firststeps.nz Open in urlscan Pro
104.21.112.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://firststeps.nz/#ce
Effective URL:
https://firststeps.nz/
Submission Tags: 0xscam
Submission: On December 12 via api (December 12th 2024, 1:06:07 pm UTC) from US — Scanned from NZ

Summary HTTP 90 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 90 HTTP transactions. The main IP is 104.21.112.1, located in and belongs to CLOUDFLARENET, US. The main domain is firststeps.nz.
TLS certificate: Issued by WE1 on November 9th 2024. Valid for: 3 months.

This is the only time firststeps.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 58	104.21.112.1 104.21.112.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4007:82c::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
3	2404:6800:400... 2404:6800:4006:804::2008	15169 (GOOGLE) (GOOGLE)
9	142.250.195.35 142.250.195.35	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4007:810::200e	15169 (GOOGLE) (GOOGLE)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4007:80f::200e	15169 (GOOGLE) (GOOGLE)
2	157.240.8.35 157.240.8.35	32934 (FACEBOOK) (FACEBOOK)
1	142.250.193.100 142.250.193.100	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4007:823::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::69 2620:1ec:bdf::69	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.195.200 142.250.195.200	15169 (GOOGLE) (GOOGLE)
2	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.195.78 142.250.195.78	15169 (GOOGLE) (GOOGLE)
1 2	20.125.62.241 20.125.62.241	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
90	18

58 104.21.112.1 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

firststeps.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4007:82c::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4006:804::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.195.35 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s37-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4007:810::200e (Australia)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4007:80f::200e (Australia)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.193.100 (United States)

ASN15169 (GOOGLE, US)
PTR: maa05s24-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4007:823::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::69 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.195.200 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s42-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.195.78 (United States)

ASN15169 (GOOGLE, US)
PTR: maa03s38-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.125.62.241 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	firststeps.nz 1 redirects firststeps.nz	2 MB
9	gstatic.com fonts.gstatic.com	342 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 p.clarity.ms — Cisco Umbrella Rank: 9040 c.clarity.ms — Cisco Umbrella Rank: 1269	31 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	339 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	53 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	76 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 205	777 B
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 2102 Failed
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
90	13

	Domain	Requested by
58	firststeps.nz	1 redirects firststeps.nz
9	fonts.gstatic.com	firststeps.nz
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	firststeps.nz www.googletagmanager.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	p.clarity.ms	www.clarity.ms
2	www.clarity.ms	firststeps.nz www.clarity.ms
2	www.facebook.com	firststeps.nz
2	www.youtube.com	firststeps.nz
2	connect.facebook.net	firststeps.nz connect.facebook.net
1	c.bing.com	1 redirects
1	www.google.com	www.googletagmanager.com
1	player.vimeo.com	firststeps.nz
1	code.jquery.com	firststeps.nz
1	fonts.googleapis.com	firststeps.nz
90	15

This site contains links to these domains. Also see Links.

Domain
wellbeing.firststeps.nz
aucklandchamber.co.nz
fuelmedia.co.nz

Subject Issuer	Validity	Valid
firststeps.nz WE1	`2024-11-09` - `2025-02-07`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.google-analytics.com WE2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
vimeo.com WE1	`2024-11-23` - `2025-02-21`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://firststeps.nz/
Frame ID: F6B81035EA216A1475FCD75C7C5598C8
Requests: 85 HTTP requests in this frame

Frame: https://player.vimeo.com/video/933095295?dnt=1&app_id=122963
Frame ID: 6258ED9BAEB1494B4597901EE0FBFF40
Requests: 1 HTTP requests in this frame

Frame: https://firststeps.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: FB1F831BCC55CBD4AD9591C4370176CF
Requests: 2 HTTP requests in this frame

Frame: https://player.vimeo.com/video/933095295?dnt=1&app_id=122963
Frame ID: 747129DA30F6FA7E0B202610416E318C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/quxDY7QPWm4?feature=oembed
Frame ID: FBFF3AE8FE08A8BBC95CDBE6BE4020D5
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Ffirststeps.nz
Frame ID: B20E7804BCC6445FCDAD554AA038D8B1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wellbeing support for NZ business owners & leaders | First Steps

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

90
Requests

97 %
HTTPS

44 %
IPv6

13
Domains

15
Subdomains

18
IPs

3
Countries

3262 kB
Transfer

6034 kB
Size

23
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://wellbeing.firststeps.nz/
Title: Workplace Wellbeing

Search URL Search Domain Scan URL

URL: https://aucklandchamber.co.nz/

Search URL Search Domain Scan URL

URL: https://fuelmedia.co.nz/
Title: Fuel Media Ltd.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://firststeps.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://firststeps.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

Request Chain 86

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3D658EC5093344DEA3F1A74AFD4BCC6B&RedC=c.clarity.ms&MXFR=06963FB432B36E11369E2AE736B360B4 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3D658EC5093344DEA3F1A74AFD4BCC6B&MUID=33DFCE4E468E674B0B87DB1D47BC66AB

90 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
firststeps.nz/ 113 KB
25 KB 85ms
53ms Document
text/html 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db22f3ad7b6a37e7a2db1a378d04e9a6a910ad3050a6521cb2df0b0d57d799c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 90
alt-svc: h3=":443"; ma=86400
cache-provider: CLOUDWAYS-CACHE-DC
cf-cache-status: HIT
cf-ray: 8f0dedd918a8508b-AKL
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Thu, 12 Dec 2024 13:05:59 GMT
last-modified: Thu, 12 Dec 2024 11:36:06 GMT
link: <https://firststeps.nz/wp-json/>; rel="https://api.w.org/", <https://firststeps.nz/wp-json/wp/v2/pages/17>; rel="alternate"; title="JSON"; type="application/json", <https://firststeps.nz/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V1k2CdxlmcMA%2FUWbbPPSn0weiZm%2B9Y%2FGIJlPzrw39HDysazM7dxqBwAM7oQFmd2Fzao0vJhwXzVunsJn1SuujWurl5shJ6V9vtABU21XHn17wRTeuCxjTBxIn01ryK%2FN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: wp-before-template;dur=1368.25
vary: Accept-Encoding
x-cache: HIT

GET
H3 200 style.min.css
firststeps.nz/wp-content/plugins/divi-plus/styles/ 15 KB
2 KB 46ms
45ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-plus/styles/style.min.css?ver=1.9.10
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262f95a21579de88a1ed120cb3f4abb7190e8568fd04626fb5090525c1935df7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306da-3caa"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHQJPYS9x34UbbnONr0wtam9RQmtFnOgkxSgHch1jgnyZsMrWxkJ6wRfRkrv%2FWuB7pLqRCCi5FMmbnnR%2B6vsYOYS7fXcsfS%2BDspaCMonuBP99vLBRSYLB0LoR6yEcjj%2F"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedd998a9508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 00:05:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 style.min.css
firststeps.nz/wp-content/plugins/divi-video-gallery/styles/ 6 KB
2 KB 40ms
37ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-video-gallery/styles/style.min.css?ver=1.7.0
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46bce7574945bfbb9b0cd1b0d4b6ed86c005f386971d18be887f27b91ddafcb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306d9-17df"
age: 1187105
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJWEyw3lnnFl0ns32uzECddmpYGxQ9z8JEgDU%2BoHevrDMXAgS9mX622WQjKX87GqT9rdj9Vl4sABtCz7zWRktd26KfCfv%2Ba3fI8a2S5WjfwwMqtJYKE%2F48ACLHE%2BFXoX"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedd9a8aa508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 00:05:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 pum-site.min.css
firststeps.nz/wp-content/plugins/popup-maker/assets/css/ 7 KB
2 KB 73ms
70ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/popup-maker/assets/css/pum-site.min.css?ver=1.20.3
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06426e1783a3dc6fab29210281521c98ccb076051a2f5ece115ae1be31ed4f7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67557cb9-1d37"
age: 350455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=scEntW6Pzf3deHK3AccdTKQVBRW%2Bgxhwb71i%2BzoFMVF5wvxP6LCB8LrZBrAPMlCNxIaRqM88T%2FWbFGFPCYnRaLl1qooiss4sWjUGsAkVAzfX4Wa8cRuL65YVKnFq54Ss"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedd9a8ab508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Sun, 08 Dec 2024 11:02:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 644ms
227ms Stylesheet
text/css 2404:6800:4007:82c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4007:82c::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c445d2ae619f3e88627f553bd2f0e8ed5c4470d0b94624aab47c529a16cc010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 13:05:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 12 Dec 2024 11:23:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 style-static.min.css
firststeps.nz/wp-content/themes/Divi/ 805 KB
78 KB 45ms
42ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/themes/Divi/style-static.min.css?ver=1733952947
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6d893ca9e0fbb28b777a7fc4c0c822f24fdb0228d3e82577cc25f55223e2498

