Detailed Seo Extension

Name: Security Analysis: Detailed Seo Extension
Item: Detailed Seo Extension
Rating: 5
Author: ChromeBoard

🔍 Security Report Available

👥 500K+ users

📦 v2.2.6

💾 234KiB

📅 2025-12-23

View on Chrome Web Store

Chrome will indicate if you already have this installed.

Blocks distracting ads and trackers, bringing you detailed SEO insights at the click of a button on any website you're currently on, built by full-time SEOs for daily analysis. Lets you quickly analyze website performance, identify areas for improvement, and optimize your browsing experience. Benefits most web users who want to stay informed about their online presence and make data-driven decisions.

Overview

Get SEO-related insights at the click of a button to any website you're currently on.

Pull back their title tag, meta description, meta robots tag and much more.

Save hours of time looking through the source code of this page with our SEO analysis extension.

Privacy Practices

✓ Not being sold to third parties, outside of the approved use cases

✓ Not being used or transferred for purposes that are unrelated to the item's core functionality

✓ Not being used or transferred to determine creditworthiness or for lending purposes

v2.2.6 Info Scanned Mar 7, 2026

Security Analysis — Detailed Seo Extension

Analyzed v2.2.6 · Mar 7, 2026 · 15 JS files · 562 KB scanned

Permissions

Code Patterns Detected

External Connections

www.w3.org www.facebook.com www.tickcounter.com orbitvu.co ahrefs.com audioboom.com instagram.com www.instagram.com tv.kakao.com livestream.com ogp.me backtracks.fm +8 more

Package Contents 32 files · 632KB

▾📁_locales

▾📁en

{}messages.json478B

▾📁_metadata5KB

{}verified_contents.json5KB

▾📁assets592KB

▾📁src303KB

▾📁entries303KB

▾📁background6KB

📜serviceWorker-Crr5S-23.js6KB

▾📁contentScript140KB

▾📁googleScript7KB

📜index-diz2VLDJ.js7KB

▾📁primary133KB

📜main--tqwI1bP.js133KBlarge

▾📁popup158KB

📜index-qEDbtoVU.js158KBlarge

📜_plugin-vue_export-helper-CqVgFUuP.js59KBlarge

🖼d-logo-BNFRiB2S.png6KB

📜index-B9ygI19o.js35KB

🎨index-BnYs5XWb.css24KB

🎨index-N4di-fhv.css31B

📜index-v_bkl-X2.js1KB

📜loader-D5ss3bz4.js2KB

🎨loader-D9MhtgJF.css490B

📜renderContent-bKHKZW-C.js10KB

📜url-CGx05A1H.js47KB

📜urlBuilder-CtDt2b5L.js104KBlarge

▾📁icons7KB

🖼128.png2KB

🖼16.png828B

🖼favicon.ico4KB

🖼favicon.png123B

▾📁logo17KB

🖼ahrefs-logo.svg2KB

🖼d-logo.png6KB

🖼detailed-logo.svg5KB

🖼logo.png4KB

▾📁src

▾📁entries

▾📁contentScript

▾📁googleScript

📜index.js118B

▾📁primary

📜main.js112B

▾📁popup

🌐index.html405B

🎨google.css7KB

📜main.js298B

{}manifest.json2KB

📜serviceWorker.js66B

What This Extension Does

The Detailed Seo Extension provides SEO insights at a click of a button to any website you're currently on. It's built for daily analysis by full-time SEOs, aiming to save hours of time looking through source code. With 500,000 users, it falls under the Productivity/developer category.

Permissions Explained

activeTabexpected: This permission allows the extension to access and read the current webpage's content.
Technical: The activeTab permission grants access to the currently active tab's URL, title, and other metadata. This can be used for legitimate purposes like SEO analysis but also exposes sensitive information if compromised.
contextMenusexpected: This permission enables the extension to add custom context menu items.
Technical: The contextMenus permission allows the extension to inject custom menu items into the browser's context menu. This can be used for legitimate purposes like providing SEO insights but also poses a risk if exploited.
storageexpected: This permission allows the extension to store data locally on your device.
Technical: The storage permission grants access to local storage, allowing the extension to save and retrieve data. This can be used for legitimate purposes like storing SEO insights but also exposes sensitive information if compromised.
scriptingexpected: This permission enables the extension to run scripts on web pages.
Technical: The scripting permission allows the extension to inject and execute JavaScript code on web pages. This can be used for legitimate purposes like SEO analysis but also poses a risk if exploited.
declarativeNetRequestWithHostAccessexpected: This permission allows the extension to block or modify network requests.
Technical: The declarativeNetRequestWithHostAccess permission grants access to blocking and modifying network requests. This can be used for legitimate purposes like SEO analysis but also poses a significant risk if exploited. ⚠ 1
tabsexpected: This permission enables the extension to interact with browser tabs.
Technical: The tabs permission allows the extension to access and manipulate tab metadata. This can be used for legitimate purposes like SEO analysis but also exposes sensitive information if compromised.

