urlscan.io logo urlscan.io
SecurityTrails logo

www.woodside.com Open in urlscan Pro
2606:4700:10::6816:324c  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Submission: On August 25 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 63 HTTP transactions. The main IP is 2606:4700:10::6816:324c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.woodside.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 30th 2023. Valid for: a year.
This is the only time www.woodside.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
1 2404:6800:400... 15169 (GOOGLE)
1 13.32.127.36 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
1 2 64.233.170.149 15169 (GOOGLE)
3 2a03:2880:f00... 32934 (FACEBOOK)
1 1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2403:e800:e80... 4637 (ASN-TELST...)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 2600:9000:208... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 13.32.127.25 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
4 2a03:2880:f10... 32934 (FACEBOOK)
1 151.101.194.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
63 22
29    2606:4700:10::6816:324c (United States)

ASN13335 (CLOUDFLARENET, US)
www.woodside.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2404:6800:4003:c01::61 (Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o301139.ingest.sentry.io
1    2404:6800:4003:c05::9d (Singapore)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.32.127.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-127-36.per50.r.cloudfront.net
static.hotjar.com
2    2404:6800:4003:c04::8a (Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    64.233.170.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f149.1e100.net
13052658.fls.doubleclick.net
3    2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2404:6800:4003:c02::5b (Singapore)

ASN15169 (GOOGLE, US)
youtube.com.au
2    2404:6800:4003:c05::be (Singapore)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2403:e800:e80b::2a63:8c8b (Hong Kong)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
snap.licdn.com
2    2404:6800:4003:c03::6a (Singapore)

ASN15169 (GOOGLE, US)
www.google.com
2    2404:6800:4003:c01::9b (Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2404:6800:4003:c04::8b (Singapore)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2600:9000:2084:d200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    13.32.127.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-127-25.per50.r.cloudfront.net
script.hotjar.com
1    2404:6800:4003:c1a::9b (Singapore)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
29 woodside.com
www.woodside.com
1 MB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 357
www.linkedin.com — Cisco Umbrella Rank: 582
px4.ads.linkedin.com — Cisco Umbrella Rank: 6211
5 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
13052658.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
249 B
4 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 166
adservice.google.com — Cisco Umbrella Rank: 100
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
222 KB
2 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 859
751 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
67 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 740
script.hotjar.com — Cisco Umbrella Rank: 946
59 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
186 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 246
627 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 401
39 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 772
5 KB
1 youtube.com.au
youtube.com.au
921 B
1 sentry.io
o301139.ingest.sentry.io
324 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
28 KB
0 google.co.id Failed
www.google.co.id Failed
0 google.com.sg Failed
www.google.com.sg Failed
63 19
Domain Requested by
29 www.woodside.com www.woodside.com
4 www.facebook.com www.woodside.com
3 px.ads.linkedin.com 3 redirects
3 connect.facebook.net www.woodside.com
connect.facebook.net
2 cdn.linkedin.oribi.io www.woodside.com
2 stats.g.doubleclick.net www.woodside.com
www.googletagmanager.com
2 www.google.com www.woodside.com
2 www.youtube.com www.woodside.com
youtube.com.au
2 13052658.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.woodside.com
2 www.googletagmanager.com www.woodside.com
www.googletagmanager.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.woodside.com
1 adservice.google.com 13052658.fls.doubleclick.net
1 script.hotjar.com static.hotjar.com
1 px4.ads.linkedin.com www.woodside.com
1 www.linkedin.com 1 redirects
1 analytics.google.com www.googletagmanager.com
1 snap.licdn.com www.woodside.com
1 youtube.com.au 1 redirects
1 static.hotjar.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 o301139.ingest.sentry.io www.woodside.com
1 cdnjs.cloudflare.com www.woodside.com
0 www.google.co.id Failed www.woodside.com
0 www.google.com.sg Failed www.woodside.com
63 26
Subject Issuer Validity Valid
www.woodside.com.au
COMODO RSA Organization Validation Secure Server CA		 2023-01-30 -
2024-01-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-25 -
2024-08-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-03 -
2023-09-01		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Frame ID: 34855847FC4F3B2F42AEAC5EE2F56259
Requests: 59 HTTP requests in this frame

Frame: https://13052658.fls.doubleclick.net/activityi;dc_pre=CK2q3b_I94ADFZSJ6QUdVpsFjw;src=13052658;type=Page;cat=all;ord=532247003211;auiddc=629412774.1692958130;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers
Frame ID: A7E24BC577F1061C2D417DE7FC924A03
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C28D53F0C8F8AF2C1111D320ACD4E882
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 19674A168E1534A4A0149B38782D36C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heritage BHP Petroleum Suppliers - Woodside Energy

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

92 %
HTTPS

70 %
IPv6

19
Domains

26
Subdomains

22
IPs

3
Countries

1958 kB
Transfer

4325 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://13052658.fls.doubleclick.net/activityi;src=13052658;type=Page;cat=all;ord=532247003211;auiddc=629412774.1692958130;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers HTTP 302
  • https://13052658.fls.doubleclick.net/activityi;dc_pre=CK2q3b_I94ADFZSJ6QUdVpsFjw;src=13052658;type=Page;cat=all;ord=532247003211;auiddc=629412774.1692958130;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers
Request Chain 33
  • https://youtube.com.au/iframe_api HTTP 301
  • https://www.youtube.com/iframe_api?gl=AU
Request Chain 48
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692958130242&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692958130242&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1807450%252C529195%26time%3D1692958130242%26url%3Dhttps%253A%252F%252Fwww.woodside.com%252Fsuppliers%252Fbhp-petroleum-heritage-suppliers%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692958130242&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692958130242&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true&liSync=true&e_ipv6=AQLq_qrCBulXvgAAAYosKwPJIvQ_vmcfx42MRvbCzymQaCWMPgaYUUZfP3Ehfhnb-m2B3qwevcA

