removeadsaddon.com Open in urlscan Pro
2606:4700:3031::6815:a48  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response removeadsaddon.com/	13 KB 3 KB	532ms 361ms	Document text/html	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 7f2903c2a1ef3da1debe437e24e118727385d206525e830edcd8b271e4b87468 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate,post-check=0,pre-check=0 cf-cache-status DYNAMIC cf-ray 824a2dba3b8fc40e-EWR content-encoding br content-type text/html;charset=UTF-8 date Sat, 11 Nov 2023 23:05:12 GMT expires 0 last-modified Sat, 11 Nov 2023 23:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NX6ymFWl%2BBaMQhEHKVWuERvz5pmap0sFGJR9cqIs7xmoOoe%2BIbcWi1IbhfwGx4gTzx4GD9U%2Fh%2FEpSrYtvKdpbycO763DE5BJ8ZPi4evqWdcBKXsxG8GIBsXATGUxvKVfNzMGNaBH5WbUO2tu2JEXVvE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30
GET H2	200	style.css removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/	9 KB 2 KB	207ms 193ms	Stylesheet text/css	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/style.css?v=2 Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash f3cbd2a1e32b3b446e57ef4f40678dd1933caf712fad85427bc57c3f192674ff Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:12 GMT content-encoding br cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npyb7W9WzIHbRv6%2FFSQwm5fdazndFdWMZhZaOUcadeN3ZYs3K58se%2FgRLYeEdrm%2F%2BZV%2FwWxRz7exKhNVycUfunULc0nw3RoUqBXYt%2Binl1QxLoc88%2BqiShgbOndD2xsGlNQBZJRsVLGcceM9BxIWQIw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbcbe11c40e-EWR alt-svc h3=":443"; ma=86400
GET H2	200	block1-btn.png removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/	22 KB 22 KB	308ms 295ms	Image image/png	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/block1-btn.png Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash b577aaa4e8676eb70007d2c42e91f85d202709a01b26314cc04eacf0c8823751 Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:12 GMT cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRH8B9%2Fspd8%2FPHhfuFrTDt%2F3%2FEPB7G7SIoGccboerfktXQljys%2F5T9MRhbOvBoDJRD3JY64yx6pQx%2FY00khInc8EkRo8%2BRLUsNOpVKtuem0fwjL7Ly%2BhypQK1CDHwUAuctQnssze3OhFpRDNqHUinJQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbcbe21c40e-EWR alt-svc h3=":443"; ma=86400
GET H3	200	star.svg removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/	660 B 902 B	203ms 200ms	Image image/svg+xml	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/star.svg Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 82de85491e48efd850763ffe21e953794acf6ec83d3729baf015682c60a0d82a Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:13 GMT content-encoding br cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4NFv6ztrlTVdqdKBcnot63cD9aqCU2SBXA3wie%2FD%2FwuHgYB%2BkeD8YqIoiVnvqL0JVD8Con6TxCwUFQ1BOcNk2etFRkbi5LR6NtnNv2mAqR%2FdBVbgdNPbhxlNK0oeOR%2F9zf17S7R%2BZXE1PHh%2Fgw%2B2Rk%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml;charset=UTF-8 cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbf7f8dc427-EWR alt-svc h3=":443"; ma=86400
GET H3	200	card.svg removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/	791 B 956 B	197ms 194ms	Image image/svg+xml	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/card.svg Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 3a4a48069772835047cbf1ed929fae5204b8d2e9773f8c0b1195802995883f1c Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:13 GMT content-encoding br cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HD2vmIT8BR2s4X08beCqImiGzn%2BvPrf%2Bx7G%2B049H94%2BOFLzRIX5oyrWggSmiZof1LE572BL%2B7534%2BeyzwOaerP718MOf%2BEliOFwCKYt2IPtJZM%2FncsbN9Cv7zeG9hnpyaQi9B3eGKMY9DBd6GThfrNc%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml;charset=UTF-8 cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbf7f8fc427-EWR alt-svc h3=":443"; ma=86400
