diff --git a/Plugin/background.js b/Plugin/background.js
index 84e06b9..668bc3c 100644
--- a/Plugin/background.js
+++ b/Plugin/background.js
@@ -85,26 +85,31 @@ function send_target(server, url, deep, impact, cookies){
 // Set a clean local storage
 chrome.storage.sync.set({'rce':0, 'xss': 0, 'sql': 0, 'lfi': 0, 'work': 0, 'list':'' })
 
-// Launch a scan when the tab change
-chrome.tabs.onActivated.addListener(function(activeInfo) {
-	chrome.tabs.get(activeInfo.tabId, function(tab){
 
-		// Handle start/stop button
-    chrome.storage.sync.get(['work'], function(items) {
-      if(items['work'] == 1){
+// Launch a scan when the tab change - Submit a form / Open new URL from bar 
+chrome.tabs.onUpdated.addListener(function(tabId,changeInfo, tab) {
+  
+  if(changeInfo.status == 'complete'){
+    chrome.tabs.get(tabId, function(tab){
 
-        // Extract cookies from the domain
-        var cookies_string = "";  
-        chrome.cookies.getAll({ 'domain': extract_domain(tab.url)}, function(cookies) {
-          for (var i = 0; i < cookies.length; i++) {
-           cookies_string += ("name:" + cookies[i].name + "|value:" + cookies[i].value+"\n");
-          }
+      // Handle start/stop button
+      chrome.storage.sync.get(['work'], function(items) {
+        if(items['work'] == 1){
 
-          // Start a scan with the url and the cookies
-          send_target(config_server, escape(tab.url), 0, 0, escape((cookies_string)) );
-        });
-      }
+          // Extract cookies from the domain
+          var cookies_string = "";  
+          chrome.cookies.getAll({ 'domain': extract_domain(tab.url)}, function(cookies) {
+            for (var i = 0; i < cookies.length; i++) {
+             cookies_string += ("name:" + cookies[i].name + "|value:" + cookies[i].value+"\n");
+            }
 
+            // Start a scan with the url and the cookies
+            send_target(config_server, escape(tab.url), 0, 0, escape((cookies_string)) );
+          });
+        }
+
+      });
     });
-	});
+  }
+  
 });
\ No newline at end of file
diff --git a/README.md b/README.md
index 2c19148..eaea656 100755
--- a/README.md
+++ b/README.md
@@ -46,11 +46,11 @@ You can try the Error SQL, Blind SQL, LFI with Damn Vulnerable Web App
 - New logo for the extension
 - Re-use your cookies and user-agent to get access to page with cookie-authentication 
 - Export vulnerabilities into a CSV file
+- Launch scan when a form is submitted or a page is opened via the URL bar
 
 ## TODO - Work in progress
 - Should detect target in source code.. (list of targets, then launch scan)
 - Should detect and work with POST requests
-- Launch scan when a button is clicked/ form submitted / page opened via URL - chrome.tabs.onActivated.addListener onFormSubmit?
 
 ## Thanks
 - Polyglot vector for SQL injections [The Ultimate SQL Injection Payload](https://labs.detectify.com/2013/05/29/the-ultimate-sql-injection-payload/)