Ublock Origin Lite

Name: Security Analysis: Ublock Origin Lite
Item: Ublock Origin Lite
Rating: 5
Author: ChromeBoard

🔍 Security Report Available

👥 15M+ users

📦 v2026.215.1801

💾 8.73MiB

📅 2026-02-17

View on Chrome Web Store

Chrome will indicate if you already have this installed.

Overview

uBO Lite (uBOL) is an efficient MV3-based content blocker.

The default ruleset corresponds to uBlock Origin's default filterset:

- uBlock Origin's built-in filter lists
- EasyList
- EasyPrivacy
- Peter Lowe’s Ad and tracking server list

You can enable more rulesets by visiting the options page -- click the _Cogs_ icon in the popup panel.

uBOL is entirely declarative, meaning there is no need for a permanent uBOL process for the filtering to occur, and CSS/JS injection-based content filtering is performed reliably by the browser itself rather than by the extension. This means that uBOL itself does not consume CPU/memory resources while content blocking is ongoing -- uBOL's service worker process is required _only_ when you interact with the popup panel or the option pages.

Privacy Practices

✓ Not being sold to third parties, outside of the approved use cases

✓ Not being used or transferred for purposes that are unrelated to the item's core functionality

✓ Not being used or transferred to determine creditworthiness or for lending purposes

🔄 New version v2026.215.1801 detected — scan automatically queued.

v2026.301.2014 Info Scanned Mar 5, 2026

Security Analysis — Ublock Origin Lite

Analyzed v2026.301.2014 · Mar 5, 2026 · 299 JS files · 6877 KB scanned

Permissions

Code Patterns Detected

External Connections

github.com www.gnu.org datatracker.ietf.org googleads.g.doubleclick.net www.w3.org developer.mozilla.org pagead2.googlesyndication.com www.youtube.com www.reddit.com bugs.webkit.org adguard.com developers.google.com +8 more

