Report - www.nirsoft.net/

Report Overview

Visited public
2025-05-11 07:27:33
Tags
URL
www.nirsoft.net/
Finishing URL
www.nirsoft.net/
IP / ASN
107.190.138.58
#33182 DIMENOC
Title
NirSoft - freeware utilities: password recovery, system utilities, desktop utilities

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cse.google.com	2642	1997-09-15	2015-03-18	2025-05-09	882 B	148 kB	142.250.178.78
www.nirsoft.net	147497	2004-08-26	2012-05-21	2025-05-08	4.6 kB	54 kB	107.190.138.58
www.google.com	7	1997-09-15	2015-05-10	2025-05-07	2.4 kB	348 kB	142.250.74.68
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-05-07	436 B	332 kB	142.250.74.168
clients1.google.com	415	1997-09-15	2013-02-01	2025-05-05	441 B	202 B	142.250.178.46

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	www.nirsoft.net/sandbox%20eval%20code		128 B	2023-05-06	2025-05-22
Pretty URL www.nirsoft.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-22 03:04 Times Seen24719 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	www.nirsoft.net/	ScriptElement	153 B	2023-08-31	2025-05-17
Pretty URL www.nirsoft.net/ IP 107.190.138.58 ASN #33182 DIMENOC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-31 10:09 Last Seen2025-05-17 18:54 Times Seen28 Hash a302bb070c2f26c01fe9f2af02c79349 9c5e7c8b176dd866cd63a5bcb9bf9d1556129d96 32008c06d51dd14dd30945395f18ec1fdf6971084005857f5d826bba44baeb1d Loading...

	www.nirsoft.net/	ScriptElement	57 B	2023-03-07	2025-05-21
Pretty URL www.nirsoft.net/ IP 107.190.138.58 ASN #33182 DIMENOC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06 Last Seen2025-05-21 22:01 Times Seen9703 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	www.nirsoft.net/	ScriptElement	51 B	2023-03-07	2025-05-17
Pretty URL www.nirsoft.net/ IP 107.190.138.58 ASN #33182 DIMENOC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 18:42 Last Seen2025-05-17 18:54 Times Seen89 Hash 24a817faaf600828b09a194d0ef9624c 4d0a6c4b19e96dae8e3818000880e40379edf385 bdc19609594e84e093573faf1444be84dd80b6b4036303c7b217e121b0e3f88d Loading...

	www.googletagmanager.com/gtag/js?id=G-P2Q08WF7BK	ScriptElement	331 kB	2025-05-11	2025-05-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-P2Q08WF7BK IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-11 07:27 Last Seen2025-05-11 07:27 Times Seen1 Hash fd9538f0b721a2da62b3d97dc4b5201b 91bb39bcc41afbf4c441c0bdc0ac65486bf3b1d0 20f207960d6a031e0caf9ec43090cf479162d982ecfd7b564562598300c68dfe Loading...

	cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980	ScriptElement	5.9 kB	2025-05-11	2025-05-11
Pretty URL cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980 IP 142.250.178.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-11 07:27 Last Seen2025-05-11 07:27 Times Seen1 Hash 86b3c3255a56db51b7e04c6a302027f1 2471bc82bacce39c8baee5b8df542ec73ac96a55 f22d853796aec8214d9bc52e30aa0a5d81ac71fa5601ba5f6dbc082cbf555968 Loading...

	www.google.com/cse/static/element/9d4779bf0a3053cc/cse_element__en.js?usqp=CAM%3D	ScriptElement	295 kB	2025-05-05	2025-05-21
Pretty URL www.google.com/cse/static/element/9d4779bf0a3053cc/cse_element__en.js?usqp=CAM%3D IP 142.250.74.68 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-05 17:47 Last Seen2025-05-21 13:30 Times Seen17 Hash 140964ebb43f10b7b424e6e1248467ff cf15153157d2ec8eeddd88c74a2f70218571021f 63d1906ce47af56733a878272761dce5c031e8e8a39b8e906b5fe7d6b99a156b Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	ScriptElement	1.6 kB	2023-05-06	2025-05-22
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-22 03:04 Times Seen24503 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	www.nirsoft.net/	ScriptElement	341 B	2023-08-04	2025-05-17
Pretty URL www.nirsoft.net/ IP 107.190.138.58 ASN #33182 DIMENOC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-04 19:46 Last Seen2025-05-17 18:54 Times Seen16 Hash 7cd1191cf76c37c5f656a9e76e2fe39d 8e3c4bf720c1418059c3c3476897a1c32c6122ae 492864ae1cfcedae69226c85098efdf3151e855480971be055500601bae2e412 Loading...