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"675a0442-c957b"
age: 55365
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APseY2Jrm7ssw42xrmd0p%2FiG9IkVyZ67d7lGtYG%2B9tIKcgmwcvtLmD6cV8PiWlaSrKxj3%2F65sYoNMl%2Fw3mVnE9jHPzt22ekjSWf%2BjiD63sGVZUoJPSotkaXWdNRLtlPn"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedd9a8ac508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Wed, 11 Dec 2024 21:29:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 style.css
firststeps.nz/wp-content/themes/first-steps-nz-custom-theme/ 293 B
633 B 73ms
70ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/themes/first-steps-nz-custom-theme/style.css?ver=1733952947
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e767803f80e40733fcf2ee59691a6ea71424496ac80f22ba8b774b4702d61b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66230683-125"
age: 55365
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaTa3%2Ft9owlhpd8c1tdL7WRNB9lN2Y58sBnBPUm0X2SdwZqsph%2BmEjglKHuXRgPyftadpdRl26qVj3o1T7ksSm71ki%2FYXYLVgSqENcIHMY4AMiCQG%2FK6m346de0dCehy"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedd9a8ad508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 00:04:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
31 KB 98ms
31ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer: https://firststeps.nz/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15e40"
age: 4000746
x-cache: HIT, HIT
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 34781, 14171
x-served-by: cache-lga21975-LGA, cache-akl10322-AKL
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1734008759.366503,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30957
server: nginx

GET
H3 200 et-core-unified-tb-133-17.min.css
firststeps.nz/wp-content/et-cache/17/ 14 KB
3 KB 130ms
128ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/et-cache/17/et-core-unified-tb-133-17.min.css?ver=1734000305
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc0beb3e14383b433b2199adc9ac10306b54910ea1274920e9de5ac58f7914f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"675abeb1-38f0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVBT4Y0P71F0ruMha1tBPTirgeYqyz45ra%2F70n%2F6vpDQErWgp6RpBvTugsELgyFEUKsoka3i6PBBCFMuKfx6xdAvj3VHdCNcvLKYmBLUIgbzlU0ohp5cT3xBOUytnrgL"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedd9a8ae508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Thu, 12 Dec 2024 10:45:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 et-core-unified-17.min.css
firststeps.nz/wp-content/et-cache/17/ 5 KB
2 KB 133ms
131ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/et-cache/17/et-core-unified-17.min.css?ver=1734000302
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73c34034281a90b91f5bf737355dc3870c93eb35726cf6ddfae64c69d979139f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"675abeae-14d5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xAQtCjZ26tddSmUNjGKIIRxHXaZyNwA%2BH%2BHdHDxz3xPCG5jjrqD00w9Ta4U0lQCprWjs7HocFUECGAsYJd2oRw23RGwHZTY5tvE141ttd3aPa1nlkBmv8Oht1zCq%2FRz7"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedd9a8af508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Thu, 12 Dec 2024 10:45:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 et-core-unified-tb-133-deferred-17.min.css
firststeps.nz/wp-content/et-cache/17/ 21 KB
3 KB 163ms
161ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/et-cache/17/et-core-unified-tb-133-deferred-17.min.css?ver=1734000305
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce04a30a05299e80ba18c4d1f411c8496c4017ac35df9934dba09450d7effd9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"675abeb1-5317"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FS4RslVZYAJCBdg8wqStSHnguxLrrZTwbxG3UDmSU74%2F5qptni065%2FO42pHoRAAyXiIrKkOhv765R%2B%2B1rNgF8w0q%2FIUQzi6SODK0ZyIx4xzp%2Byk7bnZrT%2B0xKrfPltqP"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedd9a8b0508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Thu, 12 Dec 2024 10:45:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Final-FS-LOGO.png
firststeps.nz/wp-content/uploads/2022/10/ 20 KB
20 KB 39ms
39ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2022/10/Final-FS-LOGO.png
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 949d49da7d0b0de29d32fe02395fd040087c16c1438005e853187ae62f594db5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66230632-4eb8"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69XrqhJSV%2FUmHu12aURipNrx10nlBrB6P%2BzoFUM0bjMvCjhtvr8WX20PBwIiPHQjfkMhBWfzWqG8PYsW0ZF9ceLt9PDUnhEHnOXRP2CbDME89Zijh3%2BOUAxSOykkiP11"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddaa8b2508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 20152
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 00:02:58 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 FSNZ-Funding.jpg
firststeps.nz/wp-content/uploads/2023/05/ 222 KB
223 KB 72ms
70ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2023/05/FSNZ-Funding.jpg
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2804b940ea48ac1eb1f3b8f05dccc2b667c7b2da7d80136dec04d564fb114526

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66230682-379b8"
age: 1428309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lN8YPjz%2BluCUDbECWh4sQr7Oxcb6vJzeRZlPNoZkO941jpbaYOPzFz8sCqEMZk5EHSN8kAK601NXq6Al2devUdZwYpDjBxYpY9wjGomK77A23MiGFH48c%2BaReAIJMXbq"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedd9a8b1508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 227768
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: image/jpeg
last-modified: Sat, 20 Apr 2024 00:04:18 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 ema.png
firststeps.nz/wp-content/uploads/2022/10/ 32 KB
32 KB 40ms
39ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2022/10/ema.png
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f34487431c86efd2659f8dfc5db0ecd1593e8db2a1d6855525bdcfb63e83c4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66230652-7e86"
age: 1193129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1CdO86oHEC3dneFFbl%2FoUpIjLVfiN%2BX6fWJSRqPFIy%2FFDAhyVzz6TELOYLEufolDEGpPLK%2BGQoqhsTRsLsF8stoB1rC0gn8l%2FMOJRIeXhdgkd79Q55vMJ7Ye%2BuhSnOm"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddaa8b3508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 32390
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 00:03:30 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 MBIE-logo-1.png
firststeps.nz/wp-content/uploads/2022/10/ 20 KB
21 KB 40ms
39ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2022/10/MBIE-logo-1.png
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84f2f2d7120c16f2a00cebb395983b4d62aa2e22ea33d02d9c651c94a9c200a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "6623067d-5080"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57Dzt8b7x%2F5chnYztmk9SiGCgSxMKqXTk2nKEyjgFxfEgYyulUbvLxOyYIJdnyGtJsRZQuFep17stavS4ZsqhlWBj%2BfkXaYDNlzvcPvwrellD9AU%2BdSFxMg8bRknI%2BEe"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddaf8b4508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 20608
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 00:04:13 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 nzchamber-logo.png
firststeps.nz/wp-content/uploads/2022/10/ 66 KB
66 KB 43ms
43ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2022/10/nzchamber-logo.png
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf0b6f9a52720dd461c831ee6aa9231031c19931f78c979a0fd18edb9c61e486

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66230673-10711"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BBHEg3YoBJy9NcfuAFF8XCinRo45eaOyouM%2BAQH9%2B7EYbP%2Ba%2B%2BMftPtwP4TxRxiZs3HZ7N1bP0ErTdyHPOtHSiHaHOVZ8oWJo1kS%2F0GINxegihyRKzoyzxTjIlSG2wAd"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddaf8b5508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 67345
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 00:04:03 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 pacific-business-trust.jpg
firststeps.nz/wp-content/uploads/2022/10/ 55 KB
55 KB 53ms
51ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2022/10/pacific-business-trust.jpg
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d54c5bcb194ec5e5402227aaee4325c636a1523761f003cc0ac2dc12bac40fec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66230678-dba6"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHRTdCM7164T0f4BO2u6lpIA5JY8BQ2fKWlRUv7bekoySD3LraVddIIAQAxAPnUYcSfthchyQEQla1GZC70yGDb7p7NJcs9SIAjjstQ7N38tdqtpJeyZMl0%2FEuzIcxpE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedde58d3508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 56230
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: image/jpeg
last-modified: Sat, 20 Apr 2024 00:04:08 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 whariki-logo.png
firststeps.nz/wp-content/uploads/2022/10/ 4 KB
5 KB 53ms
51ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2022/10/whariki-logo.png
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0fab8ce6de4d485136d99737d7c2e9a0699aa8be685792091f2a91c31e96252

