ExtSafe

Evernote Web ClipperSecurity Analysis

Chromev7.40.0MV3February 16, 2026 at 04:05 PM
9.7CRITICAL
9.7 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 11 permissions including high-risk ones, 103 code findings, 3 dangerous combinations.

Dangerous Combinations(3)

CRITICALCookie access + external network

Extension has cookie access and sends data to external servers — potential session token theft.

cookies+external network request
HIGHTab tracking + external communication

Extension tracks open tabs and communicates with external servers — potential browsing surveillance.

tabs+external network request
CRITICALAll-sites access + keyboard capture

Extension has access to all sites and captures keyboard input — behavior consistent with a keylogger.

<all_urls>+keylogger_pattern
Permissions
10.0/10
Code
10.0/10
Combinations
10.0/10
Manifest/CSP
6.7/10

Permissions(11 analyzed)

Code Findings(24 patterns, 103 total)

Content Security Policy

No CSP Defined(1 issue)
MEDIUM
N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(2 findings)

Resolved from __MSG_* i18n placeholders:

Name: Evernote Web Clipper

Description: Use the Evernote extension to save things you see on the web into your Evernote account.

HIGH
web_accessible_resourcesJS files exposed to web pages

JavaScript files are accessible to ALL websites. Any page can load and interact with these scripts, enabling web→extension attacks.

MEDIUM
web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

External Domains(936)

