Avira Browser Safety

Name: Security Analysis: Avira Browser Safety
Item: Avira Browser Safety
Rating: 5
Author: ChromeBoard

🔍 Security Report Available

👥 7M+ users

📦 v4.3.1.57

💾 1.69MiB

📅 2025-11-13

View on Chrome Web Store

Chrome will indicate if you already have this installed.

Blocks malicious websites and trackers to keep your browsing private and secure, ensuring a safer online experience for you and your family. Lets you surf with confidence, knowing that Avira Browser Safety protects your personal data from unwanted eyes. Brings peace of mind to parents who want to safeguard their children's online activities.

Overview

Avira Browser Safety protects you from malicious websites & invisible trackers

Safe surfing
- Browse securely: We block over 80 million malicious sites per month.
- Shield your identity: We detect over 20 million phishing & spam attacks per month.
- Download safely: We prevent over 1 million potentially unwanted applications (PUA) from hiding in your downloads.

Private browsing
- Anti-tracking: We stop thousands of ad networks from monitoring you online.
- Optimal experience: We enable you to access all your favorite web services without interference.

Smarter searches
- Know before you go: We highlight infected sites directly in your search results.
- Anti-hijacking: We ensure you’re never redirected to malicious search engines.

Privacy Practices

✓ Not being sold to third parties, outside of the approved use cases

✓ Not being used or transferred for purposes that are unrelated to the item's core functionality

✓ Not being used or transferred to determine creditworthiness or for lending purposes

v4.3.1.57 Info Scanned Mar 4, 2026

Security Analysis — Avira Browser Safety

Analyzed v4.3.1.57 · Mar 4, 2026 · 27 JS files · 4319 KB scanned

Permissions

Code Patterns Detected

External Connections

www.avira.com github.com adguard.com www.gnu.org download.avira.com developer.chrome.com extensions.avira.com developer.mozilla.org bugs.chromium.org yandex.ru www.w3.org v2.auc.avira.com +8 more

