urlscan.io logo urlscan.io
SecurityTrails logo

www.halkynconsulting.co.uk Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Submission: On February 08 via manual from AU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 48 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.halkynconsulting.co.uk.
TLS certificate: Issued by E1 on December 13th 2023. Valid for: 3 months.
This is the only time www.halkynconsulting.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 192.0.76.3 2635 (AUTOMATTIC)
4 192.0.77.32 2635 (AUTOMATTIC)
2 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.22 2635 (AUTOMATTIC)
48 7
36    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.halkynconsulting.co.uk
2    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
0.gravatar.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
4    192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
widgets.wp.com
s0.wp.com
2    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
1    192.0.78.22 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
public-api.wordpress.com
Apex Domain
Subdomains		 Transfer
36 halkynconsulting.co.uk
www.halkynconsulting.co.uk
371 KB
8 wp.com
stats.wp.com — Cisco Umbrella Rank: 2723
widgets.wp.com — Cisco Umbrella Rank: 11869
pixel.wp.com — Cisco Umbrella Rank: 2679
i0.wp.com — Cisco Umbrella Rank: 3696
s0.wp.com — Cisco Umbrella Rank: 8186
257 KB
2 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2022
0.gravatar.com — Cisco Umbrella Rank: 8614
6 KB
1 wordpress.com
public-api.wordpress.com — Cisco Umbrella Rank: 9533
4 KB
48 4
Domain Requested by
36 www.halkynconsulting.co.uk www.halkynconsulting.co.uk
3 s0.wp.com widgets.wp.com
public-api.wordpress.com
2 i0.wp.com www.halkynconsulting.co.uk
1 public-api.wordpress.com s0.wp.com
1 0.gravatar.com secure.gravatar.com
1 pixel.wp.com www.halkynconsulting.co.uk
1 widgets.wp.com www.halkynconsulting.co.uk
1 stats.wp.com www.halkynconsulting.co.uk
1 secure.gravatar.com www.halkynconsulting.co.uk
48 9
Subject Issuer Validity Valid
halkynconsulting.co.uk
E1		 2023-12-13 -
2024-03-12		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.wordpress.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Frame ID: 09B3F2C9ECFA9E7A6D4BE1378D4CE554
Requests: 47 HTTP requests in this frame

Frame: https://widgets.wp.com/likes/master.html?ver=202406
Frame ID: 68D40CCC154E1B3BDDEE9F7114C18229
Requests: 3 HTTP requests in this frame

Frame: https://public-api.wordpress.com/wp-admin/rest-proxy/
Frame ID: 47878ABB091885CB46BCA9EA4476167F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DFIR on a Shoestring - Incident response for less - Halkyn Security Blog

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

48
Requests

98 %
HTTPS

33 %
IPv6

4
Domains

9
Subdomains

7
IPs

2
Countries

644 kB
Transfer

1537 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/ 		248 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2de7af4a8b6727de6cd65e33fa11348f31b9b207670179c09f4dbedba093f6b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85209bd5eeb437da-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 08 Feb 2024 02:58:04 GMT
link
<http://www.halkynconsulting.co.uk/a/wp-json/>; rel="https://api.w.org/", <http://www.halkynconsulting.co.uk/a/wp-json/wp/v2/posts/1853>; rel="alternate"; type="application/json", <https://wp.me/p9yHvD-tT>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ut2fguRiw%2BSqEyVFjoicbrKlvCzDEorcjPp8RyWftJAacYtJxR1mTdunsHaG0WjhaE52zdPi%2BYhwk3J48a4CpI3XToxBay3KsyAylo0v5Nkia%2FhWFCvjtXMeGJD0fOuWDxRYmK6hHI%2BGchjGdMgsUunUbzFiaeiACg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-ua-compatible
IE=edge
TB6BeFEdq9SroScr2wkhq-dTYaQ.js
www.halkynconsulting.co.uk/cdn-cgi/apps/head/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/cdn-cgi/apps/head/TB6BeFEdq9SroScr2wkhq-dTYaQ.js
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1574df8a818ef7c0bd6510d777168fd402c91e77a069f8978ef116761439450a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:05 GMT
x-amz-version-id
2C3guoF.liqoh_xIqn6j_zEDm6kq1gNu
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EYB2TV6EQ3QABPM3
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9yqBKepAvTqiqNpzJ/cZP5p6uHeso89N3slcVKPvY5rLvfe9Z77CcaouAPYrNQCxhuT9hOSmIvA=
last-modified
Tue, 11 Jul 2017 01:36:29 GMT
server
cloudflare
etag
W/"1beb7ea2c042a505e2894ea568981a1c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvelhesXUN8gOZm49oX6OutLCxq6ezBR8Y1b8gsAQaHEFN8uKQAXd1QQMJHu%2BnNqBuKvkO8ex9Wd8SFJ1OuzISz0YoFg07sROQXM5a79TPOFkkLhIm9IdDSNjTm7rqXccAq4oMBJGkgyWqfUpMImxSj3PFkfizY1iA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
85209bdb9aa537da-FRA
style.min.css
www.halkynconsulting.co.uk/a/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-includes/css/dist/block-library/style.min.css?ver=21e019870aac163dd1da7a5e5bb4c167
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
187af6783dd59cd3b9dd90e77b3daa1509c1c3c18f5ce5d6fe2133f9bc3828df

