Secure
Link Browsing
Experience

DEVScan Detects And Blocks Malicious Links In Real-Time—
Right Inside Your Browser. Fast, Lightweight,
Powered By AI.

Download

MEET THE TEAM BEHIND

DEVSCAN

Christian Mallari

Christian S. Mallari

PROJECT ADVISER

Charlotte Carrillo

Charlotte Carrillo

PROJECT LEAD & ML DEVELOPER

Klarence Baluyut

Klarence Baluyut

FULL STACK DEVELOPER

Aldwin Sanchez

Aldwin Sanchez

FULL STACK DEVELOPER

Ernest Malinao

Ernest Malinao

BACKEND DEVELOPER

Maxell Francisco

Maxell Francisco

FRONTEND DEVELOPER

Rjay Manaloto

Rjay Manaloto

FRONTEND DEVELOPER

Tranco API

DEVScan uses the Tranco ranking to check if a domain is popular and likely trustworthy. The server looks up the domain in the Tranco list (via local CSV) and uses this as a feature in threat detection.

Tranco Logo

Isolation Forest

An anomaly detection model in DEVScan’s ML pipeline. It analyzes link features to flag suspicious (anomalous) links.

Isolation Forest Logo

LightGBM

A machine learning model used in DEVScan to classify links as safe or malicious based on extracted features, improving detection accuracy.

LightGBM Logo

HOW IT WORKS

DevScan protects you by detecting suspicious, malicious, or safe links in real-time. Simply hover over a link to preview its safety classification.

SUPPORT CENTER

Need Help Or Want To Share Feedback? You're In The Right Place. This Page Is Your Hub For Support, Suggestions, And Answers To Common Questions.

DEVScan Privacy Policy

Effective Date: October 1, 2025

DEVScan is a Chrome extension that helps protect users from hyperlink-based threats. We designed DEVScan to analyze links primarily on your device, and to minimize the data that leaves your browser. This privacy policy explains how we collect, use, and protect your information when you use our extension.

1) What DEVScan Accesses (Extension Permissions in Practice)

To provide link safety checks, DEVScan’s content scripts and service worker access:

  • Page Content (DOM): We analyze the URLs of links you encounter while browsing to determine if they are safe or potentially malicious and provide appropriate visual warnings (e.g., highlight, tooltip, help sidebar).
  • Network Requests (link navigation only): We listen for main-frame navigations triggered by links you click or URLs you type, to scan the destination before loading the site and, when necessary, show a warning page.
  • Session State & Preferences (chrome.storage): We store lightweight settings (e.g., strict blocking preference), a short-lived scan session ID, and ephemeral verdict cache entries so we can avoid rescanning the same URL repeatedly for a brief period.

We do not read passwords, form inputs, page content in iframes we don’t inject into, or your clipboard.

2) Data Processing and Security

Local Processing: Most URL filtering happens locally in your browser, meaning many links are analyzed without sending data to our servers.

Server Analysis: When a link requires advanced analysis, it is sent to our secure servers using encrypted HTTPS connections. Our machine learning models analyze the URL structure and patterns to determine safety.

  • Encryption: All data transmission uses HTTPS/TLS encryption.
  • Access Control: Server access is restricted and monitored.
  • Data Minimization: We only collect and process data necessary for security analysis.
  • Automatic Cleanup: Cached data is automatically deleted after 7 days.

3) Third-Party Services

  • Tranco Domain Rankings: We use the Tranco research project's top 1,000 website rankings to identify trusted domains. This is a public dataset and no personal data is shared.
  • Machine Learning Service: URLs requiring advanced analysis are processed by our ML service hosted on secure AWS infrastructure. No personal information is included.
  • No Advertising or Analytics: DEVScan does not use advertising networks, analytics services, or other third-party tracking systems.

4) How We Use the Information We Access

  • Identify and warn about suspicious or malicious links.
  • Block unsafe redirects or sites before they load (according to your settings).
  • Reduce duplicate scans and improve detection reliability.
  • Operate, secure, and troubleshoot the service.

5) What We Don’t Collect

  • Personal information (names, emails, addresses)
  • Login credentials or passwords
  • Browsing history beyond links being analyzed
  • File contents or downloads
  • Social media posts or private messages
  • Financial or payment information
  • Location data or device identifiers

6) User Rights and Control

  • Disable Scanning: You can disable link analysis at any time through the extension popup.
  • Adjust Settings: Customize blocking behavior and warning levels in extension settings.
  • Uninstall: Remove the extension completely to stop all data processing.
  • Data Deletion: When you uninstall the extension, all local data is automatically removed. Server-side cached data is deleted after 7 days.

7) Legal Basis & User Rights (Where Applicable)

Depending on your location, you may have rights over your personal data (e.g., access, deletion, portability, objection). Because DEVScan avoids collecting personal data, these requests typically involve operational logs (if any). To make a request, contact us at the email below.

8) Third Parties

We do not sell or share user data with advertisers. If we ever use a sub-processor (e.g., for secure hosting), it will be bound by confidentiality and data protection obligations.

9) Changes to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify users of significant changes through the extension’s update mechanism.

10) Technical Details

Permissions Used:

  • activeTab: To analyze links on the current webpage
  • storage: To save user preferences and cache scan results locally
  • webNavigation: To intercept navigation to malicious websites
  • host permissions: To communicate with our security analysis servers

Data Flow:

  • Extension identifies external links on webpages.
  • Links are checked against local trusted domain lists.
  • Unknown links are sent to our servers for ML analysis.
  • Security verdicts are returned and cached locally.
  • Users see risk assessments through tooltips and warnings.

11) Chrome Web Store Disclosures (Summary)

  • Purpose limitation: Data accessed by DEVScan is used only to provide security features (link scanning, warnings, safety UI) or to improve them.
  • Limited Use: We do not use data for unrelated purposes like ads or profiling.
  • Transparency: This policy details what we access and when network calls occur.
  • Control: Users can disable, remove, or change settings at any time.

12) Contact Us

If you have questions or requests related to privacy, please contact:

Email: bscs3a.devscan@gmail.com

Extension Store: Report concerns through your browser’s extension store

Security Disclosure

If you discover a security vulnerability in DEVScan, please report it responsibly through our GitHub repository. We take security issues seriously and will respond promptly to legitimate reports.