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bhp-petroleum-heritage-suppliers
www.woodside.com/suppliers/ 		77 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
403acf2f9b3515973ba5a135ea31cbb49ed0e0992965b13e76f0a5deb289ef50
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
public, max-age=120, s-maxage=30
cf-cache-status
DYNAMIC
cf-ray
7fc309301a4a91c9-SIN
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
content-type
text/html; charset=utf-8
date
Fri, 25 Aug 2023 10:08:49 GMT
expires
Fri, 25 Aug 2023 10:10:48 GMT
last-modified
Fri, 25 Aug 2023 09:44:22 GMT
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge
x-xss-protection
1;mode=block
WebResource.axd
www.woodside.com/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/WebResource.axd?d=DzHrpQl5URXarFHAtrmzFgL92kbV4nrFHQEylqKOwLB3GgACktofyWTnwmCp8AUmOIb9WMd1URdms35pZgzZioB-ya2qS8kW6qlvbdTq7WLYExhYyTMfvlwaN0F5RlIrRSBO3AekmC4WPKr-JHUAPhAZGkhNLHYYekVNcZYTdzWrnJbhWNlfsCFmfy3qeFR90&t=638272731980000000
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff99878833b36d14a259f3e68f6decd9a6fb2d1a10c7e3c9381c3f30dcddec35
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status
REVALIDATED
x-aspnet-version
4.0.30319
strict-transport-security
max-age=31536000; includeSubDomains
content-length
1501
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:38 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
public, max-age=31485368
accept-ranges
bytes
cf-ray
7fc309353f5391c9-SIN
expires
Fri, 23 Aug 2024 20:04:57 GMT
GothamNarrow-Book_Web.woff2
www.woodside.com/assets/fonts/gotham/ 		43 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/fonts/gotham/GothamNarrow-Book_Web.woff2
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a690d23e39f63413f0c6aa26ba7bb73c22fab2b100ef8abe06b5dfb9247d23e6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Origin
https://www.woodside.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
147000
content-length
44405
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:08 GMT
server
cloudflare
etag
"0880c150cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-font-woff2
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc309353f5591c9-SIN
GothamNarrow-Bold_Web.woff2
www.woodside.com/assets/fonts/gotham/ 		41 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/fonts/gotham/GothamNarrow-Bold_Web.woff2
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e381617f5e1829541e4eace6493aa049dacffb2d2d0127986b48cb805e285b27
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Origin
https://www.woodside.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
351700
content-length
42049
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:08 GMT
server
cloudflare
etag
"0880c150cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-font-woff2
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc309353f5691c9-SIN
Knockout-49_Web.woff2
www.woodside.com/assets/fonts/knockout/ 		19 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/fonts/knockout/Knockout-49_Web.woff2
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5daf07712bea84b27fb4383f7b85d2e81581a00cda1821122dae8aac6ac5718
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Origin
https://www.woodside.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
222303
content-length
19813
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:08 GMT
server
cloudflare
etag
"0880c150cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-font-woff2
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc309353f5791c9-SIN
bundleTop.5aa484b3c24e98cde880.css
www.woodside.com/assets/dist/ 		574 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b20c4784723b1ffaeb6968f3002acea74e89ee5b31921af52d3cea556ce4bf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
age
99015
content-length
79284
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:02 GMT
server
cloudflare
etag
"016dbd50cbd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc309353f5891c9-SIN
logo.svg
www.woodside.com/assets/static/images/v2/ 		7 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.woodside.com/assets/static/images/v2/logo.svg
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ad2f71fa5264d341cee262b9339f56133f1114d22fceb66547457574b182c4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
401584
content-encoding
gzip
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:04 GMT
server
cloudflare
etag
W/"02e9ebe50cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7fc30937b98c91c9-SIN
icon-cross.svg
www.woodside.com/assets/static/images/svg/ 		447 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.woodside.com/assets/static/images/svg/icon-cross.svg
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361dbf74dc44b9e08fd2d543520ed9bcb8e36a2eb095155625528d2dadf63b65
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
290199
content-encoding
gzip
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:04 GMT
server
cloudflare
etag
W/"02e9ebe50cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7fc30937d9a091c9-SIN
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1530988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27990
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-6d56"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5NE%2B2ZUhw%2BF%2F5hAwYi4dk08%2BQzo612b81jHkHH0x9OJRIBTwDYDbpI8mzRAh%2BywDJPTJpCxijXCYK01%2B3YFMG75QnjLRoSWC7NGNXFyzz%2B%2FOaxsb4UBo%2B0ToiLJLeSD95saD1YMadUvLMGUPtzGhGmQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fc3093578ae3ff3-SIN
expires
Wed, 14 Aug 2024 10:08:49 GMT
icon-share.svg
www.woodside.com/assets/static/images/v2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.woodside.com/assets/static/images/v2/icon-share.svg
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cd377efe018def7f2f6d65b9a34464e929482b20d4181df7a2cacae23fd7ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
195107
content-encoding
gzip
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:04 GMT
server
cloudflare
etag
W/"02e9ebe50cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7fc30937e9b591c9-SIN
woodside_2021_environment_community-seng--23-web.tmb-page-title.jpg
www.woodside.com/images/default-source/1-our-business-images/ 		513 KB
517 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.woodside.com/images/default-source/1-our-business-images/woodside_2021_environment_community-seng--23-web.tmb-page-title.jpg?sfvrsn=6c70187b_1
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f5a2ba71712d171edad16d81123781e735991ec71803d2d9e11718eb535c8e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:50 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
BYPASS
x-aspnet-version
4.0.30319
content-disposition
inline; filename=Woodside_2021_Environment_Community-SENG--23-web.jpg
content-length
525251
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 02 Nov 2022 03:18:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
7fc30937f9b691c9-SIN