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Nov 2022 12:24:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"17265-5ecb84654597b-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6d3w898IcB%2FIHI%2FpiqbCFzbpSWqZWt3rMehbMdk6BKH2A3YB3MV1P2JLs6GGqG2HdC5H1CGNLQFZYcNCgyPmRykvOQkslbYFC5aA2w9KkAmsI0SPP6iM%2B7HwXsUpkEpS32rmUOmd10Fnu1tx0LjcP2gOhwVQNLg3XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=290304000
cf-ray
85209bdb9aa037da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 28 Feb 2024 02:58:04 GMT
mediaelementplayer-legacy.min.css
www.halkynconsulting.co.uk/a/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 22 Apr 2021 08:29:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2bf8-5c08b7b0cddc2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHwRGgo1hZFs5pzqbA5K4tXpehQY8UwXeD0SN%2BDhQqnCT1lcXgP%2FNvAe3sYwKU7qCvQdkBYD472bCy69PCVbMyimhPrWTbWf6HPlPyTB2Ga5ngz7HeiXEethAm6n0mD3RptbkBKnfxT0NmdgaER5qtJzM5y%2F5lDS4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=290304000
cf-ray
85209bdb9aa237da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 28 Feb 2024 02:58:04 GMT
wp-mediaelement.min.css
www.halkynconsulting.co.uk/a/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=21e019870aac163dd1da7a5e5bb4c167
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 01 Mar 2020 18:46:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"105a-59fcf7eabc8dd-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5aNVxJEoS040E7YNcFqf51qbO94%2FxFVe0QvT4mybi6%2FPpYxBOyhH%2F4EedzHaOlPfz%2BHAFL5AZdbGMm1oH603wM6AyRfUihFjif9mgSmTajFlMtkAQ9KUUKnugyGzvY1ArYG9t%2BomSlFBbFo%2BfYcfYiApM33P4jlxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=290304000
cf-ray
85209bdb9aa337da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 28 Feb 2024 02:58:04 GMT
classic-themes.min.css
www.halkynconsulting.co.uk/a/wp-includes/css/ 		217 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Nov 2022 12:24:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d9-5ecb84655055c-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJwQZk1LqQ8i1jqJc0DV%2BBDMhukwlZfOe3gHCNEHgejGWycuFD8TmsrhDUoYInEqiZcELGpTUkMDHm2OWVLCI34m1HScLHWttBUavyk87%2Ff6wiJLT6GXn4ObUNTzSsXSP71Xw10Hb83k84hJjQY%2FVs6mT%2F%2FzKx17IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=290304000
cf-ray
85209bdb9aa437da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 28 Feb 2024 02:58:04 GMT
all.min.css
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c493875ea907c37e2ef7b9560f75ad5dd918121a0f42889eda351ccab0373eb1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"e7d4-5e9d7fcf4444b-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BwKviEzbg0lmRllKqGBVeYWJuApLvx847DPSdZg1dwI2UJKuS9kqBxKn7iCL2zJXNLSsY7QE9FxKCmy8kvGcgsfdeCx4rrJqLKT6wgmJCHh1xwvjpwwky2nMXfNkjuypJMc2%2B%2Bd%2FtnWkV3HHjylHLtJMwyJ6UKIqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=290304000
cf-ray
85209bdbaaa937da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 28 Feb 2024 02:58:04 GMT
simple-line-icons.min.css
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/css/third/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe41a7936fba4a26a21face5fbb35961e74b9b11eb9e78fa26560f6986be6ed8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2aaf-5e9d7fcf34a49-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0VQFPr2KAmn7jzduj8sWDPObVILkTQ1DUDwgpNKdF1db2pBq09mjmwi79Fa9eQhyGLviI8hbovXwIKgMr352WdmJJvfHCWbWGPAApayvs3EET%2Bdc%2Bk8OSqwkAnQAlP6JJL6fjFt6T8XDt3SAZx%2B1iUxFp6gtRYEtsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=290304000
cf-ray
85209bdbaaaa37da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 28 Feb 2024 02:58:04 GMT
style.min.css
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/css/ 		172 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.3.5
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac78c8f735e2d541abe25e0234b8ea6796d53e1c0bd8c325b9298c82884e9bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2b12c-5e9d7fcf3f62b-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qzJIIFoehQV5c6CD9KbO9EVTs3WZw%2BHfTNTIavu%2B5QWrZC0bBJQqJ2foj4xZQEADvR4Vypy2nKJCDmtNSqYbpEW5kOr9K3b9YTZjfmcnrWaTXmkDmzb0KTFgGKpF%2F7IQ%2FQJIHWADde4V5bcIC6cwMF%2F3w0kP2MoVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=290304000
cf-ray
85209bdbaaab37da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 28 Feb 2024 02:58:04 GMT
widgets.css
www.halkynconsulting.co.uk/a/wp-content/plugins/ocean-extra/assets/css/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/plugins/ocean-extra/assets/css/widgets.css?ver=21e019870aac163dd1da7a5e5bb4c167
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c56e851a0803c43ff8adb5caeb0caf6439a99d0991deceff878a4124dca317d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Nov 2022 12:28:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c9a7-5ecb853d88cfc-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xJqLfCcxCATgHFWFo3lnx4Tf7f93rfq9F4TuP24WuP9iW1Gs%2B5XmkR1yH4W%2BnpXwQaeWzMT2ku9mDMGZMTxGViaP6rPQkpspWY0KG5VPCyszmPmn8y9T2Gqlt%2BrvjFw265yvXDz3zPWGv2LrvjDUgx6JV1wlIa4iA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=290304000
cf-ray
85209bdbaaad37da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 28 Feb 2024 02:58:04 GMT
social-logos.min.css
www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/social-logos/ 		12 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=11.5.1
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Nov 2022 12:28:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2f4a-5ecb853598840-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvyViFTtgiUAxJumSFkevGQmF%2FRFqo7%2BQzH6kuXjwTPhSaSlCV88SXLDpqM%2BpjPLiL4aqEHfuwYZP12t7ID1PmxmNQ7aRHiCXcbDZK60vwCzslLWGnN4KpcXMofl0KGL3my%2BOgSu3b7GIeCppy6cAxe9ckkuo%2BVafQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=290304000
cf-ray
85209bdbaaae37da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 28 Feb 2024 02:58:04 GMT
jetpack.css
www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/css/ 		84 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96852267480e97e11f1058af3c56a86368b3c6647c2c4de7a69de2a693be9f68

