lgpc.removeadsaddon.com Open in urlscan Pro
2606:4700:3031::6815:a48  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/	3 KB 2 KB	71ms 29ms	Document text/html	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash dc809753947138cfbde1ad02996c8282642d14e77a52fe9b06d7ae9e60a64ad6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=600; s-maxage=0; private cf-cache-status DYNAMIC cf-ray 7d4dbc8c5cc3bbaf-FRA content-encoding br content-type text/html;charset=UTF-8 date Sat, 10 Jun 2023 01:10:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzSCaHLnekJYmouTFmpAxom7i8Akewqkn1hvsyjJ%2FZwxtMFUtdVT1QvyJg3uUOEdvvynVJbrL3J9PZf119bPWGv7DVqd2Vwl5lMuMOVMKIbjAzZknz%2Fk9iWSx2ss9Vy7kCJaWreV1dgCRZr9KQI7RGLrS%2FikeQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30
GET H2	200	style.css lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/	3 KB 1 KB	17ms 15ms	Stylesheet text/css	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/style.css Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 9c04b1a0e4aeb779e5b5875ff6b3d240e001ca35f6b9bc057f86509d4ce281da Request headers accept-language de-DE,de;q=0.9 Referer https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 01:10:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 09 Jun 2023 10:14:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 53768 x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BEBrlBhf5hVLUAjmkY9A4qE7AHRqDOINKfgN%2B2M0b%2F%2Ba3WVvgj5PKyZGAlut2aZlNet7%2Fww%2B0%2FOERAkFqSb5eJi90v9%2Bcgrq0O8S54dzqLWMPUkC87LpbK0o07eExiefGB5utQceTc7T%2Bda6EnmZz6TA%2FxP5g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 7d4dbc8c8ce7bbaf-FRA alt-svc h3=":443"; ma=86400
GET H2	200	chrome.png lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/img/	8 KB 8 KB	20ms 19ms	Image image/png	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/img/chrome.png Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 3f635501b36b420e9d0b1ff03fb16c3e4492369f4ef8bcba4b3034b3e26b6aa9 Request headers accept-language de-DE,de;q=0.9 Referer https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 01:10:46 GMT cf-cache-status HIT last-modified Fri, 09 Jun 2023 10:14:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 53768 x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKciqeyxzcW0iXoRkLhgWttVuPPrxXVu0PQkGMttMyIAu98NmT4J8Tfnv2zsxnW6tbsPTeflOK0U3fsDaY8gJ%2Bn1h2kpmQY4xs24FnyAhn%2FOhuHTYFLUUpE6Jfg%2FnUcNZlRItS4%2BFxn%2BuFdAKqIYL4CjOoIsIQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 7d4dbc8c8cedbbaf-FRA alt-svc h3=":443"; ma=86400
GET H3	200	cross.png lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/img/	3 KB 3 KB	13ms 13ms	Image image/png	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/img/cross.png Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash bd8b2c078acf98907754764daca1bb0f17176454f54df30d283f232e77ada7d0 Request headers accept-language de-DE,de;q=0.9 Referer https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 01:10:46 GMT cf-cache-status HIT last-modified Fri, 09 Jun 2023 10:17:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 53598 x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BGk3NyQk77Qp%2FIHVru8lJdcjWNsr0xvf6f3%2B54gxVdEAyq5PUSrIWrcqubkTUYVFEduQzVSHBC0OYiabybKj3YyEV%2BkuqCcUjXph2pFwoGDSoQzinaHrK2Oc4JwrgOHYQpxTrtVoEo9tbwu1uj9vIwRwdfxBQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 7d4dbc8ceb053a43-FRA alt-svc h3=":443"; ma=86400
GET H3	200	up-arrow.png lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/img/	2 KB 2 KB	14ms 14ms	Image image/png	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/img/up-arrow.png Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash d1aa733aff09df8637913a4b883dedc9addfd583b9c134ee95931f1f5d53455a Request headers accept-language de-DE,de;q=0.9 Referer https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 01:10:46 GMT cf-cache-status HIT last-modified Fri, 09 Jun 2023 10:17:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 53598 x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKEWOwQHNQSS1DadMrV2G7MzUYLU4d91nmS7sXr67%2BC8ejEiWIsA2B0h5dArwPYjqWr0LOO8toXQD9jTRHvkTBARN1U7uxfGqMv4BswbY3g59Izt6AS%2BhVV4kJwGMEfhSWrFtpNaN%2BlJf92%2F%2Bxq%2FBHPDs8pFrw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 7d4dbc8ceb063a43-FRA alt-svc h3=":443"; ma=86400