Package Contents 967 files · 32MB

▾📁_locales1.2MB

▾📁ar18KB

{}messages.json18KB

▾📁az16KB

{}messages.json16KB

▾📁be19KB

{}messages.json19KB

▾📁bg20KB

{}messages.json20KB

▾📁bn20KB

{}messages.json20KB

▾📁br_FR17KB

{}messages.json17KB

▾📁bs16KB

{}messages.json16KB

▾📁ca17KB

{}messages.json17KB

▾📁cs16KB

{}messages.json16KB

▾📁cv16KB

{}messages.json16KB

▾📁cy16KB

{}messages.json16KB

▾📁da16KB

{}messages.json16KB

▾📁de16KB

{}messages.json16KB

▾📁el21KB

{}messages.json21KB

▾📁en16KB

{}messages.json16KB

▾📁en_GB16KB

{}messages.json16KB

▾📁eo16KB

{}messages.json16KB

▾📁es17KB

{}messages.json17KB

▾📁et16KB

{}messages.json16KB

▾📁eu16KB

{}messages.json16KB

▾📁fa16KB

{}messages.json16KB

▾📁fi16KB

{}messages.json16KB

▾📁fil16KB

{}messages.json16KB

▾📁fr17KB

{}messages.json17KB

▾📁fy16KB

{}messages.json16KB

▾📁gl16KB

{}messages.json16KB

▾📁gu16KB

{}messages.json16KB

▾📁he17KB

{}messages.json17KB

▾📁hi19KB

{}messages.json19KB

▾📁hr16KB

{}messages.json16KB

▾📁hu17KB

{}messages.json17KB

▾📁hy17KB

{}messages.json17KB

▾📁id16KB

{}messages.json16KB

▾📁it16KB

{}messages.json16KB

▾📁ja17KB

{}messages.json17KB

▾📁ka22KB

{}messages.json22KB

▾📁kk16KB

{}messages.json16KB

▾📁kn16KB

{}messages.json16KB

▾📁ko17KB

{}messages.json17KB

▾📁lt16KB

{}messages.json16KB

▾📁lv17KB

{}messages.json17KB

▾📁mk18KB

{}messages.json18KB

▾📁ml19KB

{}messages.json19KB

▾📁mr16KB

{}messages.json16KB

▾📁ms16KB

{}messages.json16KB

▾📁nb16KB

{}messages.json16KB

▾📁nl16KB

{}messages.json16KB

▾📁oc16KB

{}messages.json16KB

▾📁pa19KB

{}messages.json19KB

▾📁pl17KB

{}messages.json17KB

▾📁pt_BR16KB

{}messages.json16KB

▾📁pt_PT17KB

{}messages.json17KB

▾📁ro16KB

{}messages.json16KB

▾📁ru20KB

{}messages.json20KB

▾📁si20KB

{}messages.json20KB

▾📁sk16KB

{}messages.json16KB

▾📁sl16KB

{}messages.json16KB

▾📁so16KB

{}messages.json16KB

▾📁sq16KB

{}messages.json16KB

▾📁sr19KB

{}messages.json19KB

▾📁sv16KB

{}messages.json16KB

▾📁sw16KB

{}messages.json16KB

▾📁ta17KB

{}messages.json17KB

▾📁te17KB

{}messages.json17KB

▾📁th21KB

{}messages.json21KB

▾📁tr16KB

{}messages.json16KB

▾📁uk20KB

{}messages.json20KB

▾📁ur17KB

{}messages.json17KB

▾📁vi17KB

{}messages.json17KB

▾📁zh_CN15KB

{}messages.json15KB

▾📁zh_TW15KB

{}messages.json15KB

▾📁_metadata130KB

{}verified_contents.json130KB

▾📁css293KB

▾📁fonts225KB

▾📁Inter225KB

🔤Inter-Regular.woff2109KB

🔤Inter-SemiBold.woff2112KB

📄LICENSE.txt4KB

🎨common.css9KB

🎨dashboard-common.css1KB

🎨dashboard.css2KB

🎨default.css17KB

🎨develop.css4KB

🎨fa-icons.css4KB

🎨filtering-mode.css3KB

🖼line-hor-dashed.png80B

🎨matched-rules.css519B

🎨picker-ui.css3KB

🎨popup.css5KB

🎨report.css41B

🎨settings.css10KB

🎨strictblock.css3KB

🎨tool-overlay-ui.css2KB

🎨unpicker-ui.css2KB

🎨zapper-ui.css678B

▾📁img155KB

▾📁flags-of-the-world124KB

📄README278B

🖼ad.png672B

🖼ae.png115B

🖼af.png934B

🖼ag.png603B

🖼ai.png770B

🖼al.png508B

🖼am.png106B

🖼ao.png430B

🖼aq.png407B

🖼ar.png345B

🖼as.png1KB

🖼at.png94B

🖼au.png565B

🖼aw.png249B

🖼ax.png178B

🖼az.png238B

🖼ba.png385B

🖼bb.png291B

🖼bd.png282B

🖼be.png115B

🖼bf.png236B

🖼bg.png105B

🖼bh.png326B

🖼bi.png651B

🖼bj.png122B