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Nov 2022 12:28:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"14f92-5ecb8535ad063-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K45CRCuMKAyz4oyNEbX6U2C6R9NEJUGfWqr8jNnh67h8OtHFdp6RAAOy01IC6EhY50GE8S2nXG3%2Fvrj0MJUfukcxph2Poz1qTDThFIY1yS9G4fv89Xbdmf9uxPHTSEgssbSioyeeajAP6i0c033EDU8EmS80mcLmsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=290304000
cf-ray
85209bdbbab537da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 28 Feb 2024 02:58:04 GMT
jquery.min.js
www.halkynconsulting.co.uk/a/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Nov 2022 12:24:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15e54-5ecb8465b4eca-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31XhzY32D6cT0YPX2%2FeGfBTNNEfCop6x2iCdgIY5UhIZ%2FG1h9qMQFcwSuAyR%2FYu%2F5KkwHf%2BpBM%2FX%2FSDNLtSXwp8FWIvC6XNwEbMpfsh9Y2nsydKkCh9u7NFvh3GXBP%2FyFxVSeqkn%2Bw66Tku%2FamcbYUi7HkrlABKTpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdbbab637da-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 02 Feb 2025 02:58:04 GMT
jquery-migrate.min.js
www.halkynconsulting.co.uk/a/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 22 Apr 2021 08:29:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2bd8-5c08b7b0c8fa2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wH2Q1TutnFnlAi6NjyBAe9DTSyLDo4zzZvlIyv3To6TbYy%2BNth8p9B%2FOt71WK%2FVTWS9tTGPXwyYIuFYIIRXdN3LW%2FAylU%2B6oK9HD%2FoUA0TNpZa4pErO5BN%2BYg8HRTn2KE4MaPp%2F1%2BxgPmdtl%2FzYJAmsUoYKpCPHNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdbbab737da-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 02 Feb 2025 02:58:04 GMT
photon.min.js
www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/build/photon/ 		685 B
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Nov 2022 12:28:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"2ad-5ecb85356b97a-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRXcx3EYoxCCc9fE2KH7VIS45Fy4NmSlSb3c51wtKzKPQseCcRTfEJekm8L8DbRyt7ZbRmBh%2BtWt%2FWNtE30GP%2BMoARcpoxGY4xem%2FDf8VnLmVv21R5Bvj0jrGu8NKm7YwpzEmTTQR5OEqLHG%2BtyVLp3LeLOMy0spUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d6e35f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
gprofiles.js
secure.gravatar.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.gravatar.com/js/gprofiles.js?ver=202406
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
131f6b765e798866d728f95661b78bbf269c86482ffff0fa8c08e18a1a65cc89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 28 Nov 2023 13:47:28 GMT
server
nginx
etag
W/"6565ef70-329d"
content-type
application/javascript
cache-control
max-age=604800
alt-svc
h3=":443"; ma=86400
expires
Thu, 15 Feb 2024 02:58:04 GMT
wpgroho.js
www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/modules/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/modules/wpgroho.js?ver=11.5.1
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef5e5f0b35765664c2306f623928124ac103d8e218ad9bd64da51e319d0cc5d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20637
cf-polished
origSize=1953
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 05 Nov 2022 12:28:22 GMT
server
cloudflare
etag
W/"7a1-5ecb8537e46d2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5uhWPjQYO0U6sJGm35pcrv9acq5O446aCIMT7H0AcXq3NujVmY6%2BtOm95ytmHdGOkTL7VHHvUYcEY%2BknKExrvw1SXLuAAmKRCwDGxXIWXzYVDciT%2FBPjM7JdKgR7JO3l8ADrAvP1VAOhI%2FOI3kDXX05xF09TNtGmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7135f6-FRA
expires
Sat, 01 Feb 2025 21:14:07 GMT
imagesloaded.min.js
www.halkynconsulting.co.uk/a/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 12 Sep 2020 23:06:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"15fd-5af25d928150e-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgwpVgaEI1IZEvptL7Vo9N0mtB%2Bfg24t7p7bv670nW%2F99EUqGyN5l9oAmbYhOcGMXYzENNMkDxZzWPDbsX2%2FRubqkaPMoxf5qDcc6NcJx1W7siecSdxT5NDgDQ%2FHAwqDM%2FZr9ncsrkZQqFYZQAoG9qjyNMNQPSzq8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7235f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
theme.min.js
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/theme.min.js?ver=3.3.5
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be5a9e7bcbc5af3b986767a8193c1d9dbb9c7bd2368ba33c25eff7bd7a76987a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"4d4d-5e9d7fcf6b551-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=133qB4Xz%2Fm32rRkNgv%2B7LNpltOuTRkz26ZP9R2OxpU6owHMiTwErL9c5cmalY2RMCcVBdukyh4zwcaBLZWrktcLGKdyX8NerOIg4q84xzEc83dK%2FguMs3S2KqWpxZJ9cBaz06AWz5yteFD4BV1Qi5DVVTcHNxMpjQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7335f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
drop-down-mobile-menu.min.js
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/drop-down-mobile-menu.min.js?ver=3.3.5
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c345ef59fb2b287237939e1cc8cc92028711602334db6d338990a01676f8e45

