www.bathandbodyworks.com Open in urlscan Pro
151.101.67.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mybbwapp.io/
Effective URL:
https://www.bathandbodyworks.com/loyalty-rewards
Submission: On October 18 via api (October 18th 2024, 4:37:28 am UTC) from IN — Scanned from CA

Summary HTTP 182 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 46 IPs in 3 countries across 33 domains to perform 182 HTTP transactions. The main IP is 151.101.67.52, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.bathandbodyworks.com. The Cisco Umbrella rank of the primary domain is 51300.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on August 30th 2024. Valid for: a year.

This is the only time www.bathandbodyworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	50.18.77.146 50.18.77.146	16509 (AMAZON-02) (AMAZON-02)
89	151.101.67.52 151.101.67.52	54113 (FASTLY) (FASTLY)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
10	18.164.116.77 18.164.116.77	16509 (AMAZON-02) (AMAZON-02)
1	172.67.142.245 172.67.142.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	173.194.175.104 173.194.175.104	15169 (GOOGLE) (GOOGLE)
1	172.217.197.94 172.217.197.94	15169 (GOOGLE) (GOOGLE)
3	142.251.163.139 142.251.163.139	15169 (GOOGLE) (GOOGLE)
2	23.47.22.7 23.47.22.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2	108.139.29.174 108.139.29.174	16509 (AMAZON-02) (AMAZON-02)
1	99.83.183.198 99.83.183.198	16509 (AMAZON-02) (AMAZON-02)
1	173.194.68.95 173.194.68.95	15169 (GOOGLE) (GOOGLE)
1	173.194.175.95 173.194.175.95	15169 (GOOGLE) (GOOGLE)
1	34.107.199.61 34.107.199.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.0.150 104.18.0.150	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	34.120.53.196 34.120.53.196	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.92.56 34.120.92.56	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	104.18.86.42 104.18.86.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.155.119 172.64.155.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.83.184.193 99.83.184.193	16509 (AMAZON-02) (AMAZON-02)
3	13.225.63.126 13.225.63.126	16509 (AMAZON-02) (AMAZON-02)
1	52.21.79.130 52.21.79.130	14618 (AMAZON-AES) (AMAZON-AES)
3	23.220.124.232 23.220.124.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.11.213 104.18.11.213	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.226.34.2 13.226.34.2	16509 (AMAZON-02) (AMAZON-02)
1	104.94.118.174 104.94.118.174	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.202.176.11 52.202.176.11	14618 (AMAZON-AES) (AMAZON-AES)
1	108.139.29.36 108.139.29.36	16509 (AMAZON-02) (AMAZON-02)
1	142.250.31.97 142.250.31.97	15169 (GOOGLE) (GOOGLE)
2 2	140.82.114.4 140.82.114.4	36459 (GITHUB) (GITHUB)
1	185.199.110.133 185.199.110.133	54113 (FASTLY) (FASTLY)
1	104.17.99.195 104.17.99.195	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.144.121 172.64.144.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.148.35 172.64.148.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.71.188.88 52.71.188.88	14618 (AMAZON-AES) (AMAZON-AES)
8	34.210.204.137 34.210.204.137	16509 (AMAZON-02) (AMAZON-02)
1	209.85.144.156 209.85.144.156	15169 (GOOGLE) (GOOGLE)
1	74.125.192.157 74.125.192.157	15169 (GOOGLE) (GOOGLE)
2	44.198.30.96 44.198.30.96	14618 (AMAZON-AES) (AMAZON-AES)
1	54.161.222.185 54.161.222.185	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.39.82 63.140.39.82	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.222.94 172.217.222.94	15169 (GOOGLE) (GOOGLE)
1	18.206.129.203 18.206.129.203	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.191.62.149 54.191.62.149	16509 (AMAZON-02) (AMAZON-02)
2	63.140.39.248 63.140.39.248	14618 (AMAZON-AES) (AMAZON-AES)
1	3.74.118.225 3.74.118.225	16509 (AMAZON-02) (AMAZON-02)
6	35.239.153.217 35.239.153.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.66.3.160 34.66.3.160	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
182	46

1 50.18.77.146 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-77-146.us-west-1.compute.amazonaws.com

mybbwapp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

89 151.101.67.52 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.bathandbodyworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

rapid-cdn.yottaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.164.116.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-77.jfk50.r.cloudfront.net

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.175.104 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: qs-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.197.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.163.139 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f139.1e100.net

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.47.22.7 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-22-7.deploy.static.akamaitechnologies.com

static.ordergroove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.29.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-174.jfk50.r.cloudfront.net

cdn.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.183.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a03bd531e8ce9952c.awsglobalaccelerator.com

rapid-1.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.68.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.175.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f95.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.199.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.199.107.34.bc.googleusercontent.com

stk.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.0.150 (None, )

ASN13335 (CLOUDFLARENET, US)

crcldu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.120.53.196 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 196.53.120.34.bc.googleusercontent.com

collector-pxlsxlyya5.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.92.56 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 56.92.120.34.bc.googleusercontent.com

b.px-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.86.42 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.155.119 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.184.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0540a066b92ce4ca.awsglobalaccelerator.com

qoe-1.yottaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.63.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-126.ewr53.r.cloudfront.net

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.79.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-79-130.compute-1.amazonaws.com

p.cquotient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.220.124.232 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-124-232.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.213 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.34.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-2.ewr53.r.cloudfront.net

mi.bathandbodyworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.94.118.174 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-118-174.deploy.static.akamaitechnologies.com

se.monetate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.176.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-176-11.compute-1.amazonaws.com

collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-36.jfk50.r.cloudfront.net

cdn.zineone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 140.82.114.4 (United States) 2 redirects

ASN36459 (GITHUB, US)
PTR: lb-140-82-114-4-iad.github.com

github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.110.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-133.github.com

objects.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.99.195 (None, )

ASN13335 (CLOUDFLARENET, US)

dev.zopim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.121 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bbwi.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.148.35 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

events.attentivemobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.188.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-188-88.compute-1.amazonaws.com

visitor-service-us-east-1.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.210.204.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-204-137.us-west-2.compute.amazonaws.com

cloud.zineone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.144.156 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.192.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f157.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.198.30.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-30-96.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.222.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-222-185.compute-1.amazonaws.com

f.monetate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.39.82 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-82.data.adobedc.net

bathandbody.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.222.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.206.129.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-129-203.compute-1.amazonaws.com

bathandbody.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.191.62.149 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-62-149.us-west-2.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.39.248 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-39-248.data.adobedc.net

aa.bathandbodyworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.118.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-118-225.eu-central-1.compute.amazonaws.com

endpoint-foundever.cognigy.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.239.153.217 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.153.239.35.bc.googleusercontent.com

ingest.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.66.3.160 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.3.66.34.bc.googleusercontent.com

rl.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
93	bathandbodyworks.com www.bathandbodyworks.com — Cisco Umbrella Rank: 51300 mi.bathandbodyworks.com — Cisco Umbrella Rank: 54313 aa.bathandbodyworks.com — Cisco Umbrella Rank: 75874	2 MB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	317 KB
10	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1314	64 KB
9	zineone.com cdn.zineone.com — Cisco Umbrella Rank: 26810 cloud.zineone.com — Cisco Umbrella Rank: 27647	88 KB
9	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 2492 ingest.quantummetric.com — Cisco Umbrella Rank: 2862 rl.quantummetric.com — Cisco Umbrella Rank: 4050	96 KB
8	px-cloud.net stk.px-cloud.net — Cisco Umbrella Rank: 21462 collector-pxlsxlyya5.px-cloud.net — Cisco Umbrella Rank: 68306	2 KB
5	attn.tv cdn.attn.tv — Cisco Umbrella Rank: 4258 bbwi.attn.tv — Cisco Umbrella Rank: 200019	46 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 maps.google.com — Cisco Umbrella Rank: 2646	195 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 243 bathandbody.demdex.net — Cisco Umbrella Rank: 86718	2 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 430	138 KB
3	cquotient.com cdn.cquotient.com — Cisco Umbrella Rank: 7823 p.cquotient.com — Cisco Umbrella Rank: 8428	22 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192	2 KB
2	github.com 2 redirects github.com — Cisco Umbrella Rank: 2780	8 KB
2	tealiumiq.com collect.tealiumiq.com — Cisco Umbrella Rank: 4106 visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 10857	992 B
2	monetate.net se.monetate.net — Cisco Umbrella Rank: 7685 f.monetate.net — Cisco Umbrella Rank: 10614	61 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 maps.googleapis.com — Cisco Umbrella Rank: 445	1 KB
2	yottaa.net rapid-1.yottaa.net — Cisco Umbrella Rank: 27537 qoe-1.yottaa.net — Cisco Umbrella Rank: 11803	692 B
2	ordergroove.com static.ordergroove.com — Cisco Umbrella Rank: 32550	56 KB
1	cognigy.cloud endpoint-foundever.cognigy.cloud — Cisco Umbrella Rank: 576487	4 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1371	490 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 12143	64 B
1	omtrdc.net bathandbody.tt.omtrdc.net — Cisco Umbrella Rank: 76802	1002 B
1	attentivemobile.com events.attentivemobile.com — Cisco Umbrella Rank: 4220
1	zopim.com dev.zopim.com — Cisco Umbrella Rank: 291064	38 KB
1	githubusercontent.com objects.githubusercontent.com — Cisco Umbrella Rank: 12503	2 MB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	93 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	306 B
1	px-cdn.net b.px-cdn.net — Cisco Umbrella Rank: 10655	15 KB
1	crcldu.com crcldu.com — Cisco Umbrella Rank: 2951	534 B
1	gstatic.com www.gstatic.com	18 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1222	13 KB
1	yottaa.com rapid-cdn.yottaa.com — Cisco Umbrella Rank: 12692	37 KB
1	mybbwapp.io 1 redirects mybbwapp.io — Cisco Umbrella Rank: 662402	540 B
182	33

	Domain	Requested by
89	www.bathandbodyworks.com	www.bathandbodyworks.com rapid-cdn.yottaa.com static.ordergroove.com tags.tiqcdn.com
10	cdn.cookielaw.org	rapid-cdn.yottaa.com cdn.cookielaw.org
10	tags.tiqcdn.com	www.bathandbodyworks.com rapid-cdn.yottaa.com
8	cloud.zineone.com	cdn.quantummetric.com
7	collector-pxlsxlyya5.px-cloud.net	www.bathandbodyworks.com cdn.quantummetric.com
6	ingest.quantummetric.com	cdn.quantummetric.com
3	assets.adobedtm.com	rapid-cdn.yottaa.com
3	cdn.attn.tv	rapid-cdn.yottaa.com
3	maps.google.com	www.bathandbodyworks.com rapid-cdn.yottaa.com
2	rl.quantummetric.com	cdn.quantummetric.com
2	aa.bathandbodyworks.com
2	dpm.demdex.net	cdn.quantummetric.com
2	bbwi.attn.tv	cdn.attn.tv
2	github.com	2 redirects
2	mi.bathandbodyworks.com	rapid-cdn.yottaa.com
2	cdn.cquotient.com	www.bathandbodyworks.com
2	static.ordergroove.com	www.bathandbodyworks.com
2	www.google.com	1 redirects
1	endpoint-foundever.cognigy.cloud	cdn.quantummetric.com
1	cm.everesttech.net	1 redirects
1	bathandbody.demdex.net	rapid-cdn.yottaa.com
1	www.google.ca
1	bathandbody.tt.omtrdc.net	cdn.quantummetric.com
1	f.monetate.net	rapid-cdn.yottaa.com
1	td.doubleclick.net	rapid-cdn.yottaa.com
1	googleads.g.doubleclick.net	rapid-cdn.yottaa.com
1	visitor-service-us-east-1.tealiumiq.com	rapid-cdn.yottaa.com
1	events.attentivemobile.com	cdn.attn.tv
1	dev.zopim.com	rapid-cdn.yottaa.com
1	objects.githubusercontent.com
1	www.googletagmanager.com	rapid-cdn.yottaa.com
1	cdn.zineone.com	rapid-cdn.yottaa.com
1	collect.tealiumiq.com	tags.tiqcdn.com
1	se.monetate.net	rapid-cdn.yottaa.com
1	cdn.quantummetric.com	rapid-cdn.yottaa.com
1	p.cquotient.com	rapid-cdn.yottaa.com
1	qoe-1.yottaa.net	rapid-cdn.yottaa.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	b.px-cdn.net	www.bathandbodyworks.com
1	crcldu.com	www.bathandbodyworks.com
1	stk.px-cloud.net	www.bathandbodyworks.com
1	maps.googleapis.com	maps.google.com
1	fonts.googleapis.com	www.bathandbodyworks.com
1	rapid-1.yottaa.net	rapid-cdn.yottaa.com
1	www.gstatic.com	www.bathandbodyworks.com
1	use.fontawesome.com	www.bathandbodyworks.com
1	rapid-cdn.yottaa.com	www.bathandbodyworks.com
1	mybbwapp.io	1 redirects
182	48

This site contains links to these domains. Also see Links.

Domain
customercare.bathandbodyworks.com
mybbwapp.io
www.facebook.com
twitter.com
www.instagram.com
www.tiktok.com
www.youtube.com
www.pinterest.com
www.bbwinc.com
careers.bathandbodyworks.com
bugcrowd.com
www.bathandbodyworks.ca
optout.networkadvertising.org
optout.aboutads.info
www.onetrust.com

Subject Issuer	Validity	Valid
www.bathandbodyworks.com Sectigo RSA Extended Validation Secure Server CA	`2024-08-30` - `2025-08-30`	a year	crt.sh
*.yottaa.com GlobalSign RSA OV SSL CA 2018	`2024-07-23` - `2025-08-24`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
use.fontawesome.com WE1	`2024-09-09` - `2024-12-09`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.ordergroove.com Go Daddy Secure Certificate Authority - G2	`2024-08-09` - `2025-08-20`	a year	crt.sh
*.cquotient.com Amazon RSA 2048 M02	`2024-03-05` - `2025-04-02`	a year	crt.sh
*.yottaa.net GlobalSign RSA OV SSL CA 2018	`2024-09-05` - `2025-10-07`	a year	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2024-08-16` - `2025-09-15`	a year	crt.sh
crcldu.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
b.px-cdn.net WR3	`2024-10-12` - `2025-01-10`	3 months	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.attn.tv Amazon RSA 2048 M02	`2024-04-30` - `2025-05-28`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
quantummetric.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
mi.bathandbodyworks.com Sectigo RSA Organization Validation Secure Server CA	`2024-07-15` - `2025-07-15`	a year	crt.sh
www.monetate.net DigiCert TLS RSA SHA256 2020 CA1	`2024-05-01` - `2025-05-01`	a year	crt.sh
*.tealiumiq.com Amazon RSA 2048 M03	`2024-06-25` - `2025-07-23`	a year	crt.sh
*.zineone.com Amazon RSA 2048 M02	`2024-02-15` - `2025-03-16`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
zopim.com WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
attn.tv WE1	`2024-10-03` - `2025-01-02`	3 months	crt.sh
attentivemobile.com WE1	`2024-10-02` - `2025-01-01`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
*.monetate.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-11` - `2025-10-12`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-03-28`	a year	crt.sh
*.google.ca WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
aa.bathandbodyworks.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-01` - `2025-01-31`	a year	crt.sh
*.cognigy.cloud Go Daddy Secure Certificate Authority - G2	`2023-12-20` - `2025-01-20`	a year	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-19` - `2025-02-13`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.bathandbodyworks.com/loyalty-rewards
Frame ID: 5CB89D2C0ED850FA9E0966409D267CA7
Requests: 162 HTTP requests in this frame

Frame: https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe
Frame ID: A9B339DB3F03737A2644EFD64D8DEF9E
Requests: 7 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16654458344?random=1729226241769&cv=11&fst=1729226241769&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836705&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&hn=www.googleadservices.com&frm=0&tiba=Loyalty%20Rewards%20%7C%20Bath%20%26%20Body%20Works&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=150753589.1729226242&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: F342DD890CCA12742474D87F71643860
Requests: 1 HTTP requests in this frame

Frame: https://bathandbody.demdex.net/dest5.html?d_nsid=0
Frame ID: 1005B26D38111CE58640967CDD7D42EF
Requests: 1 HTTP requests in this frame