expires
Thu, 23 Nov 2023 10:08:50 GMT
woodside-photography-2018---on-site-189-image-by-jarrad-seng.tmb-1700x480.jpg
www.woodside.com/images/default-source/default-album/ 		67 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.woodside.com/images/default-source/default-album/woodside-photography-2018---on-site-189-image-by-jarrad-seng.tmb-1700x480.jpg?sfvrsn=34ea5e0a_2
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f476494a887ebcbe147cb63a71b4cb6f0a24c25585bc3986ec6ba8e2db311b05
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:50 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
BYPASS
x-aspnet-version
4.0.30319
content-disposition
inline; filename=woodside-photography-2018---on-site-189-image-by-jarrad-seng.jpg
content-length
68121
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 01 Dec 2020 09:32:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
7fc30937f9b791c9-SIN
expires
Thu, 23 Nov 2023 10:08:50 GMT
email-decode.min.js
www.woodside.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Aug 2023 16:25:27 GMT
server
cloudflare
etag
W/"64e38ff7-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7fc30935afd391c9-SIN
expires
Sun, 27 Aug 2023 10:08:49 GMT
icon-cross.svg
www.woodside.com/assets/static/images/svg/svgo/ 		340 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.woodside.com/assets/static/images/svg/svgo/icon-cross.svg
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e50a9674df765678664c61195e4a5c0dee02ba809b37c9dd2daa0ad2329fe4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
282888
content-encoding
gzip
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:04 GMT
server
cloudflare
etag
W/"02e9ebe50cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7fc30937f9b991c9-SIN
bundleBottom-bundle.5aa484b3c24e98cde880.js
www.woodside.com/assets/dist/ 		536 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61a30c889b9e9b164611b9957440fa66d03ebf19bde458ce7e8f1d23d6709d44
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
age
99015
content-length
163708
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:02 GMT
server
cloudflare
etag
"016dbd50cbd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc30935afdd91c9-SIN
language-selector.min.js
www.woodside.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Navigation/Mvc/Scripts/LanguageSelector/ 		151 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Navigation/Mvc/Scripts/LanguageSelector/language-selector.min.js?package=WoodsideResources&v=MTMuMy43NjM3LjA%3d
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
920ce4e4c6bc8c57a204ad799b125e18ddf7d1e613a23a48374a75f8dbab50c6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status
BYPASS
x-aspnet-version
4.0.30319
strict-transport-security
max-age=31536000; includeSubDomains
content-length
253
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:42 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fc30935e80e91c9-SIN
expires
Fri, 01 Sep 2023 10:08:49 GMT
gtm.js
www.googletagmanager.com/ 		313 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32e78dfdb3b0b87e56b74f041c6093e597e6b67e3e7a82a05e2500985c340ff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97886
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 25 Aug 2023 10:08:49 GMT
flag-australia.svg
www.woodside.com/assets/static/images/svg/svgo/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.woodside.com/assets/static/images/svg/svgo/flag-australia.svg
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9485fe9a8658ca69ddb2f80bad5d307ada75687cb3cab5ff9eac7e85f02fd955
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
120528
content-encoding
gzip
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:04 GMT
server
cloudflare
etag
W/"02e9ebe50cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7fc3093819dd91c9-SIN
icon-arrow-white.svg
www.woodside.com/assets/static/images/svg/svgo/ 		240 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.woodside.com/assets/static/images/svg/svgo/icon-arrow-white.svg
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d80f8dc0ea1b050aa9f16c3e5e6f60ad381542766a9935f9c0c8855c60e4eadb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
381855
content-encoding
gzip
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:04 GMT
server
cloudflare
etag
W/"02e9ebe50cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7fc3093819df91c9-SIN
footer-top.jpg
www.woodside.com/assets/static/images/v2/ 		109 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.woodside.com/assets/static/images/v2/footer-top.jpg
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f605618908ac910e865f672970bf9d50a4c5852220d3559778041ea9446706
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
179764
content-length
112043
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
cf-bgj
h2pri
last-modified
Thu, 10 Aug 2023 06:06:04 GMT
server
cloudflare
etag
"02e9ebe50cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc3093819e091c9-SIN
Gotham-Bold_Web.woff2
www.woodside.com/assets/fonts/gotham/ 		38 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/fonts/gotham/Gotham-Bold_Web.woff2
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.woodside.com/assets/dist/bundleTop.5aa484b3c24e98cde880.css?package=WoodsideResources
Origin
https://www.woodside.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
269790
content-length
39264
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:08 GMT
server
cloudflare
etag
"0880c150cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-font-woff2
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc3093819e191c9-SIN
woodside_2021_pluto-seng--200-web.tmb-590x660.jpg
www.woodside.com/images/default-source/1-our-business-images/ 		82 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.woodside.com/images/default-source/1-our-business-images/woodside_2021_pluto-seng--200-web.tmb-590x660.jpg?sfvrsn=4cf1b7c7_1
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0accadac9ee5bc03d7c7ed0fcde22cb83e421f0b2ddcc69e3b72df5107eb1ee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:50 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
BYPASS
x-aspnet-version
4.0.30319
content-disposition
inline; filename=woodside_2021_pluto-seng--200-web.jpg
content-length
84299
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 02 Nov 2022 03:31:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=7776000
accept-ranges
bytes
cf-ray
7fc3093829e791c9-SIN
expires
Thu, 23 Nov 2023 10:08:50 GMT
/
o301139.ingest.sentry.io/api/5497341/envelope/ 		2 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o301139.ingest.sentry.io/api/5497341/envelope/?sentry_key=469d296126a740919900c4702e87389a&sentry_version=7
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.woodside.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 25 Aug 2023 10:08:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
1023.666151410aa97cf4e548.js
