Adguard Adblocker

Name: Security Analysis: Adguard Adblocker
Item: Adguard Adblocker
Rating: 5
Author: ChromeBoard

🔍 Security Report Available

👥 16M+ users

📦 v5.3.0.16

💾 27.36MiB

📅 2026-02-20

View on Chrome Web Store

Chrome will indicate if you already have this installed.

Overview

AdGuard ad blocker effectively blocks all types of ads on all web pages, even on Facebook, YouTube and others!

What AdGuard ad blocker does:

• Blocks all ads: video ads (includes YouTube adblock), rich media advertising, unwanted pop-ups, banners and text ads (includes Facebook adblock)
• Speeds up page loading and saves bandwidth, thanks to the missing ads and pop-up windows
• Protects your privacy by blocking common third-party tracking systems
• Blocks many spyware, adware, and dialer installers
• Protects you from malware and phishing

What are the advantages of AdGuard over Adblock or Adblock Plus?

• AdGuard ad blocker is really fast and lightweight. It uses half as much memory as other popular solutions: Adblock, Adblock Plus, and even outperforms uBlock Adblocker in some tests
• AdGuard can handle most of the adblock circumvention scripts
• AdGuard is simply better looking and modern (in our opinion)

How can AdGuard ad blocker protect your privacy?

Privacy protection is one of the main goals! Just enable the "AdGuard Tracking Protection filter" in AdGuard settings. It completely removes all forms of tracking from the Internet. AdGuard has one of the largest tracker filter lists containing more than 10,000 rules. It is even larger than the databases of Ghostery® and Disconnect.

How to remove social media widgets with AdGuard?

Tired of all the “Like” buttons and similar widgets infesting all of your frequented web pages? Just enable AdGuard "Social media filter" and forget about them.

How can AdGuard ad blocker protect you from online threats?

At the moment we’ve got more than 2,000,000 harmful websites on record. AdGuard can block domains known to spread malware, protecting your computer against viruses, Trojan horses, worms, spyware, and adware. AdGuard really lowers the risk of virus infections and prohibits access to harmful websites to prevent potential attacks.

Crypto-jacking protection

We did comprehensive research on crypto-jacking and, as a result, AdGuard can reliably block most of the known crypto-jackers including CoinHive. You can also add some open source filters like NoCoin which will give you an additional layer of protection.

Why does AdGuard require permissions?

"Access your data for all websites" and "Access browser tabs": both permissions are necessary for AdGuard to apply all kinds of cosmetic processing to the pages' content. Naive ad blocking would simply block ad servers, and leave broken elements and first-party ads on the pages. AdGuard applies special cosmetic rules to make pages look clean and tidy.

"Access browser activity during navigation": this permission is necessary to keep track of navigation events in order to apply rules when the time is right.

Release notes:
https://github.com/AdguardTeam/AdguardBrowserExtension/releases

Free and Open Source:
https://github.com/AdguardTeam/AdguardBrowserExtension

Privacy Practices

✓ Not being sold to third parties, outside of the approved use cases

✓ Not being used or transferred for purposes that are unrelated to the item's core functionality

✓ Not being used or transferred to determine creditworthiness or for lending purposes

🔄 New version v5.3.0.16 detected — scan automatically queued.

v5.3.0.21 Info Scanned Mar 4, 2026

Security Analysis — Adguard Adblocker

Analyzed v5.3.0.21 · Mar 4, 2026 · 58 JS files · 23050 KB scanned

Permissions

Code Patterns Detected

External Connections

github.com www.gnu.org tc39.es tc39.github.io adguard.app developer.mozilla.org www.w3.org adguard.com kb.adguard.com developer.chrome.com help.adblockplus.org bugs.chromium.org +8 more

