Security Warning: Historically Flagged as Malware

This extension is historically labeled as malware, but the current version analysis does not yet confirm severe malicious findings.Extension: 种草星球,TikTok批量建联,达人建联,达人管理,自动提报

HIGH RISKStill available - needs review

种草星球,TikTok批量建联,达人建联,达人管理,自动提报

ID: iboifdppdpoccffklnjmompfeijifjna

Supported Languages

🇨🇳Chinese (Simplified)

Extension Info & Metadata

Status

Active

Version

4.1.16

Size

2.91 MB

Rating

0.0/5

Reviews

Users

Type

Extension

Updated

Jun 10, 2026

Publisher Contextual Analysis

Trusted

Author: https://www.zcxq.com/View Profile
Privacy: Privacy Policy
MX records exist: Yes
Domain exists: Yes
Is disposable: No
Is role-based: No
Mailbox exists: Yes
Website: Visit

Total Extensions

Active

Obsolete

Listed

Unlisted

Total Users

邀约达人、批量报团、样品管理、数据分析等商家店铺运营神器，种草星球-让卖货更高效

电商运营管理神器，实现达人直播视频带货高效对接达人，批量提报团长，帮助商家高效的完成商品推广销售。

User Growth

Showing data from Apr 03, 2024 to Jun 05, 2026

Versions

+300%(+3 users)

Compared to Oct 2, 2024

2 versions released in this period

Rating Count

Total: 0 ratings

Average Rating

Current: 0.00 / 5.0

Item	Type	Severity	Description
declarativeNetRequest	Permission	Critical	This permission allows the extension to define rules to block, redirect, or modify network requests. Rated Critical because it can control all network traffic, potentially blocking security updates or redirecting to malicious sites.
scripting	Permission	Critical	This permission allows injection and execution of JavaScript on any webpage. Rated Critical because it can modify page content, steal sensitive data, and inject malicious code into any site the extension has access to.
Contextual Risk Factors	Risk Factor	High	The following context increases the overall risk:• 20% increase: Access to sensitive domains increases potential impact• 10% increase: Early script execution enables pre-emptive content manipulation
storage	Permission	Medium	This permission allows storing data locally in the browser. Rated Medium because it can persist sensitive user data, track user activities over time, and potentially store malicious payloads.
tabs	Permission	Medium	This permission enables tab management and monitoring. Rated Medium because it can track open tabs, access tab metadata, and monitor user browsing patterns.
https://buyin.jinritemai.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://affiliate.tiktokglobalshop.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://affiliate.tiktokshopglobalselling.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://affiliate-id.tokopedia.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.wuyoukuajing.com/*	Host	Medium	Host permission — access limited to this URL pattern.
://.tiktokshop.com/*	Host	Medium	Host permission — access limited to this URL pattern.
://.tiktok.com/*	Host	Medium	Host permission — access limited to this URL pattern.
://.tikclubs.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://.douyin.com/	Host	Medium	Host permission — access limited to this URL pattern.
://.jinritemai.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://d.zcxq.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://wd.zcxq.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://zs.kwaixiaodian.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://channels.weixin.qq.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://liveplatform.taobao.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.xiaohongshu.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.com/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.co.jp/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.co.uk/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.de/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.fr/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.es/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.it/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.ca/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.in/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.com.mx/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.com.au/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.ae/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.nl/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.pl/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.se/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.sa/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.sg/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.com.br/*	Host	Medium	Host permission — access limited to this URL pattern.
https://www.amazon.com.tr/*	Host	Medium	Host permission — access limited to this URL pattern.
https://sellercentral.amazon.com/*	Host	Medium	Host permission — access limited to this URL pattern.
Access to Sensitive Domains	Risk Factor	Medium	This extension requests access to sensitive domains: https://affiliate.tiktokshopglobalselling.com/, https://www.wuyoukuajing.com/, ://.tikclubs.com/, https://www.amazon.com/, https://www.amazon.co.jp/, https://www.amazon.co.uk/, https://www.amazon.de/, https://www.amazon.fr/, https://www.amazon.es/, https://www.amazon.it/, https://www.amazon.ca/, https://www.amazon.in/, https://www.amazon.com.mx/, https://www.amazon.com.au/, https://www.amazon.ae/, https://www.amazon.nl/, https://www.amazon.pl/, https://www.amazon.se/, https://www.amazon.sa/, https://www.amazon.sg/, https://www.amazon.com.br/, https://www.amazon.com.tr/, https://sellercentral.amazon.com/*
Early Content Script Execution	Risk Factor	Medium	This extension runs content scripts at document_start.
alarms	Permission	Low	This permission schedules periodic tasks. Rated Low because it can only trigger events at specified times without access to sensitive data.

