360 Internet Protection

Name: Security Analysis: 360 Internet Protection
Item: 360 Internet Protection
Rating: 5
Author: ChromeBoard

🔍 Security Report Available

👥 17M+ users

📦 v2.1.60

💾 261KiB

📅 2025-12-12

View on Chrome Web Store

Chrome will indicate if you already have this installed.

Blocks web threats in real-time with cloud-based malicious URL detection, protecting you from phishing, malware, and online tracking. With 360 Internet Protection, individuals who frequently browse online can enjoy a safer browsing experience, shielding their personal data from targeted advertising and potential leaks. Note: Latest version of 360 Total Security must be installed for full functionality.

Overview

This extension is web threat protection of 360 Total Security for Chrome. It's based on the cloud malicious URL database of 360 cloud security center. It can identify malicious URL in real-time and protect you from web threats. The capabilities of anti-fraud, anti-phishing and anti-malicious URL will be enabled once installed. Integrated privacy anti-tracking, disguise your online information, away from the risk of targeted advertising and privacy leakage, so that you have a safe online environment.

Note:
1. You need to install latest 360 Total Security to have the above functions.
2. Support Windows Version of 360 Total Security only.

Official Website: http://www.360totalsecurity.com/

Privacy Practices

✓ Not being sold to third parties, outside of the approved use cases

✓ Not being used or transferred for purposes that are unrelated to the item's core functionality

✓ Not being used or transferred to determine creditworthiness or for lending purposes

v2.1.60 Info Scanned Mar 4, 2026

Security Analysis — 360 Internet Protection

Analyzed v2.1.60 · Mar 4, 2026 · 35 JS files · 187 KB scanned

Permissions

Code Patterns Detected

External Connections

www.360totalsecurity.com github.com info.url.cloud.360safe.com www.360.com addons.opera.com ssl.google-analytics.com addons.mozilla.org fuwu.360.cn www.360.cn wwww.facebook.com www.google.com www.google-analytics.com +1 more

