboard content without clear justification. The combination of broad host permissions across all HTTP/HTTPS sites with content script injection on all URLs creates a powerful surveillance capability. These permissions far exceed what would typically be necessary for simply tracking redirect paths, suggesting potential overreach in data collection capabilities.
Given the critical risk level, consider running this extension in a separate Chrome profile dedicated to SEO/marketing work to isolate it from personal browsing. Before installation, verify that Ayima UK Ltd is indeed the legitimate developer and check their privacy policy regarding data collection. Monitor the extension's behavior using Chrome's developer tools to ensure it's only accessing redirect-related data. Consider alternative redirect tracking tools with more limited permissions, or use browser developer tools' network tab for occasional redirect analysis instead of a persistent extension with such broad access.
Findings
Security Analysis Details
Required Permissions:
- webRequest
- webNavigation
- clipboardWrite
- storage
Host Permissions:
- https://*/*
- http://*/*
Embedded URLs (11 total):
| http://meyerweb.com/eric/tools/css/reset/ | https://fonts.googleapis.com/css?family=Lato:400 | |
| https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css | https://clients2.google.com/service/update2/crx | |
| http://ayi.ma/jiy4o | https://www.facebook.com/sharer/sharer.php?u=https://chrome.google.com/webstore/detail/redirect-path/aomidfkchockcldhbkggjokdkkebmdll?hl=en | |
| https://www.linkedin.com/shareArticle?mini=true&url=https://chrome.google.com/webstore/detail/redirect-path/aomidfkchockcldhbkggjokdkkebmdll?hl=en&title=Redirect%20Path&summary=Redirect%20Path%20-%20The%20HTTP%20Header%20%26%20Redirect%20Checker%20for%20SEO&source=https://www.ayima.com | https://twitter.com/intent/tweet?text=Redirect%20Path%20-%20The%20HTTP%20Header%20%26%20Redirect%20Checker%20for%20SEO&via=ayima&url=https://chrome.google.com/webstore/detail/redirect-path/aomidfkchockcldhbkggjokdkkebmdll?hl=en | |
| https://plus.google.com/share?url=https%3A//chrome.google.com/webstore/detail/redirect-path/aomidfkchockcldhbkggjokdkkebmdll?hl=en | http://ayi.ma/pageinsights | |
| https://code.google.com/p/chromium/issues/detail?id=428044 |
Raw Manifest
{ "name": "Redirect Path", "icons": { "16": "assets/images/rpath16.png", "48": "assets/images/rpath48.png", "128": "assets/images/rpath128.png" }, "action": { "default_icon": "assets/images/rpath19_off.png", "default_popup": "popup.html", "default_title": "Click here to see your Redirect Path." }, "version": "3.0", "background": { "service_worker": "background.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "The HTTP Header & Redirect Checker for SEO", "permissions": [ "webRequest", "webNavigation", "clipboardWrite", "storage" ], "version_name": "3", "content_scripts": [ { "js": [ "metaRefreshDetect.js" ], "run_at": "document_start", "matches": [ "<all_urls>" ] } ], "host_permissions": [ "https://*/*", "http://*/*" ], "manifest_version": 3, "minimum_chrome_version": "102" }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.