Sensitive Domain Access

This extension has access to the following sensitive domains:

https://affiliate.tiktokshopglobalselling.com/*
https://www.wuyoukuajing.com/*
*://*.tikclubs.com/*
https://www.amazon.com/*
https://www.amazon.co.jp/*
https://www.amazon.co.uk/*
https://www.amazon.de/*
https://www.amazon.fr/*
https://www.amazon.es/*
https://www.amazon.it/*
https://www.amazon.ca/*
https://www.amazon.in/*
https://www.amazon.com.mx/*
https://www.amazon.com.au/*
https://www.amazon.ae/*
https://www.amazon.nl/*
https://www.amazon.pl/*
https://www.amazon.se/*
https://www.amazon.sa/*
https://www.amazon.sg/*
https://www.amazon.com.br/*
https://www.amazon.com.tr/*
https://sellercentral.amazon.com/*

By severity

Critical1

High0

Medium0

Low0

Versions scanned

None of the 3 scanned versions have more than one unique code-review finding. Counts are unique findings that include each version.

Extension Version	Code Review Findings
No versions with more than one unique code-review finding in this extension's history.

Extension Version	Code Review Findings
No versions with multiple unique findings.

Files with findings

1 distinct path — top paths by unique finding count:

js/rules.json1

S.No.	Category	Severity	File	Summary	Found in Version
1	Network Interception	critical	js/rules.json (line 1)	This declarativeNetRequest rule matches ALL HTTPS URLs (urlFilter '\|https*') — far beyond the extension's declared host_permissions of buyin.jinritemai.com and douyin.com — and overwrites the Content-Security-Policy r…	3.0.1

URLs

754

IPv4

IPv6

URLs

View the external URLs this extension communicates with to understand its network activity and data interactions.

Gain full insight into all external connections.

Upgrade for full visibility.


img.kuailecx.cn	/resource/340/img/300icon.png	https://img.kuailecx.cn/resource/340/img/300icon.png
github.com	/lzxb/flex.css	https://github.com/lzxb/flex.css
img.kuailecx.cn	/resource/340/img/agent-bg.png	https://img.kuailecx.cn/resource/340/img/agent-bg.png
img.kuailecx.cn	/resource/340/img/agent-btn-bg.png	https://img.kuailecx.cn/resource/340/img/agent-btn-bg.png
img.kuailecx.cn	/resource/340/img/m-v1-bg.png	https://img.kuailecx.cn/resource/340/img/m-v1-bg.png
img.kuailecx.cn	/resource/340/img/m-check.png	https://img.kuailecx.cn/resource/340/img/m-check.png
img.kuailecx.cn	/resource/340/img/n-v-bg.png	https://img.kuailecx.cn/resource/340/img/n-v-bg.png
img.kuailecx.cn	/resource/340/img/n-check.png	https://img.kuailecx.cn/resource/340/img/n-check.png
img.kuailecx.cn	/resource/340/img/z-v-bg.png	https://img.kuailecx.cn/resource/340/img/z-v-bg.png
img.kuailecx.cn	/resource/340/img/z-check.png	https://img.kuailecx.cn/resource/340/img/z-check.png

Showing 1 to 10 of 760 rows

Rows per page:

Gain full insight into all external connections.

Upgrade for full visibility.


120.0.0.0	IPv4	-
1.2.3.4	IPv4	-
1.0.0.219	IPv4	-
129.0.0.0	IPv4	-
141.0.0.0	IPv4	-
128.0.0.0	IPv4	-
127.0.0.0	IPv4	-
1:2:3:4:5:6:7:8	IPv6	-

Version	Size	Is Malicious	Findings	Permhash
4.1.16 Latest	2.91 MB	Malicious	—	8a9e650c5a97086e2d826920a1e51392f2cea51220dc42e37938258a156b2675
4.0.76	2.84 MB	Malicious	—	8a9e650c5a97086e2d826920a1e51392f2cea51220dc42e37938258a156b2675
3.0.1	1.42 MB	Malicious	1	9126f12ce5d0e610bb74da304b6bd0cd648428e59e74326fbd5affaa70d2257e

Showing 1 to 3 of 10 rows

Rows per page:

Code Diff

Compare extension code between any two versions.

0 changed files (scanned top 25 shared text files)

No comparable text files found between these versions.

Browse and explore files within this extension package

Gain full insight into all external connections.

Upgrade for full visibility.

Security Warning: Historically Flagged as Malware

种草星球,TikTok批量建联,达人建联,达人管理,自动提报

Supported Languages

Extension Info & Metadata

Publisher Contextual Analysis

Chrome Web Store Metadata

Screenshots & Videos

About this extension

Analytics & Metrics

User Growth

Rating Count

Average Rating

Static Code Security Analysis

Manifest File Security Analysis

Sensitive Domain Access

Code Review Findings Summary Across 3 Versions1

Versions scanned

Files with findings

Extracted Indicators (URLs and IPs)

URLs

Contextual Analysis

Version History

Version-to-Version Code Diff

Code Diff

Extension Files

User Growth

Rating Count

Average Rating