Package Contents 117 files · 489KB

▾📁_locales96KB

▾📁ar5KB

{}messages.json5KB

▾📁de6KB

{}messages.json6KB

▾📁en6KB

{}messages.json6KB

▾📁es7KB

{}messages.json7KB

▾📁fr7KB

{}messages.json7KB

▾📁hi10KB

{}messages.json10KB

▾📁it6KB

{}messages.json6KB

▾📁ja7KB

{}messages.json7KB

▾📁pt_PT7KB

{}messages.json7KB

▾📁ru8KB

{}messages.json8KB

▾📁tr7KB

{}messages.json7KB

▾📁vi7KB

{}messages.json7KB

▾📁zh_CN6KB

{}messages.json6KB

▾📁zh_TW6KB

{}messages.json6KB

▾📁_metadata15KB

{}verified_contents.json15KB

▾📁antitrack15KB

📜antitrack.js3KB

📜headers.js2KB

📜inject-antitrack.js119B

📜randexp.min.js10KB

▾📁images157KB

🖼360safe.png11KB

🖼360ts.png7KB

🖼360ts_promo.png4KB

🖼antitrack_16.png280B

🖼antitrack_19.png312B

🖼antitrack_32.png427B

🖼antitrack_38.png466B

🖼antitrack_large.png2KB

🖼checking_icon_19.png330B

🖼checking_icon_38.png2KB

🖼checking_large.png5KB

🖼extension_icon.png2KB

🖼extension_logo.png4KB

🖼fb_link.png3KB

🖼ic_checkbox_checked.png1KB

🖼ic_checkbox_normal.png1KB

🖼icon_back.png1KB

🖼icon_checked.png2KB

🖼icon_risky.png2KB

🖼icon_status_disable_19.png2KB

🖼icon_status_disable_38.png2KB

🖼icon_status_disable_large.png8KB

🖼install_logo.png20KB

🖼pay_exit_icon_19.png1KB

🖼pay_exit_icon_38.png2KB

🖼pay_exit_large.png7KB

🖼pay_icon_19.png1KB

🖼pay_icon_38.png2KB

🖼pay_large.png7KB

🖼risk_icon_19.png279B

🖼risk_icon_38.png2KB

🖼risk_large.png5KB

🖼safe_icon_19.png360B

🖼safe_icon_38.png2KB

🖼safe_large.png6KB

🖼settings.png2KB

🖼shopping_exit_icon_19.png1KB

🖼shopping_exit_icon_38.png2KB

🖼shopping_exit_large.png7KB

🖼shopping_icon_19.png1KB

🖼shopping_icon_38.png2KB

🖼shopping_large.png7KB

🖼switch_off.png2KB

🖼switch_on.png2KB

🖼unknown_icon_19.png768B

🖼unknown_icon_38.png1KB

🖼unknown_large.png9KB

🖼web_link.png5KB

▾📁option17KB

🎨options.css2KB

🌐options.html4KB

📜options.js11KB

▾📁popup43KB

🌐checking.html1KB

🌐pay.html3KB

🎨popup.css5KB

📜popup.js3KB

🎨privacy.css2KB

🌐privacy.html1KB

📜privacy.js2KB

🌐risk.html1KB

📜risk.js441B

🌐safe.html2KB

🌐shopping.html3KB

🌐siteaccess.html686B

📜siteaccess.js294B

🌐siteaccessantitrack.html1KB

📜siteaccessantitrack.js368B

🌐unknown.html1KB

📜unknown.js141B

📜update-common.js3KB

📜update-popup-checking.js115B

📜update-popup-pay.js2KB

📜update-popup-risk.js944B

📜update-popup-safe.js956B

📜update-popup-shopping.js2KB

📜update-popup-unkown.js120B

🌐upgradebr.html677B

📜upgradebr.js209B

🌐upgradeext.html950B

📜upgradeext.js1KB

🌐upgradesafe.html1017B

📜upgradesafe.js1KB

▾📁toast9KB

🎨toast.css3KB

📜toast.js7KB

▾📁utils68KB

📜common.js4KB

📜config.js1KB

📜debug.js181B

📜ga.js45KB

📜pref.js1KB

📜product.js3KB

📜rule.js3KB

📜stat.js4KB

📜stat_bg.js4KB

📜type.js2KB

▾📁wdsupport2KB

📜wd_extension.js971B

📜wd_support.js826B

🌐background.html903B

📜background.js66KBlarge

{}manifest.json2KB

What This Extension Does

The 360 Internet Protection extension claims to provide web threat protection, anti-fraud, anti-phishing, and anti-malicious URL capabilities. It integrates privacy features such as anti-tracking and disguises online information to prevent targeted advertising and data leakage. This extension is suitable for users seeking enhanced security and privacy while browsing the internet.

Permissions Explained

scriptingexpected: This permission allows the extension to run scripts on your device, which can access sensitive data and perform actions without user interaction.
Technical: The scripting permission grants access to Chrome's JavaScript engine, enabling the extension to execute arbitrary code. This poses a risk if the extension is compromised or contains malicious code.
tabsexpected: This permission allows the extension to access and manipulate your browsing history, including tabs you have open.
Technical: The tabs permission grants access to Chrome's tab management API, enabling the extension to read and modify tab data. This could be used for tracking or malicious activities if exploited.
nativeMessagingcheck this: This permission allows the extension to communicate with native applications on your device, potentially accessing sensitive system data.
Technical: The nativeMessaging permission grants access to Chrome's Native Messaging API, enabling the extension to interact with native apps. This poses a critical risk if exploited, as it can lead to unauthorized data access or manipulation. ⚠ 1
storageexpected: This permission allows the extension to store and retrieve data on your device, including sensitive information such as login credentials.
Technical: The storage permission grants access to Chrome's storage API, enabling the extension to read and write data. This could be used for tracking or malicious activities if exploited.
activeTabexpected: This permission allows the extension to access the currently active tab, including its content and metadata.
Technical: The activeTab permission grants access to Chrome's tab API, enabling the extension to read data from the active tab. This poses a risk if exploited, as it can lead to unauthorized data access or manipulation.
webRequestcheck this: This permission allows the extension to intercept and modify web requests, potentially altering the content you see on the internet.
Technical: The webRequest permission grants access to Chrome's request API, enabling the extension to manipulate HTTP requests. This poses a high risk if exploited, as it can lead to unauthorized data access or manipulation. ⚠ 1
<all_urls>check this: This permission allows the extension to access all URLs visited on your device, including sensitive information such as login credentials and personal data.
Technical: The <all_urls> permission grants access to Chrome's URL API, enabling the extension to read and write data. This poses a critical risk if exploited, as it can lead to unauthorized data access or manipulation. ⚠ 1
declarativeNetRequestWithHostAccessexpected: This permission allows the extension to define rules for blocking or modifying web requests based on hostnames.
Technical: The declarativeNetRequestWithHostAccess permission grants access to Chrome's request API, enabling the extension to manipulate HTTP requests. This poses a risk if exploited, as it can lead to unauthorized data access or manipulation.
alarmsexpected: This permission allows the extension to schedule and manage alarms on your device, potentially accessing sensitive system data.
Technical: The alarms permission grants access to Chrome's alarm API, enabling the extension to interact with native apps. This poses a risk if exploited, as it can lead to unauthorized data access or manipulation.