GET H3	200	example.jpg removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/	234 KB 235 KB	297ms 294ms	Image image/jpeg	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/example.jpg Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 5d6af014af08e2b22ff2b9b66a0e1ebc899e6589f0acd57cd3e67a38629bf9ac Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:13 GMT cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jz8G8w5uSeRvUEZy8pDIuoWUA69DSPpEesd%2Bwvej1ho30Yb%2F%2BXUGY3TrA9biJ9axbL1QlphOSS9KiFxexT9Q0xXQ332mSLwPnGXA6QubmNvY6MxciZ43zktTNqcwnFH3JUZMQYOzFOs85Ag0JitBhQ0%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbf7f90c427-EWR alt-svc h3=":443"; ma=86400
GET H2	200	scripts.js Show response removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/	301 B 595 B	313ms 300ms	Script text/javascript	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/scripts.js Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 74e39eba81d088ee9fa26cd8effc411761fe65eb770a4be344e90e984c26d74c Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:12 GMT content-encoding br cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtpoFiNhDLLIQ43Pr%2F6xQ3mbHxsBKUUG5W1BzcAxBsxouEt%2F9UEADBsru43URwYXc%2FuqSd2aZPyaTpgHxxOPcBKdjdbvsQeas%2BejDmdqn5BtrbfZcocz4tle6ACwGYTRs2yuvlsJVfzZ%2FMAry3zcVZo%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript;charset=UTF-8 cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbcbe15c40e-EWR alt-svc h3=":443"; ma=86400
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	92ms 34ms	Stylesheet text/css	2607:f8b0:4020:805::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&display=swap Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1a94718ea707a93439392e816e61f229fca7ba1def54b1bb012ca0f6c32101e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 11 Nov 2023 23:05:12 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 11 Nov 2023 21:06:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 11 Nov 2023 23:05:12 GMT
GET H2	200	translate.json removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/	4 KB 1011 B	123ms 110ms	Other application/json	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/translate.json Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 4e869dc8d0021fe7e8dcb6741a8553351fec0819422eebb7ce9e32f94e4f22d4 Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:12 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVO9kLZ39USYCVo5zvfObK99JdDjhwON55tWVpJZYv%2Bq4%2F4kEU1do2XQEa2O%2FEYyjKzVS7pwP6j%2FeqsfKvYNOXCF23cTklkyWpeKozSgFQLUV5irSscDQRnRrtgQp1pcPVVTdC1p4MqxgN2FyMszhEk%3D"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=UTF-8 cache-control max-age=86400; public; stale-while-revalidate=86400; stale-if-error=86400 cf-ray 824a2dbcbe17c40e-EWR alt-svc h3=":443"; ma=86400
GET H2	200	translate.js Show response removeadsaddon.com/plpb/	2 KB 1 KB	208ms 195ms	Script application/javascript	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://removeadsaddon.com/plpb/translate.js?v4 Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13c59438ba315ba8e00e7fc19318eeefcd8087806008e8e0db2bcc1672061948 Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:12 GMT content-encoding br cf-cache-status MISS last-modified Tue, 23 Aug 2022 17:38:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"630510ad-9e2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVHq5hUtr6332ile6bTHAS%2BWH4mDrFGo4DFtPXuGMaAy%2FEJooIYQ6jFsf2GnOqz0ukO61nLuizXPBU4bud6cMA%2BAvTbL3JuQWopf79npNsgofYNOkXkIZqEQQqJBUzyS5nkf9xzbAWqDYoHxvH%2FsRLk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 824a2dbcbe18c40e-EWR alt-svc h3=":443"; ma=86400
GET H2	200	functions.js Show response removeadsaddon.com/plpb/	11 KB 4 KB	216ms 204ms	Script application/javascript	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://removeadsaddon.com/plpb/functions.js?v7 Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 475715a16d56f4f995fa624a3d7643fa2af4e7fdb33a74df21c536c0f33416d9 Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:12 GMT content-encoding br cf-cache-status MISS last-modified Thu, 24 Nov 2022 19:56:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"637fcc7c-2de4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CD0nLpykuDK60QQ29779Rlp205bh9MJU9jaMcHlF4OCgvwh3ySVoPNuvX%2FAjxHzGKu1UMRs%2BCtHP1clgSYNUtDU0Xc%2B%2BcGY7Yd2dW%2BDVNmtrLcnHq67XJODStQr2QoXFkfhJEnPj5iL5zGeKxZYcnAI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 824a2dbcbe1ac40e-EWR alt-svc h3=":443"; ma=86400
