Quick flomo - AI Reading Assistant & Citation Web Clipper
Unknown developer Ā· 10 users at risk
Threat Summary
All Findings (205)
View all 205 security findings
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
XIOC detected Domain: send.today
XIOC detected Domain: docs.bigmodel.cn
XIOC detected Domain: model.name
XIOC detected Email: exa***@gmail.com
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
XIOC detected Domain: www.w3.org
XIOC detected Domain: best.date
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
XIOC detected Domain: t.mx
XIOC detected Domain: p.fk
XIOC detected IP: ::af
XIOC detected IP: ::bef
XIOC detected IP: ::
XIOC detected URL: https://docs.bigmodel.cn/api-reference/
XIOC detected URL: https://shadow.wang/legal/quick-flomo/refund-policy.html
XIOC detected URL: https://placehold.co/200x200?text=Please+Add+Image';
XIOC detected URL: https://flomoapp.com/'))
XIOC detected URL: https://dutepjyocxcvecmsrtfp.supabase.co',
XIOC detected URL: https://accounts.google.com/o/oauth2/v2/auth?
XIOC detected URL: https://$
XIOC detected URL: https://quickflomo.com?ref=$
XIOC detected URL: https://*.supabase.co/*
XIOC detected URL: http://www.w3.org/2000/svg'
XIOC detected URL: https://shadow.wang/legal/quick-flomo/terms-of-service.html
XIOC detected URL: https://shadow.wang/legal/quick-flomo/privacy-policy.html
XIOC detected URL: https://flomoapp.com/iwh/xxx/xxx
XIOC detected URL: https://www.shadow.wang
XIOC detected URL: https://x.com/Gollumgulu
XIOC detected URL: https://docs.bigmodel.cn/cn/guide/models/free/glm-4.6v-flash
XIOC detected URL: https://docs.bigmodel.cn/cn/guide/models/text/glm-4.5#glm-4-5-air
XIOC detected URL: https://supabase.com/docs/reference/javascript
XIOC detected URL: https://clients2.google.com/service/update2/crx
XIOC detected URL: https://www.shadow.wang/
XIOC detected URL: https://flomoapp.com/*
XIOC detected Domain: tab.id
XIOC detected URL: https://docs.bigmodel.cn/cn/guide/models/text/glm-4.7
XIOC detected URL: https://docs.bigmodel.cn/cn/guide/models/vlm/glm-4.6v
XIOC detected Email: ab***@test.com
XIOC detected URL: http://www.w3.org/2000/svg
Network call of type 'fetch' detected.
XIOC detected Domain: statusresult.data
Network call of type 'fetch' detected.
XIOC detected Domain: result.todaystats.date
XIOC detected Domain: userstatus.email
XIOC detected Domain: userstatus.credits.total
XIOC detected Domain: aidailyusage.date
XIOC detected Domain: img.data
XIOC detected Domain: tagsarray.map
XIOC detected Domain: model.id
XIOC detected Domain: btn-subtle.pro
XIOC detected Domain: btn-user-avatar.show
XIOC detected Domain: subscription-badge.free
XIOC detected Domain: subscription-badge.pro
XIOC detected Domain: user-badge.free
XIOC detected Domain: user-badge.pro
XIOC detected Domain: attr.name
XIOC detected Domain: item.new
XIOC detected Domain: resumebtn.id
XIOC detected Domain: item.data
XIOC detected Domain: window.open
XIOC detected Domain: stats.total
XIOC detected Domain: invitations.map
XIOC detected Domain: item.email
XIOC detected Domain: user.id
XIOC detected Domain: user.email
XIOC detected Domain: user.is
XIOC detected Domain: user.credits.total
XIOC detected Domain: currentplaninfo.id
XIOC detected Domain: userstatus.is
XIOC detected URL: https://open.bigmodel.cn/*
XIOC detected Domain: loadingmsg.id
XIOC detected Domain: e.target
XIOC detected Domain: result.data
XIOC detected Domain: 946677852502-lom3ach1c2m8br0s42i18k0p3e42lgjo.apps.googleusercontent.com
XIOC detected Domain: chrome.runtime.id
XIOC detected Domain: hasharray.map
XIOC detected Domain: chromiumapp.org
XIOC detected Domain: window.location.search
Network call of type 'fetch' detected.