GET H2	200	common.js Show response lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/	2 KB 988 B	19ms 18ms	Script text/javascript	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/common.js Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash a59f5ca42eb7fa16acc5d7721ff4d04c64d375aa191f632c1a9a2a8709896622 Request headers accept-language de-DE,de;q=0.9 Referer https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 01:10:46 GMT content-encoding br cf-cache-status HIT last-modified Fri, 09 Jun 2023 10:14:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 53768 x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDbFihw%2FIdzAsAPn%2FGeU5zruCcKtrVH9tpGjkZiLcwsCbgl6pq%2B6rBLJPspXGUSqrY0nM13%2F%2BwiWuHK0y0nBj0R4Wbnym1TB0x3dXbKviMAzKzpr9Jee8BXo0iLppAHPzIcvzM9EfSkeOq44uwIp6ogtKGFPfA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript;charset=UTF-8 cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 7d4dbc8c8ce8bbaf-FRA alt-svc h3=":443"; ma=86400
GET H2	200	translate.json lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/	4 KB 2 KB	22ms 22ms	Other application/json	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/translate.json Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 27a647c3502368e6fe24ec832e26305a1fc702cdf0fe501ee746bc5efceca463 Request headers accept-language de-DE,de;q=0.9 Referer https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 01:10:46 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLiMGMweSr53F1w5zl%2FlqJE8vFo07lFzG0sLdX8Bt%2BtY5CEssnGED6j6GJuKbc23detArcoH07iSmeXto1Ov%2Fq%2BDaeu0SdHQptYJDdxD%2FP9b10cXVUemSWoC1p0gsvlub%2FRGzsUAcwkPlJEr107EZtD7j82X5w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=UTF-8 cache-control max-age=86400; public; stale-while-revalidate=86400; stale-if-error=86400 cf-ray 7d4dbc8c8ce9bbaf-FRA alt-svc h3=":443"; ma=86400
GET H2	200	translate.js Show response lgpc.removeadsaddon.com/plpb/	2 KB 1 KB	16ms 16ms	Script application/javascript	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lgpc.removeadsaddon.com/plpb/translate.js?v4 Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13c59438ba315ba8e00e7fc19318eeefcd8087806008e8e0db2bcc1672061948 Request headers accept-language de-DE,de;q=0.9 Referer https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 01:10:46 GMT content-encoding br cf-cache-status HIT last-modified Tue, 23 Aug 2022 17:38:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2463 etag W/"630510ad-9e2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPdUJnV6JpjCK7v%2FBfLrnIv5RudPqho4UuMsqjP2pSKipMVRnnvem0t49v%2FGMHCGrXSGey3qSNw%2BrbnmyAO40Oo%2Fq5D9ej02S5JAaHjMJ4crfzx5cxc8ioE8bAlCpZE%2BlBbdxy2q6XPl2c89z99zM18RoMjzIg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 7d4dbc8c8cebbbaf-FRA alt-svc h3=":443"; ma=86400
GET H2	200	functions.js Show response lgpc.removeadsaddon.com/plpb/	11 KB 4 KB	15ms 14ms	Script application/javascript	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lgpc.removeadsaddon.com/plpb/functions.js?v9 Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 475715a16d56f4f995fa624a3d7643fa2af4e7fdb33a74df21c536c0f33416d9 Request headers accept-language de-DE,de;q=0.9 Referer https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 01:10:46 GMT content-encoding br cf-cache-status HIT last-modified Thu, 24 Nov 2022 19:56:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2463 etag W/"637fcc7c-2de4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OavjfdueVzE9YPfNLWbrhaPZso2fZFZLRdRo1GDcHVjQP4qyZl7X4AMk6cMprWtaw7HuV30pcOAkaOUdp3eXZA6b01Ho9OK%2Fs2HYuVIvjL4TFQDXDoZiBa7nWtLlDqNvSwlf5aoDx8n%2FezpynLEId%2BxGBJ74OQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 7d4dbc8c8cecbbaf-FRA alt-svc h3=":443"; ma=86400