🖼bl.png2KB

🖼bm.png1KB

🖼bn.png1KB

🖼bo.png107B

🖼bq.png619B

🖼br.png714B

🖼bs.png304B

🖼bt.png1KB

🖼bv.png122B

🖼bw.png108B

🖼by.png454B

🖼bz.png1KB

🖼ca.png430B

🖼cc.png618B

🖼cd.png489B

🖼cf.png214B

🖼cg.png196B

🖼ch.png124B

🖼ci.png103B

🖼ck.png803B

🖼cl.png207B

🖼cm.png201B

🖼cn.png265B

🖼co.png103B

🖼cr.png419B

🖼cu.png439B

🖼cv.png385B

🖼cw.png234B

🖼cx.png750B

🖼cy.png445B

🖼cz.png277B

🖼de.png105B

🖼dj.png503B

🖼dk.png139B

🖼dm.png573B

🖼do.png392B

🖼dz.png358B

🖼ec.png1KB

🖼ee.png107B

🖼eg.png286B

🖼eh.png404B

🖼er.png649B

🖼es.png755B

🖼et.png616B

🖼fi.png140B

🖼fj.png1KB

🖼fk.png1KB

🖼fm.png254B

🖼fo.png124B

🖼fr.png104B

🖼ga.png102B

🖼gb-eng.png134B

🖼gb-nir.png745B

🖼gb-sct.png428B

🖼gb-wls.png2KB

🖼gb.png489B

🖼gd.png615B

🖼ge.png311B

🖼gf.png418B

🖼gg.png170B

🖼gh.png228B

🖼gi.png874B

🖼gl.png341B

🖼gm.png131B

🖼gn.png104B

🖼gp.png993B

🖼gq.png547B

🖼gr.png180B

🖼gs.png2KB

🖼gt.png485B

🖼gu.png691B

🖼gw.png226B

🖼gy.png509B

🖼hk.png398B

🖼hm.png571B

🖼hn.png206B

🖼hr.png707B

🖼ht.png466B

🖼hu.png106B

🖼id.png92B

🖼ie.png105B

🖼il.png273B

🖼im.png819B

🖼in.png225B

🖼io.png2KB

🖼iq.png256B

🖼ir.png533B

🖼is.png174B

🖼it.png104B

🖼je.png965B

🖼jm.png351B

🖼jo.png299B

🖼jp.png245B

🖼ke.png523B

🖼kg.png518B

🖼kh.png598B

🖼ki.png1KB

🖼km.png525B

🖼kn.png657B

🖼kp.png360B

🖼kr.png683B

🖼kw.png227B

🖼ky.png1KB

🖼kz.png626B

🖼la.png223B

🖼lb.png361B

🖼lc.png620B

🖼li.png403B

🖼lk.png911B

🖼lr.png277B

🖼ls.png297B

🖼lt.png105B

🖼lu.png105B

🖼lv.png107B

🖼ly.png218B

🖼ma.png219B

🖼mc.png93B

🖼md.png761B

🖼me.png720B

🖼mf.png104B

🖼mg.png105B

🖼mh.png864B

🖼mk.png578B

🖼ml.png103B

🖼mm.png389B

🖼mn.png329B

🖼mo.png440B

🖼mp.png2KB

🖼mq.png656B

🖼mr.png374B

🖼ms.png981B

🖼mt.png209B

🖼mu.png109B

🖼mv.png201B

🖼mw.png315B

🖼mx.png822B

🖼my.png450B

🖼mz.png751B

🖼na.png584B

🖼nc.png664B

🖼ne.png190B

🖼nf.png522B

🖼ng.png97B

🖼ni.png336B

🖼nl.png105B

🖼no.png122B

🖼np.png1KB

🖼nr.png205B

🖼nu.png510B

🖼nz.png608B

🖼om.png291B

🖼pa.png318B

🖼pe.png97B

🖼pf.png816B

🖼pg.png589B

🖼ph.png616B

🖼pk.png355B

🖼pl.png94B

🖼pm.png3KB

🖼pn.png2KB

🖼pr.png456B

🖼ps.png297B

🖼pt.png1KB

🖼pw.png300B

🖼py.png320B

🖼qa.png213B

🖼re.png620B

🖼ro.png103B

🖼rs.png1KB

🖼ru.png105B

🖼rw.png255B

🖼sa.png433B

🖼sb.png574B

🖼sc.png470B

🖼sd.png295B

🖼se.png140B

🖼sg.png306B

🖼sh.png925B

🖼si.png303B

🖼sj.png122B

🖼sk.png454B

🖼sl.png105B

🖼sm.png1KB

🖼sn.png233B

🖼so.png271B

🖼sr.png247B

🖼ss.png475B

🖼st.png351B

🖼sv.png488B

🖼sx.png945B

🖼sy.png237B

🖼sz.png917B

🖼tc.png824B

🖼td.png104B

🖼tf.png377B

🖼tg.png292B

🖼th.png108B

🖼tj.png330B

🖼tk.png606B

🖼tl.png441B

🖼tm.png1KB

🖼tn.png306B

🖼to.png108B

🖼tr.png317B

🖼tt.png667B

🖼tv.png726B

🖼tw.png259B

🖼tz.png382B

🖼ua.png92B

🖼ug.png388B

🖼um.png539B

🖼us.png539B

🖼uy.png574B

🖼uz.png310B

🖼va.png750B

🖼vc.png317B

🖼ve.png268B

🖼vg.png1KB

🖼vi.png2KB

🖼vn.png282B

🖼vu.png662B

🖼wf.png260B

🖼ws.png255B

🖼xk.png453B

🖼ye.png105B

🖼yt.png1KB

🖼za.png387B

🖼zm.png297B

🖼zw.png617B

🖼icon_128.png4KB

🖼icon_128_off.png3KB

🖼icon_16.png534B

🖼icon_16_off.png446B

🖼icon_32.png971B

🖼icon_32_off.png802B

🖼icon_512.png16KB

🖼icon_64.png2KB

🖼icon_64_off.png1KB

🖼ublock.svg3KB