Frame: https://ingest.quantummetric.com/horizon/bbw?T=B&u=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&t=1729226241909&v=1729226242783&S=0&N=0&P=0&z=1
Frame ID: F9117B51D9CD9D157FC0261C87A52626
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loyalty Rewards | Bath & Body Works

Page URL History Show full URLs

https://mybbwapp.io/ HTTP 307
http://www.bathandbodyworks.com/loyalty-rewards HTTP 307
https://www.bathandbodyworks.com/loyalty-rewards Page URL

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Yottaa (Tag managers) Expand

Overall confidence: 100%
Detected patterns

cdn\.yottaa\.\w+/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

182
Requests

98 %
HTTPS

0 %
IPv6

33
Domains

48
Subdomains

46
IPs

3
Countries

5813 kB
Transfer

11669 kB
Size

46
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://customercare.bathandbodyworks.com/hc/en-us
Title: Shipping & Returns

Search URL Search Domain Scan URL

URL: https://mybbwapp.io/MemberDownload

Search URL Search Domain Scan URL

URL: https://mybbwapp.io/SnifferDownload
Title: GET THE APP

Search URL Search Domain Scan URL

URL: https://customercare.bathandbodyworks.com/hc/en-us/articles/4410663231891-My-Bath-Body-Works-Rewards-Program-Frequently-Asked-Questions
Title: READ OUR REWARDS PROGRAM FAQS

Search URL Search Domain Scan URL

URL: https://customercare.bathandbodyworks.com/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bathandbodyworks
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/bathbodyworks
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bathandbodyworks/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@bathandbodyworks
Title: tiktok

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/bathandbodyworks/
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/bathbodyworks/
Title: pinterest

Search URL Search Domain Scan URL

URL: https://customercare.bathandbodyworks.com/hc/en-us/articles/4410658776211-Shipping-Options-United-States
Title: Shipping

Search URL Search Domain Scan URL

URL: https://customercare.bathandbodyworks.com/hc/en-us/articles/4410658680083-What-is-your-return-policy
Title: Returns & Exchanges

Search URL Search Domain Scan URL

URL: https://www.bbwinc.com/our-company/about-us
Title: About Us

Search URL Search Domain Scan URL

URL: https://careers.bathandbodyworks.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://bugcrowd.com/bbw-vdp-pro
Title: Security Bug Report

Search URL Search Domain Scan URL

URL: https://www.bbwinc.com/corporate-responsibility/supply-chain/transparency-in-supply-chains
Title: Transparency in Supply Chains

Search URL Search Domain Scan URL

URL: https://www.bathandbodyworks.ca/
Title: SHOP NOW

Search URL Search Domain Scan URL

URL: https://optout.networkadvertising.org/?c=1
Title: Network Advertising Initiative

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/?c=2&lang=EN
Title: Digital Advertising Alliance

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mybbwapp.io/ HTTP 307
http://www.bathandbodyworks.com/loyalty-rewards HTTP 307
https://www.bathandbodyworks.com/loyalty-rewards Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://www.google.com/jsapi?key=AIzaSyBl_gA4R2RUJFJ4Z4DmEtBQoHNmmtirUgY HTTP 301
https://www.gstatic.com/charts/loader.js?key=AIzaSyBl_gA4R2RUJFJ4Z4DmEtBQoHNmmtirUgY

Request Chain 136

https://github.com/Cognigy/Webchat/releases/latest/download/webchat.js HTTP 302
https://github.com/Cognigy/Webchat/releases/download/v3.6.0/webchat.js HTTP 302
https://objects.githubusercontent.com/github-production-release-asset-2e65be/838377826/0b1951ed-f63c-4644-a5f5-a1e036d7ea00?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241018%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241018T043638Z&X-Amz-Expires=300&X-Amz-Signature=99d476d83dd200775d1dda952de5b9f4235aee81172ebbc4c5de10b0dfffd3d3&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dwebchat.js&response-content-type=application%2Foctet-stream

Request Chain 158

https://cm.everesttech.net/cm/dd?d_uuid=13045020657298498292915080557121552423 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxHmAgAAALkYYwOF

182 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request loyalty-rewards Show response
www.bathandbodyworks.com/
Redirect Chain

https://mybbwapp.io/
http://www.bathandbodyworks.com/loyalty-rewards
https://www.bathandbodyworks.com/loyalty-rewards

150 KB
38 KB

613ms
490ms

Document
text/html

151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1aa4f30baa91fec91f86e3ef81014f0e80a70080749cb52ee5e9ee96d7a14de

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: none
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d45d517b935ac88-YYZ
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 18 Oct 2024 04:37:19 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
fastly-restarts: 1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SQn2%2BOJtvl53sWbUZ0PFaKp0l82eebkmIUNSCJlXIk2%2Boa1qEyScisFFU%2BTcz%2BIye7byvbsdXLK3OF6BF8CHso4mqvogc%2BbU06tGnbepaop7BCBFAEcC8T%2BH3f5BTrs08bgOe7J3s0XX3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=300
vary: accept-encoding, Accept-Encoding
via: 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-dw-request-base-id: N8n-Cv7lEWcBAAB_
x-fastly-service-version: 4
x-served-by: cache-yyz4534-YYZ, cache-yyz4534-YYZ

Redirect headers

Location: https://www.bathandbodyworks.com/loyalty-rewards
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 wI9DjgjWFD_TGA.js Show response
rapid-cdn.yottaa.com/rapid/lib/ 122 KB
37 KB 148ms
23ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Requested by: Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3d3eb1c114a7cfcc1f524407e4e2e7e6dac97f9c323a1bc74b7627abfae34d11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: max-age=1800, s-maxage=604800
timing-allow-origin: *
content-encoding: gzip
x-timer: S1729226239.189502,VS0,VE0
age: 278
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 37510
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript;charset=utf-8
x-served-by: cache-yyz4564-YYZ
x-cache-hits: 2
vary: Accept-Encoding

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/bbw/new/prod/ 109 B
539 B 235ms
38ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbw/new/prod/utag.sync.js
Requested by: Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fac54975325a14b4c035468b44e5e2d73c308d811c69e0b754ed8fcf3032580

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

x-amz-version-id: R_QLQz.nUG6s6tkfhinkMNluAkUwL.aQ
etag: "65b5cb3e822686ee281be0133c83b7bf"
age: 132
x-cache: Hit from cloudfront
x-amz-cf-id: QJsh6SvsrHVp3edyU75u93F9hcz1LJ5-Yp2kJkJxfgK3aoIxO-yoag==
date: Fri, 18 Oct 2024 04:35:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2024 14:24:29 GMT
cache-control: max-age=300
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 109
x-amz-cf-pop: JFK50-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 jquery-ui.min.css
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/ui/ 15 KB
5 KB 33ms
24ms Stylesheet
text/css 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/ui/jquery-ui.min.css

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c23aa657d186b077e78898406c306f59d9d0cd1c82247ff97f90f33f64560494

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb4y6hrdEGcBAAB_
age: 67812
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9CFhkUOMU%2BDnHq4cJXGpNguU%2B8rRR9u6dWfuN5UfBqjiPF7N2EhffTSI50fbTGT1%2B1DKd9wjKdPgbrdci9ndjS0n472CdlsaHw%2BG4BRHE0Hmf5ublwP489IRobNgewDSe39UuIpYse37aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2024 13:53:54 GMT
x-served-by: cache-iad-kiad7000126-IAD, cache-iad-kiad7000126-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 70, 45
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226239.074570,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d84dfed0778-IAD
accept-ranges: bytes
content-length: 4823
server: cloudflare

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
13 KB 101ms
33ms Stylesheet
text/css 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bathandbodyworks.com
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
age: 724133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pl7iBw0I%2FDSGQp827CY3BAiunLxTj6IWAvC3kSkqPGIxdwSSR42BC%2FiFU66SKmpubxx1vH8bWa1wwbluoq8dDwUQBpfz%2Fyj7Zfj3IRJEJcYOiZIHLepUmgRwnnQsodYYcMxN5qlz"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d45d51a9b5aab75-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:45:55 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 style.min.css
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/ 1 MB
247 KB 35ms
27ms Stylesheet
text/css 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8001db7a6455aade1ad4e56f7aec7c9470766fcac6f50f59aea1b650961611f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8kVZhrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDpJ2bSiKQY8czLwswYHdMvHr4tSucTd%2FZT2CMFAMPorHho232JyYzYYID0ndrNXyqNZlRh8AVJNwKTeSN8NMC56M7ndBeUvqZzE7V4Gnv%2B55zxTgsK0%2BQnDMzF27SHM%2BTVZPZp8HUENHw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2024 13:53:56 GMT
x-served-by: cache-iad-kcgs7200096-IAD, cache-iad-kcgs7200131-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 71, 1
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226239.074903,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d850ede5a6a-IAD
accept-ranges: bytes
content-length: 252842
server: cloudflare

GET
H2 200 global-bbw-content-style.css
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/en_US/v1729158425569/css/ 33 KB
7 KB 32ms
25ms Stylesheet
text/css 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/en_US/v1729158425569/css/global-bbw-content-style.css

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0424e19e18520daef3b68fa4d3d99a4a3da6aef379eaa3d652cbfcebfed64c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: oFGK-BrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VC5Y%2FtarJ8yuxBC5pitsgFgQ7x5SnN2%2FFf3%2FcrHCh%2BuSjqCerIIDliUJrDj%2BUotHizHKJucUfBmmHpDtuls7gOCXtuZvnuauRcLDnTYkHGuwqVxUKaz2DsnzQNF4ny0zkYSSjCRk8Yox9g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/css
last-modified: Fri, 23 Aug 2024 15:25:24 GMT
x-served-by: cache-iad-kjyo7100085-IAD, cache-iad-kjyo7100092-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 69, 39
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226239.074890,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d850c260664-IAD
accept-ranges: bytes
content-length: 6248
server: cloudflare

GET
H2 200 barcode.min.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/ 48 KB
9 KB 31ms
25ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/barcode.min.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2d0472665714417a910975af8ec76749b3b3b368a5ed606a4d27c734e3ac584

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb4z6hrdEGcBAAB_
age: 67812
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1yYIAX5zwSQxixZrXZWT0oaKVqyCexWQf6bJknRRuu9GtJZ9QN9pCfqXGOIkQeOWA2tWIhKGjvy74RxfiZBwJKAlPy2DnIFKDuA0QbBQWcJP3td3wmifNPfzsyo4j7%2FwTvzAxRo1hlETg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200142-IAD, cache-iad-kcgs7200135-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 72, 40
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226239.075188,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d85087f9c6a-IAD
accept-ranges: bytes
content-length: 8801
server: cloudflare

GET
H2 200 Logos-main.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dwdbfedde1/images/svg-icons/ 3 KB
2 KB 30ms
24ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dwdbfedde1/images/svg-icons/Logos-main.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b18104691a615a849aa62481691db343ba0f4be29c32361afca060990971788

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb7RhhvHD2cBAAB_
age: 138980
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbeCrkP1rcqIua%2Fplkqbg7SRjKsdZHratGpJEzlG%2BkTZ%2FncB1twNwyd71GytrbN4dEhFW5QIqwL0E6HVKb0S8yWKIWNOWorQfwd%2BbyQ1UTUfusWr519YuxjObrmzdnceEFjZ9p65jIPIbA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 14:00:59 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:56 GMT
x-served-by: cache-iad-kjyo7100031-IAD, cache-iad-kjyo7100020-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 60, 85
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226239.075174,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d38940999775a57-IAD
accept-ranges: bytes
content-length: 1483
server: cloudflare

GET
H2 200 UI-Menu-v2.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dwa9decaec/images/svg-icons/ 217 B
621 B 32ms
27ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dwa9decaec/images/svg-icons/UI-Menu-v2.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f3613f5566759a959c0cea6a44eabef5db99a5e21c147789c94d318775c2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8aB1xvHD2cBAAB_
age: 138980
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vaEzYlRx4jHTeIDlARF1EQoZMcruBE30ZknHVmFhc2ghW%2BESQkIJa5041xp9l4mv51VRgvAGmoFf8N1CY%2BqdOXD6BE2thPk7wWoKYALrZ58tgVggBP3rJWAhqOqWeEKjS0wC1TXLTSD9w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 14:00:59 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kiad7000034-IAD, cache-iad-kiad7000171-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 61, 81
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226239.075398,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3894099d329c42-IAD
accept-ranges: bytes
content-length: 182
server: cloudflare

GET
H2 200 UI-Search-v2.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dw7b715331/images/svg-icons/ 392 B
849 B 44ms
43ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dw7b715331/images/svg-icons/UI-Search-v2.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a0ef546db01b7277a719f916d50b58b7b0b9f0cf8de6ccd31f907ca3dcba7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8ai1xvHD2cBAAB_
age: 138980
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjWd1iI2pouP1dyFCZ7CUH%2Few%2FMkBkqGUBDrck2lZ%2FNlHNkwg4rZW7LghurR3LO0cltG1%2Fbkp0HSgZOD3jO5JxH2EeCa%2BZos1C0LwAb34vLZxg68yRZsABhZb662LHctW95%2FcAqhPM%2BWWw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 14:00:59 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kjyo7100047-IAD, cache-iad-kjyo7100111-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 59, 85
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226239.107978,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d38940a68845b3b-IAD
accept-ranges: bytes
content-length: 259
server: cloudflare

GET
H2 200 UI-Tag-v2.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dw035a2e0a/images/svg-icons/ 731 B
897 B 42ms
41ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dw035a2e0a/images/svg-icons/UI-Tag-v2.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da7e8d58b91c317cde05bf290a7c303f4877f81967ff97b155e9756762d57f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8ab1xvHD2cBAAB_
age: 138980
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kVdWHpv9Ac%2BV%2B1El8NZKLxkyqUMyGw8glpcZWLBqJBjqkZp%2FQeu8xXKtQ6ulhDsTKCnd0daKqx%2FgjYkb3%2FinHMQXjo90HRgiNalX1nPq09EWc70VHTpH2WTahpcD%2BukTTZYg00VrAEnVTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 14:00:59 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kjyo7100163-IAD, cache-iad-kjyo7100020-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 55, 83
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226239.110413,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d38940a7d219c4f-IAD
accept-ranges: bytes
content-length: 450
server: cloudflare

GET
H2 200 UI-MyAccount.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dwf01c3290/images/svg-icons/ 2 KB
1 KB 24ms
23ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dwf01c3290/images/svg-icons/UI-MyAccount.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec8b61ef9f55b209633b652509dc5a294e8e753480b0e3cdadf7f8d499daa60

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb7dhhvHD2cBAAB_
age: 138980
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RfN%2FYlvFZVi%2FCeQuZqyuxzIEZqCbHHFeBR4WQsQpW5DidvjR8sJAOMzAAskBqCWo2h6YvVjGEzi7QorWFjJ4RiaGVJU3dXzuZIPSseUloq22%2BDiyMPHvFhfIVSK9Ewy4W6C1wnJl9IyUSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 14:00:59 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200106-IAD, cache-iad-kcgs7200035-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 69, 82
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226239.152892,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d389409dc2982a8-IAD
accept-ranges: bytes
content-length: 932
server: cloudflare

GET
H2 200 UI-Search.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dw0d360fea/images/svg-icons/ 414 B
847 B 39ms
26ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dw0d360fea/images/svg-icons/UI-Search.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a64f799b2116f3da8ceabfee50a26fbcbc7950ee4be81780174e738843a03e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: oFGPiXLHD2cBAAB_
age: 138893
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Chm7C7k41nsLlVczIZqoSteWUldQfA0%2F5nRBwfUdWUElc7yt%2FA302pCBNh2VAPWYe%2BI2nVRXqdbW5zq5UwxJ0NCHuNtZqZwDpdS6k7G%2FZ7zzoJUmWiEGYT3CYbsL9xNYbvaWfJQ4ryj9JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 14:02:26 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kjyo7100034-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 119, 79
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.668550,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d38962a091d05b3-IAD
accept-ranges: bytes
content-length: 284
server: cloudflare