Package Contents 247 files · 129.3MB

▾📁_locales2.4MB

▾📁ar62KB

{}messages.json62KB

▾📁be66KB

{}messages.json66KB

▾📁bg68KB

{}messages.json68KB

▾📁bn

{}messages.json284B

▾📁ca47KB

{}messages.json47KB

▾📁cs53KB

{}messages.json53KB

▾📁da51KB

{}messages.json51KB

▾📁de53KB

{}messages.json53KB

▾📁el71KB

{}messages.json71KB

▾📁en50KB

{}messages.json50KB

▾📁es53KB

{}messages.json53KB

▾📁es_41953KB

{}messages.json53KB

▾📁et52KB

{}messages.json52KB

▾📁fa63KB

{}messages.json63KB

▾📁fi53KB

{}messages.json53KB

▾📁fil

{}messages.json284B

▾📁fr55KB

{}messages.json55KB

▾📁he57KB

{}messages.json57KB

▾📁hi77KB

{}messages.json77KB

▾📁hr52KB

{}messages.json52KB

▾📁hu55KB

{}messages.json55KB

▾📁hy67KB

{}messages.json67KB

▾📁id52KB

{}messages.json52KB

▾📁it53KB

{}messages.json53KB

▾📁ja60KB

{}messages.json60KB

▾📁kn

{}messages.json284B

▾📁ko54KB

{}messages.json54KB

▾📁lt53KB

{}messages.json53KB

▾📁lv

{}messages.json284B

▾📁mk68KB

{}messages.json68KB

▾📁mk-MK

{}messages.json284B

▾📁ms52KB

{}messages.json52KB

▾📁nb51KB

{}messages.json51KB

▾📁nl53KB

{}messages.json53KB

▾📁pl53KB

{}messages.json53KB

▾📁pt_BR53KB

{}messages.json53KB

▾📁pt_PT53KB

{}messages.json53KB

▾📁ro53KB

{}messages.json53KB

▾📁ru65KB

{}messages.json65KB

▾📁sk54KB

{}messages.json54KB

▾📁sl52KB

{}messages.json52KB

▾📁sr52KB

{}messages.json52KB

▾📁sv52KB

{}messages.json52KB

▾📁ta

{}messages.json284B

▾📁te

{}messages.json284B

▾📁th75KB

{}messages.json75KB

▾📁tr53KB

{}messages.json53KB

▾📁uk65KB

{}messages.json65KB

▾📁vi57KB

{}messages.json57KB

▾📁zh_CN49KB

{}messages.json49KB

▾📁zh_TW50KB

{}messages.json50KB

▾📁_metadata35KB

{}verified_contents.json35KB

▾📁assets1.1MB

▾📁css145KB

▾📁devtools43KB

🎨custom.css560B

🎨dark.css3KB

🎨elementsPanel.css16KB

🎨inspectorCommon.css4KB

🎨inspectorStyle.css11KB

🎨inspectorSyntaxHighlight.css5KB

🎨sidebarPane.css3KB

🎨alert-container.css357B

🎨alert-popup.css30KB

🎨c3.css3KB

🎨fonts.css767B

🎨layout.css1KB

🎨log.css8KB

🎨main.css83B

🎨nanobar.css237B

🎨rules-limits-container.css392B

🎨rules-limits-popup.css4KB

🎨style.css53KB

🎨update-container.css358B

▾📁fonts712KB

🔤Roboto-Flex-Regular.woff2712KB

▾📁icons12KB

🖼loading-19.png662B

🖼loading-38.png1KB

🖼newyear25-off-19.png340B

🖼newyear25-off-38.png492B

🖼newyear25-on-19.png358B

🖼newyear25-on-38.png511B

🖼off-19.png410B

🖼off-38.png702B

🖼on-128.png3KB

🖼on-16.png480B

🖼on-19.png564B

🖼on-38.png955B

🖼update-available-19.png553B

🖼update-available-38.png890B

🖼warning-19.png471B

🖼warning-38.png797B

▾📁images103KB

🖼alert.svg2KB

🖼app-store.svg23KB

🖼arrow-down-grey.svg892B

🖼arrow-down.svg752B

🖼avatar.svg5KB

🖼checked.svg891B

🖼chrome.svg2KB

🖼cross.svg677B

🖼dropbox.svg1KB

🖼filters.svg6KB

🖼google-play.svg5KB

🖼hero-green.svg14KB

🖼hero-red.svg11KB

🖼link.svg337B

🖼logo-dark.svg4KB

🖼logo-shield.svg776B

🖼logo.svg4KB

🖼newyear25.svg16KB

🖼reload-ico-green.svg660B

🖼reload-ico.svg2KB

🖼shield.svg379B

🖼tick.svg860B

🖼toggler-bg.svg2KB

🖼trash.svg482B

▾📁js2KB

📜preload-theme.js2KB

▾📁videos185KB

📄loading.webm185KB

▾📁filters103.6MB

▾📁declarative101.6MB

▾📁ruleset_035KB

{}ruleset_0.json35KB

▾📁ruleset_12MB

{}ruleset_1.json2MB

▾📁ruleset_10129KB

{}ruleset_10.json129KB

▾📁ruleset_103181KB

{}ruleset_103.json181KB

▾📁ruleset_10575KB

{}ruleset_105.json75KB

▾📁ruleset_108275KB

{}ruleset_108.json275KB

▾📁ruleset_109396KB

{}ruleset_109.json396KB

▾📁ruleset_11755KB

{}ruleset_11.json755KB

▾📁ruleset_110152KB

{}ruleset_110.json152KB

▾📁ruleset_11150KB

{}ruleset_111.json50KB

▾📁ruleset_112232KB

{}ruleset_112.json232KB

▾📁ruleset_120621KB

{}ruleset_120.json621KB

▾📁ruleset_13668KB

{}ruleset_13.json668KB

▾📁ruleset_162.5MB

{}ruleset_16.json2.5MB

▾📁ruleset_17459KB

{}ruleset_17.json459KB

▾📁ruleset_182MB

{}ruleset_18.json2MB

▾📁ruleset_191.7MB

{}ruleset_19.json1.7MB

▾📁ruleset_219.4MB

{}ruleset_2.json19.4MB

▾📁ruleset_20270KB

{}ruleset_20.json270KB

▾📁ruleset_202163KB