XIOC detected URL: https://docs.bigmodel.cn/cn/guide/models/text/glm-4.5
XIOC detected Domain: statusresult.data.email
XIOC detected Domain: statusresult.data.is
XIOC detected Domain: currentuser.is
XIOC detected Domain: session.user.is
XIOC detected Domain: email.com
XIOC detected Domain: shadow.nexus
XIOC detected Domain: placehold.co
XIOC detected Domain: accounts.google.com
XIOC detected Domain: quickflomo.com
XIOC detected Domain: gmail.com
XIOC detected Domain: test.com
XIOC detected Domain: www.shadow.wang
XIOC detected Domain: flomoapp.com
XIOC detected Domain: open.bigmodel.cn
XIOC detected Domain: supabase.co
XIOC detected Domain: toast.show
XIOC detected Domain: shadow.wang
XIOC detected Domain: x.com
XIOC detected Domain: console.info
XIOC detected Domain: supabase.com
XIOC detected Domain: chrome.storage
XIOC detected Domain: data.ai
XIOC detected Domain: session.user.email
XIOC detected Domain: window.id
XIOC detected Domain: chrome.sidepanel.open
XIOC detected Domain: options.author
XIOC detected Domain: m.id
XIOC detected Domain: window.ai
XIOC detected Domain: window.free
XIOC detected Domain: window.pro
XIOC detected Domain: params.total
XIOC detected Domain: levels.info
XIOC detected Domain: sendbtn.id
XIOC detected Domain: appicon.id
XIOC detected Domain: btntext.id
XIOC detected Domain: element.id
XIOC detected Domain: c.date
XIOC detected IP: 2::
XIOC detected IP: 0::
XIOC detected IP: 1::
XIOC detected Domain: session.user.id
XIOC detected Domain: error.name
XIOC detected Domain: rect.top
XIOC detected Domain: host.style.top
XIOC detected Domain: popover.style.top
XIOC detected Domain: host.id
XIOC detected Domain: stats.date
XIOC detected Domain: metadata.author
XIOC detected Domain: schema.org
XIOC detected Domain: item.author
XIOC detected Domain: item.author.name
XIOC detected Domain: data.author
XIOC detected Domain: data.author.name
XIOC detected Domain: u.dj
XIOC detected Domain: w.bw
XIOC detected Domain: tl.np
XIOC detected Domain: c.do
XIOC detected Domain: date.now
XIOC detected Domain: clients2.google.com
XIOC detected Domain: dutepjyocxcvecmsrtfp.supabase.co
YARA rule match: -postinstall_system_command
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_file_download
YARA rule match: -postinstall_system_command
YARA rule match: -postinstall_crypto_operations
YARA rule match: -postinstall_system_command
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_system_command
YARA rule match: -postinstall_file_manipulation
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_file_download
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_file_download
YARA rule match: -postinstall_system_command
YARA rule match: -postinstall_persistence_mechanism
YARA rule match: -postinstall_file_download
YARA rule match: -postinstall_file_manipulation
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_file_download
YARA rule match: -postinstall_system_command
YARA rule match: -postinstall_file_download
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_crypto_operations
YARA rule match: -postinstall_persistence_mechanism
YARA rule match: -postinstall_system_command
YARA rule match: -postinstall_file_download
YARA rule match: -postinstall_file_manipulation
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_file_download
YARA rule match: -postinstall_system_command
YARA rule match: -postinstall_persistence_mechanism
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_obfuscation
YARA rule match: -postinstall_file_manipulation
YARA rule match: -postinstall_file_manipulation
YARA rule match: -postinstall_obfuscation
YARA rule match: -LocalStorageShouldNotBeUsed
Recommended Action
This extension has significant security concerns that warrant careful review. Consider uninstalling or finding a safer alternative. If you must use it, limit the permissions and monitor for suspicious activity.