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
747050
etag
W/"3707-5e9d7fcf65790-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4DnKFnmRLQSVogfgDwH2iF4PnmFua1yGdXZidd%2FKh7cskkmFIeD5ilTKt%2F7lsKDFMkrCGfovFLAlcl5uucf0Fh3p7gOzf0W9FmwXWlct91Qs0tp1e6B4Zk%2F8dDXx0fBKCHW5EhfpmlkfUmTJ0n%2B0e1R%2FEOFVq70IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7435f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 24 Jan 2025 11:27:14 GMT
drop-down-search.min.js
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/drop-down-search.min.js?ver=3.3.5
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca63a56d305249eb4cddeec8a6501010e206e110445f46572be1f2d56a1785fd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"1d74-5e9d7fcf65790-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKmRO4vTfdVgqvXYE6a2bmn9hxf0w53EJeofLiEYJt0pJPn6hyyMcMIprc%2BWATCdjJpESkRe%2Blj1ZgtZ5rWUB%2BurXmk81qQQUbG4JtaB%2BPpg4oyOXZGDRAZt9eQ4%2B8HkhTS94S%2BqMGxuPbS3BVm8QSBOtcfntPp4rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7535f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
magnific-popup.min.js
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/vendors/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/vendors/magnific-popup.min.js?ver=3.3.5
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"4efb-5e9d7fcf5abaf-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWkLvklo7gYRMnWRETuSBm%2FCWFiQeO5OOo6ly6UUpkhOYMT5IC3V0Bek8Cg513kMoGkaEiYwD9CmjTPZS%2FL%2BlIiAT2L3%2F6G%2BIPlPBN7d6Lr80e%2BA5CAXDZqyoJ6rNupvIiTlqj2IIPvCKeXbBMtFHTRHwIExYJWJZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7635f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
ow-lightbox.min.js
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/ow-lightbox.min.js?ver=3.3.5
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6678f5308a4fd9620f440c3e6433920f9a09a9d6465a13888d9638aa23d70191

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"100f-5e9d7fcf6b551-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghDNGvuDuVlRmu08AoPg72aG9shRz5Hgb9ueqLuv9ymdXuVdCXYO0rUmiVqUKenL2JYwQqZ1jaHhl3X8Db8ev2i98AxvhqvZjYOKLgn%2BQ4h4MDaOL4bD6x%2B9w0gmz4E3yTa6sMk%2B33cqrVIYWb3vQcAwEHQzAbUTag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7735f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
flickity.pkgd.min.js
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/vendors/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/vendors/flickity.pkgd.min.js?ver=3.3.5
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66dd4e5c21b276f0f6302f05a0acfaec62edc461993593a028dd7113923f704f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"e0e0-5e9d7fcf5abaf-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xha5sWknHvSXXJCRdBaXj77XFXW9GdGn%2F8Se3IF9wBT3krX43kHyFg6BN48yOYghknuZi8tuR1mTgZha5wdB8R2HDiM8sJHeCb6G39ndOoLdJJoOGnEGEeKg01zMYIIBCkDVyJ0gwfMkEA%2B%2FPRsn5QRcoLmFTHg%2FRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7835f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
ow-slider.min.js
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/ow-slider.min.js?ver=3.3.5
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b817c9b9bb557b34222c4598548f3569a7c8f2bb30b796a6c92d47dd740e4271