Package Contents 120 files · 5.4MB

▾📁_locales3KB

▾📁de

{}messages.json243B

▾📁en

{}messages.json225B

▾📁en_US

{}messages.json225B

▾📁es

{}messages.json229B

▾📁fr

{}messages.json226B

▾📁it

{}messages.json231B

▾📁ja

{}messages.json252B

▾📁nl

{}messages.json212B

▾📁pt_BR

{}messages.json238B

▾📁ru

{}messages.json268B

▾📁tr

{}messages.json229B

▾📁zh_CN

{}messages.json232B

▾📁zh_TW

{}messages.json226B

▾📁_metadata16KB

{}verified_contents.json16KB

▾📁adguard2MB

📜adguard-api.js1.2MBlarge

📜adguard-assistant.js10KB

📜adguard-content.js209KBlarge

{}filters.json51KB

{}filters_i18n.json437KB

📄redirects.yml64KB

▾📁css489KB

▾📁content4KB

🎨content.css54B

🎨search.css4KB

▾📁fonts372KB

🔤KievitWebPro-Bold.woff56KB

🔤KievitWebPro-Light.woff55KB

🔤KievitWebPro.woff54KB

🔤OpenSans-Regular.woff58KB

🔤OpenSans-Regular.woff244KB

🔤OpenSans-SemiBold.woff61KB

🔤OpenSans-SemiBold.woff245KB

🎨ExtPermNotification.css11KB

🎨abs-page.css12KB

🎨app.css36KB

🎨blockedIFrame.css2KB

🎨external.css4KB

🎨loading.css605B

🎨popup.css28KB

🎨trackerNotification.css14KB

🎨vertical.css4KB

▾📁html7KB

🌐ExtPermNotification.html609B

🌐about.html955B

🌐absLog.html1KB

🌐blocked.html320B

🌐blockedIFrame.html361B

🌐card.html592B

🌐external.html597B

🌐loading.html424B

🌐popup.html772B

🌐top.html577B

🌐trackerNotification.html608B

▾📁img115KB

🖼abs-ads-blocked.svg3KB

🖼abs-attention-small-yellow.png322B

🖼abs-attention.png4KB

🖼abs-check-small.png450B

🖼abs-check.png3KB

🖼abs-checkbox.png542B

🖼abs-close.svg704B

🖼abs-danger.svg6KB

🖼abs-info-badge.svg1KB

🖼abs-menu-close.png232B

🖼abs-menu-help.png230B

🖼abs-menu-settings.png379B

🖼abs-trackers-blocked.svg11KB

🖼abs_logo_small.png1KB

🖼absb-checks.png972B

🖼avira-app-icon.svg27KB

🖼avira_icon128.png8KB

🖼avira_icon16.png1KB

🖼avira_icon19.png1KB

🖼avira_icon24.png1KB

🖼avira_icon32.png2KB

🖼avira_icon38.png2KB

🖼avira_icon48.png3KB

🖼avira_logo.png2KB

🖼classification_safe_lg.svg1KB

🖼classification_unsafe_lg.svg3KB

🖼close-offers-bar.svg1KB

🖼close.svg1KB

🖼ico_tick.png5KB

🖼icon-facebook.png348B

🖼icon-facebook.svg1KB

🖼icon-tab-alert.svg903B

🖼icon-twitter.png620B

🖼icon-twitter.svg2KB

🖼info_empty.svg874B

🖼info_full.svg1KB

🖼logo-avira-antivirus.png840B

🖼serp_info_safe.svg256B

🖼serp_info_unsafe.svg231B

🖼serp_info_warning.svg437B

🖼tracker-milestone-confetti.png7KB

🖼tracker-milestone-medal.png2KB

🖼tracker-milestone-medal.svg2KB

🖼tracker-milestone-ribbon.png2KB

🖼warning.svg1KB

▾📁js2.7MB

▾📁background649KB

📜ServiceWorker.js1KB

📜background.js648KBlarge

▾📁content1.4MB

📜ExtPermNotification.js174KBlarge

📜about.js47KB

📜app.js335KBlarge

📜common.js6KB

📜content-offers.js130KBlarge

📜content-safety.js52KBlarge

📜content.js15KB

📜jquery.js86KBlarge

📜landingPage.js54KBlarge

📜trackerNotification.js176KBlarge

📜verticalApp.js332KBlarge

▾📁modules11KB

▾📁offers11KB

▾📁content11KB

▾📁iframe11KB

📜external.js11KB

▾📁popup356KB

📜popup.js356KBlarge

📜absLog.js10KB

📜blocked.js208KBlarge

📜blockedIFrame.js172KBlarge

📜webRequestListenerWrapper.js1KB

▾📁offers_js42KB

📜cms_ao2.js23KB

📜cms_aon.js8KB

📜cms_ass.js8KB

📜cms_ss2.js1KB

📜external-splashoffer.js1KB

▾📁rules4KB

{}rules_1.json4KB

{}manifest.json2KB

What This Extension Does

Avira Browser Safety protects users from malicious websites, invisible trackers, and phishing attacks. It provides private browsing features, including anti-tracking and optimal experience. The extension also offers smarter searches with highlighted infected sites and anti-hijacking protection.

Permissions Explained

tabsexpected: Allows the extension to access and interact with web pages you're visiting.
Technical: Accesses Chrome's tab management API, enabling the extension to monitor and manipulate tabs. Attack surface: moderate.
storageexpected: Lets the extension store data locally on your device.
Technical: Accesses Chrome's storage API, enabling the extension to read and write data. Attack surface: moderate.
webRequestexpected: Allows the extension to intercept and modify web requests.
Technical: Accesses Chrome's web request API, enabling the extension to inspect and manipulate HTTP requests. Attack surface: high.
cookiesexpected: Lets the extension access and modify cookies on your device.
Technical: Accesses Chrome's cookie management API, enabling the extension to read and write cookies. Attack surface: high.
unlimitedStorageexpected: Allows the extension to store an unlimited amount of data locally on your device.
Technical: Accesses Chrome's storage API with elevated permissions, enabling the extension to store large amounts of data. Attack surface: moderate.
scriptingexpected: Lets the extension execute scripts on your device.
Technical: Accesses Chrome's scripting API, enabling the extension to run JavaScript code. Attack surface: moderate.
declarativeNetRequestexpected: Allows the extension to define network requests and responses.
Technical: Accesses Chrome's declarative net request API, enabling the extension to inspect and manipulate HTTP requests. Attack surface: high.
alarmsexpected: Lets the extension schedule tasks to run at specific times.
Technical: Accesses Chrome's alarm API, enabling the extension to schedule tasks. Attack surface: low.
webNavigationexpected: Allows the extension to monitor and interact with web page navigation.
Technical: Accesses Chrome's web navigation API, enabling the extension to inspect and manipulate web page navigation. Attack surface: moderate.
managementexpected: Lets the extension manage other extensions on your device.
Technical: Accesses Chrome's management API, enabling the extension to inspect and modify other extensions. Attack surface: high.
<all_urls>check this: Allows the extension to access all web pages you visit.
Technical: Accesses Chrome's URL pattern matching API, enabling the extension to inspect and manipulate all web requests. Attack surface: critical. ⚠ 1

Your Data

The extension accesses cookies on your device and sends data to various domains, including www.avira.com, github.com, adguard.com, and others. It also makes XHR requests and uses the Fetch API.

Technical Details

Exact domains contacted: www.avira.com, github.com, adguard.com, download.avira.com, developer.chrome.com, extensions.avira.com, developer.mozilla.org, bugs.chromium.org, yandex.ru, www.w3.org, v2.auc.avira.com. Protocols used: HTTP, HTTPS, XHR, Fetch API. Data types accessed: cookies, tokens, page content.

Code Findings

Function constructor used — dynamic code executionHigh

The extension uses the function constructor to execute code dynamically, which can be a potential security risk.