GET
H2 200 UI-Close-blue.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dwba7f2dc1/images/svg-icons/ 230 B
681 B 38ms
24ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dwba7f2dc1/images/svg-icons/UI-Close-blue.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca4a8ac37d52ee0b7e4c09b000bdbeff886e08a725e9d7249e651bedd76dc0cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8Ze2BzHD2cBAAB_
age: 138980
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Czx5euGJjTSy0Triu%2FurA8RXLUjSQlCPiXBX6UPowvHuQfLSsFLRI29I8LHJTrXqffm74I3YLl9EfZJ3m%2BSkKPQ0QNg2KjI3gqiH61jBgzYeC9kBdjt5g6HK2Mn2VW5ELrNPLK0qsaeXvg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 14:01:00 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200047-IAD, cache-iad-kcgs7200041-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 128, 78
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.668536,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d38940f688ec588-IAD
accept-ranges: bytes
content-length: 187
server: cloudflare

GET
H2 200 spinner.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dw3fdc8f2b/images/ 2 KB
1 KB 38ms
25ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dw3fdc8f2b/images/spinner.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad32c102130945ea2992849fc47e7d455b83441223b89e9ee721d423441bc9c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb7mhhvHD2cBAAB_
age: 138980
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPii%2ByQYIm5nXrYJQ%2FQIkhQv9NBnqSafA9Jk99mDjFN1AvVeYsaMgkrGarTRi7gwJWRF3r7TMsiVPg7rtlBcTWF%2BwtlExk7JyLqBxjCNNjoXA0s%2FKkA7Fb63MmxNwJrW4y8Z2PgWbctxLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 14:00:59 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:56 GMT
x-served-by: cache-iad-kjyo7100107-IAD, cache-iad-kjyo7100118-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 66, 82
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.668512,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d38940a1fe30838-IAD
accept-ranges: bytes
content-length: 725
server: cloudflare

GET
H2 200 refresh-rlp.css
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/en_US/v1729158425569/experiences/refresh-rlp/ 12 KB
3 KB 25ms
25ms Stylesheet
text/css 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/en_US/v1729158425569/experiences/refresh-rlp/refresh-rlp.css

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e8ba7a75b42ea780c492692d96b2d74570001e0ef8fc13c583284b2c9ea26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: 3smxXDPdEGcBAAB_
age: 67787
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V13nX7%2F1jK7x5BSPcL3Irm%2BIemrgF8JRxX4zmkgLslS6T3IyiKUjuQWu1VWnNSEo1yBD%2BmuokMNTBsDJANrWb4VYRHGEQT0psY%2BLk3UfJ5nPAaaHDmTxIcYfXN94nCuOplzl64A7OOpqMg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:31 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/css
last-modified: Mon, 16 Oct 2023 20:21:10 GMT
x-served-by: cache-iad-kcgs7200162-IAD, cache-iad-kcgs7200162-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 180, 0
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226239.153813,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5e230e7a5740-IAD
accept-ranges: bytes
content-length: 2466
server: cloudflare

GET
H2 200 xcat_rewards-update-evergreen_sp1_rlp.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw4a4a798a/experiences/refresh-rlp/images/ 239 KB
240 KB 44ms
31ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw4a4a798a/experiences/refresh-rlp/images/xcat_rewards-update-evergreen_sp1_rlp.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eba165fd2b459702b63269b57dc3f3dabeadb6f7cbf512a772f0d14b7460576

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=679187 idim=3840x1770 ifmt=jpeg ofsz=244842 odim=3840x1770 ofmt=webp
cf-cache-status: MISS
etag: "b5IrgfiePBLJtWo3YOA/Z5LnUyFIB9owUhGQew7G9zA"
age: 240495
x-dw-request-base-id: N8bldY46DmcBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cC7y5BLRZq7p0MoPVe2q9Xf34cug8Ih9Slff%2FOekhn9r7YjFGeC%2Br4eURWbWTHgPuSAZfd%2BXjR0XKN3pbfE%2BD7b%2F%2Bku6geKte5NVKfj%2FCB13eo1culWAVi4ju%2Feocum8l96QRBMiwSzVw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 14 Nov 2024 09:49:02 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kjyo7100107-IAD, cache-iad-kjyo7100130-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 83, 3
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.670638,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d2ee59d0a3f3b0b-IAD
accept-ranges: bytes
content-length: 244842
fastly-io-served-by: vpop-kiad7010246
server: cloudflare

GET
H2 200 sp2_000315542_000334725_na_na_sit_gh_01.gif
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw05d9cf7b/2024/ 61 KB
61 KB 68ms
55ms Image
image/gif 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw05d9cf7b/2024/sp2_000315542_000334725_na_na_sit_gh_01.gif

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d557524fc12233b0133d19b5bcf50185084478099a81debe593daa88a7ed0b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=63143 idim=960x175 ifmt=gif ofsz=61999 odim=960x175 ofmt=gif ofrm=6
cf-cache-status: MISS
etag: "aWC0fnMKXMSmgDG2eJ4PmyZeIhEZyktrUXLu5erZZAM"
age: 154052
x-dw-request-base-id: Nb5OTjuMD2cBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPTjIfVlsgLxeB7GQJ36CHY%2B5zWVzzHlZmg99JoZzwMF2AGzCncWTnnUrXnMy0Qaej9xL0dLNqL24OwpwYMSFXmuh%2Fc1Law7HDaJirJ4IX0mFoWT83wXECKoiKtG54HmxEfFbp8fGeWu6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 09:49:47 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/gif
x-served-by: cache-iad-kiad7000179-IAD, cache-iad-kcgs7200081-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 48, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681448,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3724163afa3914-IAD
accept-ranges: bytes
content-length: 61999
fastly-io-served-by: vpop-kiad7010211
server: cloudflare

GET
H2 200 RLP_white-heart-2.svg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw276d6f54/experiences/refresh-rlp/images/ 671 B
894 B 66ms
53ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw276d6f54/experiences/refresh-rlp/images/RLP_white-heart-2.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

732050a6a6b72b7be59e2e281501669c3979591cead01e52fc365ef2dd6a49aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
x-dw-request-base-id: K4goibzP6mYBAAB_
cf-cache-status: MISS
age: 1956800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RDrafEdHVkiuIZJJRTWThN7LcxFDOZAKAIwqh0r724ZixeJ24AK82ePIWKkhQQ8cvZ2%2FlN7H24TM%2F%2F316i0a%2FTWPBpmmjvVUgociQeIyqN10Jb%2BfpnIjB%2BYabPwYe47ceW2PI%2BhMtVYYlA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Jan 2022 14:09:18 GMT
x-served-by: cache-iad-kcgs7200032-IAD, cache-iad-kcgs7200032-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 53129, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-timer: S1729226240.681426,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189f81c5981f9-IAD
accept-ranges: bytes
content-length: 429
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Header-1.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwbe1f073c/experiences/refresh-rlp/images/Desktop/ 32 KB
33 KB 60ms
47ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwbe1f073c/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Header-1.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2412849a81c3463933d0a224f695a2f7803a3f06f8a4f1b057288f72f393d04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=166321 idim=960x175 ifmt=jpeg ofsz=33034 odim=960x175 ofmt=webp
cf-cache-status: MISS
etag: "LDeab+Y6ANbw8qSy80Rert0zk7EdlK6++/chwYsjMLk"
age: 747119
x-dw-request-base-id: J83hncq56mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NC%2FP6Cfp62FaWkd0jwvuGvA373VMUrdILDwppnYCFa6yo0NWrvHNcudGcNMu54tkG4gsBU3%2FqJLjpjnafS15oCYUGkBsy9JQ%2BBbC8nz%2F1A2aORFJDlyN%2BIoukxNGIDYZF8FLMpOhum5Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 11:30:18 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kiad7000126-IAD, cache-iad-kcgs7200080-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 18093, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2586360
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681402,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c518a8429ac81ff-IAD
accept-ranges: bytes
content-length: 33034
fastly-io-served-by: vpop-kiad7010246
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-1_Tile-1.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwebbaf692/experiences/refresh-rlp/images/Desktop/ 13 KB
14 KB 67ms
54ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwebbaf692/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-1_Tile-1.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

685b4f9763e89bb3e54a2f90c589c1b0598f952119232a0074f8f66e500c508b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=52171 idim=240x175 ifmt=jpeg ofsz=13350 odim=240x175 ofmt=webp
cf-cache-status: MISS
etag: "KHSKlrtanlL4T3Op/jmqeGBqZJ/JB0Uw1if831srvbs"
age: 1461317
x-dw-request-base-id: rxjDm7zP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fbf1X8Z9XNPNpaQ%2FktvHM30CXBD9roQaG%2F09jURA4lCj525KRi7DY7Ik13uaAz4b4ChnJNvAMhicBZVXnmlMc%2F9Yz1fWU96ZYqWEKHPDzXaDMDuF0asDNMBodEghoZpmtkTDYmNM4QrblA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kjyo7100074-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 26524, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681379,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189fb38d4175b-IAD
accept-ranges: bytes
content-length: 13350
fastly-io-served-by: img07-us-east4
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-1_Tile-5_v2_.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwcbe9045e/experiences/refresh-rlp/images/Desktop/ 110 KB
111 KB 63ms
51ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwcbe9045e/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-1_Tile-5_v2_.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b3557cbc2e419e9370da89389a4c3b943f5e0c53b051c7cd5902dde8dd75d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=189316 idim=960x700 ifmt=jpeg ofsz=112934 odim=960x700 ofmt=webp
cf-cache-status: MISS
etag: "iEOEof6lz5PunUEdGbNN6IaP+EJaUSpZ9ffJ3ZggYTI"
age: 240612
x-dw-request-base-id: oFERIxs6DmcBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUNIMOR8fBcG6kcwkqn2zg09q4EuI8oHMKx1k0YgGFJ2j2AC52NLNtmw4QJFivhh4Rt2rH%2FaMTDdDXO2HlHNaqbUyetoAsfziU%2BdCTHEymB39Mc3Pb%2BYAlnK834P6ZjOvXfh%2BHGcYBhxuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 14 Nov 2024 09:47:08 GMT
x-cache: MISS, MISS, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kiad7000051-IAD, cache-iad-kjyo7100130-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 0, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681366,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d2ee2cee9d020d5-IAD
accept-ranges: bytes
content-length: 112934
fastly-io-served-by: vpop-kiad7010211
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-1_Tile-9.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw0b6606e1/experiences/refresh-rlp/images/Desktop/ 70 KB
71 KB 68ms
56ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw0b6606e1/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-1_Tile-9.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bddac624dfa52f684140434101e4615cc3a2cf9fe14fb45bbd69309a111907fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=157424 idim=960x700 ifmt=jpeg ofsz=71818 odim=960x700 ofmt=webp
cf-cache-status: MISS
etag: "fDoQJOAn/ge2Hmvq0fdKCGYKtLK9lEvbo4+hi/I6jow"
age: 240612
x-dw-request-base-id: oFETIxw6DmcBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1i9J%2BQ7BnqOTpTmVENaFou2TGloi1MkY%2F7X9MQs2KIpIvhNJFSespscAHXFYHY1u0Ti736rFCd8u%2F3V3PQq4dR451ambkRLDcFbEr9vfvhgMsHtXP8fi5khbHGB0TlGcNSkjyA6%2FA7X2Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 14 Nov 2024 09:47:08 GMT
x-cache: MISS, MISS, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kiad7000170-IAD, cache-iad-kjyo7100066-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 0, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681353,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d2ee2cf0f33586c-IAD
accept-ranges: bytes
content-length: 71818
fastly-io-served-by: vpop-kiad7010216
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-1_Tile-13.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwa6d043be/experiences/refresh-rlp/images/Desktop/ 6 KB
7 KB 60ms
48ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwa6d043be/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-1_Tile-13.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0f52eb1626ff3d0a363dd44a42c8b0b1754c69380d47fd48e1d3c903c27f45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=33578 idim=240x175 ifmt=jpeg ofsz=6064 odim=240x175 ofmt=webp
cf-bgj: imgq:100,h2pri
cf-cache-status: HIT
etag: "Z4SwUUzKXBzTQS2LKbrf7mpZ6QzPtloYUbp7I3j3EJs"
x-dw-request-base-id: ma-Um9Fc8WYBAAB_
age: 1508895
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JBi3BOMv56AfpdV%2FLNi0%2BXRO2iSuqkOfG47aUi4%2FWomTCZor7Kfi7TxxtR35nt12NaveYWa%2B2kyNO3Av9lz67GiyN4zosDS3HNk9AUg7hICMXW0iKT93VKGAZTewAAqvqhN8s4b%2BfFBqiA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 23 Oct 2024 12:19:29 GMT
cf-polished: origSize=35559
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kjyo7100126-IAD, cache-iad-kjyo7100069-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 42865, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681329,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c7c41299da1c9a3-IAD
accept-ranges: bytes
content-length: 6064
fastly-io-served-by: img02-us-east4
server: cloudflare

GET
H2 200 RLP_icon-earn.gif
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw09ca6e68/experiences/refresh-rlp/images/ 11 KB
11 KB 65ms
53ms Image
image/gif 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw09ca6e68/experiences/refresh-rlp/images/RLP_icon-earn.gif

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9ee3aa47b7484badbf014d9661d42280bd93a6ef48a6ef16d2e9145265eead5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=12124 idim=350x350 ifmt=gif ofsz=10988 odim=350x350 ofmt=gif ofrm=9
cf-cache-status: MISS
etag: "RhcIhgju+V9++j7pEla+8BK+6+otEdhdhW3TDbz6xqY"
age: 1979679
x-dw-request-base-id: J82pxLzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlIrobuhN0obOnguqrKtRINhfyAq3fGecvteZehoVynYObbjQUp2qBbirjKXgf%2BCGidGZqpLT6exCRkZva9msqX3pksg38fegEKEImhkWVosYWnsnAspfHckJL4CrZREhPZ3VQPPCmH%2Bdg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/gif
x-served-by: cache-iad-kjyo7100041-IAD, cache-iad-kcgs7200133-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 57, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681296,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189f89aef5752-IAD
accept-ranges: bytes
content-length: 10988
fastly-io-served-by: vpop-kiad7010231
server: cloudflare

GET
H2 200 RLP_icon-reward.gif
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw65d667fc/experiences/refresh-rlp/images/ 4 KB
5 KB 74ms
63ms Image
image/gif 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw65d667fc/experiences/refresh-rlp/images/RLP_icon-reward.gif

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25bdd9e67ce44b3fbc66abc107bc42c583ca7131603eade4f767c82c1ab43be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=5594 idim=350x350 ifmt=gif ofsz=4458 odim=350x350 ofmt=gif ofrm=3
cf-cache-status: MISS
etag: "wI/jbyhitJjoLFe1VDmNfoB/n0tMh1/qS3fhl8eB6sI"
age: 1956799
x-dw-request-base-id: K4hzibzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OA9gybF90p4SynTld%2Fq78wnzKs5d%2BsUjpLkWTuCPo1iOoJfOQGBdnq1V5zUuEq8d0VMIqBW9ImZqK9ySOpqqxq%2BSXgR%2BvqfoMgRqI3XbfrKo8azxl8T%2FcoYuWuteX5SQ8RWHQZM6Ps1rIw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/gif
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kcgs7200060-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 14579, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681990,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189f89a83c9c0-IAD
accept-ranges: bytes
content-length: 4458
fastly-io-served-by: vpop-kiad7010229
server: cloudflare

GET
H2 200 RLP_icon-offers.gif
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw8185e56b/experiences/refresh-rlp/images/ 7 KB
7 KB 63ms
52ms Image
image/gif 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw8185e56b/experiences/refresh-rlp/images/RLP_icon-offers.gif

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4533d7cd597783cdb170601e2950836bbe1abf16884592806fb23eaa84aff324

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=7944 idim=350x350 ifmt=gif ofsz=6808 odim=350x350 ofmt=gif ofrm=5
cf-bgj: imgq:100,h2pri
cf-cache-status: HIT
etag: "Oxu0/LSKL6Yfttq7zjYAEd+0hZhJydPWvD6TrOAmR3Q"
x-dw-request-base-id: K4jGZNFc8WYBAAB_
age: 1445807
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLM8FWckdZ4AoGA50PcBEUTaJf2Z3vqCQy1SFskcVcQ626BWT5gzZazkidyldI7c1MnTgSYU6hmTA5rVsWqQYwR4Ghf3yXBp8U0dwUoMmfnm4itIJ%2BaRc5dZUUMEHywQwugXGjevacdThw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 23 Oct 2024 12:19:29 GMT
cf-polished: origSize=9937
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/gif
x-served-by: cache-iad-kcgs7200066-IAD, cache-iad-kcgs7200177-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 17289, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681969,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c8245267db8573a-IAD
accept-ranges: bytes
content-length: 6808
fastly-io-served-by: vpop-kiad7010217
server: cloudflare

