www.woodside.com Open in urlscan Pro
104.22.50.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Effective URL:
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Submission: On August 24 via manual (August 24th 2023, 3:25:58 am UTC) from PH — Scanned from AU

Summary HTTP 63 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 18 domains to perform 63 HTTP transactions. The main IP is 104.22.50.76, located in and belongs to CLOUDFLARENET, US. The main domain is www.woodside.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 30th 2023. Valid for: a year.

This is the only time www.woodside.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.62.103.228 52.62.103.228	16509 (AMAZON-02) (AMAZON-02)
27	104.22.50.76 104.22.50.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	74.125.68.97 74.125.68.97	15169 (GOOGLE) (GOOGLE)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.251.12.155 142.251.12.155	15169 (GOOGLE) (GOOGLE)
1	13.224.167.54 13.224.167.54	16509 (AMAZON-02) (AMAZON-02)
2	142.251.12.139 142.251.12.139	15169 (GOOGLE) (GOOGLE)
1 2	74.125.24.148 74.125.24.148	15169 (GOOGLE) (GOOGLE)
3	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1 1	74.125.130.91 74.125.130.91	15169 (GOOGLE) (GOOGLE)
2	142.250.4.91 142.250.4.91	15169 (GOOGLE) (GOOGLE)
1	42.99.140.192 42.99.140.192	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
1	172.253.118.101 172.253.118.101	15169 (GOOGLE) (GOOGLE)
2	74.125.130.154 74.125.130.154	15169 (GOOGLE) (GOOGLE)
3	74.125.24.94 74.125.24.94	15169 (GOOGLE) (GOOGLE)
2	13.224.167.105 13.224.167.105	16509 (AMAZON-02) (AMAZON-02)
3 4	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.251.10.105 142.251.10.105	15169 (GOOGLE) (GOOGLE)
2	54.192.18.82 54.192.18.82	16509 (AMAZON-02) (AMAZON-02)
1	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
4	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
63	22

1 52.62.103.228 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-62-103-228.ap-southeast-2.compute.amazonaws.com

woodside.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.22.50.76 (None, )

ASN13335 (CLOUDFLARENET, US)

www.woodside.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o301139.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.167.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-167-54.hkg54.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.139 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f139.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.148 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f148.1e100.net

13052658.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.130.91 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sb-in-f91.1e100.net

youtube.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.91 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f91.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.99.140.192 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-192.pacnet.net

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.101 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f101.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.130.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.167.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-167-105.hkg54.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.18.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-18-82.hkg62.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	woodside.com 1 redirects woodside.com www.woodside.com	1 MB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 13052658.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 93	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	284 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 357 www.linkedin.com — Cisco Umbrella Rank: 582	4 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 166 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 100	1 KB
3	google.com.au www.google.com.au — Cisco Umbrella Rank: 26134	669 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	222 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 740 script.hotjar.com — Cisco Umbrella Rank: 946	62 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 859	750 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 84	67 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
2	sentry.io o301139.ingest.sentry.io	441 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	186 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 246	490 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 401	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 772	5 KB
1	youtube.com.au 1 redirects youtube.com.au	921 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	28 KB
63	18

	Domain	Requested by
27	www.woodside.com	www.woodside.com
4	www.facebook.com	www.woodside.com
3	px.ads.linkedin.com	2 redirects www.woodside.com
3	www.google.com.au	www.woodside.com
3	connect.facebook.net	www.woodside.com connect.facebook.net
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	www.google.com	www.woodside.com
2	cdn.linkedin.oribi.io	www.woodside.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.woodside.com
2	www.youtube.com	www.woodside.com youtube.com.au
2	13052658.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.woodside.com
2	o301139.ingest.sentry.io	www.woodside.com
2	www.googletagmanager.com	www.woodside.com www.googletagmanager.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.woodside.com
1	adservice.google.com	13052658.fls.doubleclick.net
1	www.linkedin.com	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	snap.licdn.com	www.woodside.com
1	youtube.com.au	1 redirects
1	static.hotjar.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.woodside.com
1	woodside.com	1 redirects
63	25

This site contains links to these domains. Also see Links.

Domain
supplierportal.petroleumdeepwater.com
www.scamwatch.gov.au
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
www.woodside.com.au COMODO RSA Organization Validation Secure Server CA	`2023-01-30` - `2024-01-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-08-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-02` - `2023-08-31`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Frame ID: C6DCE01C10F025699D01A6B80FC3EC59
Requests: 59 HTTP requests in this frame

Frame: https://13052658.fls.doubleclick.net/activityi;dc_pre=CLDBjsis9IADFUNLwgUdDRYGwA;src=13052658;type=Page;cat=all;ord=5753489646976;auiddc=1807364274.1692847552;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers
Frame ID: E3B6039D3B2D9D2F3171DF3E6D3A8792
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 16AEEAA8593506578FE0AC3CD594CB2C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D68BAB3968DC3BC1B1F74077961D44D5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heritage BHP Petroleum Suppliers - Woodside Energy

Page URL History Show full URLs

https://woodside.com/suppliers/bhp-petroleum-heritage-suppliers HTTP 303
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

97 %
HTTPS

0 %
IPv6

18
Domains

25
Subdomains

22
IPs

5
Countries

2022 kB
Transfer

4330 kB
Size

24
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://supplierportal.petroleumdeepwater.com/esop/wse-host/public/woodside_energy/web/login.jst?VISITORID=583beec1-2985-41d3-8651-ba9dfaa6bdfe&_ncp=1666782585821.29493-1
Title: PETDW GCMS Portal

Search URL Search Domain Scan URL

URL: http://www.scamwatch.gov.au/
Title: Scamwatch.gov.au

Search URL Search Domain Scan URL

URL: https://www.facebook.com/woodsideenergy/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/WoodsideEnergy
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/WoodsideEnergyLtd
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/woodside-energy/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/woodsideenergy/?hl=en
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://woodside.com/suppliers/bhp-petroleum-heritage-suppliers HTTP 303
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://13052658.fls.doubleclick.net/activityi;src=13052658;type=Page;cat=all;ord=5753489646976;auiddc=1807364274.1692847552;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers HTTP 302
https://13052658.fls.doubleclick.net/activityi;dc_pre=CLDBjsis9IADFUNLwgUdDRYGwA;src=13052658;type=Page;cat=all;ord=5753489646976;auiddc=1807364274.1692847552;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers

Request Chain 34

https://youtube.com.au/iframe_api HTTP 301
https://www.youtube.com/iframe_api?gl=AU

Request Chain 41

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692847552210&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692847552210&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1807450%252C529195%26time%3D1692847552210%26url%3Dhttps%253A%252F%252Fwww.woodside.com%252Fsuppliers%252Fbhp-petroleum-heritage-suppliers%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692847552210&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true&liSync=true

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request bhp-petroleum-heritage-suppliers Show response
www.woodside.com/suppliers/
Redirect Chain

https://woodside.com/suppliers/bhp-petroleum-heritage-suppliers
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

77 KB
22 KB

1772ms
1594ms

Document
text/html

104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13ae8f3ea861bfc9478c91654cb1e50878ef41fdd64da8361cbdd10bb1571157

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: public, max-age=120, s-maxage=30
cf-cache-status: DYNAMIC
cf-ray: 7fb87d807d903e5e-ADL
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
content-type: text/html; charset=utf-8
date: Thu, 24 Aug 2023 03:25:51 GMT
expires: Thu, 24 Aug 2023 03:27:17 GMT
last-modified: Thu, 24 Aug 2023 03:10:39 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1;mode=block

Redirect headers

content-length: 190
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 03:25:48 GMT
location: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 WebResource.axd Show response
www.woodside.com/ 3 KB
4 KB 98ms
98ms Script
application/x-javascript 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/WebResource.axd?d=DzHrpQl5URXarFHAtrmzFgL92kbV4nrFHQEylqKOwLB3GgACktofyWTnwmCp8AUmOIb9WMd1URdms35pZgzZioB-ya2qS8kW6qlvbdTq7WLYExhYyTMfvlwaN0F5RlIrRSBO3AekmC4WPKr-JHUAPhAZGkhNLHYYekVNcZYTdzWrnJbhWNlfsCFmfy3qeFR90&t=638272731980000000

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff99878833b36d14a259f3e68f6decd9a6fb2d1a10c7e3c9381c3f30dcddec35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 955
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1501
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Aug 2023 22:06:38 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, max-age=31509336
accept-ranges: bytes
cf-ray: 7fb87d8a7e0a3e5e-ADL
expires: Thu, 22 Aug 2024 20:01:27 GMT

GET
H2 200 GothamNarrow-Book_Web.woff2
www.woodside.com/assets/fonts/gotham/ 43 KB
46 KB 227ms
227ms Font
application/x-font-woff2 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/fonts/gotham/GothamNarrow-Book_Web.woff2

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a690d23e39f63413f0c6aa26ba7bb73c22fab2b100ef8abe06b5dfb9247d23e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Origin: https://www.woodside.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 101361
content-length: 44405
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:08 GMT
server: cloudflare
etag: "0880c150cbd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fb87d8a7e103e5e-ADL

GET
H2 200 GothamNarrow-Bold_Web.woff2
www.woodside.com/assets/fonts/gotham/ 41 KB
44 KB 104ms
103ms Font
application/x-font-woff2 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/fonts/gotham/GothamNarrow-Bold_Web.woff2

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e381617f5e1829541e4eace6493aa049dacffb2d2d0127986b48cb805e285b27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Origin: https://www.woodside.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 101361
content-length: 42049
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:08 GMT
server: cloudflare
etag: "0880c150cbd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fb87d8a8e183e5e-ADL

GET
H2 200 Knockout-49_Web.woff2
www.woodside.com/assets/fonts/knockout/ 19 KB
22 KB 148ms
147ms Font
application/x-font-woff2 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/fonts/knockout/Knockout-49_Web.woff2

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5daf07712bea84b27fb4383f7b85d2e81581a00cda1821122dae8aac6ac5718

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Origin: https://www.woodside.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 101360
content-length: 19813
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:08 GMT
server: cloudflare
etag: "0880c150cbd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fb87d8a8e193e5e-ADL

GET
H2 200 bundleTop.5aa484b3c24e98cde880.css
www.woodside.com/assets/dist/ 574 KB
118 KB 168ms
167ms Stylesheet
text/css 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b20c4784723b1ffaeb6968f3002acea74e89ee5b31921af52d3cea556ce4bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
age: 101382
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:02 GMT
server: cloudflare
etag: "016dbd50cbd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
cf-ray: 7fb87d8a7e153e5e-ADL

GET
H2 200 logo.svg
www.woodside.com/assets/static/images/v2/ 7 KB
5 KB 160ms
157ms Image
image/svg+xml 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodside.com/assets/static/images/v2/logo.svg

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ad2f71fa5264d341cee262b9339f56133f1114d22fceb66547457574b182c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 101382
content-encoding: gzip
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:04 GMT
server: cloudflare
etag: W/"02e9ebe50cbd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7fb87d8b4f863e5e-ADL

GET
H2 200 icon-cross.svg
www.woodside.com/assets/static/images/svg/ 447 B
3 KB 158ms
155ms Image
image/svg+xml 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodside.com/assets/static/images/svg/icon-cross.svg

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

361dbf74dc44b9e08fd2d543520ed9bcb8e36a2eb095155625528d2dadf63b65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 101382
content-encoding: gzip
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:04 GMT
server: cloudflare
etag: W/"02e9ebe50cbd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7fb87d8b4f893e5e-ADL

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 88 KB
28 KB 162ms
58ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2452799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27990
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6d56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6x2LOd9zmOtURvkwNbo0YJDAZXfs5GcHXLfJwloQWdzCAkSCEk745nXW229b%2BOkr0Li8XVbHOuXxyRxV55QlVdsAgn0%2B2BzIxyBjA4rjFgHT61oHDjg8GLSbHsLe%2F0L5l5C5xJ9J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb87d8bdd1b8ad0-PER
expires: Tue, 13 Aug 2024 03:25:51 GMT

GET
H2 200 icon-share.svg
www.woodside.com/assets/static/images/v2/ 3 KB
4 KB 157ms
154ms Image
image/svg+xml 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodside.com/assets/static/images/v2/icon-share.svg

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90cd377efe018def7f2f6d65b9a34464e929482b20d4181df7a2cacae23fd7ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 101382
content-encoding: gzip
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:04 GMT
server: cloudflare
etag: W/"02e9ebe50cbd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7fb87d8b4f8a3e5e-ADL