{}ruleset_202.json163KB

▾📁ruleset_203171KB

{}ruleset_203.json171KB

▾📁ruleset_2081.8MB

{}ruleset_208.json1.8MB

▾📁ruleset_21884KB

{}ruleset_21.json884KB

▾📁ruleset_214150KB

{}ruleset_214.json150KB

▾📁ruleset_216581KB

{}ruleset_216.json581KB

▾📁ruleset_217409KB

{}ruleset_217.json409KB

▾📁ruleset_21860KB

{}ruleset_218.json60KB

▾📁ruleset_22292KB

{}ruleset_22.json292KB

▾📁ruleset_2242.8MB

{}ruleset_224.json2.8MB

▾📁ruleset_227497KB

{}ruleset_227.json497KB

▾📁ruleset_23770KB

{}ruleset_23.json770KB

▾📁ruleset_233140KB

{}ruleset_233.json140KB

▾📁ruleset_235474KB

{}ruleset_235.json474KB

▾📁ruleset_238109KB

{}ruleset_238.json109KB

▾📁ruleset_243557KB

{}ruleset_243.json557KB

▾📁ruleset_249403KB

{}ruleset_249.json403KB

▾📁ruleset_25241KB

{}ruleset_252.json41KB

▾📁ruleset_2531.5MB

{}ruleset_253.json1.5MB

▾📁ruleset_254128KB

{}ruleset_254.json128KB

▾📁ruleset_25519.8MB

{}ruleset_255.json19.8MB

▾📁ruleset_256336KB

{}ruleset_256.json336KB

▾📁ruleset_2571.3MB

{}ruleset_257.json1.3MB

▾📁ruleset_2594MB

{}ruleset_259.json4MB

▾📁ruleset_328.7MB

{}ruleset_3.json28.7MB

▾📁ruleset_41MB

{}ruleset_4.json1MB

▾📁ruleset_513KB

{}ruleset_5.json13KB

▾📁ruleset_61.1MB

{}ruleset_6.json1.1MB

▾📁ruleset_71.1MB

{}ruleset_7.json1.1MB

▾📁ruleset_8202KB

{}ruleset_8.json202KB

▾📁ruleset_9578KB

{}ruleset_9.json578KB

{}filters_i18n.json1020KB

📜local_script_rules.js736KBlarge

{}local_script_rules.json304KB

▾📁pages14.7MB

▾📁blocking540KB

🌐blocked.html109KB

📜blocked.js430KBlarge

📜assistant-inject.js721KBlarge

📜background.js7.2MBlarge

📜content-script-end.js59KBlarge

📜content-script-start.js477KBlarge

🌐devtools-elements-sidebar.html3KB

📜devtools-elements-sidebar.js121KBlarge

🌐devtools.html385B

📜devtools.js39KB

🌐filtering-log.html980B

📜filtering-log.js1.4MBlarge

🌐fullscreen-user-rules.html1KB

📜fullscreen-user-rules.js603KBlarge

📜gpc.js4KB

📜hide-document-referrer.js4KB

🌐options.html1KB

📜options.js1.1MBlarge

🌐popup.html514B

📜popup.js1.7MBlarge

🌐post-install.html1KB

📜post-install.js253KBlarge

📜subscribe.js115KBlarge

📜thankyou.js324KBlarge

▾📁shared1.8MB

📜editor.js1.8MBlarge

▾📁vendors5.4MB

📜agtree.js607B

📜css-tokenizer.js78KBlarge

📜mobx.js172KBlarge

📜react.js133KBlarge

📜scriptlets.js650B

📜text-encoding-polyfill.js619KBlarge

📜tsurlfilter-declarative-converter.js828KBlarge

📜tsurlfilter.js2.2MBlarge

📜tswebextension.js1.2MBlarge

📜xstate.js148KBlarge

▾📁web-accessible-resources258KB

▾📁redirects117KB

🖼1x1-transparent.gif37B

🖼2x2-transparent.png68B

🖼32x32-transparent.png83B

🖼3x2-transparent.png68B

📜amazon-apstag.js2KB

📜ati-smarttag.js3KB

🌐click2load.html9KB

📜didomi-loader.js6KB

📜fingerprintjs.js3KB

📜fingerprintjs2.js2KB

📜fingerprintjs3.js2KB

📜gemius.js2KB

📜google-analytics-ga.js5KB

📜google-analytics.js5KB

📜google-ima3.js22KB

📜googlesyndication-adsbygoogle.js4KB

📜googletagservices-gpt.js16KB

📜matomo.js2KB

📜metrika-yandex-tag.js4KB

📜metrika-yandex-watch.js3KB

📜naver-wcslog.js1KB

📜noeval.js2KB

🎨noopcss.css0B

🌐noopframe.html81B

📜noopjs.js17B

{}noopjson.json2B

📄noopmp3.mp3813B

📄noopmp4.mp44KB

📜nooptext.js0B

📄noopvast02.xml27B

📄noopvast03.xml27B

📄noopvast04.xml27B

📄noopvmap01.xml85B

📜pardot-1.0.js2KB

📜prebid-ads.js1KB

📜prebid.js3KB

📜prevent-bab.js4KB

📜prevent-bab2.js2KB

📜prevent-fab-3.2.0.js3KB

📜prevent-popads-net.js2KB

📜scorecardresearch-beacon.js2KB

📜set-popads-dummy.js2KB

📄redirects.yml140KB

{}manifest.json11KB

📜runtime.js8KB

What This Extension Does

Adguard Adblocker is a popular extension that blocks ads, pop-ups, and tracking systems on websites. It also speeds up page loading and saves bandwidth. With over 16 million users, it's a widely used tool for online privacy and security.

Permissions Explained

tabsexpected: This permission allows the extension to access your browsing history and current tabs.