	cse.google.com/adsense/search/async-ads.js	ScriptElement	141 kB	2025-05-09	2025-05-11
Pretty URL cse.google.com/adsense/search/async-ads.js IP 142.250.178.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 16:46 Last Seen2025-05-11 07:27 Times Seen3 Hash 5bc97981944b2e405801ab47f89f1c9e 84228223047f5eed41075a5dba9939262dc4d0eb e20206467868be57402d2f42d8d5f613344f239244da5e2e4ca669da8d9527fb Loading...

HTTP Transactions (19)

	URL	IP	Response	Size
	cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980	142.250.178.78	200 OK	5.9 kB
URL GET cse.google.com/cse.js?cx=partner-pub-5286073190998405:5399172980 IP 142.250.178.78:443 ASN #15169 GOOGLE Requested by https://www.nirsoft.net/ Certificate IssuerGoogle Trust Services Subject.google.com Fingerprint2F:BC:E9:F2:13:41:F1:3E:34:53:D6:F4:E9:17:8E:40:10:82:D1:3E ValidityMon, 21 Apr 2025 08:40:42 GMT - Mon, 14 Jul 2025 08:40:41 GMT File type JavaScript source, ASCII text, with very long lines (613) Size 5.9 kB (5912 bytes) Hash 86b3c3255a56db51b7e04c6a302027f1 2471bc82bacce39c8baee5b8df542ec73ac96a55 f22d853796aec8214d9bc52e30aa0a5d81ac71fa5601ba5f6dbc082cbf555968 HTTP Headers `GET /cse.js?cx=partner-pub-5286073190998405:5399172980 HTTP/1.1 Host: cse.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-nZ1DaDQ9podRVpDyVES2eQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} content-disposition: attachment; filename="f.txt" content-encoding: br date: Sun, 11 May 2025 07:27:12 GMT server: gws content-length: 2620 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.nirsoft.net/feed.png	107.190.138.58	200 OK	1.4 kB
URL GET www.nirsoft.net/feed.png IP 107.190.138.58:443 ASN #33182 DIMENOC Requested by https://www.nirsoft.net/ Certificate IssuerLet's Encrypt Subjectmail.nirsoft.net FingerprintE7:6A:77:1B:01:32:95:B4:53:4B:AD:07:2E:4E:7A:B4:76:7F:D5:CB ValidityWed, 23 Apr 2025 12:53:56 GMT - Tue, 22 Jul 2025 12:53:55 GMT File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Size 1.4 kB (1441 bytes) Hash f3b2f178bb0fa4f2701ff218f6a6930d 2a1bc7c9589c8d1cde0b96e00c660b6480caf909 55070d3be787cd8ccee8ea0fd75f0e11e944e6f70231f0dcb4c5ae348fcba6be HTTP Headers `GET /feed.png HTTP/1.1 Host: www.nirsoft.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 11 May 2025 07:27:12 GMT Server: Apache Last-Modified: Tue, 30 Sep 2008 06:39:51 GMT Accept-Ranges: bytes Content-Length: 1441 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: image/png`