GET
H2 200 woodside_2021_environment_community-seng--23-web.tmb-page-title.jpg
www.woodside.com/images/default-source/1-our-business-images/ 513 KB
517 KB 1282ms
1280ms Image
image/jpeg 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodside.com/images/default-source/1-our-business-images/woodside_2021_environment_community-seng--23-web.tmb-page-title.jpg?sfvrsn=6c70187b_1

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0f5a2ba71712d171edad16d81123781e735991ec71803d2d9e11718eb535c8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:52 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: BYPASS
x-aspnet-version: 4.0.30319
content-disposition: inline; filename=Woodside_2021_Environment_Community-SENG--23-web.jpg
content-length: 525251
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Nov 2022 03:18:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 7fb87d8b4f8d3e5e-ADL
expires: Wed, 22 Nov 2023 03:25:19 GMT

GET
H2 200 woodside-photography-2018---on-site-189-image-by-jarrad-seng.tmb-1700x480.jpg
www.woodside.com/images/default-source/default-album/ 67 KB
70 KB 461ms
458ms Image
image/jpeg 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodside.com/images/default-source/default-album/woodside-photography-2018---on-site-189-image-by-jarrad-seng.tmb-1700x480.jpg?sfvrsn=34ea5e0a_2

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f476494a887ebcbe147cb63a71b4cb6f0a24c25585bc3986ec6ba8e2db311b05

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: BYPASS
x-aspnet-version: 4.0.30319
content-disposition: inline; filename=woodside-photography-2018---on-site-189-image-by-jarrad-seng.jpg
content-length: 68121
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Dec 2020 09:32:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 7fb87d8b4f8f3e5e-ADL
expires: Wed, 22 Nov 2023 03:25:19 GMT

GET
H2 200 email-decode.min.js Show response
www.woodside.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
840 B 116ms
113ms Script
application/javascript 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 16:25:27 GMT
server: cloudflare
etag: W/"64e38ff7-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fb87d8b4f7f3e5e-ADL
expires: Sat, 26 Aug 2023 03:25:51 GMT

GET
H2 200 icon-cross.svg
www.woodside.com/assets/static/images/svg/svgo/ 340 B
3 KB 116ms
114ms Image
image/svg+xml 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodside.com/assets/static/images/svg/svgo/icon-cross.svg

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6e50a9674df765678664c61195e4a5c0dee02ba809b37c9dd2daa0ad2329fe4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 101382
content-encoding: gzip
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:04 GMT
server: cloudflare
etag: W/"02e9ebe50cbd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7fb87d8b4f913e5e-ADL

GET
H2 200 bundleBottom-bundle.5aa484b3c24e98cde880.js Show response
www.woodside.com/assets/dist/ 536 KB
214 KB 119ms
116ms Script
text/javascript 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61a30c889b9e9b164611b9957440fa66d03ebf19bde458ce7e8f1d23d6709d44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
age: 101382
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:02 GMT
server: cloudflare
etag: "016dbd50cbd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
cf-ray: 7fb87d8b4f823e5e-ADL

GET
H2 200 language-selector.min.js Show response
www.woodside.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Navigation/Mvc/Scripts/LanguageSelector/ 151 B
3 KB 333ms
330ms Script
text/javascript 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Navigation/Mvc/Scripts/LanguageSelector/language-selector.min.js?package=WoodsideResources&v=MTMuMy43NjM3LjA%3d

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920ce4e4c6bc8c57a204ad799b125e18ddf7d1e613a23a48374a75f8dbab50c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status: BYPASS
x-aspnet-version: 4.0.30319
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 253
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:42 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fb87d8b4f833e5e-ADL
expires: Thu, 31 Aug 2023 03:25:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 313 KB
96 KB 447ms
159ms Script
application/javascript 74.125.68.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

eb4e69a48f2d9956c38892e645a7794654593f1e89f6c82096239ff5ea7c5cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97908
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Aug 2023 03:25:51 GMT

GET
H2 200 Gotham-Bold_Web.woff2
www.woodside.com/assets/fonts/gotham/ 38 KB
41 KB 101ms
100ms Font
application/x-font-woff2 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/fonts/gotham/Gotham-Bold_Web.woff2

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
Origin: https://www.woodside.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 101359
content-length: 39264
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:08 GMT
server: cloudflare
etag: "0880c150cbd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fb87d8c39153e5e-ADL

POST
H2 200 / Show response
o301139.ingest.sentry.io/api/5497341/envelope/ 2 B
333 B 344ms
97ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o301139.ingest.sentry.io/api/5497341/envelope/?sentry_key=469d296126a740919900c4702e87389a&sentry_version=7

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.woodside.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 1023.666151410aa97cf4e548.js Show response
www.woodside.com/assets/dist/ 4 KB
5 KB 95ms
95ms Script
text/javascript 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/dist/1023.666151410aa97cf4e548.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4158ac711873bdb3b4e09a8b2dd208e7308ac4f72beb39bf7c49cf22a8a52660

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
age: 101380
content-length: 2023
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:02 GMT
server: cloudflare
etag: "016dbd50cbd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fb87d8cfa493e5e-ADL

GET
H2 200 4926.573273ea8a4511bcff4c.js Show response
www.woodside.com/assets/dist/ 141 KB
58 KB 96ms
96ms Script
text/javascript 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/dist/4926.573273ea8a4511bcff4c.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04dc0d665711eb65734b5cea61434d9b70d0068808fc87f017d1b15b8e7041b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
age: 97461
content-length: 56773
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:02 GMT
server: cloudflare
etag: "016dbd50cbd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fb87d8cfa4c3e5e-ADL

GET
H2 200 9008.34e29e3c386772bd8faf.js Show response
www.woodside.com/assets/dist/ 24 KB
9 KB 99ms
99ms Script
text/javascript 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/dist/9008.34e29e3c386772bd8faf.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c98cba77e644832684d44ba544e35e36954618ddcffb3dbabb53d5be92af2c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
age: 97461
content-length: 6634
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:02 GMT
server: cloudflare
etag: "016dbd50cbd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fb87d8cfa4d3e5e-ADL

GET
H2 200 5288.5dd1dc32409e935ae4ef.js Show response
www.woodside.com/assets/dist/ 18 KB
8 KB 91ms
91ms Script
text/javascript 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/dist/5288.5dd1dc32409e935ae4ef.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c4e51b573a8c254f10a66c4c5e3074e5c4894810978d87990853a2528e8c67c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
age: 97461
content-length: 5450
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:02 GMT
server: cloudflare
etag: "016dbd50cbd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fb87d8cfa4e3e5e-ADL