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"7d2-5e9d7fcf6b551-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1jFPJvBj25xOaBfDSZdcsNhAhEwdOJmHz%2F0nnzL06Moy%2FcSfoaEscH5Xo7dwxyCArrag0d0tXOVA8tu5lTWjvJ2p%2FD3RfRB2zofmTbx%2F%2BNqTGZrQkameUZS5xySM134BCu6jNI7ObnnsDWvfrQSfhe2VsTrk5ARaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7b35f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
scroll-effect.min.js
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/scroll-effect.min.js?ver=3.3.5
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ece33be05682148470133b0321834dad4007cf718bcf4242115472bf5c0a73d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"3072-5e9d7fcf6b551-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W06xR7d%2FyVivdyU%2FTJ2AQj7iA8BHfpYfYxTo9iZcv%2Fw3toKwGonOLW9FC7cAxgm7VxupM771KRc6lgpfazeEBOuHXjK3sAUtsMiZoVSYwYpj0j5uvit65czv3HJkK%2F%2BTdKW22i1kHZduDflg1zYxL%2FPvQ%2FP5wic79g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7c35f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
scroll-top.min.js
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/scroll-top.min.js?ver=3.3.5
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b27375090fa7a6b1b7953505ccce5ff008db3c23196579db5749f71f0f485304

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"231d-5e9d7fcf6b551-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNiO%2BC2PPCM0thsbGKiBmGYXRI1uTmRO3X1Xg1H5m0fb8e3DyQl01XX%2F7Mgcw0Hu7GW4Qziy1coRjdALsxPMnVqk0DyClv9bbYiaFzGyLqaFLjRev8lQ%2BWj4d5W6kNDI%2BO7jwf3cd7j%2BXKp%2FfHP30M6TKBrZARXCMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7d35f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
select.min.js
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/js/select.min.js?ver=3.3.5
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d05f3a54518cd3ac3a4e9b4cf8c5f0deab037e659299f66a534d00fe10618b64

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"143d-5e9d7fcf6b551-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1mrjc4Gl7wLe0eVeV0AZ7tShe4NzxFFHZrclfJtMgIMNw6a%2FO9e%2FsHw9XCk0XQEvMNRmlpZWxMMZ1LuTzK%2Ffok8R6ywDavccBKCrDWH9Mf9dVQfdQscxRGV7rhCMo44adC2wdJpZoTp3F4RsV91cK84I2PeuijYHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d7e35f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
eu-cookie-law.min.js
www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/build/widgets/eu-cookie-law/eu-cookie-law.min.js?ver=20180522
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9093afac549fa0f24e54a23798dabcc1ca87f3fb1d4449e636a8ea99844527

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Nov 2022 12:28:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"644-5ecb85357849b-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJ8PRBYrrazWSFohH0cnDTmdkbjvHZ3kblslyoCAPdfMEEPMklK%2Ba4Uk9Ei5qPugZF01W3M92N9IJGTWrsgPK%2FNUkjIVzSbvXqWBoqU5E6Qv3ET4bHcI0Y%2BSL9MJd8SsPYjTBG6tRoVddT23RIOwJu%2F3RpKLJ%2Fhh4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d8035f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
intersection-observer.js
www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20637
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 05 Nov 2022 12:28:20 GMT
server
cloudflare
etag
W/"2317-5ecb85364d2f9-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8MgZdiBscWYMvrScQv2DWtAOqrcB7b5%2BPepXArFOm0y9n3nKjw6NAJGqSPFAwnwD3%2FeZfIjKD2OlwN07t8R9i9T5h10AXu06Vg%2Fu%2FFA4cRsSSi%2FsO3m9dReBcyC2nYrry1V6Rpy04nlrgK5g%2F%2FvFd2zYTJ%2FCexmmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d8235f6-FRA
expires
Sat, 01 Feb 2025 21:14:07 GMT
lazy-images.js
www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=8767d0da914b289bd862
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c99ffa666406b233d0791d6f9c7b4675c37ae1e537813b213bc3968a95321355