	www.nirsoft.net/toptomain.gif	107.190.138.58	200 OK	805 B
URL GET www.nirsoft.net/toptomain.gif IP 107.190.138.58:443 ASN #33182 DIMENOC Requested by https://www.nirsoft.net/ Certificate IssuerLet's Encrypt Subjectmail.nirsoft.net FingerprintE7:6A:77:1B:01:32:95:B4:53:4B:AD:07:2E:4E:7A:B4:76:7F:D5:CB ValidityWed, 23 Apr 2025 12:53:56 GMT - Tue, 22 Jul 2025 12:53:55 GMT File type GIF image data, version 89a, 1 x 6 Size 805 B (805 bytes) Hash 8740ba3ec137951fdbfa31a92df84083 bed3cb1f528a9538c12bb073e9c2f0e32eee31cf 432863150465290850edbb508d7e1e8c95320c0b34737f2f81cbf7589b6064d8 HTTP Headers `GET /toptomain.gif HTTP/1.1 Host: www.nirsoft.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/main.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 11 May 2025 07:27:12 GMT Server: Apache Last-Modified: Sat, 21 Apr 2007 15:31:48 GMT Accept-Ranges: bytes Content-Length: 805 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: image/gif`

	www.nirsoft.net/whatnewbg.gif	107.190.138.58	200 OK	1.1 kB
URL GET www.nirsoft.net/whatnewbg.gif IP 107.190.138.58:443 ASN #33182 DIMENOC Requested by https://www.nirsoft.net/ Certificate IssuerLet's Encrypt Subjectmail.nirsoft.net FingerprintE7:6A:77:1B:01:32:95:B4:53:4B:AD:07:2E:4E:7A:B4:76:7F:D5:CB ValidityWed, 23 Apr 2025 12:53:56 GMT - Tue, 22 Jul 2025 12:53:55 GMT File type GIF image data, version 89a, 600 x 1 Size 1.1 kB (1139 bytes) Hash 77c264470fd3ccc779e1d854b2bb4b55 50955f443e4858deefa7da8505fbc0bea669a7e2 7aea3fb8ef09574f7103909575d48e51b2a930c6b3f9297d3b4d54e7e239fee0 HTTP Headers `GET /whatnewbg.gif HTTP/1.1 Host: www.nirsoft.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/main.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 11 May 2025 07:27:12 GMT Server: Apache Last-Modified: Sat, 21 Apr 2007 20:41:58 GMT Accept-Ranges: bytes Content-Length: 1139 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: image/gif`

	www.nirsoft.net/favicon.ico	107.190.138.58	200 OK	1.4 kB
URL GET www.nirsoft.net/favicon.ico IP 107.190.138.58:443 ASN #33182 DIMENOC Requested by https://www.nirsoft.net/ Certificate IssuerLet's Encrypt Subjectmail.nirsoft.net FingerprintE7:6A:77:1B:01:32:95:B4:53:4B:AD:07:2E:4E:7A:B4:76:7F:D5:CB ValidityWed, 23 Apr 2025 12:53:56 GMT - Tue, 22 Jul 2025 12:53:55 GMT File type MS Windows icon resource - 1 icon, 16x16 Size 1.4 kB (1406 bytes) Hash 51c469d8db767149242ffb08db0e2def 612187103d1d92fbb8916f706ccfd7713ae0b27d 78e8efcbbfdbb25093bf00389bb6dedf5cc79f2dd9bc9d2e61e7ca4e88c83508 HTTP Headers GET /favicon.ico HTTP/1.1 Host: www.nirsoft.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Cookie: _ga_P2Q08WF7BK=GS2.1.s1746948432$o1$g0$t1746948432$j0$l0$h0; _ga=GA1.1.366205516.1746948432 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Sun, 11 May 2025 07:27:12 GMT Server: Apache Last-Modified: Wed, 13 Jul 2005 04:18:26 GMT Accept-Ranges: bytes Content-Length: 1406 Keep-Alive: timeout=5, max=96 Connection: Keep-Alive Content-Type: image/x-icon`