GET
H2 200 2323.20fca055766e91aa5b53.js Show response
www.woodside.com/assets/dist/ 4 KB
5 KB 96ms
96ms Script
text/javascript 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/dist/2323.20fca055766e91aa5b53.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a98ff3a606fe0d55940baa069af045feeb6fd190c546e735d383a9632e83aae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
age: 101380
content-length: 2246
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:02 GMT
server: cloudflare
etag: "016dbd50cbd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fb87d8cfa543e5e-ADL

GET
H2 200 193.fa285dd44b93ea358bd7.js Show response
www.woodside.com/assets/dist/ 441 B
3 KB 98ms
98ms Script
text/javascript 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/assets/dist/193.fa285dd44b93ea358bd7.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd6180dd2cf4bd93a88eb6a4a75513978c73b375a38a52f7f8331ed64496a680

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
age: 101380
content-length: 393
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:02 GMT
server: cloudflare
etag: "016dbd50cbd91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fb87d8d0a5c3e5e-ADL

GET
H2 200 flag-australia.svg
www.woodside.com/assets/static/images/svg/svgo/ 1 KB
3 KB 97ms
97ms Image
image/svg+xml 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodside.com/assets/static/images/svg/svgo/flag-australia.svg

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9485fe9a8658ca69ddb2f80bad5d307ada75687cb3cab5ff9eac7e85f02fd955

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 101381
content-encoding: gzip
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:04 GMT
server: cloudflare
etag: W/"02e9ebe50cbd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7fb87d8d0a6b3e5e-ADL

GET
H2 200 icon-arrow-white.svg
www.woodside.com/assets/static/images/svg/svgo/ 240 B
3 KB 97ms
96ms Image
image/svg+xml 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodside.com/assets/static/images/svg/svgo/icon-arrow-white.svg

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d80f8dc0ea1b050aa9f16c3e5e6f60ad381542766a9935f9c0c8855c60e4eadb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 97503
content-encoding: gzip
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Aug 2023 06:06:04 GMT
server: cloudflare
etag: W/"02e9ebe50cbd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 7fb87d8d0a723e5e-ADL

GET
H2 200 footer-top.jpg
www.woodside.com/assets/static/images/v2/ 109 KB
112 KB 106ms
106ms Image
image/jpeg 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodside.com/assets/static/images/v2/footer-top.jpg

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17f605618908ac910e865f672970bf9d50a4c5852220d3559778041ea9446706

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:51 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 101381
content-length: 112043
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
cf-bgj: h2pri
last-modified: Thu, 10 Aug 2023 06:06:04 GMT
server: cloudflare
etag: "02e9ebe50cbd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7fb87d8d0a743e5e-ADL

GET
H2 200 woodside_2021_pluto-seng--200-web.tmb-590x660.jpg
www.woodside.com/images/default-source/1-our-business-images/ 82 KB
85 KB 1297ms
1297ms Image
image/jpeg 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.woodside.com/images/default-source/1-our-business-images/woodside_2021_pluto-seng--200-web.tmb-590x660.jpg?sfvrsn=4cf1b7c7_1

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0accadac9ee5bc03d7c7ed0fcde22cb83e421f0b2ddcc69e3b72df5107eb1ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:52 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: BYPASS
x-aspnet-version: 4.0.30319
content-disposition: inline; filename=woodside_2021_pluto-seng--200-web.jpg
content-length: 84299
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Nov 2022 03:31:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=7776000
accept-ranges: bytes
cf-ray: 7fb87d8d4ae23e5e-ADL
expires: Wed, 22 Nov 2023 03:25:20 GMT

GET
H2 200 accordionitems Show response
www.woodside.com/api/public/ 4 KB
2 KB 996ms
995ms Fetch
application/json 104.22.50.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woodside.com/api/public/accordionitems?%24select=*&%24filter=ParentId+eq+646ef4cf-a28f-4848-a283-d8aa04bf922d&%24expand=Thumbnail&%24count=true&%24orderby=SortOrder&sf_provider=OpenAccessProvider

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.50.76 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8d8f39c4363438215b96371e758b49879ee732f2315713af31b48cbc1cab3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
sentry-trace: 5beac4b5ded141a7a2e6b78989c8282a-8b9051b096439885-1
Content-Type: application/json

Response headers

expires: Mon, 01 Jan 0001 00:00:00 GMT
pragma: no-cache
date: Thu, 24 Aug 2023 03:25:52 GMT
content-encoding: gzip
odata-version: 4.0
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
content-type: application/json; odata.metadata=minimal
cache-control: no-store, must-revalidate, no-cache
cf-ray: 7fb87d8ddba53e5e-ADL
x-xss-protection: 1;mode=block
x-ua-compatible: IE=Edge

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/686464677/ 3 KB
2 KB 433ms
150ms Script
text/javascript 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/686464677/?random=1692847551878&cv=11&fst=1692847551878&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&hn=www.googleadservices.com&frm=0&tiba=Heritage%20BHP%20Petroleum%20Suppliers%20-%20Woodside%20Energy&auid=1807364274.1692847552&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

2696efefe1acd6ddabec37e7e927f255ef0f2ffb28ba6cf8afbc7c678758b553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:25:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-1363186.js Show response
static.hotjar.com/c/ 9 KB
4 KB 613ms
358ms Script
application/javascript 13.224.167.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1363186.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.167.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-167-54.hkg54.r.cloudfront.net

Software

Resource Hash

c24ab957af894d7d98f45da55a20243df86da46f990f0c10f4c591ad892e67ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 24 Aug 2023 03:25:52 GMT
via: 1.1 52f7257d0c699edd83950a4ebf27c3cc.cloudfront.net (CloudFront)
x-amz-cf-pop: HKG54-C1
etag: W/8d772ad56ff981eccfdb74afe489e3f0
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 6nt2dII4oCjsRQ2tvzV6aCdeD_UQKnkiS6BIWlr2pEywn9wq6qu9Rg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 423ms
140ms Script
text/javascript 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Aug 2023 02:04:12 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4900
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 24 Aug 2023 04:04:12 GMT

GET
H2

200

activityi;dc_pre=CLDBjsis9IADFUNLwgUdDRYGwA;src=13052658;type=Page;cat=all;ord=5753489646976;auiddc=1807364274.1692847552;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht... Show response
13052658.fls.doubleclick.net/ Frame E3B6
Redirect Chain

https://13052658.fls.doubleclick.net/activityi;src=13052658;type=Page;cat=all;ord=5753489646976;auiddc=1807364274.1692847552;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref...
https://13052658.fls.doubleclick.net/activityi;dc_pre=CLDBjsis9IADFUNLwgUdDRYGwA;src=13052658;type=Page;cat=all;ord=5753489646976;auiddc=1807364274.1692847552;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;u...

