And there is an additional request if you are on a search page. This request isn’t merely sent when you navigate to a page, it also happens whenever you switch tabs. The rest of the data is somewhat harder to interpret, I’ll get to it soon. You can clearly see the full address of the page in the binary data, including query part and anchor. The response is then translated into the extension icon to be displayed for the page.
So the extension sends some binary data and in return gets information on whether the page is malicious or not. If you do it with Avast Online Security, you will see a request to whenever a new page loads in a tab: Using browser’s developer tools you can look at an extension’s network traffic. Storing the data is considered unproblematic due to anonymization (I disagree), and Avast doesn’t make any statements explaining just how long it holds on to it. The amount of data being sent goes far beyond what’s necessary for the extension to function, especially if you compare to competing solutions such as Google Safe Browsing.Īvast Privacy Policy covers this functionality and claims that it is necessary to provide the service. In the process, it will transmit data that allows reconstructing your entire web browsing history and much of your browsing behavior. When Avast Online Security extension is active, it will request information about your visited websites from an Avast server.