Is Merge Windows safe to use?

Merge Windows has a security risk score of 51.54/100 (MEDIUM risk). Our security analysis detected 119 findings. Review the detailed security assessment below to understand the specific risks before installation.

What are the security risks of Merge Windows?

Based on our automated security analysis, Merge Windows presents medium risk level. The extension is analyzed for malware patterns, secret exposure, network communications, permissions, and supply chain vulnerabilities.

How is the security score calculated?

Risky Plugins calculates security scores using weighted categories: severity of findings (25 points max), malware detections (35 points), secret exposure (28 points), network communications (10 points), and obfuscation (10 points). Scores range from 0-100, with higher scores indicating greater risk.

What does CRITICAL, HIGH, MEDIUM, LOW, MINIMAL risk mean?

CRITICAL (80-100): Severe security issues like malware. HIGH (60-79): Significant vulnerabilities. MEDIUM (40-59): Moderate security concerns. LOW (20-39): Minor issues. MINIMAL (0-19): Very low risk. Always review findings before installing any extension.

Is "Merge Windows" on Chrome Web Store Safe to Install?

[email protected] · chrome · v3.1.0.0

Click to merge all currently opened windows into single one

Risk Assessment

Analyzed

51.54

out of 100

MEDIUM

119 security findings detected across all analyzers

Chrome extension requesting 4 permissions

Severity Breakdown

Critical

High

Medium

Low

Info

Finding Categories

Malware Signatures

IoC Indicators

YARA Rules Matched

7 rules(24 hits)

postinstall obfuscation postinstall system command postinstall crypto operations postinstall file download postinstall file manipulation postinstall network communication postinstall persistence mechanism