488 B
622 B

194ms
194ms

Document
text/html

74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://13052658.fls.doubleclick.net/activityi;dc_pre=CLDBjsis9IADFUNLwgUdDRYGwA;src=13052658;type=Page;cat=all;ord=5753489646976;auiddc=1807364274.1692847552;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

cafe /

Resource Hash

ab0a2f623e16fd19d6f572a7f9d269bc168854b6f848fb405e95be4545f2e7e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 03:25:52 GMT
expires: Thu, 24 Aug 2023 03:25:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 03:25:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://13052658.fls.doubleclick.net/activityi;dc_pre=CLDBjsis9IADFUNLwgUdDRYGwA;src=13052658;type=Page;cat=all;ord=5753489646976;auiddc=1807364274.1692847552;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 173 KB
47 KB 285ms
95ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 24 Aug 2023 03:25:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47412
x-xss-protection: 0
pragma: public
x-fb-debug: XzpHEMvoAZ7v0hgJl00Bi0zKKsjzEx4JhmZ31zXQN1qdWnXhWZx+mGRWxkRkruf89f0vCpvTXuwdrbkEZQpRfA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

iframe_api Show response
www.youtube.com/
Redirect Chain

https://youtube.com.au/iframe_api
https://www.youtube.com/iframe_api?gl=AU

993 B
2 KB

437ms
154ms

Script
text/javascript

142.250.4.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api?gl=AU

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Server

142.250.4.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f91.1e100.net

Software

ESF /

Resource Hash

1418c4469b7215d7c7f537188a75b842b1909441e759d1e60975e7437fb5eb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 24 Aug 2023 03:25:52 GMT

Redirect headers

date: Thu, 24 Aug 2023 03:25:52 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_reporting_fallback","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_reporting_fallback"}]}
content-type: application/binary
location: https://www.youtube.com/iframe_api?gl=AU
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_reporting_fallback"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 299ms
96ms Script
application/x-javascript 42.99.140.192
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),

Reverse DNS

ip-42-99-140-192.pacnet.net

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 09:07:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=56386
accept-ranges: bytes
content-length: 4862

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
90 KB 145ms
143ms Script
application/javascript 74.125.68.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X81LG9DVNR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

e8a0dee2889caedb8bb0143d75ca4e178fb41445173c4b4a61a7817c3babe37f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91655
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 03:25:52 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
255 B 428ms
141ms Ping
text/plain 172.253.118.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-X81LG9DVNR&gtm=45je38l0&_p=799268667&_gaz=1&cid=1794705064.1692847552&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1692847552&sct=1&seg=0&dl=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&dt=Heritage%20BHP%20Petroleum%20Suppliers%20-%20Woodside%20Energy&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X81LG9DVNR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.118.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sl-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:25:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.woodside.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 427ms
140ms Ping
text/plain 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X81LG9DVNR&cid=1794705064.1692847552&gtm=45je38l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X81LG9DVNR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:25:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.woodside.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
408 B 433ms
147ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X81LG9DVNR&cid=1794705064.1692847552&gtm=45je38l0&aip=1&z=530357173

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:25:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1807450,529195/domain/woodside.com/ 36 B
376 B 384ms
127ms XHR
application/json 13.224.167.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1807450,529195/domain/woodside.com/token
Requested by: Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.167.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-167-105.hkg54.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:30:19 GMT
content-encoding: gzip
via: 1.1 34e1f7719ddcee5eb0a04517a96cfe16.cloudfront.net (CloudFront)
x-amz-cf-pop: HKG54-C1
age: 3333
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: msgIaP84Zj4G4FS2WUGLGPB_ZXpEHLX_GmRzXLilSg0262HGUi6Tuw==

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692847552210&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692847552210&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1807450%252C529195%26time%3D1692847552210%26url%3Dhttps%253A%252F%252Fwww.woodsid...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692847552210&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true&liSync=true

0
418 B

276ms
276ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692847552210&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true&liSync=true
Requested by: Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:53 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 2F9A75B655C0470CBD61DF825DC1D031 Ref B: PER311000104027 Ref C: 2023-08-24T03:25:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDoskTxYQtYk9GJVWvQw==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options: nosniff
date: Thu, 24 Aug 2023 03:25:52 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYDoskPWie+gCZNQASLAw==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 15BDC901313B4CDDBDEBA8302224716B Ref B: PER311000104027 Ref C: 2023-08-24T03:25:52Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692847552210&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1807450,529195/domain/woodside.com/ 36 B
374 B 388ms
132ms XHR
application/json 13.224.167.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1807450,529195/domain/woodside.com/token
Requested by: Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.167.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-167-105.hkg54.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:30:19 GMT
content-encoding: gzip
via: 1.1 34e1f7719ddcee5eb0a04517a96cfe16.cloudfront.net (CloudFront)
x-amz-cf-pop: HKG54-C1
age: 3333
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: _PVhgPouDs2iXMDLFmTCyIrp9q9eCv3V14bgvdlDUhXIWHs52TRG-A==

GET
H2 200 227816915283252 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 329ms
328ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/227816915283252?v=2.9.124&r=stable&domain=www.woodside.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

ad8996523c9cc631afec0aaba94c47f6aee8505f73d15fa795ef233f73abc8eb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 24 Aug 2023 03:25:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: t0eHdycm3DhaB5qoNlDSea6jkiY2Xos8gOwh2DRrVVb/M2GpCtKomMp4b8VnG8Vy9KvmOU6V5S/PKGb+YhLOnA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/686464677/ 42 B
154 B 432ms
148ms Image
image/gif 142.251.10.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/686464677/?random=1692847551878&cv=11&fst=1692846000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&frm=0&tiba=Heritage%20BHP%20Petroleum%20Suppliers%20-%20Woodside%20Energy&fmt=3&is_vtc=1&random=2680930764&rmt_tld=0&ipr=y

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:25:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/686464677/ 42 B
154 B 254ms
147ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/686464677/?random=1692847551878&cv=11&fst=1692846000000&bg=ffffff&guid=ON&async=1&gtm=45He38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&frm=0&tiba=Heritage%20BHP%20Petroleum%20Suppliers%20-%20Woodside%20Energy&fmt=3&is_vtc=1&random=2680930764&rmt_tld=1&ipr=y

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:25:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 142ms
141ms XHR
text/plain 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=799268667&t=pageview&_s=1&dl=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&ul=en-us&de=UTF-8&dt=Heritage%20BHP%20Petroleum%20Suppliers%20-%20Woodside%20Energy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=1492874581&gjid=978713439&cid=1794705064.1692847552&tid=UA-23398199-1&_gid=1115822139.1692847552&_slc=1&gtm=45He38l0n81P65FJKR&z=937665188

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:25:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.woodside.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
155 B 194ms
146ms XHR
text/plain 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-23398199-1&cid=1794705064.1692847552&jid=1492874581&gjid=978713439&_gid=1115822139.1692847552&_u=YCDAgEABAAAAAGAAI~&z=1890097699

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Aug 2023 03:25:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.woodside.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.14b820ab47d618317075.js Show response
script.hotjar.com/ 223 KB
55 KB 436ms
172ms Script
application/javascript 54.192.18.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.14b820ab47d618317075.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1363186.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.18.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-18-82.hkg62.r.cloudfront.net

Software

Resource Hash

55c4d362579276afb8524a825c6e998ebebf2fe7af36b454c71291c7cebfc447

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fc88834ae218426155d37169e2c41986.cloudfront.net (CloudFront)
x-amz-cf-pop: HKG62-C2
age: 65025
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55646
last-modified: Wed, 23 Aug 2023 09:21:33 GMT
etag: "acd31f178f50b6cbf2246edb86e5753a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: n5nz2ocIiPeHSAULg0yQhlpN1f5mASZ81awpgfKMDTvjTT0EbW-ung==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 174ms
145ms Image
image/gif 142.251.10.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23398199-1&cid=1794705064.1692847552&jid=1492874581&_u=YCDAgEABAAAAAGAAI~&z=607344605

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:25:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 145ms
144ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23398199-1&cid=1794705064.1692847552&jid=1492874581&_u=YCDAgEABAAAAAGAAI~&z=607344605

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:25:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLDBjsis9IADFUNLwgUdDRYGwA;src=13052658;type=Page;cat=all;ord=5753489646976;auiddc=*;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2...
adservice.google.com/ddm/fls/z/ Frame E3B6 42 B
401 B 478ms
194ms Image
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLDBjsis9IADFUNLwgUdDRYGwA;src=13052658;type=Page;cat=all;ord=5753489646976;auiddc=*;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers

Requested by

Host: 13052658.fls.doubleclick.net
URL: https://13052658.fls.doubleclick.net/activityi;dc_pre=CLDBjsis9IADFUNLwgUdDRYGwA;src=13052658;type=Page;cat=all;ord=5753489646976;auiddc=1807364274.1692847552;gtm=45He38l0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://13052658.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:25:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/21812a9c/www-widgetapi.vflset/ 209 KB
65 KB 143ms
143ms Script
text/javascript 142.250.4.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21812a9c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: youtube.com.au
URL: https://youtube.com.au/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f91.1e100.net

Software

sffe /

Resource Hash

af649b6e2d250069f4e035013d43a4e147479e05c620c800d4dae35124a4ff24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 07:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 245027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66086
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Aug 2024 07:22:05 GMT

GET
H3 200 193390458229862 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 339ms
339ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/193390458229862?v=2.9.124&r=stable&domain=www.woodside.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

6e8817dd4188c312f2e0c5bd545eefd97eda3de5ca5e96133e11664466d34b1f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 24 Aug 2023 03:25:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 4vVIic5kHtegfRQvhBcnq2Vse19E4NGkxicsSGaaY7GxMUK6yDx6/NnIOPAWM3DRbTSRnKk4wykb/JMi2RPWJQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 285ms
95ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=227816915283252&ev=PageView&dl=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&rl=&if=false&ts=1692847552850&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692847552848.1222195442&it=1692847552300&coo=false&rqm=GET

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Aug 2023 03:25:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 browser-perf.1c7ecd2be12644b9e658.js Show response
script.hotjar.com/ 6 KB
2 KB 126ms
126ms Script
application/javascript 54.192.18.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.1c7ecd2be12644b9e658.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.14b820ab47d618317075.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.18.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-18-82.hkg62.r.cloudfront.net

Software

Resource Hash

37c5396a8f8c91466be1ab221bf6f86330013f0ce91cec575b8d9163b517da68

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fc88834ae218426155d37169e2c41986.cloudfront.net (CloudFront)
x-amz-cf-pop: HKG62-C2
age: 497716
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2011
last-modified: Fri, 18 Aug 2023 09:05:29 GMT
etag: "45a46deaac94afc7df5a17fb8b1a8233"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: nENnxGRxybLDouot4cQg124hK752n7KYzNt1lL3V4zuB17vP1r1fIg==

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 95ms
94ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=193390458229862&ev=PageView&dl=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&rl=&if=false&ts=1692847553391&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692847552848.1222195442&it=1692847552300&coo=false&rqm=GET

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Aug 2023 03:25:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 16AE 0
50 B 95ms
94ms Document
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.woodside.com
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.woodside.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 03:25:53 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
15 KB 147ms
48ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-1216.min.js

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: br
via: 1.1 varnish
date: Thu, 24 Aug 2023 03:25:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: 1WR2D3E6WMWYX82F
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15095
x-amz-id-2: oOflcV5rvB+vG2FVWNGcFZp9bVpwBAle5W1UxZsBtQJCu1Y3lN1b2lxWjX2In+U8YgqfQ6cXQrc=
x-served-by: cache-per12622-PER
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1692847554.614158,VS0,VE0
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 275

POST
H2 200 / Show response
o301139.ingest.sentry.io/api/5497341/envelope/ 41 B
108 B 159ms
158ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o301139.ingest.sentry.io/api/5497341/envelope/?sentry_key=469d296126a740919900c4702e87389a&sentry_version=7