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66230689-1183"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKOmiqAExTFbdfg90A2b91UbpxQ59tmvgMU0ZQllyO3nIW92AS3pOf%2FbaxcmaptipvRSMfJlPejFn2mROHOeUuhoM4Ey5ehc7neDX2VMFy8hLZnqc6RbatfBQJ5HfmN3"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedde58d4508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4483
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 00:04:25 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 mediaelementplayer-legacy.min.css
firststeps.nz/wp-includes/js/mediaelement/ 11 KB
3 KB 39ms
38ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306da-2bf8"
age: 1430434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pc9MQGySWPcQ1DkHrb059BeFvlNj6%2FWtaZC3D%2Bgq4nfteKRYM%2FHSKuaKYr3nboZ1WgM3nvS1SBqQpjE5ylf0uj2G7Ui7NG1pOsC1NCM2nsg%2BjqZDSCNSlQS7uVn8WSFW"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddb38b6508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 00:05:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 wp-mediaelement.min.css
firststeps.nz/wp-includes/js/mediaelement/ 4 KB
2 KB 40ms
40ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=c03b63f4d9196b458a5716c4df8db79a
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306da-105a"
age: 1430434
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fKlSkmH3C4AcxoNecdPLA0qIza8E1ezs9j0KAV%2BEwTNG26H3t7k7r7M26K8VP4VDoWOnFF2BRXxbXUWeda9ZG8kdYtFLY8GsmvzrAzf%2BiFUjtlv2a4UXycsY0KRSHuP6"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddb48b7508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 00:05:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 swiper.min.css
firststeps.nz/wp-content/plugins/divi-plus/includes/assets/css/swiper/ 15 KB
5 KB 39ms
39ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-plus/includes/assets/css/swiper/swiper.min.css?ver=6.4.5
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6357205de078b3f4cd5c044e0ec78ac4f482c3087c385f1fc24fb4141f884a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306dd-3db4"
age: 1430470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DA4jTubLiP7Cr5%2BtJZwLOLIMByjfFPV8%2FDLDz083%2Bj8cCvZouJtySApwATjmjvxRQ5RFjtlwbynxgsj2oaO22hxcMvi1pGIGMjcnN93wHaTIsXSUCQLFBRnxAO2QyMWy"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddb78b9508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 00:05:49 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 diplSwiper.min.css
firststeps.nz/wp-content/plugins/divi-plus/styles/ 4 KB
1 KB 50ms
50ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-plus/styles/diplSwiper.min.css?ver=1.0.0
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b431a886aa072e81ef7b7f1a93c5fdf584b8923ef847525c037a75bdc30ae55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306db-1054"
age: 1430470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPl2tOlHDtf7dlWQdCtWm2eksyhFeUbyus%2BCHBI0Ah8bglfj5HyWqfbozDBSWO3efwMRNl5VjhzXwzhaV%2FhwpaXWTsLvHQuUu83H%2BHY4NnGc80wcGmSQbypCGYeKKUx2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddb88ba508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 00:05:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 style.min.css
firststeps.nz/wp-content/plugins/divi-plus/includes/modules/LogoSlider/ 370 B
616 B 40ms
40ms Stylesheet
text/css 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-plus/includes/modules/LogoSlider/style.min.css?ver=1.0.0
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29b2eef42da6e72a112d814c64e36861bf5ae4a299421c9d5b94731f906e695

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306da-172"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lqNfw%2BvBFGbgK43TwYpdvApo9zxmS7K%2BH7shAlSqcKvyapHZsl%2Fx6y3iAdVsqugfOz%2BsU6R6rm7QS5R%2FqYq3qZUgg3kIYIDj2dmFTyZIcbTpcMckY9fD5bHx1wxh27T4"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddbb8bb508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: text/css
last-modified: Sat, 20 Apr 2024 00:05:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery.min.js Show response
firststeps.nz/wp-includes/js/jquery/ 86 KB
30 KB 39ms
36ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306dc-15601"
age: 1430470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=94JexhutWPgwkpC%2BE3xFRVCpzSX0ItoBNLZQR8E%2FObZJYzK7FNqljsmFtPvVSFwsxGNCurM8utXrAXa%2B5k4oTYt%2F%2BYyEbDKQSud17uaBATop%2FP6byKRVmY0OvKomW9Zv"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddbd8bc508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
firststeps.nz/wp-includes/js/jquery/ 13 KB
5 KB 40ms
40ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306da-3509"
age: 1430470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vs3n1WJKtXBcoyFriy9ckK%2FTZ9EPchoNrlwctiW1QYfAS0gr4ePfo1j50o0QzC4FI4rHd%2FXDZJL20zt4c4ddBMcD%2FdKQlJJZHTCR2FPHcMXS5sWErwhsVkGz%2FoqZ7quA"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddbf8bd508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 magnific-popup.min.js Show response
firststeps.nz/wp-content/plugins/divi-video-gallery//scripts/ 22 KB
9 KB 49ms
49ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-video-gallery//scripts/magnific-popup.min.js?ver=1.3.0
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306d9-5902"
age: 1430470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1hqHXauqnRuQ3k01BN2Xr3dJV3hu9LijF%2BbsH8oa9q4Btg33ya2V%2FnTwfOLGRP2y4nqCgxgDwSDgQmSLTldBO7ELXBBYyWYEISfPq0Rwipv%2Ft8jklU5FxizFKoOByjGH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddc28be508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 lazyload.min.js Show response
firststeps.nz/wp-content/plugins/divi-video-gallery//scripts/ 2 KB
1 KB 44ms
44ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-video-gallery//scripts/lazyload.min.js?ver=1.0.0
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306d9-8a2"
age: 1430470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DWJ2GRTABSl6ZO%2Bl44aPf95Ikpv03MrlUXlvRwxx%2BqKlPMzQk0El2ymKAIUZLt7eeW2Pnc4IyZykhm7ZN2Dx6yWBbtOjHHcEq4dzcXX9Zoz%2FZOw6MJH%2BEmXCHn3%2FhpWX"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddc48bf508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 iframe_api.min.js Show response
firststeps.nz/wp-content/plugins/divi-video-gallery//scripts/ 980 B
993 B 41ms
40ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-video-gallery//scripts/iframe_api.min.js?ver=1.0.0
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49980ecacc2b4dd83e296b9262a982a7c490eb68757b425a4a5cf444317ca3c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306da-3d4"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T6lo0LxjvuWHE3EDeo0xTyg2b4XaRov9G0efJrWqz1t7w2XdsdGTU59fhvaFyTo58fMct%2F7eL5eMCQ%2BQzW1VZ3LSGuKvwK8NfIU7NnOA8brNElp%2Fi08SHkR3oThRyZjN"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddc88c0508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 vimeo-player.min.js Show response
firststeps.nz/wp-content/plugins/divi-video-gallery//scripts/ 20 KB
6 KB 40ms
40ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-video-gallery//scripts/vimeo-player.min.js?ver=1.0.0
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c580e50f2df6739be4d12863694b740885c8aa6edbc80d87768f1af88f1005

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306d9-5022"
age: 1430470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mx8v2pqM4bWG6RLVRM3waqN2o%2BXMuYOGKF5JOl7G6j4wfYdyebjLfEt3xs%2Bl37urSh2kckACGbz%2BJMZPN4FYWJbBTUTRifqrdwJFlgjKkdES9t2Z7uH5l1fT62XM2HHG"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddca8c1508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 functions.min.js Show response
firststeps.nz/wp-content/plugins/divi-video-gallery//scripts/ 16 KB
4 KB 40ms
39ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-video-gallery//scripts/functions.min.js?ver=1.8.0
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b57b2338886e18d9f9706fc712a9518c6e24500f26f230a784c203090e26cc8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306da-3e4a"
age: 1430470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDYRqcqx28VSMykBOLlOGE3NE49Q2X4D9e7a0KtZSO58j3aG2JHNt8lCEW95pgzTdfZ3QYfn4%2F4b0gGSppGCNNh7J2sZj%2FwvaFmfc1eZt%2B%2BApUbdxrXXRAMgpfO8pKJL"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddcc8c2508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 scripts.min.js Show response
firststeps.nz/wp-content/themes/Divi/js/ 268 KB
69 KB 39ms
39ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/themes/Divi/js/scripts.min.js?ver=1733952947
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad97778077e648e9c0adbd33005dd7d89fc0313a9b6caef7bf29ed253af8a312