GET
H2 200 RLP_icon-birthday.gif
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw4c3683dc/experiences/refresh-rlp/images/ 12 KB
13 KB 60ms
49ms Image
image/gif 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw4c3683dc/experiences/refresh-rlp/images/RLP_icon-birthday.gif

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1471739a6a5f72701dde94d022c3ea03fd633fc6cf5ecac678e043c92e8cfbf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=13449 idim=350x350 ifmt=gif ofsz=12313 odim=350x350 ofmt=gif ofrm=5
cf-cache-status: MISS
etag: "1xx0n8QRY3FQRzVhGL+oUexVYqybYGs85fQ3nbyFozo"
age: 1351980
x-dw-request-base-id: ma9NurzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ep9FEQtNmRrKbkujKbD65wiJtFirKRGOKnfiEPHCo3ZzHpUHK3Jll7IDOnQUQalQ73gjzHIHMgyMxQ7IwLTougSU346f1tccjfaYEvEpMIw36alqLc66SCVcVGFVNgw7RXoPScqFPoVtAg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/gif
x-served-by: cache-iad-kcgs7200096-IAD, cache-iad-kcgs7200119-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 54621, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681945,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189f8af59094f-IAD
accept-ranges: bytes
content-length: 12313
fastly-io-served-by: img07-us-east4
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-1_Tile-4.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw8ed7d29d/experiences/refresh-rlp/images/Desktop/ 12 KB
13 KB 71ms
61ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw8ed7d29d/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-1_Tile-4.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a526a3e819baa836015a5dac51f4927d8dc4f8a565ce09ab583c0cea3ef7c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=50339 idim=240x175 ifmt=jpeg ofsz=12714 odim=240x175 ofmt=webp
cf-cache-status: MISS
etag: "1Uej9/zCYFFCmwgsH4W9g4Lz5avjB1Dszwlx1iJIVEg"
age: 1351979
x-dw-request-base-id: J82VxbzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yfmzPFuk7P%2FtbIRFYhNzSLZOmv%2F%2FuV%2BuzgtTDJDPADvo3RLX6hr%2FlEMXxLjvmkvGxTcazrz8fF9tZR5nghZ7rN4ZfqT7znFZEBP%2BCCKmo62lILDPBEFNJqORXW0jxSkCEP79DOYjl4GaBw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kiad7000105-IAD, cache-iad-kcgs7200048-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 46010, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681930,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189fb3b2882ff-IAD
accept-ranges: bytes
content-length: 12714
fastly-io-served-by: vpop-kiad7010249
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-1_Tile-8.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw88494550/experiences/refresh-rlp/images/Desktop/ 14 KB
15 KB 72ms
62ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw88494550/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-1_Tile-8.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fe207c63c0fa674adccf29a50d13e737ea96e32dd8e67445484127e63e1f29a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=52500 idim=240x175 ifmt=jpeg ofsz=14324 odim=240x175 ofmt=webp
cf-cache-status: MISS
etag: "VmpnVi4fRRfwq0DHKKhuBuOn9gX6qYQP0+eJCepTwoE"
age: 1351980
x-dw-request-base-id: K4jVirzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79pEbacVhypbXhypvO%2Bo5ugEPlJnmUe3VC39S0QRiPvcW3G7nLfPBReWod3gRIZIU47nNmy8rNWqjOBVMEZk3OA7U0e%2BUTuyAmgEiU4ahpSfI8kFJts5fIcxRkPTRdL3Y%2Bpzh5S7y5ZxXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kcgs7200130-IAD, cache-iad-kjyo7100124-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 57736, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681898,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189fb3dff828a-IAD
accept-ranges: bytes
content-length: 14324
fastly-io-served-by: vpop-kiad7010210
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-1_Tile-12.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw84b674e1/experiences/refresh-rlp/images/Desktop/ 12 KB
12 KB 62ms
52ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw84b674e1/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-1_Tile-12.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577a6af637b1663fa80362c9f9b5fac48c5499d8c019705a65f62327879abbcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=48293 idim=240x175 ifmt=jpeg ofsz=11804 odim=240x175 ofmt=webp
cf-cache-status: MISS
etag: "q4KPxPcY4/T9TRccBGamMFoOYLWdhtpzB2YFbnrJ5RU"
age: 1371316
x-dw-request-base-id: J82dxbzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Figlx2T06KMoBcHmn%2FkaY4nhPAWdEeGrHwzFL9sHEtPtkvnDUeeFZ3Bn4SjbbPKRYkBDWPp86oj7LINmyX%2Fyefb10GDULrs%2BYuitWW9pPuicgCSvcSML4fu9vFFJsvZXBsMkLliOE3QFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kcgs7200082-IAD, cache-iad-kiad7000093-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 15222, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681862,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189fb48903997-IAD
accept-ranges: bytes
content-length: 11804
fastly-io-served-by: vpop-kiad7010226
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-1_Tile-16.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw03e2840c/experiences/refresh-rlp/images/Desktop/ 9 KB
10 KB 71ms
62ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw03e2840c/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-1_Tile-16.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09dda96dd56458b6578d974fd1fa8bce03fa8c2f60e227d381c05617a545da31

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=43618 idim=240x175 ifmt=jpeg ofsz=9160 odim=240x175 ofmt=webp
cf-cache-status: MISS
etag: "PhVLew4pzhjf3l+Ffe9pPqBAGWct7jU8M8ak4EwZpJM"
age: 1464533
x-dw-request-base-id: K4jCirzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4uOqJh9g7Psn7q5cjDvDyoo5rOvt8%2FSJo3hnbvN%2FZquQ2vyVnMQCvTvnkfojLcJILJK9Lw%2FzNCdse%2BGykf1xnbeAegloCxzxQLQO9tzzv8CRnh%2BESZ6P4%2BOrfYy%2FqDNnANovgiPwHXxaA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kiad7000162-IAD, cache-iad-kcgs7200074-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 11743, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681840,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189fb387d9c18-IAD
accept-ranges: bytes
content-length: 9160
fastly-io-served-by: vpop-kiad7010227
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-2_Tile-1.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwe89f897a/experiences/refresh-rlp/images/Desktop/ 11 KB
12 KB 59ms
50ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwe89f897a/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-2_Tile-1.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

142e1db1c695c307aab4a9a63c1894b8afc862500baa48e15b87e727964ae48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=47445 idim=240x175 ifmt=jpeg ofsz=11674 odim=240x175 ofmt=webp
cf-cache-status: MISS
etag: "xol/flZyff/hlN7+udBpUFPfriurCNPyk15OFfkivCc"
age: 1461832
x-dw-request-base-id: 9W_B1bzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ec3vIZGl3T3rfqFisDZRQppIDCRAtb0Z%2BqamwHdHW11cDiz8PLXq7775TgUnNs7ihW6jQbC%2FHScuyGYoz9%2BrPbSx7XwLnt3x4ybU5MaCTevv62K3IP3KJNDPcpnaXKsMfgAcbekhY9VhcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kiad7000134-IAD, cache-iad-kcgs7200125-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 44216, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.681815,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189fb3f8fc991-IAD
accept-ranges: bytes
content-length: 11674
fastly-io-served-by: vpop-kiad7010248
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-2_Tile-5.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw2d1cf077/experiences/refresh-rlp/images/Desktop/ 18 KB
19 KB 80ms
71ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw2d1cf077/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-2_Tile-5.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ce0822dc2752951296219fbf38e8a336c2aea09115397c4cf5fa292fd69af69

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=73840 idim=240x175 ifmt=jpeg ofsz=18748 odim=240x175 ofmt=webp
cf-cache-status: MISS
etag: "0bXYufoVaLqaeOX+tgjdUIWBCOLp46ZQkWOkdJMpsic"
age: 1956798
x-dw-request-base-id: jYUTlLzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h79VDirhMRuW1VwP%2FwzyFUg%2BMz9ZCCNq%2BShAxe%2Boov8CN7oKl3gjBrobBQ1wYg1aznzv10KFG5ieBIzDDb2BQrGFcPsNK9QtDA1z%2BPdLwrrmOaHWFVaFiev5LVAda07ARrYn7%2FIkUn5NpA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kjyo7100114-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 58, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.691183,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189fb3e6f8024-IAD
accept-ranges: bytes
content-length: 18748
fastly-io-served-by: vpop-kiad7010217
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-2_Tile-9.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw05a44eb3/experiences/refresh-rlp/images/Desktop/ 9 KB
10 KB 80ms
71ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw05a44eb3/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-2_Tile-9.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ca4bec846573e3c520e88f7d43c7794ff30a96ecc28d29f619d84232ea1147d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=43036 idim=240x175 ifmt=jpeg ofsz=9230 odim=240x175 ofmt=webp
cf-bgj: imgq:100,h2pri
cf-cache-status: HIT
etag: "AckIDVtbVPFhktiAy+p9pLQ4eUU5IYrlC4/Zc0sQhg8"
x-dw-request-base-id: bwBk2691-WYBAAB_
age: 747177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GLlQslAUV9SmvRL0Ne3KMrb6I%2BDCaScm3dNV6ne12Wl%2BFeTzXgqQxisuxbH3Z2qa%2BY7jpctB14t%2BAVnyY4q2y7ooPNaTEAjg%2F6lLZLWFUS0uAq%2BtadlZS8M4wiTbDFBiaxe%2FZ88Fhrv5SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 29 Oct 2024 15:43:43 GMT
cf-polished: origSize=45984
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kcgs7200162-IAD, cache-iad-kcgs7200044-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 7683, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.691130,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8cc4e5ce5e13242d-IAD
accept-ranges: bytes
content-length: 9230
fastly-io-served-by: vpop-kiad7010210
server: cloudflare

GET
H2 200 RLP_icon-shop.png
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwa21e315a/experiences/refresh-rlp/images/ 944 B
2 KB 84ms
75ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwa21e315a/experiences/refresh-rlp/images/RLP_icon-shop.png

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86e295245a570ed55e2436e015d89a091a0355ad81b7ada48db72ce53f08caf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=2486 idim=88x88 ifmt=png ofsz=944 odim=88x88 ofmt=webp
cf-cache-status: MISS
etag: "wxnE3LH9G9aoue4j5oph9mL2MA+Anx0FQoABJhud1QI"
age: 1379711
x-dw-request-base-id: J824xLzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2BXLI0AJ8c%2B0w6EosfTNxIdSw7dxd2FcKk%2FsLDISFvqa8H0hLdVNmu9tCK9ZBtmVjSUaZuZP9dCJu0AjIuyESmg0XLru7galEVunqUwAM%2BOpi0rZ1v4IRWok%2B1%2FA7RjFaWGRDAiSHWWV2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kcgs7200157-IAD, cache-iad-kiad7000033-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 21542, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.691112,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189f8bdea07b7-IAD
accept-ranges: bytes
content-length: 944
fastly-io-served-by: vpop-kiad7010216
server: cloudflare

GET
H2 200 RLP_icon-wallet.png
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwb9722762/experiences/refresh-rlp/images/ 900 B
1 KB 84ms
76ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwb9722762/experiences/refresh-rlp/images/RLP_icon-wallet.png

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88c705305a17067922621b88cb097d2f50434f472877741a20639eb4d342fc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=2596 idim=88x88 ifmt=png ofsz=900 odim=88x88 ofmt=webp
cf-cache-status: MISS
etag: "cpSL2k/6GbHsFkdbjpkuqgXK1MRzlMziCKaxA1MH5gI"
age: 1351980
x-dw-request-base-id: ma9OurzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXxA7wpTiV0chpf7wqcy7mw1N1zTwohm2n9bk%2FEoL63cuZNeuA4b68GFHmNz4btEx83OO8Ttbjhu3SCTT6y%2Fa3eV7LeOt3VNaxoEllGV6x3MckhwK2I3p7m%2Fs8VlnpLnqe1Gg0P%2BQElE1g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kcgs7200129-IAD, cache-iad-kjyo7100163-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 54565, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.691093,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189f89de468ed-IAD
accept-ranges: bytes
content-length: 900
fastly-io-served-by: vpop-kiad7010231
server: cloudflare

GET
H2 200 RLP_icon-appsclusive.png
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw78f06d42/experiences/refresh-rlp/images/ 8 KB
9 KB 87ms
79ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw78f06d42/experiences/refresh-rlp/images/RLP_icon-appsclusive.png

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03674129f5c1bd6de2bd1fd299d063e2fff4cce966cfacadb5c42e708a0a2203

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=11706 idim=88x88 ifmt=png ofsz=8664 odim=88x88 ofmt=webp
cf-cache-status: MISS
etag: "81qB42JBEfcwkv9ffSBKEmzH0M+2e6Oh2KIytgHs58s"
age: 1378660
x-dw-request-base-id: rxglm7zP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DLSKzYTM09mzpP%2BCqTKyxsedF3whOVsZwHLX6E3ATIND5cdoBr9QyXOroqBe4b%2BiBDfabfiPkgUfiXhI4uS9LOdEx6iUWY6ZrqFD4sP%2Fa7ukFGcmd2UnsDKSlhD9WJ4pzatI66B1a%2FN56Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kjyo7100036-IAD, cache-iad-kcgs7200138-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 14239, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.691052,VS0,VE2
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189f89d82387d-IAD
accept-ranges: bytes
content-length: 8664
fastly-io-served-by: vpop-kiad7010251
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-2_Tile-4.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw57649a0f/experiences/refresh-rlp/images/Desktop/ 16 KB
17 KB 86ms
78ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw57649a0f/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-2_Tile-4.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc61b42136e7d39283c7d01abc5c2cfabc32b95e04b5e900a69b4c2dd5b2470a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=63213 idim=240x175 ifmt=jpeg ofsz=16480 odim=240x175 ofmt=webp
cf-cache-status: MISS
etag: "gofHerZgdNPXwcerwxDg+dkZpoYE9dLZ8j9THSRvwkw"
age: 1351980
x-dw-request-base-id: J82OxbzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2BmExGdHB6LY4savKxCzAFFK54lI%2F%2FpGwPm1cULoquNVp3rlfa3q6xp05GlQFU%2FHBFR8WW0RocTHZvOlfkAfTm%2BKII5H1QTy4akX%2FTHWTZjaNMCRHLsm1dMag9WDY5jDnft0Zr%2FbRiIUA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kjyo7100153-IAD, cache-iad-kcgs7200052-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 41244, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.691020,VS0,VE2
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189fb2d4c7f82-IAD
accept-ranges: bytes
content-length: 16480
fastly-io-served-by: vpop-kiad7010211
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-2_Tile-8.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw0eada302/experiences/refresh-rlp/images/Desktop/ 11 KB
11 KB 78ms
70ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw0eada302/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-2_Tile-8.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e67db4805fc45b386bdedbbe733526afeb5adb550a177f66d13bdd9c3154bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=51648 idim=240x175 ifmt=jpeg ofsz=10824 odim=240x175 ofmt=webp
cf-cache-status: MISS
etag: "u3XHm7l8CylV8frXnRY+PrTAUOOtWraMp8zrJSLwYhQ"
age: 1429687
x-dw-request-base-id: K4jGirzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5mF9%2Btp8a8ogFRK3o0OoBj3hQcJy9qD4jK2LtnstANBFmlt87o4c2aSet1yYlTRha8QZxwxrLbOIh%2Fy4zbkVIxtJ0vtmSIdaOaXYPvBtiJ8iWeTLVFjy5VMvgVRPWHyM2Imz8q1%2BkRJKg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kcgs7200160-IAD, cache-iad-kjyo7100106-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 25862, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.690984,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189fb2b77380b-IAD
accept-ranges: bytes
content-length: 10824
fastly-io-served-by: img07-us-east4
server: cloudflare