Requested by

Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

9ed5f9d00658eac0a1fd991292f7b3f123ab997b15e2fb1645cda7e3534ec55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.woodside.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 24 Aug 2023 03:25:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H/1.1 200
OK b388875461 Show response
bam.nr-data.net/1/ 56 B
490 B 411ms
312ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/b388875461?a=215835845&v=1216.487a282&to=Y1FVZktWWEYEUEVZWlobdmFpGEVTCEVSQFRTUURXS0FfVgAcBFMHVVAHAVwaDgVcBBwEAwcAGlALDwMYB1cCBVEDUVRRDQFQagtcRVhQWVFoV1caV0BLUkJATQ%3D%3D&rst=4701&ck=1&ref=https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers&ap=409&be=2189&fe=4500&dc=2529&perf=%7B%22timing%22:%7B%22of%22:1692847549013,%22n%22:0,%22f%22:288,%22dn%22:288,%22dne%22:303,%22c%22:303,%22s%22:350,%22ce%22:466,%22rq%22:466,%22rp%22:2059,%22rpe%22:2110,%22dl%22:2065,%22di%22:2529,%22ds%22:2529,%22de%22:2531,%22dc%22:4500,%22l%22:4500,%22le%22:4505%7D,%22navigation%22:%7B%7D%7D&fp=2358&fcp=2358&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:25:53 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 56
x-served-by: cache-per12622-PER

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D68B 0
18 B 95ms
94ms Document
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.woodside.com
Referer: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.woodside.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 03:25:53 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.woodside.com/	1970-01-20 16:23:43	Name: _gcl_au Value: 1.1.1807364274.1692847552
.woodside.com/	1970-01-20 23:50:07	Name: _ga_X81LG9DVNR Value: GS1.1.1692847552.1.0.1692847552.60.0.0
.woodside.com/	1970-01-20 23:50:07	Name: _ga Value: GA1.2.1794705064.1692847552
.woodside.com/	1970-01-20 14:15:33	Name: _gid Value: GA1.2.1115822139.1692847552
.woodside.com/	1970-01-20 14:14:07	Name: _dc_gtm_UA-23398199-1 Value: 1
.doubleclick.net/	1970-01-20 23:50:07	Name: IDE Value: AHWqTUmu_Npo9EkucVBo1Ulr-TpPtL2_TO-UjSwwmEEqeZIqJcvD2vyPBkfhjGfbZ28
www.woodside.com/	1970-01-20 14:15:33	Name: ln_or Value: eyIxODA3NDUwLDUyOTE5NSI6ImQifQ%3D%3D
.linkedin.com/	1970-01-20 16:23:43	Name: li_sugr Value: dcf26e1f-8e11-4bad-9332-96c058c66ea0
.linkedin.com/	1970-01-20 22:59:43	Name: bcookie Value: "v=2&e812195a-8871-487f-816e-024182f86355"
.linkedin.com/	1970-01-20 14:15:33	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2575:u=1:x=1:i=1692847552:t=1692933952:v=2:sig=AQEMfy26CQred1r5T3rAbVOLIq8fzKXS"
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: mK2yqT8JzpA
.youtube.com/	1970-01-20 18:33:19	Name: VISITOR_INFO1_LIVE Value: IN0SRQ6i7Os
www.woodside.com/	1970-01-20 14:24:12	Name: AWSALB Value: UdJ231tihYsIOBzYTIU2KTR/A6fxmpDf9HP5Z3nasGvl/iJr+WnomOd95eRETh+j9vklZfT+q1MHSKQLNoJMyEnqV1aKAyuU+Rq0cq423LnM9TpnznfRIulaVr5b
www.woodside.com/	1970-01-20 14:24:12	Name: AWSALBCORS Value: UdJ231tihYsIOBzYTIU2KTR/A6fxmpDf9HP5Z3nasGvl/iJr+WnomOd95eRETh+j9vklZfT+q1MHSKQLNoJMyEnqV1aKAyuU+Rq0cq423LnM9TpnznfRIulaVr5b
.woodside.com/	1970-01-20 16:23:43	Name: _fbp Value: fb.1.1692847552848.1222195442
.linkedin.com/	1970-01-20 14:57:19	Name: UserMatchHistory Value: AQJ_HgtmHKPLkQAAAYolk7kmmrj3is6zq9qAM-Gp4wPNdMT56oQOMtpechGgaxTi3Gahmvo1Aea5-g
.linkedin.com/	1970-01-20 14:57:19	Name: AnalyticsSyncHistory Value: AQJVsVU3RP6kigAAAYolk7kmRC-pyFDd7xJEPI5z4FUtAxDvUB4iufmuVwOmSSX27JenfOgtOsaVD1G3eC00Lw
.woodside.com/	1970-01-20 22:59:43	Name: _hjSessionUser_1363186 Value: eyJpZCI6IjkxMWZiYzQzLTk4ZjEtNTUzNy04MWJkLTBiZDIzZTlmYjg2ZCIsImNyZWF0ZWQiOjE2OTI4NDc1NTMwMjQsImV4aXN0aW5nIjpmYWxzZX0=
.woodside.com/	1970-01-20 14:14:09	Name: _hjFirstSeen Value: 1
.woodside.com/	1970-01-20 14:14:07	Name: _hjIncludedInSessionSample_1363186 Value: 0
.woodside.com/	1970-01-20 14:14:09	Name: _hjSession_1363186 Value: eyJpZCI6IjE4OGNlYzNhLTBmZDUtNDkyMS1hNTJkLWUzODNlOTQ5MzM3MiIsImNyZWF0ZWQiOjE2OTI4NDc1NTMwMzEsImluU2FtcGxlIjpmYWxzZX0=
.woodside.com/	1970-01-20 14:14:09	Name: _hjAbsoluteSessionInProgress Value: 0
.www.linkedin.com/	1970-01-20 22:59:43	Name: bscookie Value: "v=1&2023082403255394ebb2d7-5d5f-4344-8a34-e06be00c171fAQGcVEOqbqwjuc2YdOBwEGTlLZyWnNnw"
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 6c69b49674fdd939