Technical: The extension uses this permission to monitor navigation events and apply rules when necessary. This could potentially allow the extension to track user behavior or inject malicious scripts into open tabs.
webRequestexpected: This permission allows the extension to intercept and modify web requests, including ads and tracking systems.
Technical: The extension uses this permission to block ad servers and tracking scripts. However, if compromised, it could potentially allow malicious actors to inject malware or steal sensitive data. ⚠ 1
webNavigationexpected: This permission allows the extension to monitor navigation events and apply rules when necessary.
Technical: The extension uses this permission to track user behavior and inject scripts into web pages. This could potentially allow the extension to collect sensitive data or inject malware.
storageexpected: This permission allows the extension to store data locally on your device.
Technical: The extension uses this permission to cache tracking filters and other data. However, if compromised, it could potentially allow malicious actors to steal sensitive data or inject malware.
unlimitedStoragecheck this: This permission allows the extension to store an unlimited amount of data locally on your device.
Technical: The extension uses this permission to cache large amounts of tracking filters and other data. This could potentially allow malicious actors to steal sensitive data or inject malware if compromised. ⚠ 1
contextMenusexpected: This permission allows the extension to create custom context menus in your browser.
Technical: The extension uses this permission to provide users with options for blocking ads and tracking systems. However, if compromised, it could potentially allow malicious actors to inject malware or steal sensitive data.
cookiesexpected: This permission allows the extension to access and modify cookies on your device.
Technical: The extension uses this permission to block tracking cookies. However, if compromised, it could potentially allow malicious actors to steal sensitive data or inject malware. ⚠ 1
declarativeNetRequestexpected: This permission allows the extension to intercept and modify web requests using a declarative API.
Technical: The extension uses this permission to block ad servers and tracking scripts. However, if compromised, it could potentially allow malicious actors to inject malware or steal sensitive data.
declarativeNetRequestFeedbackexpected: This permission allows the extension to provide feedback on web requests using a declarative API.
Technical: The extension uses this permission to track user behavior and inject scripts into web pages. This could potentially allow the extension to collect sensitive data or inject malware if compromised.
scriptingexpected: This permission allows the extension to execute scripts in your browser.
Technical: The extension uses this permission to inject scripts into web pages. However, if compromised, it could potentially allow malicious actors to inject malware or steal sensitive data.
userScriptsexpected: This permission allows the extension to execute user-provided scripts in your browser.
Technical: The extension uses this permission to inject user-provided scripts into web pages. However, if compromised, it could potentially allow malicious actors to inject malware or steal sensitive data.
privacyexpected: This permission allows the extension to access and modify your browser's privacy settings.
Technical: The extension uses this permission to block tracking systems. However, if compromised, it could potentially allow malicious actors to steal sensitive data or inject malware.
<all_urls>check this: This permission allows the extension to access all web pages and URLs on your device.
Technical: The extension uses this permission to block ad servers and tracking scripts. However, if compromised, it could potentially allow malicious actors to inject malware or steal sensitive data. ⚠ 1