GET H2	200	logo.png removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/	4 KB 4 KB	212ms 199ms	Image image/png	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/logo.png Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 7880e7484c93c8390d976f2ba2c27b076b043e9c425fded57d56889a4bb6867c Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:12 GMT cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYomOhoOdTiRYjaI1PXKhCARuKi5CtOMcycvR%2FKEyRrYF%2B9VpgYImcH500eu1Yb%2B%2FQN35JVqDDVw05P7pLPOucqAhuDgolf8KTDDyBDXXj0vDozJG0eeOcbmDCcIVH%2Bqnk6TP4cD%2F%2B%2B00xwYrmCBoMk%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbcbe1bc40e-EWR alt-svc h3=":443"; ma=86400
GET H2	200	comp.png removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/	406 KB 407 KB	297ms 285ms	Image image/png	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/comp.png Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash af395752b389a831f38aee4bde26bcfd37af9646ca153e481e1e0093a41ac49e Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:12 GMT cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cqww4skAfVaFhA0x2pEHq7BcrtcwEgKweL%2F8008EVabf%2FvUJvyUVql3UHRguz0pX%2FYoEuSOvmGRQHsUwDhrvZM3vpSZRII%2BNPqYJ%2BDfb%2BW5QS%2FDRIqVS9Me8TLs%2Bj691lDNsytGfhXX6R9ngmF55mGI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbcbe1dc40e-EWR alt-svc h3=":443"; ma=86400
GET H3	200	microsoft.svg removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/	391 B 695 B	106ms 106ms	Image image/svg+xml	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/microsoft.svg Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash ad8e45a3b934df16ad78562cda6b5312f5e5b1f77eb4e1525aecd428a5ef14f1 Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:12 GMT content-encoding br cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=systT865Kj%2F4fNJgnlQbRjZzufXm6o5df%2F6RB0Ri8v%2BSIlmuE%2FFEcVxfIzH6xDR8ZgxIttctMQljzuiJ5tgVnVwQL%2BMK6rGF7RPw9Ut2HptOq5voyDQr8uHUeRnXgVFne9uPI1YZKRR8sFvS7tXmKuY%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml;charset=UTF-8 cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbf6f78c427-EWR alt-svc h3=":443"; ma=86400
GET H3	200	check.svg removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/	475 B 863 B	194ms 193ms	Image image/svg+xml	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/check.svg Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash f969e3c1f941908e73430fd9dc52e1260e1530230d0d2a422c5c51022cdfb433 Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:13 GMT content-encoding br cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIJHfHTfRZxNyTlJCLtglKWAFDLExWr7hv28tpxfyzVkLGAfe9N%2BvKtzqa44uP4bu3XBQHrYFooxBnrGJbpy%2Fgir69%2Bxfx7J0Ad4t9LF%2BUkrWuG3aJX7Wh7dQFHJF0kgurBcmGHylhD%2FrFSER3B769A%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml;charset=UTF-8 cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbf7f83c427-EWR alt-svc h3=":443"; ma=86400
GET H3	200	reviewer-1.jpg removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/	8 KB 8 KB	207ms 204ms	Image image/jpeg	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/reviewer-1.jpg Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 37bf107dba9d61ccad009b31a948112b91ce557af698944982e7d89c3129134d Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:13 GMT cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsRaK7lixx7PEbiMK%2Ftn%2BBG5g73D8Zg%2Ft5aQH5N2G0cdjU1eq8EireNiwlS3%2ByZeueJJKPNFsHVF19nS5uYCabqmJB9xkYq%2FX0sXZHmz7fEIM6JIOtO23uDNmfSSGmRCTNcL5qU%2BGZsKFye5OBrvSxo%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbf7f91c427-EWR alt-svc h3=":443"; ma=86400