	www.google.com/cse/static/element/9d4779bf0a3053cc/default+en.css	142.250.74.68	200 OK	42 kB
URL GET www.google.com/cse/static/element/9d4779bf0a3053cc/default+en.css IP 142.250.74.68:443 ASN #15169 GOOGLE Requested by https://www.nirsoft.net/ Certificate IssuerGoogle Trust Services Subjectwww.google.com FingerprintC0:9B:21:A5:10:36:7E:DC:25:8D:0B:AB:4B:D9:D7:AD:92:06:96:49 ValidityMon, 21 Apr 2025 08:42:35 GMT - Mon, 14 Jul 2025 08:42:34 GMT File type ASCII text Size 42 kB (41700 bytes) Hash baccb7180fe061b63ed061ec10c3b0c8 bfb31590ba6e758eb8f25735b564d7e4a0919025 a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3 HTTP Headers `GET /cse/static/element/9d4779bf0a3053cc/default+en.css HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-type: text/css content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="prose-team" report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-length: 9068 date: Sun, 11 May 2025 07:27:13 GMT expires: Sun, 11 May 2025 07:27:13 GMT cache-control: private, max-age=31536000 last-modified: Tue, 22 Apr 2025 19:25:56 GMT x-content-type-options: nosniff link: <https://www.adsensecustomsearchads.com>; rel="preconnect" server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cse.google.com/adsense/search/async-ads.js	142.250.178.78	200 OK	141 kB
URL GET cse.google.com/adsense/search/async-ads.js IP 142.250.178.78:443 ASN #15169 GOOGLE Requested by https://www.nirsoft.net/ Certificate IssuerGoogle Trust Services Subject.google.com Fingerprint2F:BC:E9:F2:13:41:F1:3E:34:53:D6:F4:E9:17:8E:40:10:82:D1:3E ValidityMon, 21 Apr 2025 08:40:42 GMT - Mon, 14 Jul 2025 08:40:41 GMT File type JavaScript source, ASCII text, with very long lines (1839) Size 141 kB (140861 bytes) Hash 5bc97981944b2e405801ab47f89f1c9e 84228223047f5eed41075a5dba9939262dc4d0eb e20206467868be57402d2f42d8d5f613344f239244da5e2e4ca669da8d9527fb HTTP Headers `GET /adsense/search/async-ads.js HTTP/1.1 Host: cse.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Sun, 11 May 2025 07:27:13 GMT expires: Sun, 11 May 2025 07:27:13 GMT cache-control: private, max-age=3600 etag: "3919152440420414265" x-content-type-options: nosniff link: <https://syndicatedsearch.goog>; rel="preconnect" content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.googletagmanager.com/gtag/js?id=G-P2Q08WF7BK	142.250.74.168	200 OK	331 kB
URL GET www.googletagmanager.com/gtag/js?id=G-P2Q08WF7BK IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://www.nirsoft.net/ Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT File type JavaScript source, ASCII text, with very long lines (6125) Size 331 kB (330930 bytes) Hash fd9538f0b721a2da62b3d97dc4b5201b 91bb39bcc41afbf4c441c0bdc0ac65486bf3b1d0 20f207960d6a031e0caf9ec43090cf479162d982ecfd7b564562598300c68dfe HTTP Headers `GET /gtag/js?id=G-P2Q08WF7BK HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 11 May 2025 07:27:12 GMT expires: Sun, 11 May 2025 07:27:12 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0 cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0 report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],} server: Google Tag Manager content-length: 115915 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.nirsoft.net/nirsoft2.gif	107.190.138.58	200 OK	3.7 kB
URL GET www.nirsoft.net/nirsoft2.gif IP 107.190.138.58:443 ASN #33182 DIMENOC Requested by https://www.nirsoft.net/ Certificate IssuerLet's Encrypt Subjectmail.nirsoft.net FingerprintE7:6A:77:1B:01:32:95:B4:53:4B:AD:07:2E:4E:7A:B4:76:7F:D5:CB ValidityWed, 23 Apr 2025 12:53:56 GMT - Tue, 22 Jul 2025 12:53:55 GMT File type GIF image data, version 89a, 176 x 44 Size 3.7 kB (3694 bytes) Hash 2e7f628850f2705ddfca2fb210322b00 d9fa3ebb1cbf10cfda8834d3111dc675c2040170 0c4f483b95cfce5c4e78f32946ed302502f365c272094950b254b6226c16c7f5 HTTP Headers `GET /nirsoft2.gif HTTP/1.1 Host: www.nirsoft.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 11 May 2025 07:27:12 GMT Server: Apache Last-Modified: Mon, 06 Sep 2004 14:43:52 GMT Accept-Ranges: bytes Content-Length: 3694 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: image/gif`