GET H3	200	translate.json Show response lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/	4 KB 3 KB	28ms 27ms	XHR application/json	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/translate.json Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/translate.js?v4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 27a647c3502368e6fe24ec832e26305a1fc702cdf0fe501ee746bc5efceca463 Request headers accept-language de-DE,de;q=0.9 Referer https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 01:10:46 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gz0plC4Ijal133q8vBtwAQ9lRva%2B6hlKFp6gE0T3yGuyXCqnEgulz39jbyL0uDkkWDNLLo4i8qoLMCqolMHyCTveWT28V3KAYGXh0t0QokjuCGFblNs84mUr1eTfkKyf5Lor9tSCHSqogRs3kvNmjVt9QGkl0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=UTF-8 cache-control max-age=86400; public; stale-while-revalidate=86400; stale-if-error=86400 cf-ray 7d4dbc8cbae03a43-FRA alt-svc h3=":443"; ma=86400
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	108 KB 28 KB	26ms 8ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 10 Jun 2023 01:10:46 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27810 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug UG6elvj0Ftjqv6b+nCRoIBIBQ8Jy9DRd6sEQgwRu63r74ScSpTRG1Ir3GGrEj1EhI2nJOkzH8s0FizuKqY6yfQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1679558926 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	commonfr.html Show response theonlins.com/plpb/_pb/ Frame 4B21	471 B 729 B	66ms 27ms	Document text/html	2606:4700:3031::ac43:c4e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://theonlins.com/plpb/_pb/commonfr.html?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/functions.js?v9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c4e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee791c6bb172d328485901a4c9fbc18caddb9261af356ec604900b4a8af93f89 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d4dbc8d3ee9bbad-FRA content-encoding br content-type text/html; charset=utf-8 date Sat, 10 Jun 2023 01:10:46 GMT last-modified Tue, 10 Aug 2021 12:41:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1czPdO0XAdjrl%2Bq8D0JLhsQfB1tcjI2D0kzOSX7dCvt%2FOt%2Bbafei4q32qU0af9sbpQQRsDKpTCcnnwv%2B%2FHF%2BTV0L8IJOa9yUR6QTBn2OUZ10RTwR%2BdQxmiKEZa%2FCWgTsAb5%2BE8i3N%2BnLECN2"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	435748498344282 Show response connect.facebook.net/signals/config/	301 KB 86 KB	8ms 8ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/435748498344282?v=2.9.107&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4e7135c00a4f77bce1bfaf57babe2a1f1d97f2a48c6f7ab1fd57570972c338ec Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 10 Jun 2023 01:10:46 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88287 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug Fb0FpEGXXwadSRDbjwjlqmXZ6EjUnP5TtvHf3emHq7UlSAibIkEsfKBMtfHlx8v/3QNDNKS6o03pAG3TaAyhVQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1679558926 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	61ms 19ms	Image text/plain	2a03:2880:f158:82:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=435748498344282&ev=PageView&dl=https%3A%2F%2Flgpc.removeadsaddon.com%2Fplpb%2Fsmpl%2FIS_browserupdate-chrome%2F%3Fs%3D1e7132d3d09558af0a6425e870b4ade4-40706-0610%23&rl=&if=false&ts=1686359446629&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=30&fbp=fb.1.1686359446627.1153048015&it=1686359446590&coo=false&rqm=GET Requested by Host: lgpc.removeadsaddon.com URL: https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f158:82:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 10 Jun 2023 01:10:46 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	functions.js Show response theonlins.com/plpb/ Frame 4B21	11 KB 4 KB	14ms 13ms	Script application/javascript	2606:4700:3031::ac43:c4e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://theonlins.com/plpb/functions.js?v4 Requested by Host: theonlins.com URL: https://theonlins.com/plpb/_pb/commonfr.html?