Your Data

The Detailed Seo Extension accesses data on your device, including the current webpage's content and metadata. It sends this data to various domains for analysis, including www.w3.org, www.facebook.com, and ahrefs.com.

Technical Details

The extension makes XHR requests to multiple domains, including www.w3.org, www.facebook.com, and ahrefs.com. It also uses the Fetch API and sets up event listeners. The content script injection is none.

Code Findings

Dynamic JS ImportMedium

The extension dynamically imports JavaScript files, which can be used for legitimate purposes like SEO analysis but also poses a risk if exploited.

Technical: The extension uses the import() function to load JavaScript files dynamically. This can be used to inject malicious code or exploit vulnerabilities in the browser.

💡 Legitimate extensions use dynamic imports to load scripts based on user preferences or page content.

innerHTML AssignmentMedium

The extension assigns innerHTML values, which can be used for legitimate purposes like SEO analysis but also poses a risk if exploited.

Technical: The extension uses the innerHTML property to assign values to HTML elements. This can be used to inject malicious code or exploit vulnerabilities in the browser.

💡 Legitimate extensions use innerHTML assignments to update page content based on user interactions.

String.fromCharCode ObfuscationMedium

The extension uses String.fromCharCode for obfuscation, which can be used for legitimate purposes like SEO analysis but also poses a risk if exploited.

Technical: The extension uses the String.fromCharCode function to encode strings. This can be used to hide malicious code or exploit vulnerabilities in the browser.

💡 Legitimate extensions use obfuscation techniques to protect intellectual property or prevent reverse engineering.

Makes XHR RequestsInfo

The extension makes XHR requests to multiple domains for analysis.

Technical: The extension uses the XMLHttpRequest object to make HTTP requests to various domains. This is a common practice for legitimate extensions that need to fetch data from external sources.

💡 Legitimate extensions use XHR requests to fetch data from external APIs or services.

Runs on ALL WebsitesHigh

The extension runs on all websites, which can pose a significant risk if exploited.

Technical: The extension uses the declarativeNetRequestWithHostAccess permission to run on all websites. This poses a significant risk if exploited, as it allows the extension to inject malicious code or exploit vulnerabilities in any website.

💡 Legitimate extensions use this permission to provide universal functionality across multiple websites.

Broad Host PermissionsHigh

The extension has broad host permissions, which can pose a significant risk if exploited.

Technical: The extension uses the declarativeNetRequestWithHostAccess permission to access multiple domains. This poses a significant risk if exploited, as it allows the extension to inject malicious code or exploit vulnerabilities in any website.

💡 Legitimate extensions use this permission to provide universal functionality across multiple websites.

Can Block/Modify Network RequestsHigh

The extension can block or modify network requests, which poses a significant risk if exploited.

Technical: The extension uses the declarativeNetRequestWithHostAccess permission to block or modify network requests. This poses a significant risk if exploited, as it allows the extension to inject malicious code or exploit vulnerabilities in any website.

💡 Legitimate extensions use this permission to provide universal functionality across multiple websites.

Uses postMessage for Cross-Origin CommsInfo

The extension uses the postMessage API for cross-origin communication, which is a common practice for legitimate extensions.

Technical: The extension uses the postMessage function to communicate with other scripts across different domains. This is a common practice for legitimate extensions that need to interact with external services or APIs.

💡 Legitimate extensions use this API to communicate with external services or APIs.

Sets up Event ListenersInfo

The extension sets up event listeners, which is a common practice for legitimate extensions.

Technical: The extension uses the addEventListener function to set up event listeners. This is a common practice for legitimate extensions that need to respond to user interactions or page events.

💡 Legitimate extensions use this API to respond to user interactions or page events.

Bottom Line

The Detailed Seo Extension has some concerning findings, including broad host permissions and the ability to block/modify network requests. While it provides legitimate functionality for SEO analysis, these risks should be carefully evaluated by users before installing or using the extension.