[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Blocksi Enterprise Edition

Version 4.5.0 View in Chrome Web Store

Last scanned: 11 days ago | force re-scan

Extension Details

Developer: blocksi.net

Rating: 1.2 ★ (1.2K ratings)

Context-Aware Verdict

CRITICAL

Overall Risk

Trust Factors:

The extension has extremely poor user trust indicators with a 1.2/5 rating from 1,200+ reviews, suggesting widespread user dissatisfaction. While it's branded as an "Enterprise Edition" from blocksi.net (likely a legitimate web filtering company), the overwhelmingly negative reviews raise serious concerns about implementation quality or user experience.

Concerns:

This extension exhibits characteristics of comprehensive monitoring software with excessive permissions for typical enterprise filtering. The combination of webRequest blocking, browsing history access, identity permissions, and broad host permissions creates a powerful surveillance toolkit. The ability to manage other extensions, access geolocation, and inject content scripts across all websites goes far beyond standard web filtering needs. The enterprise.deviceAttributes permission suggests deep system integration. Most concerning is the dangerous permission combination allowing real-time web traffic interception and modification across all websites.

Recommendations:

Given the critical risk level and poor user ratings, avoid installing this extension unless mandated by your organization's IT policy. If required for work, ensure it's only used in a dedicated work Chrome profile completely separate from personal browsing. Verify with your IT department that this is the legitimate version they've approved. Consider using a separate device for personal browsing entirely. The extensive permissions suggest this is designed for comprehensive employee monitoring rather than simple web filtering.

Findings

HIGH

Broad Content Script Injection

This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

HIGH

Dangerous Permission Combination: webRequest + webRequestBlocking

This extension can intercept, modify, and block web requests in real-time. This combination could be used to modify sensitive web traffic or steal data.

HIGH

High-Risk Permission: bookmarks

This extension has the bookmarks permission. Can access and modify bookmarks. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: history

This extension has the history permission. Can access your browsing history. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: identity

This extension has the identity permission. Can access your identity information. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: management

This extension has the management permission. Can manage other extensions. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: tabs

This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webNavigation

This extension has the webNavigation permission. Can track your web navigation. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webRequest

This extension has the webRequest permission. Can intercept and modify web requests. This could potentially be used maliciously to compromise security or privacy.

HIGH

High-Risk Permission: webRequestBlocking

This extension has the webRequestBlocking permission. Can block and modify web requests in real-time. This could potentially be used maliciously to compromise security or privacy.

MEDIUM

Medium-Risk Permission: activeTab

This extension has the activeTab permission. Can access the active tab when clicking the extension icon.

MEDIUM

Medium-Risk Permission: geolocation

This extension has the geolocation permission. Can access your location.

MEDIUM

Medium-Risk Permission: notifications

This extension has the notifications permission. Can show notifications.

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

Security Analysis Details

Required Permissions:

tabs
activeTab
storage
webRequest
identity
identity.email
alarms
nativeMessaging
webNavigation
management
geolocation
history
offscreen
webRequestBlocking
idle
notifications
enterprise.deviceAttributes
bookmarks
tabGroups
scripting

Host Permissions:

<all_urls>

Embedded URLs (63 total):

https://vuejs.org/error-reference/#runtime-	https://docs.datadoghq.com
https://www.datadoghq-browser-agent.com	https://www.datad0g-browser-agent.com
https://d3uc069fcn7uxw.cloudfront.net	https://d20xtzwzcl0ceb.cloudfront.net
https://aomediacodec.github.io/av1-rtp-spec/#dependency-descriptor-rtp-header-extension	https://feross.org
https://mths.be/utf8js	https://feross.org/opensource
http://www.w3.org/2000/svg	http://www.w3.org/1998/Math/MathML
http://www.w3.org/1999/xlink	https://github.com/infinitered/nsfwjs?tab=readme-ov-file#browserify
https://github.com/infinitered/nsfwjs?tab=readme-ov-file#host-your-own-model	https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API
https://github.com/tensorflow/tfjs/issues	https://github.com/tensorflow/tfjs-node
https://www.shadertoy.com/view/4djSRW	https://github.com/tensorflow/tfjs/issues/1735
https://github.com/tensorflow/tfjs/issues/5447	https://arxiv.org/abs/1706.02515
http://www.apache.org/licenses/LICENSE-2.0	https://opensource.org/licenses/MIT.
https://www.apache.org/licenses/LICENSE-2.0	https://fonts.googleapis.com/css?family=Open+Sans
https://service.blocksi.net/config	https://service1.blocksi.net
https://api.blocksi.net/api/2.0	https://api2.blocksi.net/my-ip
https://api.ipify.org	http://ip-api.com/json/?fields=query
https://log.blocksi.net/v1/screenshotUploadUrl	https://log.blocksi.net/v1/metrics
https://log.blocksi.net/v1/sendLog	https://api.blocksi.net/log-forwarder/log/v1/ext-console
https://log.blocksi.net/v1/hallpass	https://service.blocksi.net/time
https://service.blocksi.net/location	http://127.0.0.1:9432
http://127.0.0.1:37163/save_log	http://usajobs.gov/webfilter
https://capportal.blocksi.net	https://api.blocksi.net/v2/url-classifier-llm
https://www.youtube.com/watch?v=K1bqOLECS98	https://www.youtube.com/watch?v=UxHtzcD5w4M
https://www.youtube.com/watch?v=91kMzHkPr38	https://www.youtube.com/shorts/Jk0DlpytLi0
https://www.youtube.com/	https://m.youtube.com/
https://youtubei.googleapis.com/	https://youtube.googleapis.com/
https://www.youtube-nocookie.com/	https://gmail.com
http://www.block.si/block.php	https://www.youtube.com/watch?v=
https://fonts.googleapis.com/css?family=Poppins:400	https://www.blocksi.net/
https://storage.googleapis.com/custom_extension_pages_files/	https://fonts.googleapis.com/css?family=Roboto:400
https://storage.googleapis.com/blocksi_files/gamingdisabled.png	https://fonts.googleapis.com/css?family=Poppins
https://clients2.google.com/service/update2/crx