	www.nirsoft.net/banners/empty729x90.gif	107.190.138.58	200 OK	1.2 kB
URL GET www.nirsoft.net/banners/empty729x90.gif IP 107.190.138.58:443 ASN #33182 DIMENOC Requested by https://www.nirsoft.net/ Certificate IssuerLet's Encrypt Subjectmail.nirsoft.net FingerprintE7:6A:77:1B:01:32:95:B4:53:4B:AD:07:2E:4E:7A:B4:76:7F:D5:CB ValidityWed, 23 Apr 2025 12:53:56 GMT - Tue, 22 Jul 2025 12:53:55 GMT File type GIF image data, version 89a, 728 x 90 Size 1.2 kB (1228 bytes) Hash 270b1d0745f8514103d768a62f8be3f9 8bbf94730b15c4710b5369c1c5d1afef3615dc8d 00cf697b03001a7246a8e7e26c626ff8aa3bc125759bc6bb87efafe63a4cfc24 HTTP Headers `GET /banners/empty729x90.gif HTTP/1.1 Host: www.nirsoft.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 11 May 2025 07:27:12 GMT Server: Apache Last-Modified: Mon, 08 Feb 2010 10:45:39 GMT Accept-Ranges: bytes Content-Length: 1228 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: image/gif`

	www.nirsoft.net/menutomain.gif	107.190.138.58	200 OK	805 B
URL GET www.nirsoft.net/menutomain.gif IP 107.190.138.58:443 ASN #33182 DIMENOC Requested by https://www.nirsoft.net/ Certificate IssuerLet's Encrypt Subjectmail.nirsoft.net FingerprintE7:6A:77:1B:01:32:95:B4:53:4B:AD:07:2E:4E:7A:B4:76:7F:D5:CB ValidityWed, 23 Apr 2025 12:53:56 GMT - Tue, 22 Jul 2025 12:53:55 GMT File type GIF image data, version 89a, 6 x 1 Size 805 B (805 bytes) Hash 4989b759b98988bd0f2606ecd041586e 31d43951d3dd4ca3bf8e63b48ab0cacaad623cb5 03fb3f62f575f7aece5107379da9667099547635980c20ee48c3a85a1ae1b7c2 HTTP Headers `GET /menutomain.gif HTTP/1.1 Host: www.nirsoft.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/main.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 11 May 2025 07:27:12 GMT Server: Apache Last-Modified: Sat, 21 Apr 2007 15:17:30 GMT Accept-Ranges: bytes Content-Length: 805 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: image/gif`