GET H3	200	reviewer-2.jpg removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/	8 KB 9 KB	206ms 203ms	Image image/jpeg	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/reviewer-2.jpg Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 3c2c99fc03006ba4abc9c6feba47570d7b9a7f326c17724ac296bfc46a50833b Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:13 GMT cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbP9LMeT3KEQLYWpLK1zEDPX966JUJA8TjjObyONtNMCsuHtXmwi4X%2F5Q7Mbgll9%2BUa9RDoO78ZW2UvE9uvdoA0lElkdUH%2F92dlNdfxXbAT4CZeoonwE8HqTKpE5tZ%2BkShc0WfSY%2F5kbYRzv9VjIBuI%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbf7f94c427-EWR alt-svc h3=":443"; ma=86400
GET H3	200	reviewer-3.jpg removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/	7 KB 7 KB	200ms 198ms	Image image/jpeg	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/reviewer-3.jpg Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 9f8f15119ac2a82382c195e6c3e642100912594699e0c3531ee4cec40a9b953a Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:13 GMT cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moIKMRq%2BhE4Wi2hvLKk5j6bWhq42fFZ70gNi1IsTwvwDvDEFpbVQ9yx%2Fo1PmdMiNwxoTDG3DqjVokcrQuIkElnf%2F9R17JoeOSUB5bsE2zT3JKeXpCN25YFFVVM5iRiBgBc5CA10NTrJQd6Hw2nXOtsE%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbf7f96c427-EWR alt-svc h3=":443"; ma=86400
GET H3	200	email-decode.min.js Show response removeadsaddon.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	9ms 6ms	Script application/javascript	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://removeadsaddon.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 08 Nov 2023 16:16:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"654bb442-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxSqcn7XiccrFURNXD6x0vl6a7s83%2BFAqfnoCdBU4h3d6OXcvTifcU1%2Be0tGKUm8E6uDwPX81EUH%2F3Ai%2Ft1bITmXjw5xBgrfz2%2B%2BffuQ%2B3yjH6CEmKcK%2BIHe8K7Mpc%2FTSosfiP8v5IU%2B0rDB7O518FU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 824a2dbf7f89c427-EWR expires Mon, 13 Nov 2023 23:05:12 GMT
GET H3	200	scripts.js Show response removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/	301 B 729 B	200ms 197ms	Script text/javascript	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/scripts.js?2 Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 74e39eba81d088ee9fa26cd8effc411761fe65eb770a4be344e90e984c26d74c Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:13 GMT content-encoding br cf-cache-status MISS last-modified Sat, 11 Nov 2023 23:05:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eO1l5aFhMs5iTT29jKr1F9fmm3PVbfgI2HN%2BKqNujnQwPoN1qCdX630GYE3OxfcBl2Ci1%2B7IsjGlg7Ih6JQ39uOx7cXmK24Sxei%2Bn40D5wSlN4p8fVg43G54cpFXSTAkpviHJ%2BGy3eXTpGDS3smcE6I%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript;charset=UTF-8 cache-control public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400 cf-ray 824a2dbf7f8bc427-EWR alt-svc h3=":443"; ma=86400
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	26ms 6ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 11 Nov 2023 23:05:12 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug hAiLvrbZwHn8bVGEjw7Yg0qMNJmfCnaswjDoml3Y6Gm//h/Q3pcL3pn6t2B7+++1fXfm4S19/vRlYkK2lEi2Zg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	translate.json Show response removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/	4 KB 1 KB	229ms 229ms	XHR application/json	2606:4700:3031::6815:a48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/translate.json Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/plpb/translate.js?v4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:a48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.30 Resource Hash 4e869dc8d0021fe7e8dcb6741a8553351fec0819422eebb7ce9e32f94e4f22d4 Request headers accept-language en-US,en;q=0.9 Referer https://removeadsaddon.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:12 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.30 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYfl0RKsZQiRv4swJY1iqPL4VOjcfHFvtacG6SCvAAU6RrpPwITdy%2BqNQpcvABAzsY%2BpXvWbgFf8yvUMKKGA%2FY%2FFW8J5DAG8x1pYpQpeUhYmLSXZyZmaSd16Jflw7JqE%2FZ%2BU8urKncAVZ7u9HTYe6iM%3D"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=UTF-8 cache-control max-age=86400; public; stale-while-revalidate=86400; stale-if-error=86400 cf-ray 824a2dbdee15c427-EWR alt-svc h3=":443"; ma=86400