www.woodside.com/assets/dist/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/dist/1023.666151410aa97cf4e548.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4158ac711873bdb3b4e09a8b2dd208e7308ac4f72beb39bf7c49cf22a8a52660
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
age
290198
content-length
2023
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:02 GMT
server
cloudflare
etag
"016dbd50cbd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc309385a0f91c9-SIN
4926.573273ea8a4511bcff4c.js
www.woodside.com/assets/dist/ 		141 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/dist/4926.573273ea8a4511bcff4c.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04dc0d665711eb65734b5cea61434d9b70d0068808fc87f017d1b15b8e7041b6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
age
503175
content-length
56773
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:02 GMT
server
cloudflare
etag
"016dbd50cbd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc309385a1091c9-SIN
9008.34e29e3c386772bd8faf.js
www.woodside.com/assets/dist/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/dist/9008.34e29e3c386772bd8faf.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c98cba77e644832684d44ba544e35e36954618ddcffb3dbabb53d5be92af2c3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
age
28880
content-length
6634
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:02 GMT
server
cloudflare
etag
"016dbd50cbd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc309385a1291c9-SIN
5288.5dd1dc32409e935ae4ef.js
www.woodside.com/assets/dist/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/dist/5288.5dd1dc32409e935ae4ef.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c4e51b573a8c254f10a66c4c5e3074e5c4894810978d87990853a2528e8c67c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
age
503175
content-length
5450
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:02 GMT
server
cloudflare
etag
"016dbd50cbd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc309385a1391c9-SIN
2323.20fca055766e91aa5b53.js
www.woodside.com/assets/dist/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/dist/2323.20fca055766e91aa5b53.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a98ff3a606fe0d55940baa069af045feeb6fd190c546e735d383a9632e83aae
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
age
99014
content-length
1879
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:02 GMT
server
cloudflare
etag
"016dbd50cbd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc309385a1791c9-SIN
193.fa285dd44b93ea358bd7.js
www.woodside.com/assets/dist/ 		441 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/dist/193.fa285dd44b93ea358bd7.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd6180dd2cf4bd93a88eb6a4a75513978c73b375a38a52f7f8331ed64496a680
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
age
389582
content-length
393
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:02 GMT
server
cloudflare
etag
"016dbd50cbd91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7fc309385a1a91c9-SIN
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/686464677/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/686464677/?random=1692958130061&cv=11&fst=1692958130061&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&hn=www.googleadservices.com&frm=0&tiba=Heritage%20BHP%20Petroleum%20Suppliers%20-%20Woodside%20Energy&auid=629412774.1692958130&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c93c7f2165ea2885e7e6f03c6d02a8e8a0018b64e315511a8e66082fe4b98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Aug 2023 10:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1338
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-1363186.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1363186.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.127.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-127-36.per50.r.cloudfront.net
Software
/
Resource Hash
0a0da9de17c5e77a38a4aed241f91f88d6d9688a3f1c76333a0cc95992a7c596
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 25 Aug 2023 10:07:58 GMT
via
1.1 47aa59e286da4fff2bb68081586c25da.cloudfront.net (CloudFront)
x-amz-cf-pop
PER50-C1
age
52
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/95a917bce668f0d40800cc13ed359e36
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
cvW5M9nuDYkiafuVSrD2F7sIx7PptIrqsslgJHpWeM7UCXDHChsbUQ==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::8a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 25 Aug 2023 09:35:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1987
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 25 Aug 2023 11:35:43 GMT
activityi;dc_pre=CK2q3b_I94ADFZSJ6QUdVpsFjw;src=13052658;type=Page;cat=all;ord=532247003211;auiddc=629412774.1692958130;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=http...
13052658.fls.doubleclick.net/ Frame A7E2
Redirect Chain
  • https://13052658.fls.doubleclick.net/activityi;src=13052658;type=Page;cat=all;ord=532247003211;auiddc=629412774.1692958130;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=h...
  • https://13052658.fls.doubleclick.net/activityi;dc_pre=CK2q3b_I94ADFZSJ6QUdVpsFjw;src=13052658;type=Page;cat=all;ord=532247003211;auiddc=629412774.1692958130;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam...
487 B
618 B 		Document
General
Check archive.org
Download Go to
Full URL
https://13052658.fls.doubleclick.net/activityi;dc_pre=CK2q3b_I94ADFZSJ6QUdVpsFjw;src=13052658;type=Page;cat=all;ord=532247003211;auiddc=629412774.1692958130;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f149.1e100.net
Software
cafe /
Resource Hash
84c4443f1d9ef1a2db4ac8f427cad7ae968b43953a23d71efa50efb5e21cbe52
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
280
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Aug 2023 10:08:50 GMT
expires
Fri, 25 Aug 2023 10:08:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Aug 2023 10:08:50 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://13052658.fls.doubleclick.net/activityi;dc_pre=CK2q3b_I94ADFZSJ6QUdVpsFjw;src=13052658;type=Page;cat=all;ord=532247003211;auiddc=629412774.1692958130;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 25 Aug 2023 10:08:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47412
x-xss-protection
0
pragma
public
x-fb-debug
NCHoV+YWiilHCZl4QF5YQ+OLkkorfJqStxjhMqjIdLt53MIqEeHd2NOJITVJOWFU4nNxiiyah8+J5yiCh41CuQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframe_api
www.youtube.com/
Redirect Chain
  • https://youtube.com.au/iframe_api
  • https://www.youtube.com/iframe_api?gl=AU
993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api?gl=AU
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Server
2404:6800:4003:c05::be , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
367d88211b965cbd7d6152e6a2f21966e30ccccd772424070da909b8006880df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=zh-CN for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 25 Aug 2023 10:08:50 GMT