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"675a0441-42f9f"
age: 55364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUgp2YTksDYM9fEKCQAXePQbJTRiKOFMAPkmUnKm9hpUXDNGnkTQKYhYVEBBNUk1SbYOSJ0J%2BNiR2EhAcmVs%2FVGRrV298GiQl8GB7b99tyFQjIhGPN4LPogHk6ykDxRT"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddce8c3508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 21:29:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 frontend-bundle.min.js Show response
firststeps.nz/wp-content/plugins/divi-plus/scripts/ 18 KB
5 KB 39ms
39ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-plus/scripts/frontend-bundle.min.js?ver=1.9.10
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 817e8e71584d39a063b7972cd4a4a2fe17b4619763e864842818141195c3768d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306db-4757"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HEPOLncS3yoOcvRa2sl4ocucjUYj6T6ylEIPlPRLTjQsLGlF%2B2R0PSsV%2FKcgIaXzNH%2Fe%2BaODe5kpAcgZh5Kf3RAFvca4CUYlaEL3ELTZAWH9wfW1uRVML21XxNm5JS58"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddd08c4508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 frontend-bundle.min.js Show response
firststeps.nz/wp-content/plugins/divi-video-gallery/scripts/ 586 B
747 B 41ms
41ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-video-gallery/scripts/frontend-bundle.min.js?ver=1.7.0
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c2638317c12c9c4fe535c3b7229b3aa82100a4dfe844438e431bee6a54a01f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306d9-24a"
age: 1430470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTJ3JQ72HGR0FXwsZMshWkN5UrPvmoOMQhbxgazUz3srCBSOoVZLVeEcCe0R9pEtnsxseioK0jnjdRIYcGorKZnW7KWhlRj5qmAdeUYqZdOx6zbI0tbWZqU6HRygW%2BcC"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddd38c5508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 public.js Show response
firststeps.nz/wp-content/plugins/html-forms/assets/js/ 6 KB
3 KB 49ms
47ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/html-forms/assets/js/public.js?ver=1.4.2
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c70d0f37fe3ef48c754bd1f11a7d30f052393a98fc4677f719569bd58e3713c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6739efaa-17da"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HI6xPG2L4g3wyvVnE%2BBVYz7qPROzNInlEzdEiuW%2BrWfAMvsW9J%2BDravkjJVUI4Xz0RcpgztTuX41Wo%2BdzhqthAYcZXvwIf9n0Kz9uCfy8iKOge7CQwFLZEmSW%2FVUNTaE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedde58d6508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: application/javascript
last-modified: Sun, 17 Nov 2024 13:29:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 core.min.js Show response
firststeps.nz/wp-includes/js/jquery/ui/ 21 KB
7 KB 39ms
39ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"669cdbc5-53d8"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cffhOxIvysYWgfmctX64ko3N7vqgvRzpln0PLfPz8K6gCReTqOY3%2FwFXBgwjh5%2Fo3nUhPSMfa9aRCmm8mrQnFk1XHvQ6wBBj33tu2pulofK%2BXVgHSe%2BH9dZ88Ps%2Fxd%2BV"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddd58c6508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sun, 21 Jul 2024 09:58:29 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 site.min.js Show response
firststeps.nz/wp-content/plugins/popup-maker/assets/js/ 68 KB
17 KB 41ms
41ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.20.3
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1b876927afd86b5b4b26a807bf2b5adb33f10e738844d50c99d9fdd13762d56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67557cb9-11078"
age: 350455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyE%2BFCtGEvWqozqURbLSx3lvftuLRXOAiJe06c2Y8THseEmV75vYgjuo4bkx7N%2Bgq8V62FrtovQl3Ah1LHb6r5TMlMBv%2F2bSX3fCLtnf6kMUco2i%2B31ivJuOGprlJgzK"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddd78c7508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sun, 08 Dec 2024 11:02:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 common.js Show response
firststeps.nz/wp-content/themes/Divi/core/admin/js/ 1 KB
1000 B 38ms
38ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/themes/Divi/core/admin/js/common.js?ver=1733952947
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"675a0441-53f"
age: 55364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ZRmf7r1XdwZWIuhcJR6zuN4y9Ev%2B9DWio5C0QbOy18QFIxdVT3sXQBZp1uBONdGKLoLbJUSu9c%2BfpKRSTWgfHmet3Ywh%2B26P1NJQSgXl2qpHJOrpsOq%2BtH3HMQgJfbq"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddd98c8508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 21:29:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 mediaelement-and-player.min.js Show response
firststeps.nz/wp-includes/js/mediaelement/ 154 KB
38 KB 52ms
50ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306db-26935"
age: 1430433
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxCljCtnpqDzjcLSNiHTPNUqYyGgapTaV%2BsdyQy1ed3x%2BDIMyhq3ioNfSNlzSvlCtTAnwSyU%2Ba9hlzx0OeJrqAtwXhCOhLHSKoaQxB7GW1InDlEbpkpZW0hiqVIP3W6g"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedddb8c9508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 mediaelement-migrate.min.js Show response
firststeps.nz/wp-includes/js/mediaelement/ 1 KB
971 B 52ms
51ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=c03b63f4d9196b458a5716c4df8db79a
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306da-4a7"
age: 1430433
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdbY4wVlPJtN7kqcRfrX6GYUIuae9UXl8Z8cOYJdBZieSShHSBdueamHyokSuf8HJSIoxsocCbtBQonfo1hhwXEkAyY%2Bx%2Bag7RSkXfVNczQL6DAbMILo59EuSl6QsNPx"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedddb8ca508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 wp-mediaelement.min.js Show response
firststeps.nz/wp-includes/js/mediaelement/ 1 KB
976 B 56ms
54ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=c03b63f4d9196b458a5716c4df8db79a
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306da-453"
age: 44141
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zC%2FPuyENe4FMg3uuIURVoBHGMbhm91j5HKRdGW7cixbfd3%2BL4uIT2eLTCQ%2B%2F9SYQLnUXLxD4ztkdxs7WqNGADEad9tiKj9%2BTHmCLf%2BWq72yuG6snS1H5v1%2FFv3MiDjOp"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedddb8cb508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 salvattore.js Show response
firststeps.nz/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 8 KB
4 KB 55ms
53ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=1733952947
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"675a0442-217e"
age: 44142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Be0suAvFALeeggwjUdTJpRyTtnlchpkMP3MdF%2Be0rj5bJCmJIKpmgjC09TVsZKQlV%2FNf7aJz20FIlApZYc0d%2BE6VdyO5Rtpgfn3jvtd6FZ8V5RVErmkccCmlfIPX4C%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedddb8cc508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 21:29:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 swiper.min.js Show response
firststeps.nz/wp-content/plugins/divi-plus/includes/assets/js/swiper/ 137 KB
37 KB 55ms
54ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-plus/includes/assets/js/swiper/swiper.min.js?ver=6.4.5
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9134d7339572e8528974863492e41962d0eb10362053f83305e49bb4a7e8f280

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306dd-22232"
age: 1430470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BnaPJDX%2BTL3xl6JH%2BDwEIq4QfU9w0LQkr%2BpYgGtXpmeyS4h%2FTQE4XAhziliJHGcpZzyCp%2Fv8wGokAxbc5aOcQNxM%2FziRyolXH3YwP5%2FvoFb8QtzrLV1m9HIlhQ2NDN6L"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedddb8ce508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:49 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 dipl-logo-slider-custom.min.js Show response
firststeps.nz/wp-content/plugins/divi-plus/includes/modules/LogoSlider/ 2 KB
779 B 52ms
51ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/plugins/divi-plus/includes/modules/LogoSlider/dipl-logo-slider-custom.min.js?ver=1.0.0
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0acd777e558e8f3445976903021d9b989609a2cf4654593f66568e03db8cdf36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"662306db-65e"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8PV7a18dAtEzKNZJviBh23pNUXFuGPmOSGxPdO7hjsWex9AuW2DLRh2Avq%2FzfD4FTHkPMBgWhPeTzFHy4J87niKoJ%2F%2B82GvrQB2KNYkduvM%2B9lcfWbp7efb1y6OdXWvQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedddb8cd508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Sat, 20 Apr 2024 00:05:47 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery.fitvids.js Show response
firststeps.nz/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
2 KB 43ms
43ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=1733952947
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"675a0442-d15"
age: 55364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T0C1B9BeV8Ykvp06zOyhXgO8P6%2FL6jT1MSnNu67XBitbMPVaHYgCjYmoRE8XPcGVeLRzeHwpnl%2B2I0Xk1KqD2csxEHUndRx7Vs6IrdywjILEyQLIi%2FPfXFpTEA2PyMY3"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedddc8cf508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 21:29:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 easypiechart.js Show response
firststeps.nz/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 9 KB
3 KB 43ms
42ms Script
application/javascript 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=1733952947
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"675a0442-2466"
age: 44141
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PP40c23pjsLvWBduJ7m%2FUZX7zW246WElstIG7EFlEQ6LXf%2FA39M4C5O2jq%2BkJiUPQpNK%2BmVZpGE447c069yOxENAQWHNCGyycgxiGZHnn8J3Lf2J2b7nldUWWZqk94ZQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedddd8d0508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 21:29:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 135ms
66ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-1DaiB9eV' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-1DaiB9eV' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=23, mss=1232, tbw=4479, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: tRCwLE/LEzM3hlTtLb6lemTydIPTUibbRn4Iax2hwMXoTqo6oHl0jf3s9GAe6GYy52pnpijB6siw5mC/aesGdA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62212
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 331 KB
109 KB 425ms
191ms Script
application/javascript 2404:6800:4006:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2XCPGX

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82dc64ff96840f206e4ae6ba6ae095a4870ad78c3a177d82ee13d59918bab048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 12 Dec 2024 13:06:00 GMT
alt-svc: h3=":443"; ma=2592000
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 12 Dec 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110966
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 Wellbeing-support-for-NZ-business-owners-leaders.jpg
firststeps.nz/wp-content/uploads/2022/07/ 558 KB
558 KB 45ms
42ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2022/07/Wellbeing-support-for-NZ-business-owners-leaders.jpg
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/wp-content/et-cache/17/et-core-unified-tb-133-deferred-17.min.css?ver=1734000305
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 608b783885d854a4aeafd479938284dd21d4e641d05c4212027c06a09881d71a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/wp-content/et-cache/17/et-core-unified-tb-133-deferred-17.min.css?ver=1734000305

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "6623064e-8b7a2"
age: 1428309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=43oMe9IDDMZ%2BUr3y4N4SF0dWZFKyVLuzjHSPhHRekFyrEe2FeEjhl8BSo3yhi0ehkNK0ysie5mErKs2ruWf3h%2B6Na1mUpr64FGNUbwvsNejTK0VyRLdDk%2B1cNRhcCvLK"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedde08d2508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 571298
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: image/jpeg
last-modified: Sat, 20 Apr 2024 00:03:26 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 4iCv6KVjbNBYlgoCxCvjvmyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 55 KB
55 KB 427ms
192ms Font
font/woff2 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjvmyN.woff2

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

3d06450f53ed7a1cc47291d0552f6eb4d5087a584bc83fe37d8fdf2995088e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer: https://firststeps.nz/

Response headers

age: 596442
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 05 Dec 2025 15:25:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 15:25:18 GMT
last-modified: Wed, 27 Apr 2022 17:05:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56300
x-xss-protection: 0
server: sffe