Raw Manifest

{
  "name": "Blocksi Enterprise Edition",
  "icons": {
    "16": "images/logos/16x16.png",
    "48": "images/logos/48x48.png",
    "128": "images/logos/128x128.png"
  },
  "action": {},
  "version": "4.5.0",
  "background": {
    "service_worker": "background.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "Blocksi Extension",
  "permissions": [
    "tabs",
    "activeTab",
    "storage",
    "webRequest",
    "identity",
    "identity.email",
    "alarms",
    "nativeMessaging",
    "webNavigation",
    "management",
    "geolocation",
    "history",
    "offscreen",
    "webRequestBlocking",
    "idle",
    "notifications",
    "enterprise.deviceAttributes",
    "bookmarks",
    "tabGroups",
    "scripting"
  ],
  "options_page": "blockPage.html",
  "content_scripts": [
    {
      "js": [
        "contentScript.js"
      ],
      "run_at": "document_start",
      "matches": [
        "<all_urls>"
      ],
      "exclude_matches": [
        "*://*.sharepoint.com/*",
        "*://*.office.com/*",
        "*://*.officeapps.live.com/*",
        "*://*.office365.com/*",
        "*://hubblecontent.osi.office.net/*",
        "*://cdn.hubblecontent.osi.office.net/*",
        "*://docs.google.com/*"
      ]
    },
    {
      "js": [
        "iframeObserver_contentScript.js"
      ],
      "run_at": "document_start",
      "matches": [
        "<all_urls>"
      ],
      "all_frames": true
    },
    {
      "js": [
        "contentScript.js"
      ],
      "run_at": "document_start",
      "matches": [
        "*://*.sharepoint.com/*",
        "*://*.office.com/*",
        "*://*.officeapps.live.com/*",
        "*://*.office365.com/*",
        "*://hubblecontent.osi.office.net/*",
        "*://cdn.hubblecontent.osi.office.net/*",
        "*://docs.google.com/*"
      ],
      "all_frames": true
    }
  ],
  "host_permissions": [
    "<all_urls>"
  ],
  "manifest_version": 3,
  "web_accessible_resources": [
    {
      "matches": [
        "<all_urls>"
      ],
      "resources": [
        "images/icons/raise-hand.svg",
        "images/icons/chatBubble.svg",
        "images/icons/hallPass/hallPass-default.svg",
        "images/icons/hallPass/hallPass-history.svg",
        "images/icons/hallPass/bathroom.svg",
        "images/icons/hallPass/water.svg",
        "images/icons/hallPass/office.svg",
        "images/icons/hallPass/nurse.svg",
        "images/icons/hallPass/counselor.svg",
        "images/icons/hallPass/library.svg",
        "images/icons/hallPass/pending.svg",
        "images/icons/hallPass/rejected.svg",
        "images/icons/hallPass/Status=Error.svg",
        "images/icons/hallPass/Status=Success.svg",
        "images/icons/hallPass/Status=Warning.svg",
        "images/icons/location.svg",
        "images/icons/hallPass/location.svg",
        "images/icons/hallPass/timer.svg",
        "images/icons/hallPass/msg.svg",
        "images/icons/hallPass/student.svg",
        "images/icons/hallPass/lockdown.svg",
        "images/icons/yt-denied.png",
        "images/icons/yt-start.png",
        "images/icons/yt-sidebar.png",
        "images/icons/yt-results.png",
        "images/icons/hallPass/reason.svg",
        "images/icons/hallPass/request-location.svg",
        "images/icons/hallPass/request-timer.svg",
        "blockPage.html",
        "images/icons/blocked_content/youtube-denied.png",
        "images/icons/blocked_content/iframe-denied.png"
      ]
    }
  ]
}

by ✦ Astarte

Blocksi Enterprise Edition

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Host Permissions:

Embedded URLs (63 total):

Raw Manifest

Detections

Manifest Findings