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 48 KB	53ms 13ms	Font font/woff2	2607:f8b0:4020:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://removeadsaddon.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 02:27:48 GMT x-content-type-options nosniff age 74244 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 10 Nov 2024 02:27:48 GMT
GET H2	200	754298265600885 Show response connect.facebook.net/signals/config/	133 KB 35 KB	167ms 164ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/754298265600885?v=2.9.138&r=stable&domain=removeadsaddon.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6e3fed8a392938ef9e8c4e32068dd8b30b58cb1871e7bd96ebc0288f205b06e8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 11 Nov 2023 23:05:13 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug f7NfmKAKhwb+6gUTK1bOWU7eHbnneHa0iIo5sDz9NCmOxYzYEQwTVThS/nDV1HKe+bbSYHH5R9xX+bS2JsQVYg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	commonfr.html Show response theonlins.com/plpb/_pb/ Frame CA21	471 B 715 B	400ms 317ms	Document text/html	2606:4700:3031::ac43:c4e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://theonlins.com/plpb/_pb/commonfr.html?offer=https%3A%2F%2Fremoveadsaddon.com%2F%3F_lp%3D1&_token=uuid_12jmepdus6bf8ps_12jmepdus6bf8ps655008a833b203.29129055&language=EN&_subid=12jmepdus6bf8ps&s=12jmepdus6bf8ps Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/plpb/functions.js?v7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c4e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee791c6bb172d328485901a4c9fbc18caddb9261af356ec604900b4a8af93f89 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 824a2dc15f0618cc-EWR content-encoding br content-type text/html; charset=utf-8 date Sat, 11 Nov 2023 23:05:13 GMT last-modified Tue, 10 Aug 2021 12:41:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1grLuMv%2BdBtxwcrJLz8LjRDdjyboehdA8bRmc2fJKc0Hp214%2BM%2BUpw%2Byczhgmey%2FSEv5Irtljal8qx9hVyDlhD%2BnMx4Del3lWCDTBzP1JCEmH9OxUDUwWCah4q8dtIoRsjBlaYXMfG7PGVWg"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	/ www.facebook.com/tr/	0 185 B	12ms 4ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=754298265600885&ev=PageView&dl=https%3A%2F%2Fremoveadsaddon.com%2F%23&rl=&if=false&ts=1699743913127&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699743913126.273957606&ler=empty&it=1699743912941&coo=false&rqm=GET Requested by Host: removeadsaddon.com URL: https://removeadsaddon.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 11 Nov 2023 23:05:13 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	functions.js Show response theonlins.com/plpb/ Frame CA21	11 KB 4 KB	193ms 192ms	Script application/javascript	2606:4700:3031::ac43:c4e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://theonlins.com/plpb/functions.js?v4 Requested by Host: theonlins.com URL: https://theonlins.com/plpb/_pb/commonfr.html?offer=https%3A%2F%2Fremoveadsaddon.com%2F%3F_lp%3D1&_token=uuid_12jmepdus6bf8ps_12jmepdus6bf8ps655008a833b203.29129055&language=EN&_subid=12jmepdus6bf8ps&s=12jmepdus6bf8ps Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c4e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 475715a16d56f4f995fa624a3d7643fa2af4e7fdb33a74df21c536c0f33416d9 Request headers accept-language en-US,en;q=0.9 Referer https://theonlins.com/plpb/_pb/commonfr.html?offer=https%3A%2F%2Fremoveadsaddon.com%2F%3F_lp%3D1&_token=uuid_12jmepdus6bf8ps_12jmepdus6bf8ps655008a833b203.29129055&language=EN&_subid=12jmepdus6bf8ps&s=12jmepdus6bf8ps User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sat, 11 Nov 2023 23:05:13 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 24 Nov 2022 19:56:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"637fcc7c-2de4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41hWkagYHLp0DUpWGJJP37U7D9pLDPA6lZgpzZ24ZLeidvegX9kbbmiPVDqSitZzxChHcKnfax4L0nB3zjc%2F%2BKFPqnMITtSt54cmkkhTvJG7P8OcDZLgE1O3DV79iYo%2BErtWKBkNlPQ01PjD"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 824a2dc3794718cc-EWR alt-svc h3=":443"; ma=86400