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io .images-home.com .cloudflare.com .licdn.com .moatads.com .hotjar.com stackpath.bootstrapcdn.com youtube.com.au .youtube.com.au .youtube.com .gstatic.com .weblink.com.au .nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com .google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com .twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net .eloqua.com .en25.com unpkg.com .arcgis.com .addthis.com .addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net .cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com .googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ .twimg.com .arcgis.com assets.juicer.io app.hivo.com.au blob: 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com .arcgis.com .arcgisonline.com static.juicer.io; img-src 'self' .equ.com.au .linkedin.com .woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .images-home.com .s3.amazonaws.com .woodside .adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com .googleapis.com .google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net .dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com app.hivo.com.au blob: .eloqua.com .arcgis.com .arcgisonline.com assets.juicer.io .fbcdn.net .google.com .google.com.au img.juicer.io .fls.doubleclick.net; media-src 'self' .equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com .s3.amazonaws.com .woodside .woodside.com; frame-src 'self' .addthis.com app.hivo.com.au .hotjar.com .twitter.com .youtube.com.au .youtube-nocookie.com .youtube.com .google.com .weblink.com.au .doubleclick.net .facebook.com .tryinteract.com; child-src 'self' .google.com .weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com .facebook.com web.facebook.com badge.stumbleupon.com .addthis.com .youtube-nocookie.com .weblink.com.au; connect-src 'self' api.cognitive.microsoft.com .sentry.io .hotjar.io .hotjar.com ws://.hotjar.com accounts.google.com apis.google.com .dec.sitefinity.com .mktoresp.com .arcgis.com .arcgisonline.com .addthis.com .juicer.io graph.facebook.com .woodside.s3.amazonaws.com .woodside bam.nr-data.net .doubleclick.net .google-analytics.com analytics.google.com .linkedin.oribi.io; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13052658.fls.doubleclick.net
adservice.google.com
analytics.google.com
bam.nr-data.net
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
connect.facebook.net
googleads.g.doubleclick.net
js-agent.newrelic.com
o301139.ingest.sentry.io
px.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
woodside.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.linkedin.com
www.woodside.com
www.youtube.com
youtube.com.au
104.17.25.14
104.22.50.76
13.107.42.14
13.224.167.105
13.224.167.54
142.250.4.91
142.251.10.105
142.251.12.139
142.251.12.155
151.101.130.137
157.240.235.1
157.240.235.35
162.247.243.29
172.253.118.101
34.120.195.249
42.99.140.192
52.62.103.228
54.192.18.82
74.125.130.154
74.125.130.91
74.125.24.148
74.125.24.154
74.125.24.94
74.125.68.97
04dc0d665711eb65734b5cea61434d9b70d0068808fc87f017d1b15b8e7041b6
0c98cba77e644832684d44ba544e35e36954618ddcffb3dbabb53d5be92af2c3
13ae8f3ea861bfc9478c91654cb1e50878ef41fdd64da8361cbdd10bb1571157
1418c4469b7215d7c7f537188a75b842b1909441e759d1e60975e7437fb5eb95
17f605618908ac910e865f672970bf9d50a4c5852220d3559778041ea9446706
1c4e51b573a8c254f10a66c4c5e3074e5c4894810978d87990853a2528e8c67c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2696efefe1acd6ddabec37e7e927f255ef0f2ffb28ba6cf8afbc7c678758b553
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
361dbf74dc44b9e08fd2d543520ed9bcb8e36a2eb095155625528d2dadf63b65
37c5396a8f8c91466be1ab221bf6f86330013f0ce91cec575b8d9163b517da68
39ad2f71fa5264d341cee262b9339f56133f1114d22fceb66547457574b182c4
4158ac711873bdb3b4e09a8b2dd208e7308ac4f72beb39bf7c49cf22a8a52660
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
55c4d362579276afb8524a825c6e998ebebf2fe7af36b454c71291c7cebfc447
61a30c889b9e9b164611b9957440fa66d03ebf19bde458ce7e8f1d23d6709d44
6a98ff3a606fe0d55940baa069af045feeb6fd190c546e735d383a9632e83aae
6e8817dd4188c312f2e0c5bd545eefd97eda3de5ca5e96133e11664466d34b1f
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
90cd377efe018def7f2f6d65b9a34464e929482b20d4181df7a2cacae23fd7ab
920ce4e4c6bc8c57a204ad799b125e18ddf7d1e613a23a48374a75f8dbab50c6
9485fe9a8658ca69ddb2f80bad5d307ada75687cb3cab5ff9eac7e85f02fd955
9ed5f9d00658eac0a1fd991292f7b3f123ab997b15e2fb1645cda7e3534ec55c
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a690d23e39f63413f0c6aa26ba7bb73c22fab2b100ef8abe06b5dfb9247d23e6
ab0a2f623e16fd19d6f572a7f9d269bc168854b6f848fb405e95be4545f2e7e9
ad8996523c9cc631afec0aaba94c47f6aee8505f73d15fa795ef233f73abc8eb
af649b6e2d250069f4e035013d43a4e147479e05c620c800d4dae35124a4ff24
b6e50a9674df765678664c61195e4a5c0dee02ba809b37c9dd2daa0ad2329fe4
ba8d8f39c4363438215b96371e758b49879ee732f2315713af31b48cbc1cab3c
c0accadac9ee5bc03d7c7ed0fcde22cb83e421f0b2ddcc69e3b72df5107eb1ee
c24ab957af894d7d98f45da55a20243df86da46f990f0c10f4c591ad892e67ab
cd6180dd2cf4bd93a88eb6a4a75513978c73b375a38a52f7f8331ed64496a680
d5daf07712bea84b27fb4383f7b85d2e81581a00cda1821122dae8aac6ac5718
d80f8dc0ea1b050aa9f16c3e5e6f60ad381542766a9935f9c0c8855c60e4eadb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e381617f5e1829541e4eace6493aa049dacffb2d2d0127986b48cb805e285b27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a0dee2889caedb8bb0143d75ca4e178fb41445173c4b4a61a7817c3babe37f
eb4e69a48f2d9956c38892e645a7794654593f1e89f6c82096239ff5ea7c5cf4
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f5a2ba71712d171edad16d81123781e735991ec71803d2d9e11718eb535c8e
f476494a887ebcbe147cb63a71b4cb6f0a24c25585bc3986ec6ba8e2db311b05
f5b20c4784723b1ffaeb6968f3002acea74e89ee5b31921af52d3cea556ce4bf
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
ff99878833b36d14a259f3e68f6decd9a6fb2d1a10c7e3c9381c3f30dcddec35

www.woodside.com Open in urlscan Pro 104.22.50.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

0 %IPv6

18 Domains

25 Subdomains

22 IPs

5 Countries

2022 kBTransfer

4330 kBSize

24 Cookies

7 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.woodside.com Open in urlscan Pro
104.22.50.76 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

0 %
IPv6

18
Domains

25
Subdomains

22
IPs

5
Countries

2022 kB
Transfer

4330 kB
Size

24
Cookies

63 HTTP transactions
0 data transactions