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
440551
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 05 Nov 2022 12:28:20 GMT
server
cloudflare
etag
W/"93e-5ecb85364d2f9-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxzK4p9s0%2FHDzm8Xl8sZa6zwXDTsbooXRvZI3kEOyJ3V3QM82oDrjtLPideynVuBjIPywTlv5Kr%2BGyZn%2FcKEEfxRgF6FOb%2FnfxXH00jAFczEwRDneWJkLVGfG%2BwCDkZuZNGQ%2FV4zgo0bfOOvo5jLowt%2F1dcuGWxv%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d8335f6-FRA
expires
Tue, 28 Jan 2025 00:35:33 GMT
queuehandler.min.js
www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/build/likes/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/build/likes/queuehandler.min.js?ver=11.5.1
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4759eb9c94c5d6d1cde77ea3a1cb0b09d53e1319c06995125c3755f354edb9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Nov 2022 12:28:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"17c8-5ecb853562cd8-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqArJdrzI50lOA7x3EF1LQFwq%2F%2FzajF5W0I5KhtQISYqiO7vknimXGZHCpX61Jc1gNWhxSjVfmsO4eYin13z%2Bb69II5efDSL12FeTNYweQOTByabBpOPj0z5QPtazNS2n%2FxmwUBfle7wPBHDh2%2FjhLMvxUm9bUol3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d8435f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
jetpack-carousel.min.js
www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/build/carousel/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=11.5.1
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddddc08011f008a21f8b785f568fcb0a3ecb9ebb73ae28422f70504103f8fe1e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Nov 2022 12:28:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"5f3a-5ecb853554276-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtf5HoG8abWydD8%2Ff7H5yocr0alMk6kPlY81CoW%2FdoYDdK9r%2F2PLTkDXVmPAXQ7OxbpBRRNK%2BCEwyw2ry9bkwDWf1ngXPufv1HkW4VgNXByv5LjeNF4iRCkoo0h0GftUgDbRXz%2BO5r4FuY8U6jwMOcgwzjLHVxxG%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d8535f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
sharing.min.js
www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/build/sharedaddy/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=11.5.1
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 05 Nov 2022 12:28:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20637
etag
W/"2145-5ecb85356d8ba-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7aWxLmPaUYv06%2BMuMGo8VLZafFeC%2FXSHXas11PlXABDKC9E3MrysP12zdbYam22212iYydIdKKcHTOLY6IuyLiUtSg6KItW3TO9qph4UqWMANgBwoR%2FOAT8ey0D57XIp9hnHH4a3Ka08YsYf9CLYeD%2BbHmvSkJYww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=290304000
cf-ray
85209bdc3d8635f6-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Feb 2025 21:14:07 GMT
e-202406.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202406.js
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT ams
date
Thu, 08 Feb 2024 02:58:04 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356565.5398
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Mon, 03 Feb 2025 16:29:17 GMT
7twG6vskKCidMfVMCHxTgif7u5c.js
www.halkynconsulting.co.uk/cdn-cgi/apps/body/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/cdn-cgi/apps/body/7twG6vskKCidMfVMCHxTgif7u5c.js
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/cdn-cgi/apps/head/TB6BeFEdq9SroScr2wkhq-dTYaQ.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190cd8bcfc1d8e2fead1f160cc70968df763f76b84e69bc9335cee80e1de893a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:05 GMT
x-amz-version-id
PwAUMrvf3Bj47L9CGkaTwXrLePqwZZgn
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
W947BGT8SSM1ZDJK
age
440551
alt-svc
h3=":443"; ma=86400
x-amz-id-2
DD3s+5CD28WyNOUuJOEUnYpU0QXs3thMggzuUqL7cDLp+uvaSCCDQKzk7ZUZHHidjmNTw+j64iI=
last-modified
Tue, 11 Jul 2017 01:36:29 GMT
server
cloudflare
etag
W/"054bfb643218470729ed0932c1356981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xT%2BCFxb77tyBulmSE4665e4hQFjZDsON%2BZcw%2BnbNKCGU8tod%2FxJOWsA8OA0xqRFsAaOWifIC6G5V%2FW5fQIOMUfHOyaJ0NKonI6ZqG4N3SIVx%2F8ZsLJAFBdXE21p1FVHj8oonLd0cIlG3t0WleBr887rogvZf2I9jNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
85209be0588f35f6-FRA
wp-emoji-release.min.js
www.halkynconsulting.co.uk/a/wp-includes/js/ 		0
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		225 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d91045d9b974feac67afeb398dd1f99c3a5523e30d9b982e5a0810d6f67e324

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
Simple-Line-Icons.woff2
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a

Request headers

Referer
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
Origin
https://www.halkynconsulting.co.uk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:05 GMT
cf-cache-status
MISS
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7570-5e9d7fcf4f02d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNMi9kxVIQRvp68%2BOlbXrJCW3Jjigw9xH3%2BhkmzSexV0Tpjc5kMwDdQoQZuizl8Fk3eUaxlZnvelciuvwgv0coLwxgWMsjD3h5HJHVN9g4W%2BhTe6aj1An0AY3zQIhEtzykhRhYjJ7kyMlz7J5qh%2Bf4FaeQ91%2Btq%2FJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
85209be0a8bb35f6-FRA
alt-svc
h3=":443"; ma=86400
content-length
30064
expires
Thu, 08 Feb 2024 02:58:05 GMT
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e7d52bf5f53348ca036d8381f04bb01c93b3110ccac87ca3cb75fd1ce0a92c6

Request headers

Referer
Origin
https://www.halkynconsulting.co.uk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
fa-solid-900.woff2
www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/fonts/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer
https://www.halkynconsulting.co.uk/a/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
Origin
https://www.halkynconsulting.co.uk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:05 GMT
cf-cache-status
MISS
last-modified
Thu, 29 Sep 2022 21:59:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"139ac-5e9d7fcf4e08d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XufL1qEUO7VN3AN3S48eRbrOiAH1ZECRB6O6h3wDzMwMBw1dVqjN25DZoG5IsrRuhTDPTLutNEZ33f6X0WUy1UBHOHE%2FImRnuWlgxuUyeIQ18qamJv%2BXFIR%2FKJxI9SFj46cPDX3BXYvsenAZxNFBcnj%2Bs9KJUwWcww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
85209be0a8bc35f6-FRA
alt-svc
h3=":443"; ma=86400
content-length
80300
expires
Thu, 08 Feb 2024 02:58:05 GMT
master.html
widgets.wp.com/likes/ Frame 68D4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.wp.com/likes/master.html?ver=202406
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
6b7ef8d2f3fd4cebb645196195e1f21fd4faf547f08b72662ebaf9cbda2ef2bb