GET
H2 200 RLP-Desktop_Benefits_Grid-2_Tile-12.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwf6f15ccd/experiences/refresh-rlp/images/Desktop/ 18 KB
19 KB 98ms
91ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwf6f15ccd/experiences/refresh-rlp/images/Desktop/RLP-Desktop_Benefits_Grid-2_Tile-12.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f36e2622b2967951f6833f84358b177ce7f8b4d0201a58b7be9e54c33d56a07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=75700 idim=240x175 ifmt=jpeg ofsz=18282 odim=240x175 ofmt=webp
cf-cache-status: MISS
etag: "SwCFBvPNM0l0bgQQJg8mcF2PGmY3ULiCn6aLTUPqfbw"
age: 1351980
x-dw-request-base-id: 9W_F1bzP6mYBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHZiujq4C1UH%2FUj6f0NXdP1bbtvNqC48OXRi%2Fa8oTVQmo3cnkqud3UT9vRZAor7BjQm0kcQGx6XEKBP%2B9JcTahJaIHmaAdTxKCcVAhJm%2BTx%2FFwizGMdY9OqLZOGr5vA29UOVoPUP6adIJA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kiad7000028-IAD, cache-iad-kjyo7100051-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 53344, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.690937,VS0,VE6
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189fb3e2681f7-IAD
accept-ranges: bytes
content-length: 18282
fastly-io-served-by: vpop-kiad7010215
server: cloudflare

GET
H2 200 RLP-Desktop_iPhone.png
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwb5e43ac1/experiences/refresh-rlp/images/Desktop/ 30 KB
31 KB 91ms
84ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwb5e43ac1/experiences/refresh-rlp/images/Desktop/RLP-Desktop_iPhone.png

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c084a4f2bccc4893c42cd75570e00a972e659951376b3d07c49ac22bb5c7ab15

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=44280 idim=164x315 ifmt=png ofsz=30892 odim=164x315 ofmt=webp
cf-cache-status: MISS
etag: "tPXmeSTUaIutCiAYBki1pLLDmm9i00xhUiPJ9wlCS88"
age: 240470
x-dw-request-base-id: N8bifao6DmcBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=34PLEikrLeoUvwCF5KgmTpXKEJHqRlR5DjdlAd1vkRW0mQmd5irFhAIE9OzU9OIe1AOXS9Ajbh%2ByskplPRlRvWfuiD1zdnvhTbNMvE84DQa90ehHmWqop%2BqD1Q6Sao%2FFQ%2FuvymYu8flveQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 14 Nov 2024 09:49:30 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kjyo7100049-IAD, cache-iad-kjyo7100103-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 163, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692342,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d2ee646ca352015-IAD
accept-ranges: bytes
content-length: 30892
fastly-io-served-by: vpop-kiad7010212
server: cloudflare

GET
H2 200 RLP_white-arrow.svg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwaad29c12/experiences/refresh-rlp/images/ 905 B
1 KB 94ms
88ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dwaad29c12/experiences/refresh-rlp/images/RLP_white-arrow.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad9fa4dd0927f94f0e0d88a262951a31e2abc00928f3a7faef3661a22f78e7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
x-dw-request-base-id: rxjAm7zP6mYBAAB_
cf-cache-status: MISS
age: 1956798
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UvV0y2iqMrqpVyEWqNvyMPATpng5jM8GcSAwCgA4p5BOEKosqtnxnlWVwbQRPfyYOh2oC57D3LzMgY9sEoFZdRsPl5hEe7FE4UOqyY7YMCIejHHK2WhLG5I596cMdX6LE9M21ixyWsJOGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 13:03:56 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Jan 2022 14:09:18 GMT
x-served-by: cache-iad-kjyo7100100-IAD, cache-iad-kjyo7100055-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 57, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-timer: S1729226240.692309,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5189fb4f7b390e-IAD
accept-ranges: bytes
content-length: 598
server: cloudflare

GET
H2 200 RLP-Desktop_QR-code.jpeg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw9d1000e6/experiences/refresh-rlp/images/Desktop/ 8 KB
8 KB 94ms
87ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw9d1000e6/experiences/refresh-rlp/images/Desktop/RLP-Desktop_QR-code.jpeg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0be2d1f0886a7f72a9f955ede7126aff1d577664c55ecc240ac272b326b3206

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=37823 idim=512x512 ifmt=jpeg ofsz=7880 odim=512x512 ofmt=webp
cf-cache-status: MISS
etag: "MYnGe4ZILlgPwZskpwS/CaRgeafGi5yvp/nrz3Pa5F4"
age: 240469
x-dw-request-base-id: oFG8X6o6DmcBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2FOqb40YrMLzZrwMxHynXJqSrJTmLpckjOl7EeTPVvFVjda2aeJUZWZgW48lLoHbRlgLY1S2YWlr62nFLxi5HlU%2BwLrZfPLj3z%2BdoC5TknXSy2ol%2BgTysXxPIZKMVWcje8hdTU13my%2FgPA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 14 Nov 2024 09:49:30 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kiad7000119-IAD, cache-iad-kcgs7200094-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 273, 0
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692288,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d2ee648fa4d7fc3-IAD
accept-ranges: bytes
content-length: 7880
fastly-io-served-by: vpop-kiad7010212
server: cloudflare

GET
H2 200 boc-loy_lightbox.jpg
www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw1f2ab318/images/loyalty/ 28 KB
29 KB 93ms
87ms Image
image/webp 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/-/Sites-BathAndBodyWorks-Library/default/dw1f2ab318/images/loyalty/boc-loy_lightbox.jpg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ab82ada2f038f4b45cce3713271d46f3233e27ecfa91d135dd2c6d6a7957893

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

fastly-io-info: ifsz=67718 idim=570x314 ifmt=jpeg ofsz=28664 odim=570x314 ofmt=webp
cf-bgj: imgq:100,h2pri
cf-cache-status: HIT
etag: "dPUh3G8uqY4w+omcvg4TM7TLY9sca+VxtQeHLywL2dc"
x-dw-request-base-id: rxgu25sI7GYBAAB_
age: 1817366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQxxPguJ4ZnnAwJCsvDYoKHjrLwWlOCcUegnKRaGuOlZsV9BffhGZfyGGc1%2FFzR4imQUKJc4vMI598xU6X%2FifCdbCPDUC3hL6U6XsCyYjk%2FrSHvOyH%2BFsHCGurNNuEuI2RPNwlrX%2B8WVRg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 19 Oct 2024 11:18:51 GMT
cf-polished: origSize=73780
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/webp
x-served-by: cache-iad-kcgs7200055-IAD, cache-iad-kcgs7200055-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 6347, 1
vary: Accept
fastly-stats: io=1
strict-transport-security: max-age=300
cache-control: public, max-age=2578477
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692302,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8c5ed60a08e9878b-IAD
accept-ranges: bytes
content-length: 28664
fastly-io-served-by: vpop-kiad7010231
server: cloudflare

GET
H3

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

https://www.google.com/jsapi?key=AIzaSyBl_gA4R2RUJFJ4Z4DmEtBQoHNmmtirUgY
https://www.gstatic.com/charts/loader.js?key=AIzaSyBl_gA4R2RUJFJ4Z4DmEtBQoHNmmtirUgY

61 KB
18 KB

106ms
53ms

Script
text/javascript

172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js?key=AIzaSyBl_gA4R2RUJFJ4Z4DmEtBQoHNmmtirUgY

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

sffe /

Resource Hash

369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-encoding: gzip
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 05:37:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
last-modified: Tue, 04 Apr 2023 17:52:30 GMT
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="gviz"
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
accept-ranges: bytes
content-length: 18534
x-xss-protection: 0
server: sffe

Redirect headers

cache-control: public, max-age=1800
location: https://www.gstatic.com/charts/loader.js?key=AIzaSyBl_gA4R2RUJFJ4Z4DmEtBQoHNmmtirUgY
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 05:07:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
date: Fri, 18 Oct 2024 04:37:19 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: sffe

GET
H2 200 js Show response
maps.google.com/maps/api/ 220 KB
75 KB 165ms
73ms Script
text/javascript 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?libraries=geometry&key=AIzaSyBl_gA4R2RUJFJ4Z4DmEtBQoHNmmtirUgY

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

b1d8c0e46c1064d4c6e8da01ff267ef14f8323175e2707dd2cc537b69e2f73ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: f72516e1
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76758
date: Fri, 18 Oct 2024 04:37:19 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 jquery-2.1.1.min.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/ 82 KB
29 KB 24ms
24ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/jquery-2.1.1.min.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8bjzBrdEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLZ3Ly%2F%2BK29uojbDP7mIgu8p3TAVLGdvEYY4YhfCA1PigwJxyllTNnoOSRI7z1CycW80lerwIm2%2BHPnjEYmRZ%2FwqYJ9jpuj%2FyNV0kA%2Bp5lw9NkGGnTowZepNdNQWtA79Q9NwFi9XO%2BrQsg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:56 GMT
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kcgs7200129-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 70, 42
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226239.499926,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d851f4007e1-IAD
accept-ranges: bytes
content-length: 29545
server: cloudflare

GET
H2 200 jquery-ui.min.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/ui/ 234 KB
63 KB 28ms
27ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/ui/jquery-ui.min.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb446hrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5CjWvBs0rps3PpmgFn%2B%2FLIZ0H4BNxSeCB5mEsPNBZnDITk6dpwKl53EZHwyJVjDZ1sOAwC9bQTf0U9drAWD%2FItoJmyPdrQ%2Fi%2BY8cJoIAEpgvzRq0TV3TTcd2CFgAAdoOMk6I7gQs71Pjg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:54 GMT
x-served-by: cache-iad-kiad7000118-IAD, cache-iad-kiad7000047-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 73, 41
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.533169,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d851a2120b4-IAD
accept-ranges: bytes
content-length: 64466
server: cloudflare

GET
H2 200 jquery.jcarousel.min.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/ 17 KB
5 KB 24ms
23ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/jquery.jcarousel.min.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8kYZhrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0TWNFtvtOmpQRWq98mOAK3qik7yv12GjeMOYTVpCMbITQStblGIpDzVDoN2g4oWM0dPrtR%2ByUcheofZjZaXcXXcAQbkyqSA%2FSMj7fnpG5toPfO1gtK6eHwNRYB4Afjl8m5ry8MHVZhedJw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:56 GMT
x-served-by: cache-iad-kjyo7100125-IAD, cache-iad-kjyo7100125-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 75, 40
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.570098,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d851a429c48-IAD
accept-ranges: bytes
content-length: 5092
server: cloudflare

GET
H2 200 jquery.validate.min.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/ 21 KB
7 KB 24ms
24ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/jquery.validate.min.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb426hrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BDbkQ7aUvttWYuNOf1Okg57Xp3UUWQq9TFZrFwk%2B0PGAyQC3%2FYDjpufI2h99OQLc1knAGoqjAqt2UK4%2F1WarS0sigYoFAK2jXp09i%2F9YaoZN5BnwUo%2FfxeSpuPKVx6R1GHCkFYC410zesg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:56 GMT
x-served-by: cache-iad-kiad7000099-IAD, cache-iad-kiad7000099-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 72, 41
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.596623,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d850a3dc9a7-IAD
accept-ranges: bytes
content-length: 6796
server: cloudflare

GET
H2 200 owl.carousel.min.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/ 44 KB
12 KB 24ms
23ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/owl.carousel.min.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

633f77a0b7ab44fe76da77ccf64e255cbae5a81f6ef63df9ad0f0d73a3eae64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8kXZhrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hfnn0QU8RPXvmEBOwE%2Fl9W13fARJwSWiE5iyrEOOSakrLu29tO7F5cJ4kZNfzBu%2Fw303QxMMyqlrceV5aRwAz9EhCjVq3qNofCeQhaHLUgrAmgdJn85Z978%2BKlsd1g%2BUM5oZwTGWZvOgXg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200051-IAD, cache-iad-kcgs7200051-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 73, 44
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.601676,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d8539ec28c6-IAD
accept-ranges: bytes
content-length: 11422
server: cloudflare

GET
H2 200 svg.min.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/ 3 KB
2 KB 24ms
24ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/svg.min.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae066cabac38e54944c9eb1ddd305181ee43bf2f3bd19033e9db22893d720f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb466hrdEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXuBYAoLFyqpsl95UAWsR9j8lngJg94K4cyhNpeUzPPdE5O73GmrdxONIatQvvFw%2FA%2Fx2rlbqKDz2h9edVD3z3b4KqLvr37svaeh5pF%2BHbyEclgv6beBWxGmxdfY1vKbKJ0fc6yyKzVzcA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kjyo7100053-IAD, cache-iad-kjyo7100117-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 77, 42
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.623917,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d852ae0c946-IAD
accept-ranges: bytes
content-length: 1470
server: cloudflare

GET
H2 200 jquery.zoom.min.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/ 2 KB
2 KB 23ms
23ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/jquery.zoom.min.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

666ed777606d78970477efd07030521ab3d003853f3e94a0985e7da4a2c923b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb456hrdEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1b3kRY9tBo1QqoeFfIULtVmkbfNZVT6z6l8KWTS%2FkONbu88xL8Hr1r3RmWPbBZjMZT6MXQ1cL%2FoSwQi7Y9rv9Lu%2FsPlIgcbH01uzlhs8TuCmZ6k0Cjud8RHFo78P9GtFyjWwpLlIJzyAFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:56 GMT
x-served-by: cache-iad-kiad7000083-IAD, cache-iad-kiad7000149-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 78, 37
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.629580,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d852ad90590-IAD
accept-ranges: bytes
content-length: 1112
server: cloudflare

GET
H2 200 picturefill.min.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/ 11 KB
5 KB 82ms
77ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/picturefill.min.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

223945b53510064dd2f32eeabd1c7cb173aade83db577ffe6dece694bb289dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: oFGL-BrdEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Ae8I8DkjkP2xb3Ed9YIbdEFE60Z2GhcpSBJ5NvxYWBMJK3ik2bM086lvlxleTJKvAyxuB0N3Y%2BdUVI%2B2KjYt8NqcCiB30wS%2FK7fvRMWAutcdx5n%2F%2FNmsBmMR5GwE7HiZDQYb2NPtY2qHA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kiad7000073-IAD, cache-iad-kiad7000111-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 82, 38
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692219,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d852d17c987-IAD
accept-ranges: bytes
content-length: 5064
server: cloudflare

GET
H2 200 jquery.creditCardValidator.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/ 8 KB
3 KB 32ms
31ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery.creditCardValidator.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5f8fcc96153880f57cb501646dca91ab644f972b43a851e3b087ce4339e5079

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb476hrdEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4eA2vTwaQQI5jvelFDUg0Ul0fjL2oSjO6rEcw2kcugYz%2BTAVPv8Q3IEgCmDyJrO%2BF1%2BOh13pHgZ%2B8DNYPvhOqJsYgbLcsokvug6wmIT1oHsbQzV7yID8FtboLrNy0hCEUzlxi7D4Qul9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200044-IAD, cache-iad-kcgs7200170-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 77, 39
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.658627,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d85595382e0-IAD
accept-ranges: bytes
content-length: 2649
server: cloudflare

GET
H2 200 jquery.deserialize.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/ 2 KB
1 KB 38ms
23ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery.deserialize.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a1fe37f48d30170cd955836ee8671e13b7413f10e0b21847949a4f6ace0c042

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8bmzBrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FGQkN%2B%2Bl9Cw7iQA8l%2BQYLgno5rvEG83Kdg7QSOTLZC6h1pvMGpPKlpveOvYbCmiFD4OMD67qO%2F16eSuskyXlFYTjkkqvGxyiW8f4OD8HSyJx%2ByMlUp0iPhzpAqEom6o204qnXYm37XvEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200147-IAD, cache-iad-kcgs7200147-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 77, 40
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.667879,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d854ede390a-IAD
accept-ranges: bytes
content-length: 745
server: cloudflare

GET
H2 200 mask.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/ 23 KB
6 KB 38ms
22ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/mask.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92df12fd61057f0910f2ca341a524bd1a66a90b51523d393fb3f5974dc5ca990

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8kZZhrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6CACeDNM6%2FEEeXYSrPjsdUfXHai2srqqMDUg6OVjl3TGa9%2Fx2qox5vmN%2BPh0Wmrd7YbBK02f1bd8CZoK4hRkJj0l6sIqDDoHV9Mtxd7yDrAaIKWEbLHYBd7pXY0IVP5TuzqTgQVzGWk7sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200054-IAD, cache-iad-kcgs7200161-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 76, 41
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.667857,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d855d72c9bf-IAD
accept-ranges: bytes
content-length: 5890
server: cloudflare