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture string| commonCookieDomain string| httpGetParams function| fbq function| _fbq function| _textFor function| getQueryVariable function| constructQueryFromServer function| replaceQueryVariable function| getURLParameter function| replaceURLParameter function| getCookie function| setCookie function| getOffer function| setFullScreen function| speakText function| bySelector function| addEvent function| setLongCookie function| onPixelLoaded function| _openOrig function| closeLandingOnInstall

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			removeadsaddon.com/	1970-01-20 16:53:42	Name: _subid Value: 12jmepdus6bf8ps
			removeadsaddon.com/	1970-01-20 16:53:42	Name: _token Value: uuid_12jmepdus6bf8ps_12jmepdus6bf8ps655008a833b203.29129055
			removeadsaddon.com/	1970-01-20 16:53:42	Name: ad009 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIwMTZcIjoxNjk5NzQzOTEyfSxcImNhbXBhaWduc1wiOntcIjQzN1wiOjE2OTk3NDM5MTJ9LFwidGltZVwiOjE2OTk3NDM5MTJ9In0.AQ3I9t-3C6-fve2tcJD9P7YiAIcKcBs5BTPC1UU8hys
			.removeadsaddon.com/	1970-01-21 00:54:39	Name: s Value: 12jmepdus6bf8ps
			.removeadsaddon.com/	1970-01-20 18:18:39	Name: _fbp Value: fb.1.1699743913126.273957606
			.theonlins.com/	1970-01-21 00:54:39	Name: s Value: 12jmepdus6bf8ps

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://removeadsaddon.com/plpb/translate.js?v4(Line 19) Message: A preload for 'https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/translate.json' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	warning	URL: https://removeadsaddon.com/# Message: The resource https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/translate.json was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://removeadsaddon.com/# Message: The resource https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/scripts.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://removeadsaddon.com/# Message: The resource https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/block1-btn.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://removeadsaddon.com/# Message: The resource https://removeadsaddon.com/plpb/smpl/IS_removeads_584e_FB/img/card.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
removeadsaddon.com
theonlins.com
www.facebook.com
2606:4700:3031::6815:a48
2606:4700:3031::ac43:c4e3
2607:f8b0:4020:805::200a
2607:f8b0:4020:806::2003
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
13c59438ba315ba8e00e7fc19318eeefcd8087806008e8e0db2bcc1672061948
1a94718ea707a93439392e816e61f229fca7ba1def54b1bb012ca0f6c32101e1
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
37bf107dba9d61ccad009b31a948112b91ce557af698944982e7d89c3129134d
3a4a48069772835047cbf1ed929fae5204b8d2e9773f8c0b1195802995883f1c
3c2c99fc03006ba4abc9c6feba47570d7b9a7f326c17724ac296bfc46a50833b
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
475715a16d56f4f995fa624a3d7643fa2af4e7fdb33a74df21c536c0f33416d9
4e869dc8d0021fe7e8dcb6741a8553351fec0819422eebb7ce9e32f94e4f22d4
5d6af014af08e2b22ff2b9b66a0e1ebc899e6589f0acd57cd3e67a38629bf9ac
6e3fed8a392938ef9e8c4e32068dd8b30b58cb1871e7bd96ebc0288f205b06e8
74e39eba81d088ee9fa26cd8effc411761fe65eb770a4be344e90e984c26d74c
7880e7484c93c8390d976f2ba2c27b076b043e9c425fded57d56889a4bb6867c
7f2903c2a1ef3da1debe437e24e118727385d206525e830edcd8b271e4b87468
82de85491e48efd850763ffe21e953794acf6ec83d3729baf015682c60a0d82a
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9f8f15119ac2a82382c195e6c3e642100912594699e0c3531ee4cec40a9b953a
ad8e45a3b934df16ad78562cda6b5312f5e5b1f77eb4e1525aecd428a5ef14f1
af395752b389a831f38aee4bde26bcfd37af9646ca153e481e1e0093a41ac49e
b577aaa4e8676eb70007d2c42e91f85d202709a01b26314cc04eacf0c8823751
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee791c6bb172d328485901a4c9fbc18caddb9261af356ec604900b4a8af93f89
f3cbd2a1e32b3b446e57ef4f40678dd1933caf712fad85427bc57c3f192674ff
f969e3c1f941908e73430fd9dc52e1260e1530230d0d2a422c5c51022cdfb433