Request headers

Referer
https://www.halkynconsulting.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Thu, 08 Feb 2024 02:58:05 GMT
etag
W/"65aa73c3-b70"
last-modified
Fri, 19 Jan 2024 13:06:11 GMT
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-ac
4.ams _dfw MISS
x-nc
HIT ams 2
truncated
/ 		1 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c89a2cf8bf444df7e11af2befd8c1f20a96c34bee6d13270e7692441843395da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=141257429&post=1853&tz=0&srv=www.halkynconsulting.co.uk&j=1%3A11.5.1&host=www.halkynconsulting.co.uk&ref=&fcp=0&rand=0.32582350370828084
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Feb 2024 02:58:05 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
hovercards.min.css
0.gravatar.com/js/hovercards/ 		3 KB
1021 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0.gravatar.com/js/hovercards/hovercards.min.css
Requested by
Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2bca0dae15027898dd6a7536d5b041014f928fbc60d9ce04dd2fa4c5d37d36ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:05 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
last-modified
Wed, 11 Oct 2023 03:50:13 GMT
server
nginx
etag
W/"65261b75-d5d"
content-type
text/css
cache-control
max-age=604800
expires
Thu, 15 Feb 2024 02:58:05 GMT
dfir_cost.png
i0.wp.com/www.halkynconsulting.co.uk/a/wp-content/uploads/2020/11/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.halkynconsulting.co.uk/a/wp-content/uploads/2020/11/dfir_cost.png?w=992&ssl=1
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
9f198a591de4243a1fd61be45eb074c2440fc736828b37ea7f11aaba33ed66cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
188366
x-nc
HIT ams 1
last-modified
Tue, 06 Feb 2024 22:07:19 GMT
server
nginx
etag
"d1c6d4eccfcb7aff"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.halkynconsulting.co.uk/a/wp-content/uploads/2020/11/dfir_cost.png>; rel="canonical"
expires
Fri, 06 Feb 2026 10:07:19 GMT
rlt-proxy.js
s0.wp.com/wp-content/js/ Frame 68D4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
Requested by
Host: widgets.wp.com
URL: https://widgets.wp.com/likes/master.html?ver=202406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f72ea1589b707feb0d369c239e89cc4ca754d70645c76e3a61ba0af9d69bba8c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://widgets.wp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-minify-cache
hit
date
Thu, 08 Feb 2024 02:58:05 GMT
content-encoding
br
x-ac
4.ams _dfw MISS
x-minify
t
alt-svc
h3=":443"; ma=86400
x-nc
HIT ams 2
server
nginx
etag
W/7325-1684465206729.7068
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 30 May 2024 14:44:30 GMT
/
s0.wp.com/_static/ Frame 68D4 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20240112
Requested by
Host: widgets.wp.com
URL: https://widgets.wp.com/likes/master.html?ver=202406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2731dda6fe9b98114c7b8ad48215d44fad9e0074ef28210cafe07443eb17a0f8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://widgets.wp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Thu, 08 Feb 2024 02:58:05 GMT
content-encoding
br
last-modified
Tue, 23 Jan 2024 10:07:16 GMT
server
nginx
etag
W/"65af8fd4-16b52"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 Jan 2025 10:12:58 GMT
/
public-api.wordpress.com/wp-admin/rest-proxy/ Frame 4787 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public-api.wordpress.com/wp-admin/rest-proxy/
Requested by
Host: s0.wp.com
URL: https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20240112
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.22 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cb6af707ec628bb1798235eca73cdccb92608977e4680a4c60c308bf230e6032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://widgets.wp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 08 Feb 2024 02:58:05 GMT
p3p
CP="CAO PSA OUR"
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.ams _dfw BYPASS
cyberattacks_inevitable_need_DFIR.png
i0.wp.com/www.halkynconsulting.co.uk/a/wp-content/uploads/2020/11/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/www.halkynconsulting.co.uk/a/wp-content/uploads/2020/11/cyberattacks_inevitable_need_DFIR.png?resize=215%2C300&ssl=1
Requested by
Host: www.halkynconsulting.co.uk
URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
67cc678d7f3b537dc15cae2d40706a8af3dbf39af989652355d8ce938caba218
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.halkynconsulting.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 02:58:05 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
42306
x-nc
MISS ams 3
last-modified
Thu, 08 Feb 2024 02:58:05 GMT
server
nginx
etag
"329aaca048265f2b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://www.halkynconsulting.co.uk/a/wp-content/uploads/2020/11/cyberattacks_inevitable_need_DFIR.png>; rel="canonical"
expires
Sat, 07 Feb 2026 14:58:05 GMT
rlt-proxy.js
s0.wp.com/wp-content/js/ Frame 4787 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
Requested by
Host: public-api.wordpress.com
URL: https://public-api.wordpress.com/wp-admin/rest-proxy/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f72ea1589b707feb0d369c239e89cc4ca754d70645c76e3a61ba0af9d69bba8c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://public-api.wordpress.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-minify-cache
hit
date
Thu, 08 Feb 2024 02:58:05 GMT
content-encoding
br
x-ac
4.ams _dfw MISS
x-minify
t
alt-svc
h3=":443"; ma=86400
x-nc
HIT ams 2
server
nginx
etag
W/7325-1684465206729.7068
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
expires
Thu, 30 May 2024 14:44:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.halkynconsulting.co.uk
URL
http://www.halkynconsulting.co.uk/a/wp-includes/js/wp-emoji-release.min.js?ver=21e019870aac163dd1da7a5e5bb4c167