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c4e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 475715a16d56f4f995fa624a3d7643fa2af4e7fdb33a74df21c536c0f33416d9 Request headers accept-language de-DE,de;q=0.9 Referer https://theonlins.com/plpb/_pb/commonfr.html?s=1e7132d3d09558af0a6425e870b4ade4-40706-0610 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers date Sat, 10 Jun 2023 01:10:46 GMT content-encoding br cf-cache-status HIT last-modified Thu, 24 Nov 2022 19:56:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6537 etag W/"637fcc7c-2de4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjENbnoneJuyjiOeWTnEYhn0l7krRb5PMAOxdm16QRIFgbep7wcEHu5z2W9mV%2FtIWDXH84pUgyfhiCrrgspmJyJroas%2Bkm2xMRtFqz4eXWEuH%2BaK3NhemujD6r6lZ9o0fq0SJwV3YSylq5jC"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 7d4dbc8d7f0ebbad-FRA alt-svc h3=":443"; ma=86400
GET H2	200	/ www.facebook.com/tr/	0 54 B	20ms 19ms	Image text/plain	2a03:2880:f158:82:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=435748498344282&ev=Microdata&dl=https%3A%2F%2Flgpc.removeadsaddon.com%2Fplpb%2Fsmpl%2FIS_browserupdate-chrome%2F%3Fs%3D1e7132d3d09558af0a6425e870b4ade4-40706-0610%23&rl=&if=false&ts=1686359448132&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Chrome%20Update%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.107&r=stable&ec=1&o=30&fbp=fb.1.1686359446627.1153048015&it=1686359446590&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f158:82:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 10 Jun 2023 01:10:48 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend string| commonCookieDomain string| httpGetParams function| _textFor function| getQueryVariable function| constructQueryFromServer function| replaceQueryVariable function| getURLParameter function| replaceURLParameter function| getCookie function| setCookie function| getOffer function| setFullScreen function| speakText function| bySelector function| addEvent function| setLongCookie function| onPixelLoaded function| _openOrig function| closeLandingOnInstall function| fbq function| _fbq object| opened boolean| wasOpened object| screenBlock function| isWindowOpened function| showStoreInstruction function| hideStoreInstruction function| openWindow function| prevent function| click object| downloadBox

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.lgpc.removeadsaddon.com/	1970-01-20 21:11:35	Name: s Value: 1e7132d3d09558af0a6425e870b4ade4-40706-0610
			.removeadsaddon.com/	1970-01-20 14:35:35	Name: _fbp Value: fb.1.1686359446627.1153048015
			.theonlins.com/	1970-01-20 21:11:35	Name: s Value: 1e7132d3d09558af0a6425e870b4ade4-40706-0610

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://lgpc.removeadsaddon.com/plpb/translate.js?v4(Line 19) Message: A preload for 'https://lgpc.removeadsaddon.com/plpb/smpl/IS_browserupdate-chrome/translate.json' is found, but is not used because the new request is synchronous.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
lgpc.removeadsaddon.com
theonlins.com
www.facebook.com
2606:4700:3031::6815:a48
2606:4700:3031::ac43:c4e3
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f158:82:face:b00c:0:25de
13c59438ba315ba8e00e7fc19318eeefcd8087806008e8e0db2bcc1672061948
27a647c3502368e6fe24ec832e26305a1fc702cdf0fe501ee746bc5efceca463
3f635501b36b420e9d0b1ff03fb16c3e4492369f4ef8bcba4b3034b3e26b6aa9
475715a16d56f4f995fa624a3d7643fa2af4e7fdb33a74df21c536c0f33416d9
4e7135c00a4f77bce1bfaf57babe2a1f1d97f2a48c6f7ab1fd57570972c338ec
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
9c04b1a0e4aeb779e5b5875ff6b3d240e001ca35f6b9bc057f86509d4ce281da
a59f5ca42eb7fa16acc5d7721ff4d04c64d375aa191f632c1a9a2a8709896622
bd8b2c078acf98907754764daca1bb0f17176454f54df30d283f232e77ada7d0
d1aa733aff09df8637913a4b883dedc9addfd583b9c134ee95931f1f5d53455a
dc809753947138cfbde1ad02996c8282642d14e77a52fe9b06d7ae9e60a64ad6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee791c6bb172d328485901a4c9fbc18caddb9261af356ec604900b4a8af93f89