GET
H2 200 progressbar.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/ 22 KB
7 KB 39ms
24ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/progressbar.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb178d0a551b045b17f8876b0cedaa4cedfd253c4de00150469b776666226d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8blzBrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bd91vwxWoBqlnIB42Yz9dcVCx2uIkHTWOs1xIv1egE0u%2FxhWMlOzrpRkpHMbzGGabatl0Yky9LfbAEQ%2F45yJW579%2FlVba1EnPo0LRap6n%2FzRkAgqkuYJT%2B7ckEx0Kfo2mKpwBbypM5GOPw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kjyo7100135-IAD, cache-iad-kjyo7100133-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 77, 38
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.668204,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d854aa0595c-IAD
accept-ranges: bytes
content-length: 6969
server: cloudflare

GET
H/1.1 200
OK main.js Show response
static.ordergroove.com/986dccf46be411ebaadb26088a73eb74/ 178 KB
56 KB 271ms
46ms Script
application/javascript 23.47.22.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/986dccf46be411ebaadb26088a73eb74/main.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.47.22.7 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-22-7.deploy.static.akamaitechnologies.com

Software

nginx / Express

Resource Hash

7e99cc5a31b155e485956043be15754c4e22680934ba07e5b83d6d3752961e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding
Cache-Control: must-revalidate, max-age=900
Content-Encoding: gzip
ETag: W/"c3aa183d40ec7a86972855af469b93bfb1a35149"
Connection: keep-alive
Expires: Fri, 18 Oct 2024 04:52:19 GMT
Access-Control-Allow-Origin: *
Content-Length: 56606
Date: Fri, 18 Oct 2024 04:37:19 GMT
Content-Type: application/javascript;charset=UTF-8
X-Powered-By: Express
Server: nginx
X-Frame-Options: SAMEORIGIN

GET
H2 200 app.min.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/js/ 622 KB
158 KB 38ms
24ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/js/app.min.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02f7b85d86339fec3fb7d0777596037f60706d9eb3195ac9e3521484d51135e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: 3slWVhrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6rHPQ%2FBAmrDSi63KlMrWe8d4rIeNdhoXiBbc5ga8PaJNPD%2F31ciAHFRvyWRYuCO6RXACnLtP2fSCr7ZIVy%2FNxo1lJZqOEcnwfbqqS12kk6iKmYVM%2Fb79EadGU%2FgOZu2OO7y2HrwBLRfig%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200089-IAD, cache-iad-kcgs7200174-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 80, 1
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.668177,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d856fbbc97d-IAD
accept-ranges: bytes
content-length: 161287
server: cloudflare

GET
H2 200 amaze-bbw-20231216.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/ 117 KB
40 KB 80ms
74ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/amaze-bbw-20231216.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6efbd8ec0b243519334f0aeb6f8608590f2ae211fc7f1ffb7c3876a4b10589f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8kbZhrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ER5Gyo0NGGAsSRuKF61GQfjXA8P5btDW5A6gt2K1OdY%2BapITszVq8WT326CcCPSw1282AfZxNCu2LwKlnr%2Bgyqt7%2FCQFQGURACxSIzb9RyztWB0zfD7Wlhraw6oRVilKz13I0KpG7meLfA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kjyo7100020-IAD, cache-iad-kiad7000146-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 85, 39
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692205,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d8568151fe5-IAD
accept-ranges: bytes
content-length: 40366
server: cloudflare

GET
H2 200 mobile-detect.min.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/js/ 37 KB
16 KB 36ms
22ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/js/mobile-detect.min.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdfa9a147ae8d8357855515bab5291b8c9342eeed9d638b47103c19d9d9aaf36

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb4V6hndEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c0Q6eQDHQdK7GBGcJl3zOXGJag0LFf%2FUAqYszYCo0H0sycUp5lTDfdw%2Fx%2FdarOXsQXLVqIqWMJ1K0%2F%2FThH7g3YUmPRBrFpuF8zeUhUEIHuRM8PPTM7L00CobKPzHS4U%2FzTTIJ6GRViM52Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Tue, 15 Oct 2024 13:53:56 GMT
x-served-by: cache-iad-kiad7000075-IAD, cache-iad-kiad7000075-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 83, 36
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.668153,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d828840c988-IAD
accept-ranges: bytes
content-length: 15677
server: cloudflare

GET
H2 200 dwanalytics-22.2.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/ 6 KB
3 KB 78ms
73ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/dwanalytics-22.2.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9b2a97b95ecaab1920aba84b26169c23a38e0513c2d4423ab9c0102b96cb195

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb4N6hndEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QbiN1m0Ly%2FFEXQ9VjvvmmIuIvr9%2BYljJVP30I%2Fkji4BlYSdiH36ugu0BBdCEQmSlHQeC92VfZJl2wVTL1vDX59q1Q4KuElalzH6QF%2FmuPOjEL9rEJEF6ZIxzvksb3mVgDVKtb660z4qSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:05 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 09:47:05 GMT
x-served-by: cache-iad-kiad7000078-IAD, cache-iad-kiad7000056-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 82, 40
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692170,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d81ed736fcb-IAD
accept-ranges: bytes
content-length: 2688
server: cloudflare

GET
H2 200 dwac-21.7.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/ 5 KB
2 KB 79ms
74ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/dwac-21.7.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7d87091d363393cdfb559f44f41e447f70b67917b9dedb3e97c2a8d476e1ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: 3skYVhndEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhyQt%2FwFcqcy0SYlOsbvN4qwvBN1aXzpT16MHkPiDF%2FovzA1BGcvHtytVbcySnNzaipKgsy5EUQT0o899QgHqmtlsBi%2B6Nmo0f03hD%2FlULj8wCSNTX6VjbJtSgOgA6arjzEAoNAt%2Buucyg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:05 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 09:47:05 GMT
x-served-by: cache-iad-kcgs7200128-IAD, cache-iad-kcgs7200128-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 83, 44
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692146,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d81fb4a81d9-IAD
accept-ranges: bytes
content-length: 1919
server: cloudflare

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ 73 KB
21 KB 197ms
42ms Script
text/javascript 108.139.29.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-174.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a994dc1f72298f4dcaaf0a3e99c181a9d1598c7fd98e911ea6929ba437796b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"51f65c87b112c29db2606d6ef5cb487b"
age: 1121
via: 1.1 8e923e72a50f75048382f193bf6c8c4e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: zXtmG1ybVm-Y031ourpwRLU5u835X3C2pQ6XGMl_p4vGp2bG4jo-xA==
date: Fri, 18 Oct 2024 04:18:39 GMT
content-type: text/javascript
last-modified: Thu, 29 Aug 2024 19:21:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256

GET
H2 200 applepay.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/ 14 KB
4 KB 79ms
74ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/applepay.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/loyalty-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e7938fd5c17bb1b600de328beb4372fd16d07ef78ec200436f4b683d465ffa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb4M6hndEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FADivhlp%2BI42ODTuQiQYUGEH7UwRiIK8BMkMKuYDpY%2B33BxJoGziXLk40QIRQjETmUUnT1CW%2F1Rq6SDyyrkNLXkvd3qEztDBCsHNufwzqvqROOQliwiovchqtlm1gsarwLeXHghmeyOLEA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:05 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 09:47:05 GMT
x-served-by: cache-iad-kjyo7100043-IAD, cache-iad-kjyo7100143-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 83, 39
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692129,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d81f9c9c9a5-IAD
accept-ranges: bytes
content-length: 3921
server: cloudflare

GET
H2 200 configure.rapid.js Show response
rapid-1.yottaa.net/api/v1/ 515 B
501 B 223ms
45ms XHR
text/javascript 99.83.183.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rapid-1.yottaa.net/api/v1/configure.rapid.js?key=wI9DjgjWFD_TGA&ul=en-CA&dl=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&dt=&sd=24&sr=1600,1200&vp=1600,1200&ct=4g&rtt=100
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.183.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a03bd531e8ce9952c.awsglobalaccelerator.com
Software: /
Resource Hash: 721ace35999fe5d443fbe4311b11f903139cd8fdf1632d1efc2fde48e06df712

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
x-yottaa-optstate: none
access-control-allow-origin: *
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding

GET
H2 200 init.js Show response
www.bathandbodyworks.com/lsXlyYa5/ 302 KB
150 KB 84ms
79ms Script
application/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/lsXlyYa5/init.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

366be11d36cd718b75dd4ab5d458ab54ffd5e06a9068f52589dd66f471a67755

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

access-control-expose-headers: active-cdn,x-served-by,Akamai-Request-BC
content-encoding: gzip
etag: "4b81b-SP/E0eA9UfrGY5wA0SzENJ5Y7GE"
age: 160641
x-cache: HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-yyz4534-YYZ
x-cache-hits: 208
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: max-age=600
x-px-hash: NWMzMDY0YmIxNmVkYzI2YjQ1ZDc0ZjhjOWRlZGNiMGI5MjI2MzIzNTc5YTE2MGI2MjhiZWRkOWRlYTE1NmE5YQ==
active-cdn: Akamai
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 153185

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 169ms
65ms Stylesheet
text/css 173.194.68.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,800

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.68.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f95.1e100.net

Software

ESF /

Resource Hash

d9d8449276da292331260174451895f697e29fee3fb46887b03466260924fa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 04:37:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 18 Oct 2024 03:59:12 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 bopis-icon-16x16.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/ 2 KB
1 KB 71ms
70ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/bopis-icon-16x16.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f45869e02f1743f1e7cc1f0007f197843e12600cc356a64b8811d56b1e4fdccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: 3skAVxzdEGcBAAB_
age: 67811
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhZMeZ8K7osa4wfoMRrI8mOoGJrLNNWVGuLBWiC%2F%2FV7VzdW4ZYZtaX%2Ftb9RshbSMIaAUNiG4%2BVhdZjbYfuSseCBlkRp%2FDXdP5j%2Fi5q2d%2BG%2F5MjP4Ystiv7R70FnofFW1x%2FbpcmMsdpUOPA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:08 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kiad7000118-IAD, cache-iad-kiad7000020-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 35, 19
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692075,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d8fefb96fcd-IAD
accept-ranges: bytes
content-length: 918
server: cloudflare

GET
H2 200 UI-AddToBag.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/ 816 B
1 KB 78ms
78ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/UI-AddToBag.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61293c47c7f385f8a8afac510933f8c25e99db950e8bcf4dc822baf461fd4b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: 3skCVxzdEGcBAAB_
age: 67811
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RA9GDtKd6BFNXtYZsdlms2KdKKJ9n5aMa0%2FbonfuP4Oh5O2D%2BATDyfYoHEBwH80ginkHmeh8ZlbbB7xbRhzzC3gwRJQNYJH95vhPXNLD2mM3ISs3QDCpnipbwBWduc0UyrLk9%2BRIYYk5wA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:08 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kiad7000074-IAD, cache-iad-kiad7000159-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 25, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692067,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d8fea596fa1-IAD
accept-ranges: bytes
content-length: 479
server: cloudflare

GET
H2 200 megamenu-carat.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/ 1 KB
1 KB 77ms
77ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/megamenu-carat.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1849c53461c18ad393d74cf01d3b9b3ec98cbab29880c853ab1d04d7dfd75f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: oFFf-RzdEGcBAAB_
age: 67812
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iQ5hSVvdp0haDEjzYACjjZm9Ru6YiZ%2BqEs9polsD5DIY0mk%2Fb6icuSJUDM%2FXFStkosnz1gsA%2BszmlcVinlKsVfbympGzt06uPQbrwbzdelv1Mbuj8oMn2zpTNnNmQ1EU61oOQgiRQMCGLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:08 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kiad7000068-IAD, cache-iad-kiad7000068-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 23, 1
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692041,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d8fec14874a-IAD
accept-ranges: bytes
content-length: 560
server: cloudflare

GET
H2 200 SourceSansPro-Bold.ttf
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/fonts/sourceSans/ 242 KB
107 KB 62ms
59ms Font
font/ttf 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/fonts/sourceSans/SourceSansPro-Bold.ttf

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f0aa8e9800d58bb49d5324da9f5a3573d393a14b408f149756273f05718efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bathandbodyworks.com
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8bzzBrdEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BeVjC1ZIq9Pesmav00ZFdCY2Pd35qeaSS6W4DvN3spN4J1Fun5bBLT3M%2F2RMQ68Rr5Ue69Ekq935MYv2n%2FJxz3xOtfbQGu%2FhCkB4LnYRqOvKvCq8QTYMMFj1tXzydvgtEawqgz1cNRZIFA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: font/ttf
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kjyo7100144-IAD, cache-iad-kjyo7100098-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 69, 40
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.703709,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d86d9c238a3-IAD
accept-ranges: bytes
content-length: 108912
server: cloudflare

GET
H2 200 SourceSansPro-Regular.ttf
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/fonts/sourceSans/ 242 KB
107 KB 63ms
61ms Font
font/ttf 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/fonts/sourceSans/SourceSansPro-Regular.ttf

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0acaced3f5686390c4c2ed8d3b447c725660252d1a20a71fdab5110a435c463

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bathandbodyworks.com
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb5H6hrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qrdn7AoBncmgAdJRdCdCD1g%2Fo%2F7tZ6N1RaZzcWwHBy7pdDx7vhniJaZ0Gqsf%2Fb9JbKccl0V0xIWc793b2Qr%2Fc9V5BE3YJu3rC2c2SVbuSeD8Oz5Li5MpJXthFHazAWZij7FXgHlx9r74Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: font/ttf
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200068-IAD, cache-iad-kiad7000102-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 66, 41
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.703868,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d86dc57c9a8-IAD
accept-ranges: bytes
content-length: 109112
server: cloudflare

GET
H2 200 SourceSansPro-SemiBold.ttf
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/fonts/sourceSans/ 242 KB
107 KB 65ms
62ms Font
font/ttf 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/fonts/sourceSans/SourceSansPro-SemiBold.ttf

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c263e4612b3cf54dc5ba91c086e10aa60756fe6cda2cdf2494ed616124452eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bathandbodyworks.com
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: 3slfVhrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0OHWhn6dr3UdUPvGM10gIEme1tgnOSEYhx%2BaUtKEJzzSBJf6m3MgT1nTud72%2FdvS3kxfbu95lwg77%2BsatxeW7315nzEf5z5aD1mPOV0L30o4jcbnzBnaBKotBN22HWSb98zv44%2BIY9XYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: font/ttf
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200174-IAD, cache-iad-kcgs7200056-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 69, 39
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.704469,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d86cc4e062e-IAD
accept-ranges: bytes
content-length: 108805
server: cloudflare

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
364 B 164ms
55ms XHR
application/json 173.194.175.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?libraries=geometry&key=AIzaSyBl_gA4R2RUJFJ4Z4DmEtBQoHNmmtirUgY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.175.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: private
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.bathandbodyworks.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Fri, 18 Oct 2024 04:37:19 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 554 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b35ab455f4919d7ed9e21ac5b5842b622ab39dae5a56742563299faef418f872

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Social-fb-black.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/ 489 B
769 B 32ms
28ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/Social-fb-black.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80afe80e3a51fae16f5652f8131c557d28cc6c60dd7c8aa7bc43ac6f851ea473

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: oFGq-BrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O5t2%2BRzq74S0MCLdJcxyQXX4mvKH7W1E%2FqeR90Y0TflmEOySgK0zjN%2FVRoOsxZtVC%2Bayaqkix3FV6AwS6bLNMK0T6lAYlv8n8fEHZILX7TywQjSBjyIS4PQixT3L32gWqRuHlC8WwT1q%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200096-IAD, cache-iad-kcgs7200096-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 80, 33
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.738187,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d87b80e064a-IAD
accept-ranges: bytes
content-length: 309
server: cloudflare