GET
H3 200 modules.woff
firststeps.nz/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
38 KB 42ms
39ms Font
application/font-woff 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/wp-content/themes/Divi/style-static.min.css?ver=1733952947
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer: https://firststeps.nz/wp-content/themes/Divi/style-static.min.css?ver=1733952947

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
content-encoding: zstd
cf-cache-status: HIT
etag: W/"66a199fa-167b4"
age: 1430472
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WYoI6FVfeKPpuYXn7tA746MmheJsj2XYoC1NHTKZ%2FyGsmbQy%2FVH9l5chBkyr3hG91kD6jERmsZi1z9EDA%2FkSurwiO7JJhMqMnrGRv7eCCWs7TkI%2BDSzXQJaHyR0%2FRB6y"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedde08d1508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: application/font-woff
last-modified: Thu, 25 Jul 2024 00:19:06 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 24 KB
24 KB 781ms
546ms Font
font/woff2 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVI.woff2

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

82cde214cf2d2e85bbdfca3c6fe1921cd21130d4976a84ac72c66be74e72ee4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer: https://firststeps.nz/

Response headers

age: 25525
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 06:00:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 06:00:35 GMT
last-modified: Thu, 14 Dec 2023 02:02:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24676
x-xss-protection: 0
server: sffe

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 25 KB
25 KB 579ms
344ms Font
font/woff2 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVI.woff2

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

1954d5171fa932193165d735338e19271cf2a07b91161a0aed53c65795debadf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer: https://firststeps.nz/

Response headers

age: 24524
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 06:17:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 06:17:16 GMT
last-modified: Thu, 14 Dec 2023 02:02:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25576
x-xss-protection: 0
server: sffe

GET
H3 200 4iCv6KVjbNBYlgoCjC3jvmyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 60 KB
60 KB 714ms
486ms Font
font/woff2 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jvmyN.woff2

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

ac2a903a8c78e7927eb4a5278b1a12ab72bf1fa0d6c4566c2e3bce53b77f28da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer: https://firststeps.nz/

Response headers

age: 542896
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 06:17:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 06:17:44 GMT
last-modified: Wed, 27 Apr 2022 16:04:06 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60940
x-xss-protection: 0
server: sffe

GET 933095295
player.vimeo.com/video/ Frame 6258 0
0

GET
H3 200 First-Steps-New-Zealand-Mental-Health-1.jpg
firststeps.nz/wp-content/uploads/2022/09/ 233 KB
234 KB 51ms
49ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2022/09/First-Steps-New-Zealand-Mental-Health-1.jpg
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/wp-content/et-cache/17/et-core-unified-tb-133-deferred-17.min.css?ver=1734000305
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 999649c4203b252b4e85c86c6584c14b7ac6b0748c959d046de9227c13f013b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/wp-content/et-cache/17/et-core-unified-tb-133-deferred-17.min.css?ver=1734000305

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66230668-3a562"
age: 1428309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cQ4Wp9pFDqPghKGChCHFMI%2F2w6vEK%2Fhy1r9Z%2BFR%2BsEDPIsZhURwUZwriXrSNzj4VAMiJEifkSaAUykxWzBFS4yqbCGmlhwZWG6M02d8X%2Fg%2FGvEGirfUTH0yZGtZ%2Ba3%2F3"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedde58d7508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 238946
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: image/jpeg
last-modified: Sat, 20 Apr 2024 00:03:52 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 iStock-898431410-min.jpg
firststeps.nz/wp-content/uploads/2022/06/ 189 KB
190 KB 51ms
50ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2022/06/iStock-898431410-min.jpg
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/wp-content/et-cache/17/et-core-unified-tb-133-deferred-17.min.css?ver=1734000305
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff6434c012e84d6524feea116f0f68b70835a3141fff5dc7f1d494254b09aa7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/wp-content/et-cache/17/et-core-unified-tb-133-deferred-17.min.css?ver=1734000305

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "6623064e-2f5d1"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aT%2BT%2Fpm3qWdWvtXxvcr6J83N%2B3R1zIv5FBZhLjQDBOWeAIyuE6zrsl4o6Zr02lzD7msdxVfEgYjbg%2FFwE0msrOTBzlGcNqU4JYV%2FCxAuGVko%2Fhpd6sP3D0SOfkPo6Pt7"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedde58d5508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 194001
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: image/jpeg
last-modified: Sat, 20 Apr 2024 00:03:26 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 4iCs6KVjbNBYlgoKcQ72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 67 KB
67 KB 436ms
273ms Font
font/woff2 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKcQ72.woff2

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

e2ddb6905c69b2a8d7188b2affd83bae33b092f96527cd8488e2806d1302ead2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer: https://firststeps.nz/

Response headers

age: 23110
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 06:40:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 06:40:50 GMT
last-modified: Wed, 27 Apr 2022 16:31:29 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 68112
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 25 KB
25 KB 365ms
202ms Font
font/woff2 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVI.woff2

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

34463eacf6e58258159239a58cbc00efaa9c9d939ece148575466969733251a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer: https://firststeps.nz/

Response headers

age: 25454
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 06:01:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 06:01:46 GMT
last-modified: Thu, 14 Dec 2023 02:01:27 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25444
x-xss-protection: 0
server: sffe

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 25 KB
25 KB 579ms
416ms Font
font/woff2 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI.woff2

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

56617a84d911d282895daa5d2f41c1fb42f36331cb80eb5add793ef1f339a37f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer: https://firststeps.nz/

Response headers

age: 25778
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 05:56:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 05:56:22 GMT
last-modified: Thu, 14 Dec 2023 02:01:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25376
x-xss-protection: 0
server: sffe

GET
H3 200 FSNZ-Social-Working-File-10.31.40-AM.png
firststeps.nz/wp-content/uploads/2023/05/ 298 KB
298 KB 166ms
165ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2023/05/FSNZ-Social-Working-File-10.31.40-AM.png
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b337c9941ed4ef1bd901c9d4ec32c4094d438d570c47fabd9cad146e3a8baf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66230665-4a650"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5CZ1cXXqsKql71Uw%2B24n56Lt5KEzSRqCgfb32U6R9klTbPKbF9Q%2BpBR7Ofo7mNE%2F%2FN9fnQQ2scwT8ev6oAYTuNwVtmasJz1tDG1f21XM2BKDcs3kbPzYrBGaWmIh0Fm"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedde78d8508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 304720
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 00:03:49 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 2303-FSNZ-Social-Artwork-NEW-01.png
firststeps.nz/wp-content/uploads/2023/05/ 154 KB
154 KB 45ms
44ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2023/05/2303-FSNZ-Social-Artwork-NEW-01.png
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c30d29cb2e3869880a8dad4fed3a79d057d96ec2e3b0d27e2b03bc5ab2a8c1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66230631-266a4"
age: 1399869
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nqMOTIYXHF9GVrQrG6McdHXGYj2BQZHoPzyICT%2F%2BDOdi2xCp%2FHlkwqLTCBqRe4XHezXSPn6i%2FKnJ1rTnX8Qc%2BG2CttYIE9sGoswdvzuX%2BG60y83aQ%2B8BTvk49hbV7GhQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedde78d9508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 157348
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 00:02:57 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 Thriving-Through-the-Holidays-A-Comprehensive-Guide-to-Navigating-Stress-and-Finding-Joy-400x250.jpg
firststeps.nz/wp-content/uploads/2024/12/ 38 KB
38 KB 44ms
44ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2024/12/Thriving-Through-the-Holidays-A-Comprehensive-Guide-to-Navigating-Stress-and-Finding-Joy-400x250.jpg
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4fbb33ae0d48adbbb8f2cb1fd9b3c0a9c6ba90c4a7860e3d29a16dac30f991

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "6756030d-960c"
age: 311309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YtA74XMPltBAlDv0%2BXk3Rjanu%2BRZ9S1VB46n8nGLDXI42JxVkLBqP45A9DLb3ZPTlyLv3rtkFWtMAknt%2B%2Frr%2BI1C9Om%2FtO%2BRBHHMVtMNUxRz7Rv5W94zJFpGDJVTKT3v"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedde78da508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 38412
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: image/jpeg
last-modified: Sun, 08 Dec 2024 20:35:25 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/c2199353/www-widgetapi.vflset/ 161 KB
53 KB 802ms
194ms Script
text/javascript 2404:6800:4007:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c2199353/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/wp-content/plugins/divi-video-gallery//scripts/iframe_api.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4007:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

313e3f1e7602532f60ff66976093b05e8372eabcffee2df0814c237b9991d7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

content-encoding: br
age: 497367
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Sat, 06 Dec 2025 18:56:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 06 Dec 2024 18:56:33 GMT
last-modified: Thu, 25 Aug 2022 00:18:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 53399
x-xss-protection: 0
server: sffe

GET
H3 200 SML-400x250.jpg
firststeps.nz/wp-content/uploads/2024/12/ 31 KB
32 KB 40ms
39ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2024/12/SML-400x250.jpg
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58a934799a888c29dbfc40a6d22251077da6f55429fe4b7869699c6774500113