Requested Permissions

4 permissions

tabs

Medium

storage

Low

tabGroups

Low

contextMenus

Low

About This Extension

Click to merge all currently opened windows into single one

Detailed Findings

25 total

YARA Rule Matches

7 rules

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

URLs

IP Addresses

Domains

Strings

All Indicators · 94

detected IP: 3.1.0.0

XIOC detected IP: 3.1.0.0

extracted_from_files

Domain

detected Domain: singleclickapps.com

XIOC detected Domain: singleclickapps.com

extracted_from_files

Hash

detected MD5 Hash: 3DDE75875F0711E7BB8CDBE8AE5C89A2

XIOC detected MD5 Hash: 3DDE75875F0711E7BB8CDBE8AE5C89A2

extracted_from_files

Hash

detected MD5 Hash: 6110862AD9FB11E3B635B0515ED04A8E

XIOC detected MD5 Hash: 6110862AD9FB11E3B635B0515ED04A8E

extracted_from_files

Hash

detected MD5 Hash: 1900199AD9FA11E3B635B0515ED04A8E

XIOC detected MD5 Hash: 1900199AD9FA11E3B635B0515ED04A8E

extracted_from_files

Hash

detected MD5 Hash: 19001999D9FA11E3B635B0515ED04A8E

XIOC detected MD5 Hash: 19001999D9FA11E3B635B0515ED04A8E

extracted_from_files

Hash

detected MD5 Hash: 1900199ED9FA11E3B635B0515ED04A8E

XIOC detected MD5 Hash: 1900199ED9FA11E3B635B0515ED04A8E

extracted_from_files

Hash

detected MD5 Hash: 1900199DD9FA11E3B635B0515ED04A8E

XIOC detected MD5 Hash: 1900199DD9FA11E3B635B0515ED04A8E

extracted_from_files

Hash

detected MD5 Hash: 14581EE65F0711E788E0FD2F94B14855

XIOC detected MD5 Hash: 14581EE65F0711E788E0FD2F94B14855

extracted_from_files

Hash

detected MD5 Hash: 14581EE55F0711E788E0FD2F94B14855

XIOC detected MD5 Hash: 14581EE55F0711E788E0FD2F94B14855

extracted_from_files

Hash

detected MD5 Hash: F3EAB90B025FE71191D3B56906A7163E

XIOC detected MD5 Hash: F3EAB90B025FE71191D3B56906A7163E

extracted_from_files

Hash

detected MD5 Hash: A61A5B6F5F0611E79D1A815DF0C86B92

XIOC detected MD5 Hash: A61A5B6F5F0611E79D1A815DF0C86B92

extracted_from_files

Hash

detected MD5 Hash: A61A5B6E5F0611E79D1A815DF0C86B92

XIOC detected MD5 Hash: A61A5B6E5F0611E79D1A815DF0C86B92

extracted_from_files

Hash

detected MD5 Hash: F4EAB90B025FE71191D3B56906A7163E

XIOC detected MD5 Hash: F4EAB90B025FE71191D3B56906A7163E

extracted_from_files

Hash

detected MD5 Hash: E7D53FDC5F0611E79195CFC98E9ACF82

XIOC detected MD5 Hash: E7D53FDC5F0611E79195CFC98E9ACF82

extracted_from_files

Hash

detected MD5 Hash: E7D53FDB5F0611E79195CFC98E9ACF82

XIOC detected MD5 Hash: E7D53FDB5F0611E79195CFC98E9ACF82

extracted_from_files

Hash

detected MD5 Hash: 6110862BD9FB11E3B635B0515ED04A8E

XIOC detected MD5 Hash: 6110862BD9FB11E3B635B0515ED04A8E

extracted_from_files

URL

detected URL: https://thepluginsguy.beehiiv.com/

XIOC detected URL: https://thepluginsguy.beehiiv.com/

extracted_from_files

URL

detected URL: https://preview.mailerlite.io/forms/1790034/165234991720039935/share

XIOC detected URL: https://preview.mailerlite.io/forms/1790034/165234991720039935/share

extracted_from_files

URL

detected URL: https://donate.stripe.com/5kQ14n0q76qrd6A9dF6Vq01

XIOC detected URL: https://donate.stripe.com/5kQ14n0q76qrd6A9dF6Vq01

extracted_from_files

URL

detected URL: https://singleclickapps.com/merge-windows/

XIOC detected URL: https://singleclickapps.com/merge-windows/

extracted_from_files

URL

detected URL: http://singleclickapps.com/merge-windows

XIOC detected URL: http://singleclickapps.com/merge-windows

extracted_from_files

URL

detected URL: https://singleclickapps.com/contact'

XIOC detected URL: https://singleclickapps.com/contact'

extracted_from_files

URL

detected URL: https://chromewebstore.google.com/detail/merge-windows/mmpokgfcmbkfdeibafoafkiijdbfblfg/reviews'

XIOC detected URL: https://chromewebstore.google.com/detail/merge-windows/mmpokgfcmbkfdeibafoafkiijdbfblfg/reviews'

extracted_from_files

Domain

detected Domain: r.sg

XIOC detected Domain: r.sg

extracted_from_files

URL

detected URL: http://ns.adobe.com/xap/1.0/mm/

XIOC detected URL: http://ns.adobe.com/xap/1.0/mm/

extracted_from_files

URL

detected URL: http://ns.adobe.com/xap/1.0/sType/ResourceRef#

XIOC detected URL: http://ns.adobe.com/xap/1.0/sType/ResourceRef#

extracted_from_files

URL

detected URL: http://ns.adobe.com/xap/1.0/

XIOC detected URL: http://ns.adobe.com/xap/1.0/

extracted_from_files

URL

detected URL: https://clients2.google.com/service/update2/crx

XIOC detected URL: https://clients2.google.com/service/update2/crx

extracted_from_files

URL

detected URL: https://singleclickapps.com/merge-windows

XIOC detected URL: https://singleclickapps.com/merge-windows

extracted_from_files

URL

detected URL: https://www.youtube.com/@thePluginsGuy/videos

XIOC detected URL: https://www.youtube.com/@thePluginsGuy/videos

extracted_from_files

Domain

detected Domain: host.pages.map

XIOC detected Domain: host.pages.map

extracted_from_files

Domain

detected Domain: focuseditem.click

XIOC detected Domain: focuseditem.click

extracted_from_files

URL

detected URL: https://singleclickapps.com/merge-windows-removed/');

XIOC detected URL: https://singleclickapps.com/merge-windows-removed/');

extracted_from_files

URL

detected URL: https://singleclickapps.com/merge-windows-help/'