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Eager object| CloudflareApps object| _wpemojiSettings undefined| $ function| jQuery object| WPCOM_sharing_counts object| Gravatar object| WPGroHo function| EvEmitter function| imagesLoaded object| oceanwpLocalize object| oceanwp function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger object| jetpackLazyImagesL10n object| jetpackSwiperLibraryPath object| jetpackCarouselStrings object| sharing_js_options object| WPCOMSharing undefined| windowOpen object| _stq function| st_go function| linktracker_init object| wpcom

0 Cookies

3 Console Messages

Source Level URL
Text
security error URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/(Line 53)
Message:
Mixed Content: The page at 'https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/' was loaded over HTTPS, but requested an insecure script 'http://www.halkynconsulting.co.uk/a/wp-includes/js/wp-emoji-release.min.js?ver=21e019870aac163dd1da7a5e5bb4c167'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.halkynconsulting.co.uk/a/2020/11/dfir-with-low-cost-or-free-tools/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.gravatar.com
i0.wp.com
pixel.wp.com
public-api.wordpress.com
s0.wp.com
secure.gravatar.com
stats.wp.com
widgets.wp.com
www.halkynconsulting.co.uk
www.halkynconsulting.co.uk
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.22
2a04:fa87:fffe::c000:4902
2a06:98c1:3121::3
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
131f6b765e798866d728f95661b78bbf269c86482ffff0fa8c08e18a1a65cc89
1574df8a818ef7c0bd6510d777168fd402c91e77a069f8978ef116761439450a
187af6783dd59cd3b9dd90e77b3daa1509c1c3c18f5ce5d6fe2133f9bc3828df
190cd8bcfc1d8e2fead1f160cc70968df763f76b84e69bc9335cee80e1de893a
1d91045d9b974feac67afeb398dd1f99c3a5523e30d9b982e5a0810d6f67e324
2731dda6fe9b98114c7b8ad48215d44fad9e0074ef28210cafe07443eb17a0f8
2bca0dae15027898dd6a7536d5b041014f928fbc60d9ce04dd2fa4c5d37d36ad
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
4ef5e5f0b35765664c2306f623928124ac103d8e218ad9bd64da51e319d0cc5d
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07
5e7d52bf5f53348ca036d8381f04bb01c93b3110ccac87ca3cb75fd1ce0a92c6
6678f5308a4fd9620f440c3e6433920f9a09a9d6465a13888d9638aa23d70191
66dd4e5c21b276f0f6302f05a0acfaec62edc461993593a028dd7113923f704f
67cc678d7f3b537dc15cae2d40706a8af3dbf39af989652355d8ce938caba218
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b7ef8d2f3fd4cebb645196195e1f21fd4faf547f08b72662ebaf9cbda2ef2bb
6ece33be05682148470133b0321834dad4007cf718bcf4242115472bf5c0a73d
7c345ef59fb2b287237939e1cc8cc92028711602334db6d338990a01676f8e45
96852267480e97e11f1058af3c56a86368b3c6647c2c4de7a69de2a693be9f68
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e
9f198a591de4243a1fd61be45eb074c2440fc736828b37ea7f11aaba33ed66cf
9f9093afac549fa0f24e54a23798dabcc1ca87f3fb1d4449e636a8ea99844527
a4759eb9c94c5d6d1cde77ea3a1cb0b09d53e1319c06995125c3755f354edb9e
ac78c8f735e2d541abe25e0234b8ea6796d53e1c0bd8c325b9298c82884e9bda
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b27375090fa7a6b1b7953505ccce5ff008db3c23196579db5749f71f0f485304
b2de7af4a8b6727de6cd65e33fa11348f31b9b207670179c09f4dbedba093f6b
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b817c9b9bb557b34222c4598548f3569a7c8f2bb30b796a6c92d47dd740e4271
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
be5a9e7bcbc5af3b986767a8193c1d9dbb9c7bd2368ba33c25eff7bd7a76987a
c493875ea907c37e2ef7b9560f75ad5dd918121a0f42889eda351ccab0373eb1
c56e851a0803c43ff8adb5caeb0caf6439a99d0991deceff878a4124dca317d9
c89a2cf8bf444df7e11af2befd8c1f20a96c34bee6d13270e7692441843395da
c99ffa666406b233d0791d6f9c7b4675c37ae1e537813b213bc3968a95321355
ca63a56d305249eb4cddeec8a6501010e206e110445f46572be1f2d56a1785fd
cb6af707ec628bb1798235eca73cdccb92608977e4680a4c60c308bf230e6032
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d05f3a54518cd3ac3a4e9b4cf8c5f0deab037e659299f66a534d00fe10618b64
ddddc08011f008a21f8b785f568fcb0a3ecb9ebb73ae28422f70504103f8fe1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f72ea1589b707feb0d369c239e89cc4ca754d70645c76e3a61ba0af9d69bba8c
fe41a7936fba4a26a21face5fbb35961e74b9b11eb9e78fa26560f6986be6ed8
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869