▾📁js699KB

▾📁scripting82KB

📜css-api.js1KB

📜css-generic.js9KB

📜css-procedural-api.js25KB

📜css-procedural.js4KB

📜css-specific.js2KB

📜css-user-terminate.js1KB

📜css-user.js2KB

📜isolated-api.js8KB

📜picker.js11KB

📜tool-overlay.js13KB

📜toolbar-icon.js1KB

📜unpicker.js2KB

📜zapper.js5KB

📜action.js3KB

📜admin.js7KB

📜arglist-parser.js5KB

📜background.js24KB

📜backup-restore.js5KB

📜config.js2KB

📜dashboard.js3KB

📜debug.js7KB

📜develop.js23KB

📜dnr-editor.js6KB

📜dnr-parser.js18KB

📜dom.js7KB

📜ext-compat.js4KB

📜ext-utils.js2KB

📜ext.js4KB

📜fa-icons.js47KB

📜fetch.js1KB

📜filter-lists.js17KB

📜filter-manager-ui.js17KB

📜filter-manager.js9KB

📜i18n.js13KB

📜jsonpath.js19KB

📜matched-rules.js2KB

📜mode-editor.js3KB

📜mode-manager.js14KB

📜mode-parser.js7KB

📜picker-ui.js13KB

📜popup.js11KB

📜punycode.js13KB

📜redirect-resources.js6KB

📜report.js4KB

📜ro-dnr-editor.js4KB

📜ruleset-manager.js24KB

📜rw-dnr-editor.js16KB

📜scripting-manager.js15KB

📜settings.js10KB

📜static-filtering-parser.js164KBlarge

📜strictblock.js10KB

📜theme.js1KB

📜tool-overlay-ui.js9KB

📜troubleshooting.js5KB

📜ubo-parser.js21KB

📜unpicker-ui.js6KB

📜urlskip.js6KB

📜utils.js7KB

📜zapper-ui.js4KB

▾📁lib549KB

▾📁codemirror384KB

📄README.md487B

📜cm6.bundle.ubol.min.js381KBlarge

📄codemirror-quickstart.LICENSE1KB

📄codemirror.LICENSE1KB

▾📁csstree165KB

📄LICENSE1KB

📜css-tree.js164KBlarge

▾📁rulesets28.9MB

▾📁main12.4MB

{}adguard-mobile.json88KB

{}adguard-spyware-url.json466KB

{}alb-0.json4KB

{}annoyances-ai.json624B

{}annoyances-cookies.json261KB

{}annoyances-notifications.json35KB

{}annoyances-others.json57KB

{}annoyances-overlays.json48KB

{}annoyances-social.json68KB

{}annoyances-widgets.json11KB

{}ara-0.json109KB

{}bgr-0.json89KB

{}block-lan.json4KB

{}chn-0.json870KB

{}cze-0.json19KB

{}deu-0.json231KB

{}dpollock-0.json239KB

{}easylist.json1.6MB

{}easyprivacy.json2MB

{}est-0.json11KB

{}fin-0.json30KB

{}fra-0.json645KB

{}grc-0.json55KB

{}hrv-0.json10KB

{}hun-0.json38KB

{}idn-0.json428KB

{}ind-0.json698KB

{}irn-0.json117KB

{}isl-0.json1KB

{}isr-0.json47KB

{}ita-0.json129KB

{}jpn-1.json238KB

{}kor-1.json122KB

{}ltu-0.json66KB

{}lva-0.json18KB

{}mkd-0.json21KB

{}nld-0.json63KB

{}nor-0.json101KB

{}pgl.json76KB

{}pol-0.json127KB

{}rou-1.json58KB

{}rus-0.json960KB

{}rus-1.json159KB

{}spa-0.json77KB

{}spa-1.json125KB

{}svn-0.json11KB

{}swe-1.json201KB

{}tha-0.json77KB

{}tur-0.json172KB

{}ublock-badware.json224KB

{}ublock-experimental.json5B

{}ublock-filters.json940KB

{}ubol-tests.json2KB

{}ukr-0.json193KB

{}urlhaus-full.json165KB

{}vie-1.json53KB

▾📁regex184KB

{}adguard-mobile.json2KB

{}annoyances-cookies.json214B

{}block-lan.json3KB

{}chn-0.json9KB

{}cze-0.json223B

{}deu-0.json2KB

{}easylist.json9KB

{}easyprivacy.json2KB

{}fin-0.json855B

{}fra-0.json531B

{}hrv-0.json289B

{}hun-0.json290B

{}irn-0.json328B

{}isr-0.json2KB

{}ita-0.json1KB

{}jpn-1.json4KB

{}kor-1.json26KB

{}ltu-0.json475B

{}nld-0.json319B

{}nor-0.json1KB

{}pol-0.json10KB

{}rou-1.json929B

{}rus-0.json4KB

{}rus-1.json653B

{}spa-0.json3KB

{}spa-1.json1KB

{}swe-1.json372B

{}tha-0.json522B