GET
H2 200 Social-x-black.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/ 417 B
751 B 32ms
29ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/Social-x-black.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b65a1425a35ce88832a27ac2aecc747e15cc8a35bc2b68927d3ed50e5dd24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8koZhrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKHr%2B1NIJ7hUfm8SsCQOVTwtvu2QaxEwd0gZgf31T4cIZlMt822rLOmTnw6yNQDMx0zwqTe2VUdAKFzqB%2BRWC9Zav%2BEO%2FkYuXXJSHEjXKCj6vmgSlIuQD9laRiqmZstrvRuGyjpmlqOyqA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kcgs7200051-IAD, cache-iad-kcgs7200051-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 79, 34
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.738164,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d87cb27056f-IAD
accept-ranges: bytes
content-length: 287
server: cloudflare

GET
H2 200 Social-ig-black.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/ 2 KB
1 KB 35ms
32ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/Social-ig-black.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7aed44055560e921eba8d4eb34f82f4d1c4792f1078184ace3978e68f06749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb5X6hrdEGcBAAB_
age: 67812
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BB0QPWU%2Bhe5GwWEYV6IxpANYLShjHtW6pKeuMvfBYzAQoEXpA5riBpE9MlhqyOgLgFVpEnNSI7EKMiv0Q%2FcIS7s2KNhEukiMMskHj3PUDexDA1k6jJdE8bdp8bqQgjfy953S7kauxjBlbw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kjyo7100059-IAD, cache-iad-kjyo7100059-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 78, 35
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.738544,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d87cf8c81f7-IAD
accept-ranges: bytes
content-length: 657
server: cloudflare

GET
H2 200 Social-tiktok-black.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/ 837 B
975 B 34ms
31ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/Social-tiktok-black.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8fed37e594ed1fb4a87dc58bec1deb3a5fd48026389e20755827cb43d44fca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb5W6hrdEGcBAAB_
age: 67812
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qzRERlU0DoEMU4kosQ65Bz1krtQ0QJHIV7FmAlso0sXMyIhX74l9gNxTxNj52dmN4MOot6gSyzGfoDIN8bFsfv5Xct%2BzK672mJbUbZ3tKwnRJdbb4aod8R3rmlxW5J4n0k5SXrq1AXSrKg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kiad7000152-IAD, cache-iad-kiad7000152-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 80, 34
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.738509,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d87de7c05a6-IAD
accept-ranges: bytes
content-length: 450
server: cloudflare

GET
H2 200 Social-youtube-black.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/ 775 B
868 B 34ms
31ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/Social-youtube-black.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

918f6ad98bc4530aa3f47ac2c18770fb02b8734d7033f6759993fb282310d807

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: oFGs-BrdEGcBAAB_
age: 67812
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ME1m52LjoA5TJ1Ao5zWHifsi%2Fem%2FXtmo1WRXt%2FSihKYIHgvsyp8SqRVmw4%2FVXj72wHv4%2BidyWPJB06LrWI4RTQW9UZJNM1oAF3BTm3%2BOAzKm%2Fmvr284S5DmOGX4qbL8oZZwPsXwIZ5b3oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kiad7000096-IAD, cache-iad-kiad7000096-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 77, 33
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.738496,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d87ce65056d-IAD
accept-ranges: bytes
content-length: 405
server: cloudflare

GET
H2 200 Social-pinterest-black.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/ 1 KB
1 KB 34ms
32ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/Social-pinterest-black.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5ae2a61172356dd0090131c57944c7057b73367b34c75fd1fd0bd1998591b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: N8b6zBrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lo6%2FiohuvM79Zs6YPiAI%2FTmHGa0bImkvheKHigdTDQ4lNBBwirLAG3onQY0x4RqsjxKms%2FM5S5rXzVDdzHgAR06HWT%2F83QUCrWIBbEQFKQqmUW%2BN31SWMsg2nEAZmQAgPC6E7uJ%2BMrRahw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kjyo7100118-IAD, cache-iad-kjyo7100088-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 81, 36
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.738469,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d87d87ac9a9-IAD
accept-ranges: bytes
content-length: 634
server: cloudflare

GET
H2 200 SourceSansPro-Italic.ttf
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/fonts/sourceSans/ 107 KB
58 KB 29ms
28ms Font
font/ttf 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/fonts/sourceSans/SourceSansPro-Italic.ttf

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7987a699ff7c1bfa3f4fceac4baa9f7db3be559bf5cecd42b39f6251ed39d8fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.bathandbodyworks.com
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb5U6hrdEGcBAAB_
age: 67813
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3IXGge1WRqDWE3ITUapCOQRcedNNz0SG675Jpfdhuja346S7XSjYtikOScO7siqOk%2BBfDfap%2Bz3LAHN%2FTBhs9EPzLN5PZRRuZMmOqO%2BuBBSERAeJk0qj9F14ceSaDr4KgcEMRnIrnQXg1A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:06 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: font/ttf
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kjyo7100140-IAD, cache-iad-kjyo7100084-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 122, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.794810,VS0,VE1
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d87bb6c3af0-IAD
accept-ranges: bytes
content-length: 59092
server: cloudflare

GET
H/1.1 200
OK ns Show response
stk.px-cloud.net/ 350 B
484 B 175ms
45ms XHR
text/html 34.107.199.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://stk.px-cloud.net/ns?c=a92f8d70-8d0a-11ef-ac8e-0f9aea86e0c1
Requested by: Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/lsXlyYa5/init.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.107.199.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.199.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 375b712cb2bc6a76fa4455a62ab6462a92d8221287524be152828bbaab7579ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 350
Date: Fri, 18 Oct 2024 04:37:19 GMT
Content-Type: text/html

GET
H2 200 h.php Show response
crcldu.com/bd/ 2 B
534 B 146ms
48ms Fetch
text/plain 104.18.0.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crcldu.com/bd/h.php
Requested by: Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/lsXlyYa5/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.0.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=300
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHBXFE9W35BNcdB6RxYSoPTD%2Fat3xYtgOIz81pKNYsIzIQMflUwe7k%2Bt%2F3n6Uas337rwUufPfnJyZ02nyi387uJ%2FnkRlc9vHH4i%2FpvGAhBHZTJjPDnKLMp19nleN"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d45d520ac79a1db-YYZ
expires: Fri, 18 Oct 2024 04:42:20 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: text/plain
vary: Accept-Encoding
server: cloudflare
last-modified: Fri, 18 Oct 2024 04:37:20 GMT

POST
H2 200 collector Show response
collector-pxlsxlyya5.px-cloud.net/api/v2/ 616 B
867 B 215ms
120ms XHR
application/json 34.120.53.196
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxlsxlyya5.px-cloud.net/api/v2/collector
Requested by: Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/lsXlyYa5/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.53.196 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 196.53.120.34.bc.googleusercontent.com
Software: /
Resource Hash: fe138ca7ce10c04a9eb859f6b337c61bd12115d0b61136f4437bf5e80a0eb5df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.bathandbodyworks.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.bathandbodyworks.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 616
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: application/json; charset=utf-8

GET
H2 200 authiframe
www.bathandbodyworks.com/s/BathAndBodyWorks/ 3 KB
0 208ms
207ms Fetch
text/html 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe

Requested by

Host: static.ordergroove.com
URL: https://static.ordergroove.com/986dccf46be411ebaadb26088a73eb74/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
x-dw-request-base-id: Nb6lFgDmEWcBAAB_
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OAl%2FjGZqB3GWcnNdInbXUIRwEhYOCjoqjlP9S7LbmvKlUxBJJggMfT1dwc0KeyijPIDDVTcqQik%2B7ftYcMYqAy1MEX441LaqbOSNbylYXtS0EtePPO9clmPSAqYr554axTR9HBXbvsGDWg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: MISS, MISS, MISS
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: text/html;charset=UTF-8
x-served-by: cache-iad-kjyo7100167-IAD, cache-iad-kiad7000063-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 0, 0
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-timer: S1729226240.218423,VS0,VE85
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d45d5217c42c5a9-IAD
accept-ranges: bytes
fastly-restarts: 1
server: cloudflare

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/bbw/new/prod/ 159 KB
38 KB 48ms
48ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbw/new/prod/utag.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4e082da88143ac514c7f34d09031290e965b65139b31978f20989d82275dd44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=300
content-encoding: br
etag: W/"8ea32667eb460cb3ead659351ddc58ce"
x-amz-version-id: fTOgSiZRPbNTVCYqxWl0g9ptyvrXcpIb
age: 125
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: IIoUbITy1eB8258YeZOR3Ytq9AH80LEtWU-ob8cckLfrTugemZ8-kQ==
date: Fri, 18 Oct 2024 04:35:48 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:24:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H2 200 Home-LanguagePopup Show response
www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/ 3 KB
1 KB 246ms
246ms XHR
text/html 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/Home-LanguagePopup?format=ajax

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/jquery-2.1.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f43679f3b992b1d232dfed6411d9e0975badcbf23f88166914f7d41877d1d219

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.bathandbodyworks.com/loyalty-rewards
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: text/html, */*; q=0.01

Response headers

content-encoding: gzip
x-dw-request-base-id: oFFh6wDmEWcBAAB_
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rWWh%2FEqhC9%2FUFq9uw3jlx84bxmOpqVlgC0t5o5SigsskpO5McCczQ2Cm9FdXV1k7ocJhhH4AuZDaDYoWk119OlZ06BchB5YpoPmSW6p4huAc0hJTDqbKeCuj9FI9DCR2hzK8ZD6ig3Cfyg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: MISS, MISS, MISS
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: text/html;charset=UTF-8
x-served-by: cache-yyz4574-YYZ, cache-yyz4534-YYZ
x-cache-hits: 0, 0, 0
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-fastly-service-version: 4
pragma: no-cache
via: 1.1 varnish
cf-ray: 8d45d5221f18ab04-YYZ
accept-ranges: none
fastly-restarts: 1
server: cloudflare

GET
H2 200 Cart-MiniCartContent Show response
www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/ 0
471 B 236ms
235ms XHR
text/html 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/Cart-MiniCartContent

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/jquery-2.1.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.bathandbodyworks.com/loyalty-rewards
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*

Response headers

cf-cache-status: DYNAMIC
x-dw-request-base-id: Nb6sFgDmEWcBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZc%2BpzcLsH8EIJ%2F8lxwfae2iHU%2BHz5NM0FxBLzVY6QzR2t4YlrgrckALT8i3TZd57%2BwflbF%2B%2BHm2GT3qqKUqkv%2FGdzFYrC7CWJuRwzg2UFbK6wh39LVM5iZnlBbn9vCKXiBgPBqz6gKmwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: MISS, MISS, MISS
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: text/html;charset=UTF-8
x-served-by: cache-iad-kcgs7200025-IAD, cache-iad-kcgs7200025-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
x-timer: S1729226240.313592,VS0,VE112
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d45d52218109c73-IAD
accept-ranges: bytes
content-length: 0
fastly-restarts: 1
server: cloudflare

POST
H2 200 p Show response
b.px-cdn.net/api/v1/PXlsXlyYa5/d/ 15 KB
15 KB 152ms
49ms XHR
application/json 34.120.92.56
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.px-cdn.net/api/v1/PXlsXlyYa5/d/p
Requested by: Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/lsXlyYa5/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.92.56 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 56.92.120.34.bc.googleusercontent.com
Software: /
Resource Hash: 9ababe65ca927b421be2729010feaa88ced1b20778b5f8ab34c39aa9417764fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----------------lbbqy9b7ont6mjse
Referer: https://www.bathandbodyworks.com/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: HEAD,GET,POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://www.bathandbodyworks.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: application/json
access-control-allow-headers: authorization

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 84ms
33ms Script
application/javascript 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCEDAD087F157F
x-ms-lease-status: unlocked
age: 24333
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 21:51:47 GMT
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 06:37:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: ca0be203-601e-00f9-010e-20596a000000
cf-ray: 8d45d5222e7aa23b-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 authiframe Show response
www.bathandbodyworks.com/s/BathAndBodyWorks/ Frame A9B3 3 KB
2 KB 201ms
201ms Document
text/html 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe

Requested by

Host: static.ordergroove.com
URL: https://static.ordergroove.com/986dccf46be411ebaadb26088a73eb74/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f144613596e58679556b86c8341fb149d5f85e9f05d6f9b61985ed2d58288cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.bathandbodyworks.com/loyalty-rewards
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: none
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d45d522efc7ac88-YYZ
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 18 Oct 2024 04:37:20 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
fastly-restarts: 1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztl%2B4JVBXugUv4HYwLwN0zBcCSfPaBeR%2BtmqIaZpUvTKyDDq06fHylnrjDx0V0hZXT5ACV5meJkDWeFjSDgG0VqPGmPiUTYoRqIA7d65weUCblo%2BANMyvDEtMfrhYjBHEoWeL2bVAv1dFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=300
vary: accept-encoding, Accept-Encoding
via: 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-dw-request-base-id: N8lSCwDmEWcBAAB_
x-fastly-service-version: 4
x-served-by: cache-yyz4534-YYZ, cache-yyz4534-YYZ

GET
H2 200 UI-Close-dark.svg
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/ 228 B
834 B 25ms
25ms Image
image/svg+xml 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/images/svg-icons/UI-Close-dark.svg

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed427ca840aaa428a8afed89bc2eb5768d28dc8d6a4e59dec45df050416beba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/css/style.min.css

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: oFG3-R3dEGcBAAB_
age: 67812
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SvtMZz9p5GUomFX2Dlw6YAl6g21YwkIXK3jCmAKga6DCY1ZfpMWSlQStpC%2FF8M%2FzAERXzZ%2B4zL95vWiJne%2BpjUE%2FYsH40UYXF5PgVEiYP3YWAt7OhGcV8J%2ByP2NCgnZ9SO%2FDmecgEdCjwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:09 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: image/svg+xml
last-modified: Tue, 15 Oct 2024 13:53:55 GMT
x-served-by: cache-iad-kiad7000077-IAD, cache-iad-kiad7000077-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 30, 23
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226241.587615,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d958f836ffe-IAD
accept-ranges: bytes
content-length: 186
server: cloudflare

GET
H/1.1 200
OK auth.js Show response
static.ordergroove.com/986dccf46be411ebaadb26088a73eb74/ Frame A9B3 3 B
431 B 41ms
41ms Script
application/javascript 23.47.22.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.ordergroove.com/986dccf46be411ebaadb26088a73eb74/auth.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.47.22.7 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-47-22-7.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

Strict-Transport-Security: max-age=15768000
Cache-Control: max-age=900
ETag: "308dccc-3-5cf556b7bd280"
Connection: keep-alive
Expires: Fri, 18 Oct 2024 04:52:20 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 3
Date: Fri, 18 Oct 2024 04:37:20 GMT
Last-Modified: Wed, 27 Oct 2021 13:17:46 GMT
Content-Type: application/javascript
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H2 200 dwanalytics-22.2.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/ Frame A9B3 6 KB
0 78ms
73ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/dwanalytics-22.2.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9b2a97b95ecaab1920aba84b26169c23a38e0513c2d4423ab9c0102b96cb195

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb4N6hndEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QbiN1m0Ly%2FFEXQ9VjvvmmIuIvr9%2BYljJVP30I%2Fkji4BlYSdiH36ugu0BBdCEQmSlHQeC92VfZJl2wVTL1vDX59q1Q4KuElalzH6QF%2FmuPOjEL9rEJEF6ZIxzvksb3mVgDVKtb660z4qSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:05 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 09:47:05 GMT
x-served-by: cache-iad-kiad7000078-IAD, cache-iad-kiad7000056-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 82, 40
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692170,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d81ed736fcb-IAD
accept-ranges: bytes
content-length: 2688
server: cloudflare

GET
H2 200 dwac-21.7.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/ Frame A9B3 5 KB
0 79ms
74ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/dwac-21.7.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7d87091d363393cdfb559f44f41e447f70b67917b9dedb3e97c2a8d476e1ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: 3skYVhndEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhyQt%2FwFcqcy0SYlOsbvN4qwvBN1aXzpT16MHkPiDF%2FovzA1BGcvHtytVbcySnNzaipKgsy5EUQT0o899QgHqmtlsBi%2B6Nmo0f03hD%2FlULj8wCSNTX6VjbJtSgOgA6arjzEAoNAt%2Buucyg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:05 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 09:47:05 GMT
x-served-by: cache-iad-kcgs7200128-IAD, cache-iad-kcgs7200128-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 83, 44
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692146,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d81fb4a81d9-IAD
accept-ranges: bytes
content-length: 1919
server: cloudflare