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "6755fdec-7dc4"
age: 311309
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96Ew%2BI5TAi6%2BLB7IpQdr4P2xgK3SOgq8r%2FygopIDQ1%2B97hg4FJtO2EVz8VAwqo7e1b%2FMPZTs4vLqWppjW80qr2YsON3hqS65X4sv3oGU4ooQSc%2FKu0Dt2qR50X6bACW0"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddee8db508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 32196
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: image/jpeg
last-modified: Sun, 08 Dec 2024 20:13:32 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 Emotional-Intelligence-and-Leadership-Styles-1-400x250.jpg
firststeps.nz/wp-content/uploads/2024/12/ 21 KB
21 KB 39ms
38ms Image
image/jpeg 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2024/12/Emotional-Intelligence-and-Leadership-Styles-1-400x250.jpg
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea623a294ce4af210c121797a1a7a18710fd1856ed133fa55e49d2ae584803d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "6755f22e-53ac"
age: 322764
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azZ%2FB2wcaMx0mAUjShIzTMYlpkRqIuDy2169HmnXjiPVmRMd13MOLsa23sNe12I08nzZ9lqnvBQduNkJMojCtksnXB8sW3M4o3akYzwtbsS63HwNCwly%2FB3AfzgfMDWD"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddee8dc508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 21420
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: image/jpeg
last-modified: Sun, 08 Dec 2024 19:23:26 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 Final-FS-LOGO.png
firststeps.nz/wp-content/uploads/2022/10/ 20 KB
0 1ms
1ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2022/10/Final-FS-LOGO.png
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 949d49da7d0b0de29d32fe02395fd040087c16c1438005e853187ae62f594db5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66230632-4eb8"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69XrqhJSV%2FUmHu12aURipNrx10nlBrB6P%2BzoFUM0bjMvCjhtvr8WX20PBwIiPHQjfkMhBWfzWqG8PYsW0ZF9ceLt9PDUnhEHnOXRP2CbDME89Zijh3%2BOUAxSOykkiP11"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddaa8b2508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 20152
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 00:02:58 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3

200

main.js Show response
firststeps.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame FB1F
Redirect Chain

https://firststeps.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://firststeps.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?

9 KB
5 KB

38ms
37ms

Script
application/javascript

104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://firststeps.nz/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Server

104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e84dd8704f83eb38cf11d21f32a7db1b83c4d43f536d1ad27a2070b4461aa368

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FGYaDyxJQHahqxMtTLNC%2F%2B%2FP28jIsWlgA0ipoZlW3QA71MGnj1tmbXS3cYQli3TrA7ikLhi2xeJ1PXmoiyGK%2B1OwxpKiJqPC%2Fylaot6Igln7mf0ohrYKAoQHDch%2FHI4b"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f0deddf78de508b-AKL
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0G3dCqRxdjCUcFr%2FJR%2Fb4krQSpuQM%2FSwAvAiJ6ugACSLFzxRXglS0AahgQnhlPDDLXHwOWVKJJ5KLbIveXXLt1szqW0b6yadq9KnLSdP3cku6C7DQvoVqmQUEomc9EJ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddf18dd508b-AKL
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 12 Dec 2024 13:06:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK 933095295
player.vimeo.com/video/ Frame 7471 0
0 722ms
656ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/933095295?dnt=1&app_id=122963

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://browser-intake-datadoghq.com https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://browser-intake-datadoghq.com https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.kollective.app https://.kollective.app:31015 https://.kollectivecd.com https://.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com https://player-telemetry.vimeo.com https://lensflare.vimeo.com https://arclight.vimeo.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; worker-src blob:; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://firststeps.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-Ray: 8f0deddfbfc0d99f-AKL
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 12 Dec 2024 13:06:00 GMT
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Origin, Referer, Accept-Encoding
Via: 1.1 varnish
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://browser-intake-datadoghq.com https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://browser-intake-datadoghq.com https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com https://player-telemetry.vimeo.com https://lensflare.vimeo.com https://arclight.vimeo.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; worker-src blob:; report-uri /_csp
x-backend-server: player-backend-edge-entry
x-bapp-server: player-backend-5895c4bb46-wfcpr
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-host: player-backend-5895c4bb46-wfcpr
x-player-backend: g
x-served-by: cache-syd10139-SYD
x-timer: S1734008760.297943,VS0,VE583
x-xss-protection: 1; mode=block

GET
H2 200 quxDY7QPWm4
www.youtube.com/embed/ Frame FBFF 0
0 847ms
371ms Document
text/html 2404:6800:4007:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/quxDY7QPWm4?feature=oembed

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4007:80f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://firststeps.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Dec 2024 13:06:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3396705623910086 Show response
connect.facebook.net/signals/config/ 76 KB
16 KB 67ms
67ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3396705623910086?v=2.9.178&r=stable&domain=firststeps.nz&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

de6f0716ea4ea6f2cbc71b6af0afd874ee7b70656955aae3b4e988603f89d10e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-ZKc3PSng' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-ZKc3PSng' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=77, mss=1232, tbw=70399, tp=65, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: TRS3ZNbr7pxd8zoACNXOK0OtPtwAjHEpQ2xdt/qTIQ+X6vYie/Ads5Bfirl2BhK3OT9dTW4+9FrozX1qsme63w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-fb-optimizer: 0
document-policy: force-load-at-top
content-length: 15805
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 8f0dedd918a8508b Show response
firststeps.nz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame FB1F 0
942 B 48ms
42ms XHR
text/plain 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/cdn-cgi/challenge-platform/h/g/jsd/r/8f0dedd918a8508b
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PkMg%2Bdtaz7%2B%2F9deP6F1cuGOhRtfKT5EheWeEk1YFyMp%2B5HC0oGDGSr9bIdGeBflnopsdaTBan9diMx%2Fk6GLf5t8oaQ%2FErhyw5SwTpAboU9wr4kSV7dQvk%2BQB3RJwFOfd"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dede288df508b-AKL
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 158ms
66ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3396705623910086&ev=PageView&dl=https%3A%2F%2Ffirststeps.nz&rl=&if=false&ts=1734008760729&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.1.1734008760727.312335596354895539&pm=1&hrl=b43109&ler=empty&cdl=API_unavailable&it=1734008760274&coo=false&cs_cc=1&rqm=GET

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=23, mss=1232, tbw=4558, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 391ms
299ms Image
image/png 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3396705623910086&ev=PageView&dl=https%3A%2F%2Ffirststeps.nz&rl=&if=false&ts=1734008760729&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=4124&fbp=fb.1.1734008760727.312335596354895539&pm=1&hrl=b43109&ler=empty&cdl=API_unavailable&it=1734008760274&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-syd2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447510916833327589"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 12 Dec 2024 13:06:01 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 8K1fVYWkIJIX/hIYVQKvQN2YV2DAmyA88FE5RtJrCB9cvPCOdD6Hh/tc2p2ITAJN6KKQEjowXimSftkpLrHwXA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447510916833327589", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=23, mss=1232, tbw=4926, tp=13, tpl=0, uplat=234, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 200 collect
www.google.com/ccm/ 0
0 643ms
226ms Ping
text/plain 142.250.193.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Ffirststeps.nz%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1837463059.1734008761&auid=1258565362.1734008761&navt=n&npa=0&gtm=45He4cb0v894505481za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734008760751&tfd=1591&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2XCPGX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.193.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: maa05s24-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 391 KB
128 KB 208ms
207ms Script
application/javascript 2404:6800:4006:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CQPR3RRWXK&l=dataLayer&cx=c&gtm=45He4cb0v894505481za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2XCPGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0787efbb9994551ce87d569cd49b37f5de5592e9202e0d6a4767eab3f642dedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 13:06:00 GMT
alt-svc: h3=":443"; ma=2592000
date: Thu, 12 Dec 2024 13:06:00 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 130841
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 630ms
194ms Script
text/javascript 2404:6800:4007:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2XCPGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4007:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

content-encoding: gzip
age: 2122
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 14:30:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 12:30:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 ifwk1dw7ej Show response
www.clarity.ms/tag/ 689 B
1 KB 856ms
459ms Script
application/x-javascript 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ifwk1dw7ej?ref=gtm2
Requested by: Host: firststeps.nz
URL: https://firststeps.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7b80bee144828b8a33cbd6dc2aa216ae4c254d400771714498bc887fe2c6935e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Thu, 12 Dec 2024 13:06:01 GMT
content-type: application/x-javascript
x-azure-ref: 20241212T130601Z-r1d8f8768457k5qzhC1SYDp718000000033g000000005pck

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame B20E 0
0 389ms
72ms Document
text/html 2404:6800:4006:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Ffirststeps.nz

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2XCPGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 116761
alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Dec 2024 04:40:00 GMT
expires: Thu, 11 Dec 2025 04:40:00 GMT
last-modified: Tue, 03 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVQ.woff
fonts.gstatic.com/s/opensans/v40/ 31 KB
31 KB 194ms
193ms Font
font/woff 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVQ.woff

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

84aa42932d82a6ed4ffc9af9da86630a54c7f27dae45a3e545c48679e61d77f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer: https://firststeps.nz/