Your Data

The extension accesses sensitive data such as browsing history, login credentials, and personal information. It sends this data to various domains, including its own servers (www.360totalsecurity.com, info.url.cloud.360safe.com) and third-party services (github.com, ssl.google-analytics.com).

Technical Details

domains

www.360totalsecurity.com
info.url.cloud.360safe.com
github.com
ssl.google-analytics.com

protocols

HTTP
HTTPS

encryption_status

Mixed (some HTTPS connections)

data_types

cookies
tokens
page content

Code Findings

Dynamic Code ExecutionHigh

The extension uses the Function constructor to execute dynamic code, which can lead to unauthorized data access or manipulation.

Technical: The extension uses the Function constructor (e.g., new Function('code')) to execute arbitrary JavaScript code. This poses a high risk if exploited, as it can lead to unauthorized data access or manipulation.

💡 Legitimate extensions may use dynamic code execution for legitimate purposes such as content injection or script loading.

Potential XSS VectorMedium

The extension uses innerHTML assignment, which can lead to cross-site scripting (XSS) attacks if exploited.

Technical: The extension assigns innerHTML values to elements without proper sanitization, potentially leading to XSS attacks. This poses a medium risk if exploited, as it can lead to unauthorized data access or manipulation.

💡 Legitimate extensions may use innerHTML assignment for legitimate purposes such as content injection or script loading.

Obfuscation TechniquesMedium

The extension uses String.fromCharCode and charCodeAt to obfuscate code, making it difficult to analyze.

Technical: The extension uses String.fromCharCode and charCodeAt (e.g., String.fromCharCode(104) instead of 'd') to obfuscate code. This poses a medium risk if exploited, as it can lead to unauthorized data access or manipulation.

💡 Legitimate extensions may use obfuscation techniques for legitimate purposes such as code compression or protection.

Broad Host PermissionsCritical

The extension has broad host permissions, allowing it to access sensitive data and perform actions without user interaction.

Technical: The extension has <all_urls> permission, granting access to all URLs visited on your device. This poses a critical risk if exploited, as it can lead to unauthorized data access or manipulation.

💡 Legitimate extensions may require broad host permissions for legitimate purposes such as content injection or script loading.

Cross-Origin CommunicationsMedium

The extension uses postMessage to communicate with other origins, potentially leading to unauthorized data access or manipulation.

Technical: The extension uses postMessage (e.g., window.postMessage) to communicate with other origins. This poses a medium risk if exploited, as it can lead to unauthorized data access or manipulation.

💡 Legitimate extensions may use cross-origin communications for legitimate purposes such as content injection or script loading.

Bottom Line

The 360 Internet Protection extension poses significant security risks due to its broad host permissions, dynamic code execution, and potential XSS vector. While it provides some legitimate security features, the extension's behavior raises concerns about data exposure and unauthorized access. Users should exercise caution when installing this extension and consider alternative security solutions.