	www.google.com/cse/static/images/1x/en/branding.png	142.250.74.68	200 OK	1.6 kB
URL GET www.google.com/cse/static/images/1x/en/branding.png IP 142.250.74.68:443 ASN #15169 GOOGLE Requested by https://www.nirsoft.net/ Certificate IssuerGoogle Trust Services Subject.google.com Fingerprint2F:BC:E9:F2:13:41:F1:3E:34:53:D6:F4:E9:17:8E:40:10:82:D1:3E ValidityMon, 21 Apr 2025 08:40:42 GMT - Mon, 14 Jul 2025 08:40:41 GMT File type PNG image data, 123 x 15, 8-bit/color RGBA, non-interlaced Size 1.6 kB (1556 bytes) Hash 9a63187ccc27d018cedb3a932f5aa9aa 5a59b006635e93492bfd06a5c26f8b6e4181dc71 6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68 HTTP Headers `GET /cse/static/images/1x/en/branding.png HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK accept-ranges: bytes content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="prose-team" report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-length: 1556 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 08 May 2025 09:17:16 GMT expires: Fri, 08 May 2026 09:17:16 GMT cache-control: public, max-age=31536000 age: 252597 last-modified: Thu, 07 Dec 2023 21:00:00 GMT content-type: image/png alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	clients1.google.com/generate_204	142.250.178.46	204 No Content	0 B
URL GET clients1.google.com/generate_204 IP 142.250.178.46:443 ASN #15169 GOOGLE Requested by https://www.nirsoft.net/ Certificate IssuerGoogle Trust Services Subject.google.com Fingerprint2F:BC:E9:F2:13:41:F1:3E:34:53:D6:F4:E9:17:8E:40:10:82:D1:3E ValidityMon, 21 Apr 2025 08:40:42 GMT - Mon, 14 Jul 2025 08:40:41 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /generate_204 HTTP/1.1 Host: clients1.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 204 No Content content-length: 0 cross-origin-resource-policy: cross-origin date: Sun, 11 May 2025 07:27:13 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	www.nirsoft.net/	107.190.138.58	200 OK	34 kB
URL User Request GET www.nirsoft.net/ IP 107.190.138.58:443 ASN #33182 DIMENOC Certificate IssuerLet's Encrypt Subjectmail.nirsoft.net FingerprintE7:6A:77:1B:01:32:95:B4:53:4B:AD:07:2E:4E:7A:B4:76:7F:D5:CB ValidityWed, 23 Apr 2025 12:53:56 GMT - Tue, 22 Jul 2025 12:53:55 GMT File type HTML document, ASCII text Size 34 kB (33494 bytes) Hash 19ec034d776e9a243124aff320a52123 da5226d90b614d8fcfb4acebcec79f5902b7f3a9 1eea3ddc96f6c79abe76d95019195c3501afa1c8b374d8273c4d867948685703 HTTP Headers `GET / HTTP/1.1 Host: www.nirsoft.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 11 May 2025 07:27:11 GMT Server: Apache Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8`

	www.nirsoft.net/main.css	107.190.138.58	200 OK	7.2 kB
URL GET www.nirsoft.net/main.css IP 107.190.138.58:443 ASN #33182 DIMENOC Requested by https://www.nirsoft.net/ Certificate IssuerLet's Encrypt Subjectmail.nirsoft.net FingerprintE7:6A:77:1B:01:32:95:B4:53:4B:AD:07:2E:4E:7A:B4:76:7F:D5:CB ValidityWed, 23 Apr 2025 12:53:56 GMT - Tue, 22 Jul 2025 12:53:55 GMT File type assembler source, ASCII text Size 7.2 kB (7188 bytes) Hash 361af9b2489990eeae53fb655d834b5e 2196a34ff149947ed34623a334fb34029d56ecd9 1fc7ceb533a021747396d0773be419b8432c309db898995af87bf5a7b0c68b0b HTTP Headers `GET /main.css HTTP/1.1 Host: www.nirsoft.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 11 May 2025 07:27:12 GMT Server: Apache Last-Modified: Mon, 13 Jan 2020 06:22:16 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1568 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/css`

	www.nirsoft.net/menubg.png	107.190.138.58	200 OK	448 B
URL GET www.nirsoft.net/menubg.png IP 107.190.138.58:443 ASN #33182 DIMENOC Requested by https://www.nirsoft.net/ Certificate IssuerLet's Encrypt Subjectmail.nirsoft.net FingerprintE7:6A:77:1B:01:32:95:B4:53:4B:AD:07:2E:4E:7A:B4:76:7F:D5:CB ValidityWed, 23 Apr 2025 12:53:56 GMT - Tue, 22 Jul 2025 12:53:55 GMT File type PNG image data, 160 x 1, 8-bit colormap, non-interlaced Size 448 B (448 bytes) Hash eeabd12aa8052823038826dc61fc2525 973a9cbd5c928947763efab9eca8568c27faf0cd 4ea8411870894a09ff7165d06aab69c2be05ffea87cdb1b5fb3b5594f11f6f06 HTTP Headers `GET /menubg.png HTTP/1.1 Host: www.nirsoft.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/main.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 11 May 2025 07:27:12 GMT Server: Apache Last-Modified: Sun, 12 Jan 2020 19:55:26 GMT Accept-Ranges: bytes Content-Length: 448 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: image/png`