Response headers

age: 24583
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 06:16:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 06:16:17 GMT
last-modified: Thu, 14 Dec 2023 02:02:24 GMT
content-type: font/woff
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31392
x-xss-protection: 0
server: sffe

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVc.ttf
fonts.gstatic.com/s/opensans/v40/ 50 KB
32 KB 192ms
192ms Font
font/ttf 142.250.195.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4uaVc.ttf

Requested by

Host: firststeps.nz
URL: https://firststeps.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s37-in-f3.1e100.net

Software

sffe /

Resource Hash

9dba36d5e501cac46f39ae842241c97d5356c1091d96d64a17877ed4ab55ab8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://firststeps.nz
Referer: https://firststeps.nz/

Response headers

content-encoding: gzip
age: 25488
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 06:01:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 06:01:13 GMT
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32608
x-xss-protection: 0
server: sffe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 227ms
226ms Fetch
text/plain 2404:6800:4007:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CQPR3RRWXK&gtm=45je4cb0v894549047z8894505481za200zb894505481&_p=1734008759927&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1511150836.1734008761&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734008761&sct=1&seg=0&dl=https%3A%2F%2Ffirststeps.nz%2F&dt=Wellbeing%20support%20for%20NZ%20business%20owners%20%26%20leaders%20%7C%20First%20Steps&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2236
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CQPR3RRWXK&l=dataLayer&cx=c&gtm=45He4cb0v894505481za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:823::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://firststeps.nz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 13:06:01 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
319 B 226ms
225ms XHR
text/plain 2404:6800:4007:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=630065648&t=pageview&_s=1&dl=https%3A%2F%2Ffirststeps.nz%2F&ul=en-nz&de=UTF-8&dt=Wellbeing%20support%20for%20NZ%20business%20owners%20%26%20leaders%20%7C%20First%20Steps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=803755291&gjid=1114921360&cid=1511150836.1734008761&tid=UA-243931531-1&_gid=163920538.1734008762&_r=1&_slc=1&gtm=45He4cb0n81K2XCPGXv894505481za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=582038051

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4007:823::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9fdd8f9322aa2c2e2c097e2045259247ab1c1629882a797faaa1347f49e95828

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://firststeps.nz/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 13:06:01 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://firststeps.nz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.58/ 67 KB
28 KB 134ms
133ms Script
application/javascript 2620:1ec:bdf::69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.58/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ifwk1dw7ej?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e57f584dc164284e3994776f7ddd7de42d54921a30f096ca971f676b2f5942c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

x-azure-ref: 20241212T130601Z-r1d8f8768457k5qzhC1SYDp718000000033g000000005pd4
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD19E020F35B96"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: 4e19b5c1-301e-003f-40e6-4be678000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Thu, 12 Dec 2024 13:06:01 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 11 Dec 2024 12:34:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
102 KB 244ms
243ms Script
application/javascript 142.250.195.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WL4YRPZT7W&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.195.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

maa03s42-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

59eb4dd92aa3cf018cdbf8a303fc287d0125b7b91e5bcb3d55c32a5ec0d55d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 13:06:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 13:06:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104012
x-xss-protection: 0
server: Google Tag Manager

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
277 B 1072ms
529ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.58/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://firststeps.nz/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://firststeps.nz
Date: Thu, 12 Dec 2024 13:06:02 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 224ms
224ms Fetch
text/plain 142.250.195.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WL4YRPZT7W&gtm=45je4cb0v9115406573za200&_p=1734008759927&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&ul=en-nz&sr=1600x1200&cid=1511150836.1734008761&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Ffirststeps.nz%2F&dt=Wellbeing%20support%20for%20NZ%20business%20owners%20%26%20leaders%20%7C%20First%20Steps&sid=1734008762&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3338
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WL4YRPZT7W&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.195.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: maa03s38-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://firststeps.nz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 13:06:02 GMT
content-type: text/plain
server: Golfe2

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3D658EC5093344DEA3F1A74AFD4BCC6B&RedC=c.clarity.ms&MXFR=06963FB432B36E11369E2AE736B360B4
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3D658EC5093344DEA3F1A74AFD4BCC6B&MUID=33DFCE4E468E674B0B87DB1D47BC66AB

42 B
467 B

226ms
225ms

Image
image/gif

20.125.62.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3D658EC5093344DEA3F1A74AFD4BCC6B&MUID=33DFCE4E468E674B0B87DB1D47BC66AB
Protocol: H2
Server: 20.125.62.241 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "d6b26d9334bdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Thu, 12 Dec 2024 13:06:04 GMT
content-type: image/gif
last-modified: Tue, 10 Dec 2024 13:01:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3D658EC5093344DEA3F1A74AFD4BCC6B&MUID=33DFCE4E468E674B0B87DB1D47BC66AB
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BB848AAF8C0B4BD1941921B4197177A2 Ref B: SYD03EDGE1412 Ref C: 2024-12-12T13:06:04Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Thu, 12 Dec 2024 13:06:04 GMT
x-powered-by: ASP.NET

GET
H3 200 Final-FS-LOGO.png
firststeps.nz/wp-content/uploads/2022/10/ 20 KB
0 0ms
0ms Image
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firststeps.nz/wp-content/uploads/2022/10/Final-FS-LOGO.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 949d49da7d0b0de29d32fe02395fd040087c16c1438005e853187ae62f594db5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66230632-4eb8"
age: 1430471
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69XrqhJSV%2FUmHu12aURipNrx10nlBrB6P%2BzoFUM0bjMvCjhtvr8WX20PBwIiPHQjfkMhBWfzWqG8PYsW0ZF9ceLt9PDUnhEHnOXRP2CbDME89Zijh3%2BOUAxSOykkiP11"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0deddaa8b2508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 20152
date: Thu, 12 Dec 2024 13:05:59 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 00:02:58 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cropped-FIRST-STEPS-Favicon-32x32.png
firststeps.nz/wp-content/uploads/2022/09/ 518 B
956 B 39ms
39ms Other
image/png 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://firststeps.nz/wp-content/uploads/2022/09/cropped-FIRST-STEPS-Favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5d2fd1c4b99da7b23f4fa47ad61e2d182886e26b28d9137ad6741eb6bcc118c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://firststeps.nz/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "66230649-206"
age: 1430470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXWEeZc2ajhURCdXLCOIAWtBhX8hsfBhqmqSnyfVSZ6%2Ffu6%2B3HpNGJ6OAGxCpyzc8qv%2B3BG6dB4oQrOBQouvdE4d84iJLWbdPZPfdhrpl7%2FfPzA8KDygTja8R0wH9cQh"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f0dedf718e1508b-AKL
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 518
date: Thu, 12 Dec 2024 13:06:04 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2024 00:03:21 GMT
server: cloudflare
vary: Accept-Encoding

POST
H/1.1 204
No Content collect Show response
p.clarity.ms/ 0
277 B 254ms
253ms XHR
text/plain 20.122.63.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.58/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://firststeps.nz/

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://firststeps.nz
Date: Thu, 12 Dec 2024 13:06:05 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: player.vimeo.com
URL: https://player.vimeo.com/video/933095295?dnt=1&app_id=122963