${d.url${e${g.evernote_int_stage${g.evernote_international${this._gethost(${this._host${this._servicehost${this.host*.*.flickr.com*.*.wordpress.com*.aflip.in*.chainflix.net*.channel.geographs.org*.curated.co*.deseret.com*.deviantart.com*.didacte.com*.docdroid.com*.docdroid.net*.fireworktv.com*.flat.io*.flickr.com*.geograph.co.uk*.geograph.ie*.geograph.org.gg*.geograph.org.je*.geograph.org.uk*.getshow.io*.gmetri.com*.hflip.co*.hippovideo.io*.hubs.vidyard.com*.idomoo.com*.infoveave.net*.inphood.com*.jovian.ai*.jovian.ml*.kooapp.com*.lottiefiles.com*.lumiere.is*.medialab.app*.medialab.co*.microsoftstream.com*.nanoo.pro*.nanoo.tv*.nfb.ca*.nytimes.com*.pitchhub.com*.pitchhub.com.com*.podbean.com*.polldaddy.com*.prezi.com*.radiopublic.com*.screen9.tv*.slateapp.com*.smugmug.com*.spreaker.com*.tumblr.com*.tv.pandavideo.com.br*.tvcf.co.kr*.twitter.com*.ustream.com*.ustream.tv*.ustudio.com*.vids.io*.vidyard.com*.vouchfor.com*.wikimedia.org*.wiredrive.com*.wistia.com*.wizer.me*.wolframcloud.com*.wordpress.com*.youtube.com*.znipe.tv23m.io69jr5v75rc.execute-api.eu-west-1.amazonaws.comabraia.meaddons.mozilla.orgaddons.opera.comadilo.bigcommand.comadmin.lumiere.isadvertising.roku.comahrefs.comalbum.linkaltium.comamorank.comamp.cloudflare.comamtraker.comanimatron.comanimoto.comanniemusic.appapi-v2.pandavideo.com.brapi.abraia.meapi.altrulabs.comapi.amtraker.comapi.anniemusic.appapi.clyp.itapi.curated.coapi.d.tubeapi.datawrapper.deapi.embed.lyapi.everviz.comapi.framer.comapi.geograph.org.ukapi.getshow.ioapi.gfycat.comapi.grain.comapi.gyazo.comapi.hash.aiapi.inphood.comapi.jovian.aiapi.kmdr.shapi.luminery.comapi.mobypicture.comapi.nb.noapi.observablehq.comapi.picturelfy.comapi.podbean.comapi.portfolium.comapi.screen9.comapi.screencast.comapi.slack.comapi.smugmug.comapi.spoonacular.comapi.spreaker.comapi.streamable.comapi.veer.tvapi.veervr.tvapi.vidyard.comapi.znipe.tvaplikasi.kirim.emailapp-test.totango.comapp.altrulabs.comapp.archivos.digitalapp.avocode.comapp.customerdb.comapp.dadan.ioapp.everviz.comapp.ex.coapp.flourish.studioapp.getfader.comapp.getshow.ioapp.gong.ioapp.ilovecoco.videoapp.kmdr.shapp.ludus.oneapp.minervaknows.comapp.plusdocs.comapp.ustudio.comapp.wizer.meapp.zeplin.ioapp.zingsoft.comappsignal.comarchive.orgarchivebox.ioarticle.voxsnap.comartist.linkaspiegel.comaudioboom.comaudioclip.naver.comaudiomack.comaudiomeans.frawario.comaws.amazon.combackend.deviantart.combacktracks.fmbadcheese.combazqux.combeta.amtraker.combeta.pingvp.com.kpnis.nlbigdatacorp.com.brbigweb.bigdatacorp.com.brbit.lybitlove.orgbitly.comblackfire.ioblekko.comblogcast.hostblogtrottr.comboardreader.combookingmood.combountii.comboxofficebuz.combrowsershots.orgbuiltwith.combuttondown.emailbytedance.comcacoo.comcapture.heartrails.comcec.svc-stage.evernote.comcec.svc.evernote.comchainflix.netchannel-islands.geograph.orgchannel-islands.geographs.orgchirb.itchroco.ooocliqz.comcloud.google.comcloudsystemnetworks.comclyp.itcmc.byzart.eucoccoc.comcocolyze.comcodehs.comcodepen.iocodepoints.netcodesandbox.iocollectd.orgcommaful.comcommoncrawl.orgcompany.yandex.comconsole.screen9.comcore.hash.aicore.oz.comcorp.163.comcorp.mail.rucorpora.uni-leipzig.decoub.comcrawler.sistrix.netcrowdranking.comcrumb.shcueup.iocurated.cocustomerdb.comd.tubedalexni.comdashboard.pandavideo.com.brdata.voxsnap.comdatawrapper.dwcdn.netdavid-smith.orgdazoo.frde.slideshare.netdev.twitter.comdeveloper.apple.comdevelopers.google.comdiscoveryengine.comdisplay.apester.comdocdro.iddocs.appsignal.comdomainreanimator.comdomainsproject.orgdotsub.comdowncastapp.comdreambroker.comduckduckgo.comecairn.comegliseinfo.catholique.frembed.chartblocks.comembed.deseret.comembed.gettyimages.comembed.gmetri.comembed.kit.coembed.kooapp.comembed.lottiefiles.comembed.runkit.comembed.sendtonews.comembed.vouchfor.comembed.wave.videoembedery.comes.slideshare.netethfiddle.comeventlive.proevernote.comeverviz.comevt.liveex.coexchange.xforce.ibmcloud.comexpanse.coeyrie.ioez.nofaithlifetv.comfast.wistia.comfav.mefb.mefeedafever.comfeedbin.comfeedwrangler.netfireworktv.comfiso.foxsports.com.auflat.ioflic.krflipboard.comflipnot.esflourish.studiofr.slideshare.netframebuzz.comframer.comfreshrss.orgfundacio.catgateway.cobalt.rungeo-en.hlipp.degeo.hlipp.degermany.geograph.orggetpocket.comgetshow.iogfycat.comgiphy.comgithub.comgloria.tvglutenfreepleasure.comgoo.ne.jpgph.isgpodder.orggql.cueup.iograin.cograin.comgraph.facebook.comgtchannel.comgtmetrix.comgty.imgyazo.comhalaman.emailhash.aihc.apache.orghearthis.athelp.coccoc.comhelp.evernote.comhelp.mail.ruhelp.naver.comhelp.soso.comhelp.yahoo.comhelp.zum.comheyzine.comhippovideo.iohomey.apphttpd.apache.orghuawei.comhubpages.comhuffduffer.comhunter.iohwacha.dkhypefactors.comi.guim.co.ukideeinc.comidomoo.comifttt.comilovecoco.videoimenupro.comimg.catbo.atimg.youtube.comincredible.devinfogram.cominfoveave.netinphood.cominstagr.aminstagram.comip-guide.comisecurity.huawei.comissuu.comjdr.knacki.infojigsaw.w3.orgjovian.aijovian.mlkirim.emailkit.cokmdr.shknowledgepad.cokooapp.comkouio.comlab.openwebspider.orglabs.topsy.comlarbin.sourceforge.netlatd.comlaw.di.unimi.itlearningapps.orglemoteur.orange.frletsencrypt.orgliferea.sf.netlincgeek.orglive.amcharts.comlive.eventlive.prolivestream.comlottiefiles.comltx71.comludus.onemagpierss.sourceforge.netmail.google.commajestic12.co.ukmap.cam.ac.ukmathembed.commatterport.comme.memedia.giphy.commedia.zhdk.chmediatheque.univ-paris1.frmediatoolkit.commedienarchiv.zhdk.chmedium.commermaid.inkmetacpan.orgmicrosoftedge.microsoft.comminesweeper.todaymixcloud.commixrank.commoby.tomoz.communin-monitoring.orgmusic.enystre.commusicboxmaniacs.commy.matterport.commybeweeg.commylink.pagenagios.orgnamchey.comnanoo.pronanoo.tvnaturalatlas.comneon1.netnetnewswireapp.comnew.media.zhdk.chnmap.orgnopaste.mlnorthernlight.comnotifyninja.comnpms.ionutch.apache.orgnytimes.comobservablehq.comoctopus.saooti.comodds.com.auodesli.coodnoklassniki.ruodysee.comoembed.ex.cooembed.idomoo.comoembed.incredible.devoembed.minervaknows.comoembed.nopaste.mloembed.radiopublic.comofficial.fmomniscope.meomny.fmomnystudio.comon.soundcloud.comonsizzle.comopen.smeme.comopen.spotify.comopenapi.afreecatv.comopenlinkprofiler.orgoptimizer.sistrix.comorbitvu.cooutplayed.tvoverflow.iopadlet.compandavideo.compastery.netpear.php.netping-admin.ruplace.line.meplay.adpaths.complay.afreecatv.complay.google.complay.radiopublic.complay.tvcf.co.krplay.typecast.aiplay.wecandeo.complayer.hihaho.complayer.indacolive.complayer.vimeo.complaylist.linkplusdocs.compod.u-pec.frpod.univ-lille.frpodbean.compodcasts.audiomeans.frpods.linkpolldaddy.comportfolium.comppa.insticator.compresent.doprezi.comproject-resonance.compt.slideshare.netpub.raindrop.iopublic-api.wordpress.compublic.chartblocks.compublic.flourish.studiopublish.twitter.compublisher.releasewire.compurl.stanford.eduqr.imenupro.comqueryeye.comqueryseeker.comquiterss.orgradiopublic.comraindrop.iorambler-co.rureactjs.orgreadkitapp.comreddit.comreederapp.comrender.githubusercontent.comrenderer.apester.comrepl.itreplit.