{}tur-0.json3KB

{}ublock-badware.json31KB

{}ublock-filters.json58KB

{}ubol-tests.json192B

{}ukr-0.json6KB

{}vie-1.json507B

▾📁scripting12.7MB

▾📁generic1.2MB

📜adguard-mobile.js4KB

📜alb-0.js3KB

📜annoyances-ai.js3KB

📜annoyances-cookies.js358KBlarge

📜annoyances-notifications.js11KB

📜annoyances-others.js23KB

📜annoyances-overlays.js39KB

📜annoyances-social.js218KBlarge

📜annoyances-widgets.js3KB

📜ara-0.js7KB

📜bgr-0.js3KB

📜chn-0.js37KB

📜cze-0.js4KB

📜deu-0.js13KB

📜easylist.js261KBlarge

📜easyprivacy.js3KB

📜est-0.js3KB

📜fin-0.js4KB

📜fra-0.js46KB

📜grc-0.js3KB

📜hrv-0.js4KB

📜hun-0.js4KB

📜idn-0.js13KB

📜ind-0.js3KB

📜irn-0.js4KB

📜isr-0.js4KB

📜ita-0.js12KB

📜jpn-1.js20KB

📜kor-1.js5KB

📜ltu-0.js3KB

📜lva-0.js3KB

📜mkd-0.js3KB

📜nld-0.js6KB

📜nor-0.js16KB

📜pol-0.js7KB

📜rou-1.js3KB

📜rus-0.js19KB

📜rus-1.js3KB

📜spa-0.js9KB

📜spa-1.js9KB

📜svn-0.js3KB

📜swe-1.js11KB

📜tha-0.js3KB

📜tur-0.js9KB

📜ublock-badware.js4KB

📜ublock-experimental.js3KB

📜ublock-filters.js21KB

📜ubol-tests.js3KB

📜ukr-0.js19KB

📜vie-1.js4KB

▾📁generichigh225KB

🎨adguard-mobile.css1KB

🎨annoyances-cookies.css5KB

🎨annoyances-notifications.css1KB

🎨annoyances-others.css2KB

🎨annoyances-overlays.css1KB

🎨annoyances-social.css5KB

🎨annoyances-widgets.css984B

🎨ara-0.css3KB

🎨chn-0.css9KB

🎨cze-0.css999B

🎨deu-0.css3KB

🎨easylist.css16KB

🎨est-0.css1KB

🎨fin-0.css1KB

🎨fra-0.css2KB

🎨grc-0.css1KB

🎨hrv-0.css964B

🎨hun-0.css1KB

🎨idn-0.css108KB

🎨irn-0.css1018B

🎨ita-0.css3KB

🎨jpn-1.css1KB

🎨kor-1.css3KB

🎨ltu-0.css1KB

🎨lva-0.css1KB

🎨mkd-0.css982B

🎨nld-0.css1KB

🎨nor-0.css5KB

🎨pol-0.css3KB

🎨rou-1.css1KB

🎨rus-0.css20KB

🎨rus-1.css2KB

🎨spa-0.css2KB

🎨spa-1.css1KB

🎨swe-1.css3KB

🎨tha-0.css1KB

🎨tur-0.css4KB

🎨ublock-filters.css6KB

🎨ukr-0.css2KB

🎨vie-1.css1KB

▾📁procedural1.5MB

📜adguard-mobile.js1KB

{}adguard-mobile.json97KB

📜alb-0.js1KB

{}alb-0.json890B

📜annoyances-ai.js1KB

{}annoyances-ai.json3KB

📜annoyances-cookies.js1KB

{}annoyances-cookies.json66KB

📜annoyances-notifications.js1KB

{}annoyances-notifications.json7KB

📜annoyances-others.js1KB

{}annoyances-others.json10KB

📜annoyances-overlays.js1KB

{}annoyances-overlays.json96KB

📜annoyances-social.js1KB

{}annoyances-social.json5KB

📜ara-0.js1KB

{}ara-0.json1KB

📜chn-0.js1KB

{}chn-0.json35KB

📜cze-0.js1KB

{}cze-0.json6KB

📜deu-0.js1KB

{}deu-0.json15KB

📜easylist.js1KB

{}easylist.json33KB

📜easyprivacy.js1KB

{}easyprivacy.json593B

📜est-0.js1KB

{}est-0.json2KB

📜fin-0.js1KB

{}fin-0.json22KB

📜fra-0.js1KB

{}fra-0.json26KB

📜grc-0.js1KB

{}grc-0.json1KB

📜hrv-0.js1KB

{}hrv-0.json2KB

📜hun-0.js1KB

{}hun-0.json8KB

📜idn-0.js1KB

{}idn-0.json3KB

📜ind-0.js1KB

{}ind-0.json21KB

📜irn-0.js1KB

{}irn-0.json179KB

📜isl-0.js1KB

{}isl-0.json212B

📜isr-0.js1KB

{}isr-0.json1KB

📜ita-0.js1KB

{}ita-0.json4KB

📜jpn-1.js1KB

{}jpn-1.json129KB

📜kor-1.js1KB

{}kor-1.json51KB

📜ltu-0.js1KB

{}ltu-0.json2KB

📜lva-0.js1KB

{}lva-0.json480B

📜mkd-0.js1KB

{}mkd-0.json355B

📜nld-0.js1KB

{}nld-0.json9KB

📜nor-0.js1KB

{}nor-0.json18KB

📜pol-0.js1KB

{}pol-0.json34KB

📜rou-1.js1KB

{}rou-1.json9KB

📜rus-0.js1KB

{}rus-0.json192KB

📜rus-1.js1KB

{}rus-1.json24KB

📜spa-0.js1KB

{}spa-0.json4KB

📜spa-1.js1KB

{}spa-1.json36KB

📜svn-0.js1KB

{}svn-0.json289B

📜swe-1.js1KB

{}swe-1.json49KB

📜tha-0.js1KB

{}tha-0.json2KB

📜tur-0.js1KB

{}tur-0.json51KB

📜ublock-badware.js1KB

{}ublock-badware.json2KB

📜ublock-experimental.js1KB

{}ublock-experimental.json488B

📜ublock-filters.js1KB

{}ublock-filters.json184KB

📜ubol-tests.js1KB

{}ubol-tests.json2KB

📜ukr-0.js1KB

{}ukr-0.json17KB

📜vie-1.js1KB

{}vie-1.json1KB

▾📁scriptlet4.1MB

▾📁isolated1.4MB

📜adguard-mobile.js35KB

📜annoyances-cookies.js428KBlarge

📜annoyances-notifications.js25KB

📜annoyances-others.js34KB

📜annoyances-overlays.js58KBlarge

📜annoyances-social.js17KB

📜chn-0.js27KB

📜cze-0.js16KB

📜easyprivacy.js33KB

📜fin-0.js24KB

📜fra-0.js24KB

📜hun-0.js30KB

📜idn-0.js21KB

📜irn-0.js35KB

📜jpn-1.js37KB

📜kor-1.js33KB

📜nld-0.js20KB

📜pol-0.js18KB

📜rou-1.js24KB

📜rus-0.js49KB

📜rus-1.js22KB

📜spa-1.js39KB

📜swe-1.js36KB

📜tha-0.js16KB

📜tur-0.js30KB

📜ublock-experimental.js21KB

📜ublock-filters.js273KBlarge

📜ukr-0.js21KB

▾📁main2.7MB

📜adguard-mobile.js89KBlarge

📜annoyances-cookies.js53KBlarge

📜annoyances-notifications.js37KB

📜annoyances-others.js44KB

📜annoyances-overlays.js149KBlarge

📜chn-0.js85KBlarge

📜cze-0.js56KBlarge

📜easyprivacy.js51KBlarge

📜est-0.js21KB

📜fin-0.js51KBlarge

📜fra-0.js75KBlarge

📜grc-0.js20KB

📜hrv-0.js21KB

📜hun-0.js40KB

📜idn-0.js51KBlarge

📜irn-0.js73KBlarge

📜isr-0.js52KBlarge

📜jpn-1.js82KBlarge

📜kor-1.js83KBlarge

📜ltu-0.js37KB

📜lva-0.js22KB

📜nld-0.js65KBlarge

📜nor-0.js55KBlarge

📜pol-0.js54KBlarge

📜rou-1.js44KB

📜rus-0.js104KBlarge

📜rus-1.js64KBlarge

📜spa-1.js100KBlarge

📜swe-1.js70KBlarge

📜tha-0.js36KB

📜tur-0.js106KBlarge

📜ublock-badware.js61KBlarge

📜ublock-experimental.js36KB

📜ublock-filters.js562KBlarge

📜ubol-tests.js53KBlarge

📜ukr-0.js55KBlarge

📜vie-1.js59KBlarge

▾📁specific5.7MB

📜adguard-mobile.js1KB

{}adguard-mobile.json310KB

📜adguard-spyware-url.js1KB

{}adguard-spyware-url.json196B

📜alb-0.js1KB

{}alb-0.json10KB

📜annoyances-ai.js1KB

{}annoyances-ai.json5KB

📜annoyances-cookies.js1KB

{}annoyances-cookies.json567KB

📜annoyances-notifications.js1KB

{}annoyances-notifications.json42KB

📜annoyances-others.js1KB

{}annoyances-others.json107KB

📜annoyances-overlays.js1KB

{}annoyances-overlays.json235KB

📜annoyances-social.js1KB

{}annoyances-social.json185KB

📜annoyances-widgets.js1KB

{}annoyances-widgets.json930B

📜ara-0.js1KB

{}ara-0.json13KB

📜bgr-0.js1KB

{}bgr-0.json16KB

📜chn-0.js1KB

{}chn-0.json279KB

📜cze-0.js1KB

{}cze-0.json12KB

📜deu-0.js1KB

{}deu-0.json146KB

📜easylist.js1KB

{}easylist.json466KB

📜est-0.js1KB

{}est-0.json6KB

📜fin-0.js1KB

{}fin-0.json55KB

📜fra-0.js1KB

{}fra-0.json110KB

📜grc-0.js1KB

{}grc-0.json27KB

📜hrv-0.js1KB

{}hrv-0.json15KB

📜hun-0.js1KB

{}hun-0.json42KB

📜idn-0.js1KB

{}idn-0.json49KB

📜ind-0.js1KB

{}ind-0.json285KB

📜irn-0.js1KB

{}irn-0.json37KB

📜isl-0.js1KB

{}isl-0.json2KB

📜isr-0.js1KB

{}isr-0.json35KB

📜ita-0.js1KB

{}ita-0.json135KB

📜jpn-1.js1KB

{}jpn-1.json466KB

📜kor-1.js1KB

{}kor-1.json100KB

📜ltu-0.js1KB

{}ltu-0.json27KB

📜lva-0.js1KB

{}lva-0.json8KB

📜mkd-0.js1KB

{}mkd-0.json32KB

📜nld-0.js1KB

{}nld-0.json54KB

📜nor-0.js1KB

{}nor-0.json66KB

📜pol-0.js1KB

{}pol-0.json275KB

📜rou-1.js1KB

{}rou-1.json40KB

📜rus-0.js1KB

{}rus-0.json538KB

📜rus-1.js1KB

{}rus-1.json3KB

📜spa-0.js1KB

{}spa-0.json79KB

📜spa-1.js1KB

{}spa-1.json153KB

📜svn-0.js1KB

{}svn-0.json12KB

📜swe-1.js1KB

{}swe-1.json104KB

📜tha-0.js1KB

{}tha-0.json24KB

📜tur-0.js1KB

{}tur-0.json212KB

📜ublock-badware.js1KB

{}ublock-badware.json5KB

📜ublock-experimental.js1KB

{}ublock-experimental.json536B

📜ublock-filters.js1KB

{}ublock-filters.json272KB

📜ubol-tests.js1KB

{}ubol-tests.json520B

📜ukr-0.js1KB

{}ukr-0.json68KB

📜vie-1.js1KB

{}vie-1.json29KB

▾📁strictblock3.4MB

{}adguard-mobile.json21KB

{}annoyances-cookies.json5KB

{}annoyances-notifications.json815B

{}annoyances-others.json847B

{}annoyances-overlays.json593B

{}annoyances-widgets.json819B

{}ara-0.json444B

{}bgr-0.json376B

{}chn-0.json111KB

{}cze-0.json1KB

{}deu-0.json2KB

{}dpollock-0.json239KB

{}easylist.json1.1MB

{}easyprivacy.json1.1MB

{}fra-0.json134KB

{}grc-0.json1KB

{}hrv-0.json550B

{}hun-0.json3KB

{}idn-0.json452B

{}irn-0.json6KB

{}isl-0.json310B

{}isr-0.json960B

{}ita-0.json961B

{}jpn-1.json55KB

{}kor-1.json10KB

{}ltu-0.json499B

{}lva-0.json463B

{}mkd-0.json3KB

{}nld-0.json1KB

{}nor-0.json22KB

{}pgl.json76KB

{}pol-0.json6KB

{}rou-1.json3KB

{}rus-0.json38KB

{}rus-1.json3KB

{}spa-0.json807B

{}spa-1.json2KB

{}svn-0.json621B

{}swe-1.json2KB

{}tha-0.json356B

{}tur-0.json3KB

{}ublock-badware.json216KB

{}ublock-filters.json14KB

{}ukr-0.json8KB

{}urlhaus-full.json166KB

{}vie-1.json1KB

▾📁urlskip26KB

{}annoyances-overlays.json309B

{}ublock-filters.json26KB

{}generic-details.json42KB

{}ruleset-details.json29KB

{}scriptlet-details.json50KB

▾📁web_accessible_resources61KB

🖼1x1.gif43B

🖼2x2.png68B

🖼32x32.png83B

📜adthrive_abd.js139B

📜amazon_ads.js2KB

📜amazon_apstag.js2KB

📜chartbeat.js1KB

🌐click2load.html960B

📜doubleclick_instream_ad_status.js29B

📄empty0B

📜fingerprint2.js2KB

📜fingerprint3.js1KB

📜google-analytics_analytics.js4KB

📜google-analytics_cx_api.js1KB

📜google-analytics_ga.js5KB

📜google-ima.js15KB

📜googlesyndication_adsbygoogle.js4KB

📜googletagservices_gpt.js5KB

📜hd-main.js2KB

📜nitropay_ads.js1KB

📜nobab2.js1KB

📜noeval-silent.js1KB

📜nofab.js3KB

📄noop-0.1s.mp3813B

📄noop-1s.mp44KB

📄noop-vast2.xml28B

📄noop-vast3.xml28B

📄noop-vmap1.xml86B

🎨noop.css6B

🌐noop.html82B

📜noop.js38B

{}noop.json2B

📄noop.txt1B

📜outbrain-widget.js2KB

📜popads.js2KB

📜prebid-ads.js990B

📜scorecardresearch_beacon.js1KB

📄LICENSE.txt34KB

📄README.md2KB

🌐dashboard.html16KB

{}managed_storage.json1KB

{}manifest.json10KB

🌐matched-rules.html917B

🌐picker-ui.html2KB

🌐popup.html3KB

🌐report.html2KB

🌐strictblock.html2KB

🌐unpicker-ui.html1KB

🌐zapper-ui.html886B

What This Extension Does

Ublock Origin Lite (uBO Lite) is a content blocker that efficiently blocks ads, trackers, miners, and more. It's designed for users who want to protect their online privacy and reduce clutter on websites. With over 15 million users, it's one of the most popular extensions in its category.