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.firststeps.nz/	1970-01-21 03:49:44	Name: _fbp Value: fb.1.1734008760727.312335596354895539
.firststeps.nz/	1970-01-21 03:49:44	Name: _gcl_au Value: 1.1.1258565362.1734008761
.firststeps.nz/	1970-01-21 10:25:44	Name: cf_clearance Value: Mbg5o.3vDq7R9DYxQVTS8BoCLzT2C4E7Wc81HLErYuk-1734008760-1.2.1.1-ECLzHZsJ1tA0ALuSVd0PHSiQz7kdG0BHPHHwrz0R6xDSt7UZ0zYavEORox9J2YjLS4vEompuwglX70vfb1ZJJqJZ3iMC8pMAvhMvGBZNYpSWO21wa4R8Tn1SEYZR9fl9Twe9.9CcXxcauhHSyvPIlAwhF9_nPNVF5.y.jM4XeMjLolDXQjkGrCTwyIl5ZNCw_Iib24mMtl5X5I88XsoVcG_taGj9KZBC28rQvfHpfOJSA6Emvc6_Xl9_y8G3Ht0R79S6I92_bG.df13offhTSenDOsM5gpy0J5H2bMXwJLvhQOyDd4bFxbk1YCKma.QF9.dbksCxA_o72cGCX330kB0PF3FCVuFRZdsARx07ybWlJ.K376cJVh.mNjvWPOAr
.vimeo.com/	1970-01-21 01:40:10	Name: __cf_bm Value: y_wKG3F8xJCUfSgiM1D4ybFl_GmftKzZkkqZp5b6C9Y-1734008760-1.0.1.1-Fp9AmO7IXIwp8mYvcxp4jdEqBSeh58WH7dz9CHytbg8jR5L19KDB4qhBBZXUQleW
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: cEHpgXE9_edOwhunyYV3ZnGvqF1UBPvPl86XeHUKV64-1734008760895-0.0.1.1-604800000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: PKlIxpScvMM
.youtube.com/	1970-01-21 05:59:20	Name: VISITOR_INFO1_LIVE Value: FClRMEnAykY
.youtube.com/	1970-01-21 05:59:20	Name: VISITOR_PRIVACY_METADATA Value: CgJOWhIEGgAgOw%3D%3D
.firststeps.nz/	1970-01-21 11:16:08	Name: _ga_CQPR3RRWXK Value: GS1.1.1734008761.1.0.1734008761.0.0.0
.firststeps.nz/	1970-01-21 11:16:08	Name: _ga Value: GA1.2.1511150836.1734008761
.firststeps.nz/	1970-01-21 01:41:35	Name: _gid Value: GA1.2.163920538.1734008762
.firststeps.nz/	1970-01-21 01:40:08	Name: _gat_UA-243931531-1 Value: 1
www.clarity.ms/	1970-01-21 10:25:44	Name: CLID Value: 006a3b07b5854380b45760906a9ba48e.20241212.20251212
.firststeps.nz/	1970-01-21 10:25:44	Name: _clck Value: 1x92srs%7C2%7Cfrn%7C0%7C1807
.firststeps.nz/	1970-01-21 11:16:08	Name: _ga_WL4YRPZT7W Value: GS1.2.1734008762.1.0.1734008762.0.0.0
.firststeps.nz/	1970-01-21 01:41:35	Name: _clsk Value: 1px9yll%7C1734008762959%7C1%7C1%7Cp.clarity.ms%2Fcollect
.bing.com/	1970-01-21 11:01:44	Name: MUID Value: 33DFCE4E468E674B0B87DB1D47BC66AB
.c.bing.com/	1970-01-21 01:50:13	Name: MR Value: 0
.c.bing.com/	1970-01-21 11:01:44	Name: SRM_B Value: 33DFCE4E468E674B0B87DB1D47BC66AB
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 11:01:44	Name: MUID Value: 33DFCE4E468E674B0B87DB1D47BC66AB
.c.clarity.ms/	1970-01-21 01:50:13	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 01:40:09	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://firststeps.nz/#ce(Line 740) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
code.jquery.com
connect.facebook.net
firststeps.nz
fonts.googleapis.com
fonts.gstatic.com
p.clarity.ms
player.vimeo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.youtube.com
player.vimeo.com
104.21.112.1
142.250.193.100
142.250.195.200
142.250.195.35
142.250.195.78
157.240.8.23
157.240.8.35
162.159.138.60
20.122.63.128
20.125.62.241
2404:6800:4006:804::2008
2404:6800:4007:80f::200e
2404:6800:4007:810::200e
2404:6800:4007:823::200e
2404:6800:4007:82c::200a
2620:1ec:bdf::69
2620:1ec:c11::237
2a04:4e42:200::649
06426e1783a3dc6fab29210281521c98ccb076051a2f5ece115ae1be31ed4f7b
0787efbb9994551ce87d569cd49b37f5de5592e9202e0d6a4767eab3f642dedb
0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e
0acd777e558e8f3445976903021d9b989609a2cf4654593f66568e03db8cdf36
12b337c9941ed4ef1bd901c9d4ec32c4094d438d570c47fabd9cad146e3a8baf
1954d5171fa932193165d735338e19271cf2a07b91161a0aed53c65795debadf
1c445d2ae619f3e88627f553bd2f0e8ed5c4470d0b94624aab47c529a16cc010
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
262f95a21579de88a1ed120cb3f4abb7190e8568fd04626fb5090525c1935df7
2804b940ea48ac1eb1f3b8f05dccc2b667c7b2da7d80136dec04d564fb114526
2b4fbb33ae0d48adbbb8f2cb1fd9b3c0a9c6ba90c4a7860e3d29a16dac30f991
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
313e3f1e7602532f60ff66976093b05e8372eabcffee2df0814c237b9991d7d3
32c580e50f2df6739be4d12863694b740885c8aa6edbc80d87768f1af88f1005
34463eacf6e58258159239a58cbc00efaa9c9d939ece148575466969733251a6
3d06450f53ed7a1cc47291d0552f6eb4d5087a584bc83fe37d8fdf2995088e79
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
49980ecacc2b4dd83e296b9262a982a7c490eb68757b425a4a5cf444317ca3c2
4c70d0f37fe3ef48c754bd1f11a7d30f052393a98fc4677f719569bd58e3713c
4db22f3ad7b6a37e7a2db1a378d04e9a6a910ad3050a6521cb2df0b0d57d799c
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
56617a84d911d282895daa5d2f41c1fb42f36331cb80eb5add793ef1f339a37f
58a934799a888c29dbfc40a6d22251077da6f55429fe4b7869699c6774500113
59eb4dd92aa3cf018cdbf8a303fc287d0125b7b91e5bcb3d55c32a5ec0d55d73
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
5b431a886aa072e81ef7b7f1a93c5fdf584b8923ef847525c037a75bdc30ae55
608b783885d854a4aeafd479938284dd21d4e641d05c4212027c06a09881d71a
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6f34487431c86efd2659f8dfc5db0ecd1593e8db2a1d6855525bdcfb63e83c4a
73c34034281a90b91f5bf737355dc3870c93eb35726cf6ddfae64c69d979139f
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
7b80bee144828b8a33cbd6dc2aa216ae4c254d400771714498bc887fe2c6935e
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
817e8e71584d39a063b7972cd4a4a2fe17b4619763e864842818141195c3768d
82cde214cf2d2e85bbdfca3c6fe1921cd21130d4976a84ac72c66be74e72ee4e
82dc64ff96840f206e4ae6ba6ae095a4870ad78c3a177d82ee13d59918bab048
84aa42932d82a6ed4ffc9af9da86630a54c7f27dae45a3e545c48679e61d77f1
8c2638317c12c9c4fe535c3b7229b3aa82100a4dfe844438e431bee6a54a01f9
9134d7339572e8528974863492e41962d0eb10362053f83305e49bb4a7e8f280
949d49da7d0b0de29d32fe02395fd040087c16c1438005e853187ae62f594db5
999649c4203b252b4e85c86c6584c14b7ac6b0748c959d046de9227c13f013b2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dba36d5e501cac46f39ae842241c97d5356c1091d96d64a17877ed4ab55ab8b
9fdd8f9322aa2c2e2c097e2045259247ab1c1629882a797faaa1347f49e95828
a29b2eef42da6e72a112d814c64e36861bf5ae4a299421c9d5b94731f906e695
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a6d893ca9e0fbb28b777a7fc4c0c822f24fdb0228d3e82577cc25f55223e2498
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac2a903a8c78e7927eb4a5278b1a12ab72bf1fa0d6c4566c2e3bce53b77f28da
ad97778077e648e9c0adbd33005dd7d89fc0313a9b6caef7bf29ed253af8a312
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b57b2338886e18d9f9706fc712a9518c6e24500f26f230a784c203090e26cc8f
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b84f2f2d7120c16f2a00cebb395983b4d62aa2e22ea33d02d9c651c94a9c200a
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c30d29cb2e3869880a8dad4fed3a79d057d96ec2e3b0d27e2b03bc5ab2a8c1ce
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c5d2fd1c4b99da7b23f4fa47ad61e2d182886e26b28d9137ad6741eb6bcc118c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce04a30a05299e80ba18c4d1f411c8496c4017ac35df9934dba09450d7effd9f
cf0b6f9a52720dd461c831ee6aa9231031c19931f78c979a0fd18edb9c61e486
d1b876927afd86b5b4b26a807bf2b5adb33f10e738844d50c99d9fdd13762d56
d54c5bcb194ec5e5402227aaee4325c636a1523761f003cc0ac2dc12bac40fec
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6f0716ea4ea6f2cbc71b6af0afd874ee7b70656955aae3b4e988603f89d10e
e0fab8ce6de4d485136d99737d7c2e9a0699aa8be685792091f2a91c31e96252
e2ddb6905c69b2a8d7188b2affd83bae33b092f96527cd8488e2806d1302ead2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46bce7574945bfbb9b0cd1b0d4b6ed86c005f386971d18be887f27b91ddafcb
e57f584dc164284e3994776f7ddd7de42d54921a30f096ca971f676b2f5942c7
e6357205de078b3f4cd5c044e0ec78ac4f482c3087c385f1fc24fb4141f884a1
e84dd8704f83eb38cf11d21f32a7db1b83c4d43f536d1ad27a2070b4461aa368
ea623a294ce4af210c121797a1a7a18710fd1856ed133fa55e49d2ae584803d6
f3e767803f80e40733fcf2ee59691a6ea71424496ac80f22ba8b774b4702d61b
fc0beb3e14383b433b2199adc9ac10306b54910ea1274920e9de5ac58f7914f8
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196
ff6434c012e84d6524feea116f0f68b70835a3141fff5dc7f1d494254b09aa7a

firststeps.nz Open in urlscan Pro 104.21.112.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

97 %HTTPS

44 %IPv6

13 Domains

15 Subdomains

18 IPs

3 Countries

3262 kBTransfer

6034 kBSize

23 Cookies

3 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

firststeps.nz Open in urlscan Pro
104.21.112.1 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

97 %
HTTPS

44 %
IPv6

13
Domains

15
Subdomains

18
IPs

3
Countries

3262 kB
Transfer

6034 kB
Size

23
Cookies

90 HTTP transactions
1 data transactions