Redirect headers

date
Fri, 25 Aug 2023 10:08:50 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_reporting_fallback","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_reporting_fallback"}]}
content-type
application/binary
location
https://www.youtube.com/iframe_api?gl=AU
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_reporting_fallback"
expires
Mon, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2403:e800:e80b::2a63:8c8b , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 24 Jul 2023 09:07:54 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=23629
accept-ranges
bytes
content-length
4862
js
www.googletagmanager.com/gtag/ 		273 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X81LG9DVNR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P65FJKR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
45e613a1f75a5370faa0a957bd4937cd34fd21f7fe5240dcb4bcb7e376abe0a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91686
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 25 Aug 2023 10:08:50 GMT
accordionitems
www.woodside.com/api/public/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/api/public/accordionitems?%24select=*&%24filter=ParentId+eq+646ef4cf-a28f-4848-a283-d8aa04bf922d&%24expand=Thumbnail&%24count=true&%24orderby=SortOrder&sf_provider=OpenAccessProvider
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8d8f39c4363438215b96371e758b49879ee732f2315713af31b48cbc1cab3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
sentry-trace
405382a08d8c48319bd7452302a43c7a-867bbd5b0bbbca3d-0
Content-Type
application/json

Response headers

expires
Mon, 01 Jan 0001 00:00:00 GMT
pragma
no-cache
date
Fri, 25 Aug 2023 10:08:50 GMT
content-encoding
gzip
odata-version
4.0
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-frame-options
SAMEORIGIN
content-type
application/json; odata.metadata=minimal
cache-control
no-store, must-revalidate, no-cache
cf-ray
7fc309394af091c9-SIN
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
/
www.google.com/pagead/1p-user-list/686464677/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/686464677/?random=1692958130061&cv=11&fst=1692957600000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&frm=0&tiba=Heritage%20BHP%20Petroleum%20Suppliers%20-%20Woodside%20Energy&fmt=3&is_vtc=1&random=1803198993&rmt_tld=0&ipr=y
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Aug 2023 10:08:50 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.sg/pagead/1p-user-list/686464677/ 		0
0
collect
www.google-analytics.com/j/ 		3 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1031460067&t=pageview&_s=1&dl=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&ul=en-us&de=UTF-8&dt=Heritage%20BHP%20Petroleum%20Suppliers%20-%20Woodside%20Energy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAAI~&jid=612172226&gjid=983595645&cid=1361364072.1692958130&tid=UA-23398199-1&_gid=498230442.1692958130&_slc=1&gtm=45He38n0n81P65FJKR&z=260296976
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::8a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Aug 2023 10:08:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.woodside.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-23398199-1&cid=1361364072.1692958130&jid=612172226&gjid=983595645&_gid=498230442.1692958130&_u=YGBAgEABAAAAAGAAI~&z=382684432
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1ebd6b7a2064b101c90aac25d49114fa42f8fdfed6f0fae442fa8eb73128a448
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 25 Aug 2023 10:08:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.woodside.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
227816915283252
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/227816915283252?v=2.9.124&r=stable&domain=www.woodside.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad8996523c9cc631afec0aaba94c47f6aee8505f73d15fa795ef233f73abc8eb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 25 Aug 2023 10:08:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
qzpDNuQKetqP0BfPDq6S54fZpGof4z9X9ru7lR6yF8+vTEco79OYqQ/C4G/VQttuwNyYsIr31fKMPqVBHO+vUw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-X81LG9DVNR&gtm=45je38n0&_p=1031460067&_gaz=1&cid=1361364072.1692958130&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1692958130&sct=1&seg=0&dl=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&dt=Heritage%20BHP%20Petroleum%20Suppliers%20-%20Woodside%20Energy&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X81LG9DVNR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::8b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Aug 2023 10:08:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.woodside.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X81LG9DVNR&cid=1361364072.1692958130&gtm=45je38n0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X81LG9DVNR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Aug 2023 10:08:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.woodside.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/ 		0
0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23398199-1&cid=1361364072.1692958130&jid=612172226&_u=YGBAgEABAAAAAGAAI~&z=2123617701
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Aug 2023 10:08:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.id/ads/ 		0
0
token
cdn.linkedin.oribi.io/partner/1807450,529195/domain/woodside.com/ 		36 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1807450,529195/domain/woodside.com/token
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2084:d200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 09:31:31 GMT
content-encoding
gzip
via
1.1 0559444022ce3d3996ad1eaef387b23e.cloudfront.net (CloudFront)
x-amz-cf-pop
PER50-C1
age
2239
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
TWujs6NAaAja4AUNWbEhAlEhsRJM5nBYROhCnoAG8-CoEXzv0U_v3g==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692958130242&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692958130242&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1807450%252C529195%26time%3D1692958130242%26url%3Dhttps%253A%252F%252Fwww.woodsid...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692958130242&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692958130242&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true&liSync=tru...
0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692958130242&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true&liSync=true&e_ipv6=AQLq_qrCBulXvgAAAYosKwPJIvQ_vmcfx42MRvbCzymQaCWMPgaYUUZfP3Ehfhnb-m2B3qwevcA
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:50 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 652B4150760E48FF818B445FE60337EB Ref B: SIN30EDGE0810 Ref C: 2023-08-25T10:08:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDvIgK8GdJ6mItrA+O1w==