Your Data

Adguard Adblocker accesses a wide range of data on your device, including browsing history, cookies, and tracking filters. It also sends data to its servers for filtering and updating.

Technical Details

The extension contacts the following domains: github.com, www.gnu.org, tc39.es, tc39.github.io, adguard.app, developer.mozilla.org, www.w3.org, adguard.com, kb.adguard.com, developer.chrome.com, help.adblockplus.org, bugs.chromium.org. It uses HTTP and HTTPS protocols to send data to its servers.

Code Findings

Function constructor used — dynamic code executionHigh

This extension uses a function constructor to execute dynamic code, which could potentially allow malicious actors to inject malware or steal sensitive data.

Technical: The extension uses the function constructor to create functions dynamically. This is a common technique used in legitimate extensions for injecting scripts into web pages.

💡 Legitimate extensions use this technique to inject scripts into web pages and apply rules when necessary.

setTimeout with string (dynamic code)High

This extension uses setTimeout with a string argument, which could potentially allow malicious actors to inject malware or steal sensitive data.

Technical: The extension uses setTimeout with a string argument to execute dynamic code. This is a common technique used in legitimate extensions for injecting scripts into web pages.

💡 Legitimate extensions use this technique to inject scripts into web pages and apply rules when necessary.

innerHTML assignment — potential XSS vectorMedium

This extension uses innerHTML assignment, which could potentially allow malicious actors to inject malware or steal sensitive data through cross-site scripting (XSS) attacks.

Technical: The extension uses innerHTML assignment to inject scripts into web pages. This is a common technique used in legitimate extensions for injecting scripts into web pages.

💡 Legitimate extensions use this technique to inject scripts into web pages and apply rules when necessary.

String.fromCharCode (obfuscation)Medium

This extension uses String.fromCharCode for obfuscation, which could potentially make it harder to detect malicious code.

Technical: The extension uses String.fromCharCode to encode strings. This is a common technique used in legitimate extensions for encoding data.

💡 Legitimate extensions use this technique to encode data and protect sensitive information.

charCodeAt (obfuscation)Medium

This extension uses charCodeAt for obfuscation, which could potentially make it harder to detect malicious code.

Technical: The extension uses charCodeAt to encode strings. This is a common technique used in legitimate extensions for encoding data.

💡 Legitimate extensions use this technique to encode data and protect sensitive information.

Uses Fetch APIInfo

This extension uses the Fetch API to make requests to its servers. This is a common technique used in legitimate extensions for making requests to external services.

Technical: The extension uses the Fetch API to make requests to its servers. This is a secure way to make requests and retrieve data from external services.

💡 Legitimate extensions use this technique to make requests to external services and retrieve data.

Creates iframe elementsMedium

This extension creates iframe elements, which could potentially allow malicious actors to inject malware or steal sensitive data through cross-site scripting (XSS) attacks.

Technical: The extension uses document.createElement to create iframe elements. This is a common technique used in legitimate extensions for injecting scripts into web pages.

💡 Legitimate extensions use this technique to inject scripts into web pages and apply rules when necessary.

Sets up event listenersInfo

This extension sets up event listeners, which is a common technique used in legitimate extensions for injecting scripts into web pages and applying rules when necessary.

Technical: The extension uses addEventListener to set up event listeners. This is a secure way to inject scripts into web pages and apply rules when necessary.

💡 Legitimate extensions use this technique to inject scripts into web pages and apply rules when necessary.

Bottom Line

Adguard Adblocker is a widely used extension that provides effective ad blocking and tracking protection. However, it does access a wide range of data on your device and sends data to its servers for filtering and updating. While the extension uses some techniques that could potentially allow malicious actors to inject malware or steal sensitive data, these are common practices in legitimate extensions. We recommend users exercise caution when installing this extension and regularly review their browser's permissions and settings.