XIOC detected URL: https://singleclickapps.com/merge-windows-help/'

extracted_from_files

URL

detected URL: https://singleclickapps.com/merge-windows-plugin/',

XIOC detected URL: https://singleclickapps.com/merge-windows-plugin/',

extracted_from_files

URL

detected URL: https://singleclickapps.com/merge-windows-2-1/',

XIOC detected URL: https://singleclickapps.com/merge-windows-2-1/',

extracted_from_files

URL

detected URL: https://singleclickapps.com/merge-windows-3-1/',

XIOC detected URL: https://singleclickapps.com/merge-windows-3-1/',

extracted_from_files

Domain

detected Domain: 2.ad

XIOC detected Domain: 2.ad

extracted_from_files

Domain

detected Domain: preview.mailerlite.io

XIOC detected Domain: preview.mailerlite.io

extracted_from_files

detected Domain: donate.stripe.com

XIOC detected Domain: donate.stripe.com

extracted_from_files

Domain

detected Domain: gmail.com

XIOC detected Domain: gmail.com

extracted_from_files

Domain

detected Domain: chromewebstore.google.com

XIOC detected Domain: chromewebstore.google.com

extracted_from_files

Domain

detected Domain: exclusion.name

XIOC detected Domain: exclusion.name

extracted_from_files

Domain

detected Domain: item.id

XIOC detected Domain: item.id

extracted_from_files

Domain

detected Domain: yђs.vn

XIOC detected Domain: yђs.vn

extracted_from_files

Domain

detected Domain: 7.sl

XIOC detected Domain: 7.sl

extracted_from_files

Domain

detected Domain: ê.ua

XIOC detected Domain: ê.ua

extracted_from_files

Domain

detected Domain: i.es

XIOC detected Domain: i.es

extracted_from_files

Domain

detected Domain: r.cv

XIOC detected Domain: r.cv

extracted_from_files

Domain

detected Domain: e.ss

XIOC detected Domain: e.ss

extracted_from_files

Domain

detected Domain: n.sk

XIOC detected Domain: n.sk

extracted_from_files

Domain

detected Domain: mrʄi.mz

XIOC detected Domain: mrʄi.mz

extracted_from_files

Domain

detected Domain: u.by

XIOC detected Domain: u.by

extracted_from_files

Domain

detected Domain: 9vkq.dj

XIOC detected Domain: 9vkq.dj

extracted_from_files

Domain

detected Domain: w1.sk

XIOC detected Domain: w1.sk

extracted_from_files

Domain

detected Domain: l.tt

XIOC detected Domain: l.tt

extracted_from_files

Domain

detected Domain: u.bm

XIOC detected Domain: u.bm

extracted_from_files

Domain

detected Domain: b.do

XIOC detected Domain: b.do

extracted_from_files

Domain

detected Domain: p.mr

XIOC detected Domain: p.mr

extracted_from_files

Domain

detected Domain: 8utƀ.nr

XIOC detected Domain: 8utƀ.nr

extracted_from_files

Domain

detected Domain: cɕ.fk

XIOC detected Domain: cɕ.fk

extracted_from_files

Domain

detected Domain: www.youtube.com

XIOC detected Domain: www.youtube.com

extracted_from_files

Domain

detected Domain: thepluginsguy.beehiiv.com

XIOC detected Domain: thepluginsguy.beehiiv.com

extracted_from_files

Domain

detected Domain: button.dataset.tab

XIOC detected Domain: button.dataset.tab

extracted_from_files

Domain

detected Domain: o.md

XIOC detected Domain: o.md

extracted_from_files

Domain

detected Domain: 2.lt

XIOC detected Domain: 2.lt

extracted_from_files

Domain

detected Domain: s.fm

XIOC detected Domain: s.fm

extracted_from_files

Domain

detected Domain: iô.ms

XIOC detected Domain: iô.ms

extracted_from_files

Domain

detected Domain: g.pr

XIOC detected Domain: g.pr

extracted_from_files

Domain

detected Domain: t.bz

XIOC detected Domain: t.bz

extracted_from_files

URL

detected URL: http://www.w3.org/1999/02/22-rdf-syntax-ns#

XIOC detected URL: http://www.w3.org/1999/02/22-rdf-syntax-ns#

extracted_from_files

Domain

detected Domain: m.nc

XIOC detected Domain: m.nc

extracted_from_files

Domain

detected Domain: www.w3.org

XIOC detected Domain: www.w3.org

extracted_from_files

Domain

detected Domain: ns.adobe.com

XIOC detected Domain: ns.adobe.com

extracted_from_files

Domain

detected Domain: clients2.google.com

XIOC detected Domain: clients2.google.com