Redirect headers

date
Fri, 25 Aug 2023 10:08:51 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: AE5BE2C00D04414E9FADDAFFD298291D Ref B: SIN30EDGE0814 Ref C: 2023-08-25T10:08:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1807450%2C529195&time=1692958130242&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&cookiesTest=true&liSync=true&e_ipv6=AQLq_qrCBulXvgAAAYosKwPJIvQ_vmcfx42MRvbCzymQaCWMPgaYUUZfP3Ehfhnb-m2B3qwevcA
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDvIgGsotysuCmsb8KhA==
token
cdn.linkedin.oribi.io/partner/1807450,529195/domain/woodside.com/ 		36 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1807450,529195/domain/woodside.com/token
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2084:d200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 09:31:31 GMT
content-encoding
gzip
via
1.1 0559444022ce3d3996ad1eaef387b23e.cloudfront.net (CloudFront)
x-amz-cf-pop
PER50-C1
age
2239
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
X1DGzJFqeeVZEzEtEB0NNizH62FhFASv0xd-nC0y3cfJkI0Lx4z6oA==
www-widgetapi.js
www.youtube.com/s/player/c153b631/www-widgetapi.vflset/ 		209 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c153b631/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: youtube.com.au
URL: https://youtube.com.au/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::be , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de46fb8e26ef2e02cc96f22b8986c1457c92616aeca80a0ce32b16a0faee024d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 03:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
109482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65919
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 00:38:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 23 Aug 2024 03:44:08 GMT
modules.14b820ab47d618317075.js
script.hotjar.com/ 		223 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.14b820ab47d618317075.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1363186.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.127.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-127-25.per50.r.cloudfront.net
Software
/
Resource Hash
55c4d362579276afb8524a825c6e998ebebf2fe7af36b454c71291c7cebfc447
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 09:22:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 cf45d644cd37957f9f8cf6b65d1e7860.cloudfront.net (CloudFront)
x-amz-cf-pop
PER50-C1
age
175603
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55646
last-modified
Wed, 23 Aug 2023 09:21:33 GMT
etag
"acd31f178f50b6cbf2246edb86e5753a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
yHRaMxppBIH9F6YTbQdCgqWPWUyM79Vu8C_6wHCndvlebhgHj4osAg==
dc_pre=CK2q3b_I94ADFZSJ6QUdVpsFjw;src=13052658;type=Page;cat=all;ord=532247003211;auiddc=*;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2F...
adservice.google.com/ddm/fls/z/ Frame A7E2 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CK2q3b_I94ADFZSJ6QUdVpsFjw;src=13052658;type=Page;cat=all;ord=532247003211;auiddc=*;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers
Requested by
Host: 13052658.fls.doubleclick.net
URL: https://13052658.fls.doubleclick.net/activityi;dc_pre=CK2q3b_I94ADFZSJ6QUdVpsFjw;src=13052658;type=Page;cat=all;ord=532247003211;auiddc=629412774.1692958130;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://13052658.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Aug 2023 10:08:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
193390458229862
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/193390458229862?v=2.9.124&r=stable&domain=www.woodside.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e8817dd4188c312f2e0c5bd545eefd97eda3de5ca5e96133e11664466d34b1f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 25 Aug 2023 10:08:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
6hfghZanqj+Ln2Ddh+h7iGEQWJrnHhaeHxvl8aD5b0uoOeo7Ssl/uKsPf9EBMDKm6ke9qp8CCV00zZUT+TNw2A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=227816915283252&ev=PageView&dl=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&rl=&if=false&ts=1692958130597&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692958130595.1136932894&it=1692958130159&coo=false&rqm=GET
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 25 Aug 2023 10:08:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=193390458229862&ev=PageView&dl=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&rl=&if=false&ts=1692958130980&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=30&fbp=fb.1.1692958130595.1136932894&it=1692958130159&coo=false&rqm=GET
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 25 Aug 2023 10:08:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ Frame C28D 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.woodside.com
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.woodside.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 25 Aug 2023 10:08:51 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 1967 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.woodside.com
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.woodside.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 25 Aug 2023 10:08:51 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
date
Fri, 25 Aug 2023 10:08:51 GMT
via
1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
WPM2YV27P6MFJ9N9
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
39120
x-amz-id-2
yrGn44Tjp1GmUWLZzbp4FcRB1VckW6ZqCqboCjaEDAALNi6XtsJNEkgzHhG0fOoAXZ0g3m/89Sc=
x-served-by
cache-fra-eddf8230062-FRA
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1692958132.953807,VS0,VE0
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
109
icon-cross.svg
www.woodside.com/assets/static/images/svg/ 		447 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/static/images/svg/icon-cross.svg
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
361dbf74dc44b9e08fd2d543520ed9bcb8e36a2eb095155625528d2dadf63b65
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
X-Requested-With
XMLHttpRequest
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:51 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
290201
content-encoding
gzip
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:04 GMT
server
cloudflare
etag
W/"02e9ebe50cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7fc309422b4291c9-SIN
icon-cross.svg
www.woodside.com/assets/static/images/svg/svgo/ 		340 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.woodside.com/assets/static/images/svg/svgo/icon-cross.svg
Requested by
Host: www.woodside.com
URL: https://www.woodside.com/assets/dist/bundleBottom-bundle.5aa484b3c24e98cde880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:324c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e50a9674df765678664c61195e4a5c0dee02ba809b37c9dd2daa0ad2329fe4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
X-Requested-With
XMLHttpRequest
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:08:51 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
282890
content-encoding
gzip
x-xss-protection
1;mode=block
x-ua-compatible
IE=Edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 10 Aug 2023 06:06:04 GMT
server
cloudflare
etag
W/"02e9ebe50cbd91:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
7fc309424b6291c9-SIN
b388875461
bam.nr-data.net/1/ 		56 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/b388875461?a=215835845&v=1216.487a282&to=Y1FVZktWWEYEUEVZWlobdmFpGEVTCEVSQFRTUURXS0FfVgAcBFMHVVAHAVwaDgVcBBwEAwcAGlALDwMYB1cCBVEDUVRRDQFQagtcRVhQWVFoV1caV0BLUkJATQ%3D%3D&rst=3584&ck=1&ref=https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers&ap=307&be=1276&fe=2925&dc=1420&perf=%7B%22timing%22:%7B%22of%22:1692958128619,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:18,%22c%22:18,%22s%22:21,%22ce%22:31,%22rq%22:31,%22rp%22:842,%22rpe%22:846,%22dl%22:848,%22di%22:1419,%22ds%22:1419,%22de%22:1421,%22dc%22:2924,%22l%22:2924,%22le%22:2969%7D,%22navigation%22:%7B%7D%7D&fp=1330&fcp=1330&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Fri, 25 Aug 2023 10:08:52 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
7fc30946698f4053-SIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com.sg
URL
https://www.google.com.sg/pagead/1p-user-list/686464677/?random=1692958130061&cv=11&fst=1692957600000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&frm=0&tiba=Heritage%20BHP%20Petroleum%20Suppliers%20-%20Woodside%20Energy&fmt=3&is_vtc=1&random=1803198993&rmt_tld=1&ipr=y
Domain
www.google.com.sg
URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X81LG9DVNR&cid=1361364072.1692958130&gtm=45je38n0&aip=1&z=309519971
Domain
www.google.co.id
URL
https://www.google.co.id/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23398199-1&cid=1361364072.1692958130&jid=612172226&_u=YGBAgEABAAAAAGAAI~&z=2123617701

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| TrackingConsentManager object| NREUM object| newrelic function| __nr_require object| sentrySettings object| dataLayer function| $ function| jQuery object| webpackChunk object| SENTRY_RELEASE object| regeneratorRuntime object| __SENTRY__ function| openLink object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| library