	www.google.com/cse/static/style/look/v4/default.css	142.250.74.68	200 OK	4.5 kB
URL GET www.google.com/cse/static/style/look/v4/default.css IP 142.250.74.68:443 ASN #15169 GOOGLE Requested by https://www.nirsoft.net/ Certificate IssuerGoogle Trust Services Subjectwww.google.com FingerprintC0:9B:21:A5:10:36:7E:DC:25:8D:0B:AB:4B:D9:D7:AD:92:06:96:49 ValidityMon, 21 Apr 2025 08:42:35 GMT - Mon, 14 Jul 2025 08:42:34 GMT File type ASCII text Size 4.5 kB (4495 bytes) Hash c14e45e189f801818b14f1315605a632 dd7e7fb9d156b343beef0155b41da1c847d69e41 dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89 HTTP Headers `GET /cse/static/style/look/v4/default.css HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="prose-team" report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-length: 1345 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 11 May 2025 07:03:28 GMT expires: Sun, 11 May 2025 07:53:28 GMT cache-control: public, max-age=3000 age: 1425 last-modified: Wed, 17 Jun 2020 00:00:00 GMT content-type: text/css vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com/cse/static/element/9d4779bf0a3053cc/cse_element__en.js?usqp=CAM%3D	142.250.74.68	200 OK	295 kB
URL GET www.google.com/cse/static/element/9d4779bf0a3053cc/cse_element__en.js?usqp=CAM%3D IP 142.250.74.68:443 ASN #15169 GOOGLE Requested by https://www.nirsoft.net/ Certificate IssuerGoogle Trust Services Subject.google.com Fingerprint2F:BC:E9:F2:13:41:F1:3E:34:53:D6:F4:E9:17:8E:40:10:82:D1:3E ValidityMon, 21 Apr 2025 08:40:42 GMT - Mon, 14 Jul 2025 08:40:41 GMT File type JavaScript source, ASCII text, with very long lines (2279) Size 295 kB (294606 bytes) Hash 140964ebb43f10b7b424e6e1248467ff cf15153157d2ec8eeddd88c74a2f70218571021f 63d1906ce47af56733a878272761dce5c031e8e8a39b8e906b5fe7d6b99a156b HTTP Headers `GET /cse/static/element/9d4779bf0a3053cc/cse_element__en.js?usqp=CAM%3D HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.nirsoft.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-type: text/javascript content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="prose-team" report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-length: 96430 date: Sun, 11 May 2025 07:27:13 GMT expires: Sun, 11 May 2025 07:27:13 GMT cache-control: private, max-age=31536000 last-modified: Tue, 22 Apr 2025 19:25:56 GMT x-content-type-options: nosniff link: <https://www.adsensecustomsearchads.com>; rel="preconnect" server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.com/cse/static/css/v2/clear.png	142.250.74.68	200 OK	1.0 kB
URL GET www.google.com/cse/static/css/v2/clear.png IP 142.250.74.68:443 ASN #15169 GOOGLE Requested by https://www.nirsoft.net/ Certificate IssuerGoogle Trust Services Subject.google.com Fingerprint2F:BC:E9:F2:13:41:F1:3E:34:53:D6:F4:E9:17:8E:40:10:82:D1:3E ValidityMon, 21 Apr 2025 08:40:42 GMT - Mon, 14 Jul 2025 08:40:41 GMT File type PNG image data, 10 x 10, 8-bit/color RGBA, non-interlaced Size 1.0 kB (1018 bytes) Hash 2df778bf2e22d52fe849babb330ec977 0f833f030bb43f282473bddd3a33b5f8cba7a845 329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd HTTP Headers `GET /cse/static/css/v2/clear.png HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.google.com/cse/static/element/9d4779bf0a3053cc/default+en.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK accept-ranges: bytes content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="prose-team" report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]} content-length: 1018 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 08 May 2025 09:32:13 GMT expires: Fri, 08 May 2026 09:32:13 GMT cache-control: public, max-age=31536000 age: 251700 last-modified: Mon, 25 May 2020 08:30:00 GMT content-type: image/png alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML