Is 360 Internet Protection safe to use?

360 Internet Protection has a risk level of CRITICAL with an overall risk score of 9.5/10. Our scan detected 50 security findings. This extension has significant security concerns — review the full report before installing.

What permissions does 360 Internet Protection request?

360 Internet Protection requests the following permissions: scripting, tabs, nativeMessaging, storage, activeTab, webRequest, webNavigation, declarativeNetRequestWithHostAccess, alarms. It also requests host access to: , http://*/*, https://*/*.

What is 360 Internet Protection's risk score?

360 Internet Protection has an overall risk score of 9.5/10 (CRITICAL). Breakdown: Permissions 10.0/10, Code 10.0/10, Combinations 10.0/10, CSP 4.5/10.

ExtSafe

360 Internet ProtectionSecurity Analysis

Chromev2.1.60MV3February 16, 2026 at 02:50 PM

9.5CRITICAL

9.5 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 12 permissions including high-risk ones, 41 code findings, 3 dangerous combinations.

Dangerous Combinations(3)

HIGHTab tracking + external communication

Extension tracks open tabs and communicates with external servers — potential browsing surveillance.

tabs+external network request

CRITICALNetwork interception + external communication

Extension intercepts network traffic and sends data externally — potential man-in-the-middle behavior.

webRequest/webRequestBlocking+external network request

CRITICALNative messaging + dynamic code execution

Extension communicates with native apps and executes dynamic code — potential sandbox escape vector.

nativeMessaging+eval/Function/dynamic code

Permissions

10.0/10

Code

10.0/10

Combinations

10.0/10

Manifest/CSP

4.5/10

Permissions(12 analyzed)

Code Findings(15 patterns, 41 total)

Content Security Policy

No CSP Defined(1 issue)

MEDIUM

N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(1 finding)

Resolved from __MSG_* i18n placeholders:

Name: 360 Internet Protection

Description: 360 Internet Protection

MEDIUM

web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

External Domains(12)

addons.mozilla.orgaddons.opera.comfuwu.360.cngithub.cominfo.url.cloud.360safe.comssl.google-analytics.comstats.g.doubleclick.netwww.360.cnwww.360.comwww.360totalsecurity.comwww.google-analytics.comwwww.facebook.com