24 Cookies

Domain/Path Name / Value
.woodside.com/ Name: _gcl_au
Value: 1.1.629412774.1692958130
.woodside.com/ Name: _gid
Value: GA1.2.498230442.1692958130
.woodside.com/ Name: _dc_gtm_UA-23398199-1
Value: 1
.woodside.com/ Name: _ga_X81LG9DVNR
Value: GS1.1.1692958130.1.0.1692958130.60.0.0
.woodside.com/ Name: _ga
Value: GA1.1.1361364072.1692958130
.youtube.com/ Name: YSC
Value: SZaa0VslXd8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: SYyeiFDp7jo
.doubleclick.net/ Name: IDE
Value: AHWqTUkw7Bkt7v9SVTm5shLxI4X7lvupwHfsp9up7kOij8nmkpzCPwoZRm5AWfMw8R8
.linkedin.com/ Name: li_sugr
Value: 22ddfc75-39d4-4e39-9dd2-a883695accd0
.linkedin.com/ Name: bcookie
Value: "v=2&5a4f7056-27a2-43af-814b-0d93b28e4874"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2985:u=1:x=1:i=1692958130:t=1693044530:v=2:sig=AQH2eY2dKLygcVFRJ_4HJktajKwtAJ8h"
.woodside.com/ Name: _fbp
Value: fb.1.1692958130595.1136932894
www.woodside.com/ Name: AWSALB
Value: FvuV3SyFSHXrsSDlG+4FYACrDvQmttgbmOlT/bapWTfhI22esBxuOCOKHGLclNm612zECJSZnGRhVjtJnjw8tvI+fG4Yb+9lqWk7EbSTZTo/JgFPEEqiIa7Q8qsU
www.woodside.com/ Name: AWSALBCORS
Value: FvuV3SyFSHXrsSDlG+4FYACrDvQmttgbmOlT/bapWTfhI22esBxuOCOKHGLclNm612zECJSZnGRhVjtJnjw8tvI+fG4Yb+9lqWk7EbSTZTo/JgFPEEqiIa7Q8qsU
www.woodside.com/ Name: ln_or
Value: eyIxODA3NDUwLDUyOTE5NSI6ImQifQ%3D%3D
.linkedin.com/ Name: UserMatchHistory
Value: AQJNV-aPBGih3gAAAYosKwHIeZpTuHMHzsy_nonM4SQnaEkqzGG9ybxZCuoL1RiMyfsCguOr_2pBLw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJRFAtQ1swC0AAAAYosKwHIo00VhPIQumbefuvX_vuS_-gG-NXG_EIs59jK6_ROKTHHb9dcxnX1h4YC-i37FQ
.woodside.com/ Name: _hjSessionUser_1363186
Value: eyJpZCI6ImFlOTY1YTliLTUxOWQtNTBlYy1hNjE5LTUyYWRjNmE3NmExNCIsImNyZWF0ZWQiOjE2OTI5NTgxMzA3OTAsImV4aXN0aW5nIjpmYWxzZX0=
.woodside.com/ Name: _hjFirstSeen
Value: 1
.woodside.com/ Name: _hjIncludedInSessionSample_1363186
Value: 0
.woodside.com/ Name: _hjSession_1363186
Value: eyJpZCI6ImMxYjkxMzI1LWFlYzAtNDZjNy05ZmYxLTFjMjc5Y2NjNmI2OSIsImNyZWF0ZWQiOjE2OTI5NTgxMzA4MDAsImluU2FtcGxlIjpmYWxzZX0=
.woodside.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230825100850e9b22722-da77-4ed7-830c-02ef17a1d7d1AQH3QdveKzv0aj3CkOXNA8ZNu039sUzU"
.nr-data.net/ Name: JSESSIONID
Value: 8f35f076c3bc44f9