Permissions Explained

activeTabexpected: This permission allows uBO Lite to access the current webpage you're viewing.
Technical: Chrome API: chrome.tabs API. Allows extension to read and modify tab content, potentially exposing sensitive information if compromised.
declarativeNetRequestexpected: This permission enables uBO Lite to block network requests based on predefined rules.
Technical: Chrome API: declarativeNetRequest API. Allows extension to intercept and modify network traffic, potentially exposing sensitive information if compromised.
scriptingexpected: This permission allows uBO Lite to execute scripts on web pages.
Technical: Chrome API: chrome.scripting API. Allows extension to inject and execute scripts, potentially exposing sensitive information if compromised.
storageexpected: This permission enables uBO Lite to store data locally on your device.
Technical: Chrome API: chrome.storage API. Allows extension to read and write local storage, potentially exposing sensitive information if compromised.
<all_urls>check this: This permission allows uBO Lite to access all websites you visit.
Technical: Chrome API: chrome.tabs API. Allows extension to read and modify tab content, potentially exposing sensitive information if compromised. ⚠ 1

Your Data

uBO Lite accesses local storage on your device and sends data to various domains, including GitHub, Google, and Mozilla. It also captures keystrokes and can block/modify network requests.

Technical Details

domains

github.com
www.gnu.org
datatracker.ietf.org
googleads.g.doubleclick.net
www.w3.org
developer.mozilla.org
pagead2.googlesyndication.com
www.youtube.com
www.reddit.com
bugs.webkit.org
adguard.com
developers.google.com

protocols

https
http

encryption_status

mixed

data_types

cookies
tokens
keystrokes
page content

Code Findings

Eval() used — can execute arbitrary codeHigh

This means that uBO Lite can potentially inject malicious code into web pages.

Technical: The extension uses eval() to evaluate JavaScript expressions, which can lead to code injection attacks if not properly sanitized.

💡 Legitimate extensions may use eval() for dynamic code evaluation, but it's essential to ensure proper input validation and sanitization.

Dynamic JS importMedium

This means that uBO Lite can load JavaScript modules dynamically, which may lead to unexpected behavior or security issues.

Technical: The extension uses dynamic imports to load JavaScript modules, which can increase the attack surface if not properly secured.

💡 Legitimate extensions often use dynamic imports for modular code organization and reuse.

String.fromCharCode (obfuscation)Medium

This means that uBO Lite uses obfuscated strings, which can make it harder to analyze the extension's behavior.

Technical: The extension uses String.fromCharCode() to encode strings, making it challenging to identify potential security issues.

💡 Legitimate extensions may use obfuscation for code protection or compression.

Captures keystrokesCritical

This means that uBO Lite can potentially capture sensitive information, such as login credentials or credit card numbers.

Technical: The extension uses keyboard event listeners to capture keystrokes, which can lead to sensitive data exposure if not properly secured.

💡 Legitimate extensions may use keyboard event listeners for legitimate purposes, but it's essential to ensure proper input validation and sanitization.

Runs on ALL websitesCritical

This means that uBO Lite can potentially interfere with website functionality or inject malicious code into all websites you visit.

Technical: The extension uses the <all_urls> permission to access all websites, which increases the attack surface if not properly secured.

💡 Legitimate extensions often require broad permissions for their intended functionality.

Broad host permissionsHigh

This means that uBO Lite can potentially access sensitive information or inject malicious code into various domains.

Technical: The extension uses broad host permissions to access multiple domains, which increases the attack surface if not properly secured.

💡 Legitimate extensions often require broad permissions for their intended functionality.

Can block/modify network requestsHigh

This means that uBO Lite can potentially intercept and modify network traffic, which may lead to unexpected behavior or security issues.

Technical: The extension uses the declarativeNetRequest permission to block/modify network requests, which increases the attack surface if not properly secured.

💡 Legitimate extensions often use this permission for content blocking or filtering purposes.

Potential hardcoded secretMedium

This means that uBO Lite may contain hardcoded secrets, which can increase the attack surface if not properly secured.

Technical: The extension uses hardcoded strings or values, which can lead to security issues if not properly sanitized.

💡 Legitimate extensions often use hardcoded values for configuration or initialization purposes.

Creates iframe elementsMedium

This means that uBO Lite can potentially inject malicious code into web pages using iframes.

Technical: The extension uses the document.createElement() method to create iframe elements, which can lead to security issues if not properly secured.

💡 Legitimate extensions often use iframes for legitimate purposes, such as content embedding or sandboxing.

Uses postMessage for cross-origin commsMedium

This means that uBO Lite can potentially communicate with other domains using the postMessage API, which may lead to security issues if not properly secured.

Technical: The extension uses the postMessage API to send messages between frames or windows, which increases the attack surface if not properly secured.

💡 Legitimate extensions often use postMessage for cross-origin communication purposes.

Sets up event listenersInfo

This means that uBO Lite sets up event listeners to monitor user interactions, which is a normal behavior for extensions.

Technical: The extension uses the addEventListener() method to set up event listeners, which is a common practice in web development.

💡 Legitimate extensions often use event listeners for legitimate purposes, such as monitoring user interactions or responding to events.

Bottom Line

While uBO Lite has some concerning findings, it's essential to note that the extension is widely used and trusted by many users. However, we recommend exercising caution when installing extensions with broad permissions or potential security risks. Users should carefully review the extension's behavior and ensure they understand its intended functionality before granting excessive permissions.