Technical: Code pattern: new Function('code'). Risk vector: arbitrary code execution. Exploit scenario: malicious code injection via crafted input.

💡 Legitimate extensions may use dynamic code execution for legitimate purposes, such as loading external scripts or handling user input.

Loads external scripts in service workerHigh

The extension loads external scripts in its service worker, which can be a potential security risk if the scripts are malicious.

Technical: Code pattern: importScripts('script_url'). Risk vector: arbitrary code execution. Exploit scenario: malicious script injection via crafted input.

💡 Legitimate extensions may load external scripts for legitimate purposes, such as loading dependencies or handling user input.

innerHTML assignment — potential XSS vectorMedium

The extension uses innerHTML assignment to set the content of an HTML element, which can be a potential XSS risk if the content is not properly sanitized.

Technical: Code pattern: element.innerHTML = 'content'. Risk vector: cross-site scripting (XSS). Exploit scenario: malicious script injection via crafted input.

💡 Legitimate extensions may use innerHTML assignment for legitimate purposes, such as rendering user-generated content or loading external scripts.

String.fromCharCode (obfuscation)Medium

The extension uses String.fromCharCode to obfuscate code, which can make it harder to analyze and understand the code's behavior.

Technical: Code pattern: String.fromCharCode(0x01). Risk vector: code obfuscation. Exploit scenario: malicious code injection via crafted input.

💡 Legitimate extensions may use code obfuscation for legitimate purposes, such as protecting proprietary code or reducing code size.

Makes XHR requestsInfo

The extension makes XHR requests to various domains, which can be used to fetch data from external sources.

Technical: Code pattern: XMLHttpRequest. Risk vector: data exposure. Exploit scenario: malicious data injection via crafted input.

💡 Legitimate extensions may make XHR requests for legitimate purposes, such as fetching user data or loading external scripts.

Uses Fetch APIInfo

The extension uses the Fetch API to fetch data from external sources, which can be used for legitimate purposes such as loading external scripts or fetching user data.

Technical: Code pattern: fetch('url'). Risk vector: data exposure. Exploit scenario: malicious data injection via crafted input.

💡 Legitimate extensions may use the Fetch API for legitimate purposes, such as loading external scripts or fetching user data.

Creates script elements dynamicallyHigh

The extension creates script elements dynamically, which can be a potential security risk if the scripts are malicious.

Technical: Code pattern: document.createElement('script'). Risk vector: arbitrary code execution. Exploit scenario: malicious script injection via crafted input.

💡 Legitimate extensions may create script elements dynamically for legitimate purposes, such as loading external scripts or handling user input.

Reads browser storageMedium

The extension reads data from browser storage, which can be used to store and retrieve user data.

Technical: Code pattern: chrome.storage. Risk vector: data exposure. Exploit scenario: malicious data injection via crafted input.

💡 Legitimate extensions may read browser storage for legitimate purposes, such as storing user preferences or loading external scripts.

Removes from browser storageMedium

The extension removes data from browser storage, which can be used to clear user data.

Technical: Code pattern: chrome.storage.remove. Risk vector: data exposure. Exploit scenario: malicious data injection via crafted input.

💡 Legitimate extensions may remove data from browser storage for legitimate purposes, such as clearing user preferences or loading external scripts.

Accesses browser cookiesHigh

The extension accesses and modifies cookies on your device, which can be a potential security risk if the cookies are malicious.

Technical: Code pattern: document.cookie. Risk vector: arbitrary code execution. Exploit scenario: malicious cookie injection via crafted input.

💡 Legitimate extensions may access and modify cookies for legitimate purposes, such as storing user preferences or loading external scripts.

Potential hardcoded secretMedium

The extension contains a potential hardcoded secret, which can be used to access sensitive data or perform malicious actions.

Technical: Code pattern: secret_key. Risk vector: data exposure. Exploit scenario: malicious data injection via crafted input.

💡 Legitimate extensions may contain hardcoded secrets for legitimate purposes, such as authenticating with external services or loading proprietary code.

Creates iframe elementsInfo

The extension creates iframe elements dynamically, which can be used to load external content or handle user input.

Technical: Code pattern: document.createElement('iframe'). Risk vector: data exposure. Exploit scenario: malicious data injection via crafted input.

💡 Legitimate extensions may create iframe elements for legitimate purposes, such as loading external scripts or handling user input.

Sets up event listenersInfo

The extension sets up event listeners to handle user interactions and other events.

Technical: Code pattern: element.addEventListener. Risk vector: data exposure. Exploit scenario: malicious data injection via crafted input.

💡 Legitimate extensions may set up event listeners for legitimate purposes, such as handling user input or loading external scripts.

Bottom Line

The Avira Browser Safety extension provides a range of security features to protect users from malicious websites and invisible trackers. However, it also accesses sensitive data and makes XHR requests to various domains, which can be a potential security risk if the data or scripts are malicious. Users should exercise caution when installing this extension and regularly review its permissions and behavior to ensure their safety.