3 Console Messages

Source Level URL
Text
security error URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Message:
Refused to load the image 'https://www.google.com.sg/pagead/1p-user-list/686464677/?random=1692958130061&cv=11&fst=1692957600000&bg=ffffff&guid=ON&async=1&gtm=45He38n0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.woodside.com%2Fsuppliers%2Fbhp-petroleum-heritage-suppliers&frm=0&tiba=Heritage%20BHP%20Petroleum%20Suppliers%20-%20Woodside%20Energy&fmt=3&is_vtc=1&random=1803198993&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net".
security error URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Message:
Refused to load the image 'https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X81LG9DVNR&cid=1361364072.1692958130&gtm=45je38n0&aip=1&z=309519971' because it violates the following Content Security Policy directive: "img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net".
security error URL: https://www.woodside.com/suppliers/bhp-petroleum-heritage-suppliers
Message:
Refused to load the image 'https://www.google.co.id/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23398199-1&cid=1361364072.1692958130&jid=612172226&_u=YGBAgEABAAAAAGAAI~&z=2123617701' because it violates the following Content Security Policy directive: "img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' polyfill.io *.images-home.com *.cloudflare.com *.licdn.com *.moatads.com *.hotjar.com stackpath.bootstrapcdn.com youtube.com.au *.youtube.com.au *.youtube.com *.gstatic.com *.weblink.com.au *.nr-data.net ajax.cloudflare.com js-agent.newrelic.com www.google.com *.google-analytics.com analytics.google.com apis.google.com connect.facebook.net ajax.aspnetcdn.com www.youtube.com/iframe_api www.youtube.com.au/iframe_api platform.twitter.com syndication.twitter.com/ s.ytimg.com publish.twitter.com *.twimg.com platform.linkedin.com platform.stumbleupon.com/1/widgets.js dec.azureedge.net/ munchkin.marketo.net *.eloqua.com *.en25.com unpkg.com *.arcgis.com *.addthis.com *.addthisedge.com assets.juicer.io tagmanager.google.com www.googletagmanager.com app.hivo.com.au snap.licdn.com cdn.polyfill.io www.googleadservices.com googleads.g.doubleclick.net *.cloudflareinsights.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.googleapis.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com dec.azureedge.net platform.twitter.com/css/ *.twimg.com *.arcgis.com assets.juicer.io app.hivo.com.au blob: * 'unsafe-inline'; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com *.arcgis.com *.arcgisonline.com static.juicer.io; img-src 'self' *.equ.com.au *.linkedin.com *.woodside.com woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.images-home.com *.s3.amazonaws.com *.woodside *.adsymptotic.com www.gstatic.com gstatic.com ssl.gstatic.com scontent.cdninstagram.com i.imgur.com yt3.ggpht.com i.ytimg.com stats.g.doubleclick.net maps.gstatic.com maps.googleapis.com *.googleapis.com *.google-analytics.com analytics.google.com platform.tumblr.com web.facebook.com www.facebook.com delicious.com www.redditstatic.com www.linkedin.com syndication.twitter.com static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png dec.azureedge.net *.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com app.hivo.com.au blob: *.eloqua.com *.arcgis.com *.arcgisonline.com assets.juicer.io *.fbcdn.net *.google.com *.google.com.au img.juicer.io *.fls.doubleclick.net; media-src 'self' *.equ.com.au woodside-staging.s3.amazonaws.com woodside-development.s3.amazonaws.com *.s3.amazonaws.com *.woodside *.woodside.com; frame-src 'self' *.addthis.com app.hivo.com.au *.hotjar.com *.twitter.com *.youtube.com.au *.youtube-nocookie.com *.youtube.com *.google.com *.weblink.com.au *.doubleclick.net *.facebook.com *.tryinteract.com; child-src 'self' *.google.com *.weblink.com.au platform.twitter.com syndication.twitter.com www.youtube.com player.vimeo.com w.soundcloud.com apis.google.com accounts.google.com staticxx.facebook.com *.facebook.com web.facebook.com badge.stumbleupon.com *.addthis.com *.youtube-nocookie.com *.weblink.com.au; connect-src 'self' api.cognitive.microsoft.com *.sentry.io *.hotjar.io *.hotjar.com ws://*.hotjar.com accounts.google.com apis.google.com *.dec.sitefinity.com *.mktoresp.com *.arcgis.com *.arcgisonline.com *.addthis.com *.juicer.io graph.facebook.com *.woodside.s3.amazonaws.com *.woodside bam.nr-data.net *.doubleclick.net *.google-analytics.com analytics.google.com *.linkedin.oribi.io; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13052658.fls.doubleclick.net
adservice.google.com
analytics.google.com
bam.nr-data.net
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
connect.facebook.net
googleads.g.doubleclick.net
js-agent.newrelic.com
o301139.ingest.sentry.io
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.co.id
www.google.com
www.google.com.sg
www.googletagmanager.com
www.linkedin.com
www.woodside.com
www.youtube.com
youtube.com.au
www.google.co.id
www.google.com.sg
13.107.42.14
13.32.127.25
13.32.127.36
151.101.194.137
162.247.241.14
2403:e800:e80b::2a63:8c8b
2404:6800:4003:c01::61
2404:6800:4003:c01::9b
2404:6800:4003:c02::5b
2404:6800:4003:c03::6a
2404:6800:4003:c04::8a
2404:6800:4003:c04::8b
2404:6800:4003:c05::9d
2404:6800:4003:c05::be
2404:6800:4003:c1a::9b
2600:9000:2084:d200:2:53b2:240:93a1
2606:4700:10::6816:324c
2606:4700::6811:180e
2620:1ec:21::14
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
34.120.195.249
64.233.170.149
04dc0d665711eb65734b5cea61434d9b70d0068808fc87f017d1b15b8e7041b6
0a0da9de17c5e77a38a4aed241f91f88d6d9688a3f1c76333a0cc95992a7c596
0c98cba77e644832684d44ba544e35e36954618ddcffb3dbabb53d5be92af2c3
17f605618908ac910e865f672970bf9d50a4c5852220d3559778041ea9446706
1c4e51b573a8c254f10a66c4c5e3074e5c4894810978d87990853a2528e8c67c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ebd6b7a2064b101c90aac25d49114fa42f8fdfed6f0fae442fa8eb73128a448
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
32e78dfdb3b0b87e56b74f041c6093e597e6b67e3e7a82a05e2500985c340ff6
361dbf74dc44b9e08fd2d543520ed9bcb8e36a2eb095155625528d2dadf63b65
367d88211b965cbd7d6152e6a2f21966e30ccccd772424070da909b8006880df
39ad2f71fa5264d341cee262b9339f56133f1114d22fceb66547457574b182c4
403acf2f9b3515973ba5a135ea31cbb49ed0e0992965b13e76f0a5deb289ef50
4158ac711873bdb3b4e09a8b2dd208e7308ac4f72beb39bf7c49cf22a8a52660
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e613a1f75a5370faa0a957bd4937cd34fd21f7fe5240dcb4bcb7e376abe0a8
55c4d362579276afb8524a825c6e998ebebf2fe7af36b454c71291c7cebfc447
5c93c7f2165ea2885e7e6f03c6d02a8e8a0018b64e315511a8e66082fe4b98d8
61a30c889b9e9b164611b9957440fa66d03ebf19bde458ce7e8f1d23d6709d44
6a98ff3a606fe0d55940baa069af045feeb6fd190c546e735d383a9632e83aae
6e8817dd4188c312f2e0c5bd545eefd97eda3de5ca5e96133e11664466d34b1f
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
84c4443f1d9ef1a2db4ac8f427cad7ae968b43953a23d71efa50efb5e21cbe52
90cd377efe018def7f2f6d65b9a34464e929482b20d4181df7a2cacae23fd7ab
920ce4e4c6bc8c57a204ad799b125e18ddf7d1e613a23a48374a75f8dbab50c6
9485fe9a8658ca69ddb2f80bad5d307ada75687cb3cab5ff9eac7e85f02fd955
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a690d23e39f63413f0c6aa26ba7bb73c22fab2b100ef8abe06b5dfb9247d23e6
ad8996523c9cc631afec0aaba94c47f6aee8505f73d15fa795ef233f73abc8eb
b6e50a9674df765678664c61195e4a5c0dee02ba809b37c9dd2daa0ad2329fe4
ba8d8f39c4363438215b96371e758b49879ee732f2315713af31b48cbc1cab3c
c0accadac9ee5bc03d7c7ed0fcde22cb83e421f0b2ddcc69e3b72df5107eb1ee
cd6180dd2cf4bd93a88eb6a4a75513978c73b375a38a52f7f8331ed64496a680
d5daf07712bea84b27fb4383f7b85d2e81581a00cda1821122dae8aac6ac5718
d80f8dc0ea1b050aa9f16c3e5e6f60ad381542766a9935f9c0c8855c60e4eadb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de46fb8e26ef2e02cc96f22b8986c1457c92616aeca80a0ce32b16a0faee024d
e381617f5e1829541e4eace6493aa049dacffb2d2d0127986b48cb805e285b27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f5a2ba71712d171edad16d81123781e735991ec71803d2d9e11718eb535c8e
f476494a887ebcbe147cb63a71b4cb6f0a24c25585bc3986ec6ba8e2db311b05
f5b20c4784723b1ffaeb6968f3002acea74e89ee5b31921af52d3cea556ce4bf
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
ff99878833b36d14a259f3e68f6decd9a6fb2d1a10c7e3c9381c3f30dcddec35