extracted_from_files

Domain

detected Domain: ci.dj

XIOC detected Domain: ci.dj

extracted_from_files

Domain

detected Domain: 轉.no

XIOC detected Domain: 轉.no

extracted_from_files

Domain

detected Domain: 5.cr

XIOC detected Domain: 5.cr

extracted_from_files

Domain

detected Domain: ezgif.com

XIOC detected Domain: ezgif.com

extracted_from_files

Domain

detected Domain: twitter.com

XIOC detected Domain: twitter.com

extracted_from_files

Domain

detected Domain: targetwindow.id

XIOC detected Domain: targetwindow.id

extracted_from_files

Domain

detected Domain: win.id

XIOC detected Domain: win.id

extracted_from_files

Domain

detected Domain: tabs.map

XIOC detected Domain: tabs.map

extracted_from_files

Domain

detected Domain: tab.id

XIOC detected Domain: tab.id

extracted_from_files

Domain

detected Domain: chrome.tabs.group

XIOC detected Domain: chrome.tabs.group

extracted_from_files

Domain

detected Domain: tabinfo.id

XIOC detected Domain: tabinfo.id

extracted_from_files

detected IP: ::

XIOC detected IP: ::

extracted_from_files

detected IP: ::2

XIOC detected IP: ::2

extracted_from_files

detected IP: 7::

XIOC detected IP: 7::

extracted_from_files

detected IP: ::6

XIOC detected IP: ::6

extracted_from_files

detected IP: d::9

XIOC detected IP: d::9

extracted_from_files

detected IP: ::9

XIOC detected IP: ::9

extracted_from_files

Hash

detected MD5 Hash: 3DDE75885F0711E7BB8CDBE8AE5C89A2

XIOC detected MD5 Hash: 3DDE75885F0711E7BB8CDBE8AE5C89A2

extracted_from_files

Security Analysis Summary

Security Analysis Overview

Merge Windows is a Chrome Web Store extension published by [email protected]. Version 3.1.0.0 has been analyzed by the Risky Plugins security platform, receiving a risk score of 51.54/100 (MEDIUM risk) based on 119 security findings.

Risk Assessment

This extension presents moderate security risk. Several findings were detected that may warrant attention. Users should carefully review the permissions and findings before installation.

Findings Breakdown

High: 24 finding(s)
Medium: 95 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

Malware Detection: YARA rule matching against 2,400+ malware signatures
Secret Detection: Scanning for exposed API keys, tokens, and credentials
Static Analysis: Code-level security analysis for common vulnerability patterns
Network Analysis: Detection of suspicious network communications and endpoints
Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

Merge Windows is published by [email protected] on the Chrome Web Store marketplace. The extension has approximately 30K users.

Recommendation

Exercise caution with this extension. Review the detailed findings and ensure the requested permissions align with the extension's stated functionality before installation.

Source Code Viewer

Source Code Not Available

Source code is not available for this version of the extension.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

Images ON/OFF

[email protected]

HIGH 20K users

Close & Clean

[email protected]

HIGH 10K users

History On/Off

[email protected]

HIGH 10K users

Plugins

[email protected]

HIGH 400K users

Today's Date

[email protected]

HIGH 881 users

Plugins

[email protected]

HIGH 60K users

Risk Assessment

Severity Breakdown

Finding Categories

YARA Rules Matched

Requested Permissions

About This Extension

Detailed Findings

MANIFEST-SENSITIVE-PERM-TABS

YARA Rule Matches

postinstall obfuscation

postinstall system command

postinstall crypto operations

postinstall file download

postinstall file manipulation

postinstall network communication

postinstall persistence mechanism

Indicators of Compromise

All Indicators · 94

Security Analysis Summary

Security Analysis Overview

Risk Assessment

Findings Breakdown

What Was Analyzed

Developer Information

Recommendation

Frequently Asked Questions

Similar Extensions

Images ON/OFF

Close & Clean

History On/Off

Plugins

Today's Date

Plugins