comrestsharp.orgricks-apps.comriddler.ioroihunter.comroku.comroomshare.jproosterteeth.comrumble.comrunkit.comrwire.comryowl.orgs3m.iosabsim.comsafari-extensions.apple.comscan.trustnet.venafi.comscrapy.orgscribblemaps.comsearch.goo.ne.jpsearch.google.comsearch.msn.comsecure.actblue.comsensika.comsentry.ioserendeputy.comshare.evernote.comshare.stage.evernote.comshare.synthesia.ioshoud.ioshoudio.comshowtheway.iosilverreader.comsimplecast.comsiteimprove.comsixy.chsketchfab.comslack.comslateapp.comsluzby.heureka.czsmashnotes.comsmeme.comsong.linksoundcloud.app.goog.glsoundcloud.comspaziodati.euspeakerdeck.comspinn3r.comspotify.comsproutvideo.comsqlmap.orgsrv2.zoomable.casta.shstage-embed.avocode.comstage.dadan.iostore.abraia.mestore.pixdor.comstorymaps.arcgis.comstream.microsoft.comstreamable.comstreamio.comsubscribi.iosuperfeedr.comsupertop.cosupport.alexa.comsupport.apple.comsupport.embed.lysupport.mozilla.orgsupport.paper.lisur.lysway.comsway.office.comtab.search.daum.netted.comtelegram.orgtheoldreader.comtheysaidso.comtinyurl.comtools.pinpoll.comtotango.comtrinityaudio.aitrinitymedia.aitt-rss.orgtv.kakao.comtvcf.co.krtweetedtimes.comtweetmeme.comtwitter.comtypecast.aityplog.comuapod.univ-antilles.frumotion-test.univ-lemans.frumtel.comuptime.comuptimerobot.comuserbase.kde.orgv.afree.cavalidator.w3.orgveer.tvveervr.tvvercel.comverse.comveryhip.comvidefit.comvideos.sapo.ptvidmount.comvidyard.comview.briovr.comview.ceros.comview.gmetri.comviewer.altium.comvimeo.comvizydrop.comvk.comvlipsy.comvod.afreecatv.comvoxsnap.comvsi-innovation.comwaltrackwaltrack.netwatch.wave.videowave.videoweb.microsoftstream.comwebarchive.jira.comwebdatastats.comwebmeup-crawler.comwebmeup.comweborama.comwhatcms.orgwhatis.contentkingapp.comwidget.toornament.comwistia.comwokwi.comwordpress.comwordpress.orgwp.mewww-catapult-app.sandbox.hs-sites.comwww-catapult.appwww.www.23hq.comwww.3ds.comwww.aboundex.comwww.acoon.dewww.acrylicapps.comwww.adbeat.comwww.admantx.comwww.adways.comwww.afreecatv.comwww.alentum.comwww.alexa.comwww.altrulabs.comwww.amorank.comwww.analyticsseo.comwww.animatron.comwww.apache.orgwww.apester.comwww.apple.comwww.arachni-scanner.comwww.ask.comwww.avocode.comwww.axandra.comwww.backlink-check.dewww.backlinktest.comwww.baidu.comwww.beautiful.aiwww.bloglovin.comwww.bookingmood.comwww.botje.comwww.brandverity.comwww.brandwatch.comwww.breaker.audiowww.bumper.comwww.carbon60.comwww.career-x.dewww.catapult.appwww.catchpoint.comwww.ceros.comwww.chainflix.netwww.chartblocks.comwww.chebinliu.comwww.chirbit.comwww.choosito.comwww.circuitlab.comwww.clearspring.comwww.clipland.comwww.cloudflare.comwww.codehs.comwww.codepoints.netwww.collegehumor.comwww.commafeed.comwww.comscore.comwww.contentkingapp.comwww.css-security.comwww.dadan.iowww.dailymotion.comwww.datadoghq.comwww.datagnion.comwww.datanyze.comwww.dataprovider.comwww.datawrapper.dewww.deseret.comwww.deviantart.comwww.didacte.comwww.docdroid.netwww.domaintools.comwww.dreambroker.comwww.easou.comwww.edumedia-sciences.comwww.ethfiddle.comwww.eventures.vcwww.evernote.comwww.exabot.comwww.exactseek.comwww.example.comwww.exensa.comwww.f-secure.comwww.facebook.comwww.feedburner.comwww.feeddemon.comwww.feedly.comwww.feedspot.comwww.findxbot.comwww.fireworktv.comwww.fite.tvwww.flickr.comwww.foxsports.com.auwww.framer.comwww.genieo.comwww.geograph.org.ggwww.geograph.org.ukwww.gettyimages.comwww.gfycat.comwww.gifnote.comwww.gigablast.comwww.gmetri.comwww.gong.iowww.grammarly.comwww.grapeshot.comwww.hatena.ne.jpwww.heureka.czwww.hihaho.comwww.hippovideo.iowww.httpmon.comwww.huawei.comwww.hubspot.comwww.hulu.comwww.ifixit.comwww.ifttt.comwww.iheart.comwww.iis.netwww.injurymap.comwww.inoreader.comwww.instagr.amwww.instagram.comwww.insticator.comwww.jaydeonlineinc.comwww.jetbrains.comwww.kakaocorp.comwww.kaspersky.comwww.kickstarter.comwww.kidoju.comwww.kitchenbowl.comwww.linkdex.comwww.linkedin.comwww.linkpad.orgwww.mapy.czwww.meanpath.comwww.medialab.cowww.metajob.atwww.microad.co.jpwww.microsoft.comwww.minervaknows.comwww.mixcloud.comwww.mnogosearch.orgwww.mobypicture.comwww.mojeek.comwww.monitor.uswww.msn.comwww.nalezen.czwww.nanoo.tvwww.naver.comwww.nb.nowww.netcraft.comwww.netestate.dewww.netvibes.comwww.newsbeuter.orgwww.newsblur.comwww.newsgator.comwww.nfb.cawww.nftndx.iowww.nict.go.jpwww.nuzzel.comwww.nytimes.comwww.odds.com.auwww.omgili.comwww.openindex.iowww.opensiteexplorer.orgwww.openwebspider.orgwww.ora.tvwww.orange.frwww.outbrain.comwww.oz.comwww.paessler.comwww.pagething.comwww.paper.liwww.parse.lywww.pastery.netwww.phpservermonitor.orgwww.picsearch.comwww.picturelfy.comwww.pingdom.comwww.pingvp.comwww.pinpoll.comwww.pinterest.comwww.pipl.comwww.pitchhub.comwww.pixdor.comwww.playbuzz.comwww.profound.netwww.quiz.bizwww.quizz.bizwww.quora.comwww.qwant.comwww.radiopublic.comwww.rainmeter.netwww.rcvis.comwww.reddit.comwww.releasewire.comwww.reverbnation.comwww.rssbandit.orgwww.rssowl.orgwww.safedns.comwww.sarosys.comwww.screamingfrog.co.ukwww.screen9.comwww.screencast.comwww.screenerbot.comwww.screenr.comwww.scribblemaps.comwww.scribd.comwww.semanticscholar.orgwww.semrush.comwww.sendtonews.comwww.seobility.netwww.seoengine.comwww.seokicks.dewww.seznam.czwww.shopalike.czwww.shopify.comwww.shopwiki.comwww.shortnote.jpwww.similartech.comwww.simplepie.orgwww.sistrix.dewww.site24x7.comwww.skype.comwww.slideshare.netwww.smrthi.comwww.smugmug.comwww.snapchat.comwww.so.comwww.socialexplorer.comwww.sogou.comwww.soso.comwww.specialnoise.comwww.spotify.comwww.spreaker.comwww.sprinklr.comwww.ssllabs.comwww.startpagina.nlwww.statuscake.comwww.streamio.comwww.sudomemo.netwww.sutori.comwww.sway.comwww.synthesia.iowww.talkwalker.comwww.tarmot.comwww.ted.comwww.tickcounter.comwww.tiktok.comwww.tineye.comwww.toornament.comwww.topy.sewww.towards.chwww.tracemyfile.comwww.tree.rowww.trendiction.dewww.tumblr.comwww.turnitin.comwww.tuxx.bewww.twingly.comwww.twitter.comwww.ukr.netwww.ultimedia.comwww.uni-leipzig.dewww.ustream.tvwww.ustudio.comwww.venafi.comwww.verisign.comwww.vevo.comwww.viously.comwww.visualsitemapper.comwww.vlive.tvwww.vouchfor.comwww.webpagetest.orgwww.website-datenbank.dewww.websitepulse.comwww.webtop.comwww.wecandeo.comwww.wesee.comwww.wevika.dewww.wikido.comwww.wiredrive.comwww.wise-guys.nlwww.wizer.mewww.wolframcloud.comwww.woorank.comwww.wotbox.comwww.xforce-security.comwww.yahoo-help.jpwww.yahoo.co.jpwww.yahoo.comwww.yandex.comwww.yottaa.comwww.youdao.comwww.youtube.comwww.yunyun.comwww.zbozi.czwww.zelist.rowww.znipe.tvwww.zoominfo.comwww.zuminternet.comxenforo.comxml.evernote.comyacy.netyourls.orgyoutu.beyoutube.comzeplin.iozookabot.comzoomable.ca

Indicators of Compromise

80 indicators of compromise found

File Statistics

177
Total Files
21
JS Files
13.4 MB
Total Size

Other Scanned Extensions

Urban VPN Proxy
8.2 CRITICAL
BrowserGPT: ChatGPT Anywhere Powered by GPT 4
8.2 CRITICAL
MyJDownloader Browser Extension
8.4 CRITICAL
__MSG_appName__
8.0 CRITICAL
HARPA AI: Web Automation with ChatGPT, Claude, Gemini, Grok
9.8 CRITICAL
Phantom
9.6 CRITICAL