GET
H2 200 gretel.min.js Show response
cdn.cquotient.com/js/v2/ Frame A9B3 73 KB
0 197ms
42ms Script
text/javascript 108.139.29.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cquotient.com/js/v2/gretel.min.js
Requested by: Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-174.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a994dc1f72298f4dcaaf0a3e99c181a9d1598c7fd98e911ea6929ba437796b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"51f65c87b112c29db2606d6ef5cb487b"
age: 1121
via: 1.1 8e923e72a50f75048382f193bf6c8c4e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: zXtmG1ybVm-Y031ourpwRLU5u835X3C2pQ6XGMl_p4vGp2bG4jo-xA==
date: Fri, 18 Oct 2024 04:18:39 GMT
content-type: text/javascript
last-modified: Thu, 29 Aug 2024 19:21:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
x-amz-server-side-encryption: AES256

GET
H2 200 applepay.js Show response
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/ Frame A9B3 14 KB
0 79ms
74ms Script
text/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/internal/jscript/applepay.js

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e7938fd5c17bb1b600de328beb4372fd16d07ef78ec200436f4b683d465ffa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb4M6hndEGcBAAB_
age: 67814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FADivhlp%2BI42ODTuQiQYUGEH7UwRiIK8BMkMKuYDpY%2B33BxJoGziXLk40QIRQjETmUUnT1CW%2F1Rq6SDyyrkNLXkvd3qEztDBCsHNufwzqvqROOQliwiovchqtlm1gsarwLeXHghmeyOLEA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 09:47:05 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:19 GMT
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 09:47:05 GMT
x-served-by: cache-iad-kjyo7100043-IAD, cache-iad-kjyo7100143-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 83, 39
vary: accept-encoding, Accept-Encoding
strict-transport-security: max-age=300
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1729226240.692129,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d3f5d81f9c9c9a5-IAD
accept-ranges: bytes
content-length: 3921
server: cloudflare

GET
H2 200 649dce8d-d000-4721-811f-9275799ad0de.json Show response
cdn.cookielaw.org/consent/649dce8d-d000-4721-811f-9275799ad0de/ 5 KB
2 KB 99ms
44ms XHR
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/649dce8d-d000-4721-811f-9275799ad0de/649dce8d-d000-4721-811f-9275799ad0de.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e44a3a582c36208a1c8844e3723b43f47cac2497259a7b9a3b0404329a48cda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-md5: gzraLsxqEgUSF85tIMSe8g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCEDF6B2E40B6B
age: 45163
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sat, 19 Oct 2024 04:37:20 GMT
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 15:24:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 9075bcd2-801e-0070-2ce5-1fe04e000000
cf-ray: 8d45d524c9d0ac15-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1796
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 favicon.ico
www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dw6bcf89c0/images/ 318 B
574 B 25ms
24ms Other
image/x-icon 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/default/dw6bcf89c0/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a58760a6a66b6056d0935178a3a042cd9d842cad9d1ffa38bb939de3dd1d1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-dw-request-base-id: Nb5bhxvHD2cBAAB_
age: 138981
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0%2FwyMGiLI30aMdycAgvfChrZs6JGfc1EGWlbPG%2Bynlwk9bt3OvZfnc7pyYf1lK1tB1KPskIsvVIGX4xRxDlBLzNHXq5gerNT8oTmok%2FPa83DLB3zelVOwuZE309frkr0Rho0lpb3GoPXA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 15 Nov 2024 14:00:59 GMT
x-cache: MISS, HIT, HIT
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: image/x-icon
last-modified: Tue, 15 Oct 2024 13:53:56 GMT
x-served-by: cache-iad-kjyo7100105-IAD, cache-iad-kjyo7100158-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 46, 62
vary: Accept-Encoding
strict-transport-security: max-age=300
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
x-timer: S1729226241.785839,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d38940cbf0e59f1-IAD
accept-ranges: bytes
content-length: 103
server: cloudflare

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 97ms
44ms XHR
application/json 172.64.155.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.bathandbodyworks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d45d5256aa9542b-YYZ
access-control-allow-origin: *
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 __Analytics-Start
www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/ Frame A9B3 35 B
750 B 168ms
168ms Image
image/gif 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.bathandbodyworks.com%2Fs%2FBathAndBodyWorks%2Fauthiframe&res=1600x1200&cookie=1&ref=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&title=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dw_dnt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/s/BathAndBodyWorks/authiframe

Response headers

cf-cache-status: DYNAMIC
x-dw-request-base-id: oFGu6wDmEWcBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OPx66S9sd63KlDeI7zDXShtEjywXTTcyy1Cs6Hil0oTa0IYnflkcy5RZMqNjpVFeoxnbY%2Bd3BsZ9i8has2Zqjq1Get6grk8Arc07YFXAI3L45UMs0fE00jo73nihz4DfeRlJZiVyjqo8Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: MISS, MISS, MISS
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: image/gif
x-served-by: cache-iad-kcgs7200058-IAD, cache-iad-kcgs7200048-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 0, 0
strict-transport-security: max-age=300
cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
x-timer: S1729226241.960859,VS0,VE40
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d45d52628fb8024-IAD
accept-ranges: bytes
content-length: 35
fastly-restarts: 1
server: cloudflare

GET
H2 200 __Analytics-Start
www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/ 35 B
500 B 208ms
208ms Image
image/gif 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&res=1600x1200&cookie=1&ref=&title=Loyalty%20Rewards%20%7C%20Bath%20%26%20Body%20Works&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.5175017064664362&cmpn=&tz=US/Eastern&pcc=USD&pct=&pcat=&dw_dnt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

cf-cache-status: DYNAMIC
x-dw-request-base-id: 3smzqwHmEWcBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ETAFAuV%2BIZ4H7UfgGJM1R8vw57t10iIp3pSbhzhoARw3JaxsTarXvU3ZvHfbL38X2NEEH0MLl%2BilUKOGB3RAde%2FQM029PV7U%2F87UFzMEZF8qbdwVbQ0E5I7d5HXh1se7YNBuIy%2F5gzNBiA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: MISS, MISS, MISS
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: image/gif
x-served-by: cache-iad-kjyo7100132-IAD, cache-iad-kjyo7100123-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 0, 0
strict-transport-security: max-age=300
cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
x-timer: S1729226241.011627,VS0,VE45
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d45d5267db70957-IAD
accept-ranges: bytes
content-length: 35
fastly-restarts: 1
server: cloudflare

POST
H2 200 event
qoe-1.yottaa.net/log-nt/ 3 B
191 B 223ms
43ms Ping
text/json 99.83.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qoe-1.yottaa.net/log-nt/event
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.184.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0540a066b92ce4ca.awsglobalaccelerator.com
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bathandbodyworks.com/

Response headers

access-control-allow-origin: *
access-control-expose-headers: X-Results-Data-Source
timing-allow-origin: *
cache-control: no-cache
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: text/json
access-control-allow-credentials: true

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202409.2.0/ 461 KB
112 KB 33ms
33ms Script
application/javascript 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d9c9ad349c47e81a545ff3e3bdb0a8df5ebe959da9b52cadd9440d92f7ef359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-md5: uGd5VTJp/PFmoOURmUW/IQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCEDAD0743FFCD
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 24994
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 04:37:20 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 06:37:38 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: f5b79f7e-c01e-00b0-0c1d-206a0a000000
cf-ray: 8d45d525b8a6a23b-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 114311
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 200 collector Show response
collector-pxlsxlyya5.px-cloud.net/api/v2/ 388 B
444 B 189ms
184ms XHR
application/json 34.120.53.196
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxlsxlyya5.px-cloud.net/api/v2/collector
Requested by: Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/lsXlyYa5/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.53.196 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 196.53.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e5e65869b76b93c58e1f99486162ba505c552af489da92ef645ebc5bd3952663

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.bathandbodyworks.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.bathandbodyworks.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 388
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/json; charset=utf-8

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/649dce8d-d000-4721-811f-9275799ad0de/01927cf4-a51e-738d-bc98-77d959be0979/ 182 KB
32 KB 41ms
41ms Fetch
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/649dce8d-d000-4721-811f-9275799ad0de/01927cf4-a51e-738d-bc98-77d959be0979/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50f182f8656a0c2d390a230c456fa7d80648f26cd2a416dff2e670cc25693d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-md5: rr1pWPaoJfEo9YjlOMamWg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCEDF0D4567BC9
age: 45150
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sat, 19 Oct 2024 04:37:21 GMT
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 14:42:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 9e5dfd61-401e-0000-40e5-1f938a000000
cf-ray: 8d45d5262ac7ac15-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32198
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202409.2.0/assets/ 13 KB
3 KB 37ms
37ms Fetch
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-md5: CDHNBOyaHPNE3EDr/Gzy5w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCEDAD03A87822
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 50255
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 06:37:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 1e443511-401e-006d-18d9-1f39a4000000
cf-ray: 8d45d5269b39ac15-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202409.2.0/assets/v2/ 64 KB
13 KB 36ms
36ms Fetch
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.2.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61721c8ccac413f9c55dede65a99c739ff8bf68c423fdbb918bd80d9bc4c9fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-md5: l+5O72TWRgHmm4UuVxyiqg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCEDAD05186C3C
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 50255
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 06:37:35 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8eb605af-101e-0075-71d9-1f1431000000
cf-ray: 8d45d5269b3cac15-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12880
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202409.2.0/assets/ 24 KB
4 KB 38ms
38ms Fetch
text/css 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2afa04c9a3e080712c94d68b9c1d33587fddcbaeaba9dfcaf1d53d19f6a280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-md5: A9jekd5UoO8SyzJ6LiStug==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 50255
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: text/css
last-modified: Wed, 16 Oct 2024 06:37:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 011864d8-d01e-004a-0ad9-1fa3ed000000
cf-ray: 8d45d5269b3dac15-YYZ
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
495 B 32ms
32ms Fetch
image/svg+xml 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 52018
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Oct 2024 06:37:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: db0e72f0-201e-00b1-7bd5-1f6bf7000000
cf-ray: 8d45d526fb88ac15-YYZ
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 5fc5bda0a87ecc437592599a_Bath-_and_Body_Works_logo_logotype.png
cdn.cookielaw.org/logos/60adc86b-07ef-485b-8ea0-1ef2f9f6c1fc/ed22aafc-54f7-4e35-9eed-959c6c2c4756/2fcb4c65-fdf9-4dab-bfa6-7b21f84e412e/ 141 KB
141 KB 37ms
37ms Image
mage/png 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/60adc86b-07ef-485b-8ea0-1ef2f9f6c1fc/ed22aafc-54f7-4e35-9eed-959c6c2c4756/2fcb4c65-fdf9-4dab-bfa6-7b21f84e412e/5fc5bda0a87ecc437592599a_Bath-_and_Body_Works_logo_logotype.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93e5062a715eeead8aea9413daddb8918219d84023fd55a3e302857c392ec423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-md5: yVk7zEbRqYJdYUekZISqUg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D92B802695CE8F
age: 38437
cf-cache-status: HIT
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: mage/png
last-modified: Wed, 09 Jun 2021 19:52:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: e7662a79-901e-0084-0bcd-214b82000000
cf-ray: 8d45d527096ea23b-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 143927
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 35ms
35ms Image
image/svg+xml 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 22387
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Oct 2024 06:37:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 324d4739-a01e-00a0-6e98-1f5cec000000
cf-ray: 8d45d527096fa23b-YYZ
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 TrackingStatus-setTrackingStatus Show response
www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/ 0
698 B 221ms
220ms XHR
text/html 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/TrackingStatus-setTrackingStatus?trackingAllowed=false

Requested by

Host: www.bathandbodyworks.com
URL: https://www.bathandbodyworks.com/on/demandware.static/Sites-BathAndBodyWorks-Site/-/en_US/v1729158425569/lib/jquery/jquery-2.1.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.bathandbodyworks.com/loyalty-rewards
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*

Response headers

cf-cache-status: DYNAMIC
x-dw-request-base-id: N8luCwHmEWcBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6eqpkxlsPowZRjv45pAYnsQna9LPncD8npFb2HrFKUkwH5m%2B91Tltjn6WHHAmnt3mte17ltjnOkFMMbXQkw%2FjDHOh2BoSVkQSKKukxNuw%2BCv%2B8tTJttuaQwbXKarh1Vs2E1HuAwsMP6weg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: MISS, MISS, MISS
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: text/html;charset=UTF-8
x-served-by: cache-iad-kiad7000062-IAD, cache-iad-kiad7000142-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
x-timer: S1729226241.248496,VS0,VE93
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d45d527e9545b35-IAD
accept-ranges: bytes
content-length: 0
fastly-restarts: 1
server: cloudflare

GET
H2 200 dtag.js Show response
cdn.attn.tv/bbwi/ 8 KB
4 KB 191ms
38ms Script
text/javascript 13.225.63.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/bbwi/dtag.js?utv=ut4.49.202109242221
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-126.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a18c6fff4564db83b1886dbcb3799b76c5fe1bfb17920383e640de1a069ee8b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-encoding: gzip
x-amz-version-id: KLGaq5XqEzAnwPGnwjzHXBMVc5ZdjnLT
etag: W/"a4fa2cfabcba58e1d866f1682f3224ff"
age: 62
x-cache: Hit from cloudfront
x-amz-cf-id: P799-knYiszNg8TdSgr6JHmSF3nzEa2pl338c_x0P3OdX7hgRQRUCQ==
date: Fri, 18 Oct 2024 04:36:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
last-modified: Fri, 14 Jun 2024 17:21:12 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pebble Show response
p.cquotient.com/ 252 B
590 B 189ms
47ms Script
text/javascript 52.21.79.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://p.cquotient.com/pebble?tla=bbdl-BathAndBodyWorks&activityType=viewPage&callback=CQuotient._act_callback0&cookieId=abiaVfgEqzik0qmOSclVk9LbmC&realm=BBDL&siteId=BathAndBodyWorks&instanceType=prd&referrer=&currentLocation=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&ls=true&_=1729226241182&v=v3.1.3&fbPixelId=__UNKNOWN__&json=%7B%22cookieId%22%3A%22abiaVfgEqzik0qmOSclVk9LbmC%22%2C%22realm%22%3A%22BBDL%22%2C%22siteId%22%3A%22BathAndBodyWorks%22%2C%22instanceType%22%3A%22prd%22%2C%22referrer%22%3A%22%22%2C%22currentLocation%22%3A%22https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards%22%2C%22ls%22%3Atrue%2C%22_%22%3A1729226241182%2C%22v%22%3A%22v3.1.3%22%2C%22fbPixelId%22%3A%22__UNKNOWN__%22%7D

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.79.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-79-130.compute-1.amazonaws.com

Software

envoy /

Resource Hash

acad6da73c196f8f1ba5a687eb99c1a7bb6149429fe2c9d6ff87d04b5da3d81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

strict-transport-security: max-age=15552000; includeSubdomains
etag: W/"fc-/iJ7AuBJ5mb5o0exh8ZGSSHIBGk"
x-envoy-upstream-service-time: 4
x-content-type-options: nosniff
content-length: 252
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: text/javascript; charset=utf-8
server: envoy

GET
H2 200 unified-tag.js Show response
cdn.attn.tv/tag/4-latest/ 126 KB
41 KB 43ms
43ms Script
application/javascript 13.225.63.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_302cdc2011
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-126.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d4bf810214ff93e96392cc3bce8e980fc677a2c538d56287a3abf83c0600a0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-encoding: gzip
x-amz-version-id: .tVIhHIMlBl6m2llKP9sfAwotQw41CLF
etag: W/"2f542a202d5ae38218c1904b35e3f54f"
age: 191
x-cache: Hit from cloudfront
x-amz-cf-id: e7APJocB5caJHZ7D68Itm3mkknH5YGmB2qsYhtRoSUKI8U8Td_0qdg==
date: Fri, 18 Oct 2024 04:34:10 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 17 Oct 2024 16:59:18 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=300
via: 1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 launch-520b6b66c3a6.min.js Show response
assets.adobedtm.com/9da465965b69/1788ea24e0bb/ 537 KB
124 KB 236ms
41ms Script
application/x-javascript 23.220.124.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/9da465965b69/1788ea24e0bb/launch-520b6b66c3a6.min.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.124.232 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-124-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 057c0e5a4da887254142ac11ef0a70ff90266bc18d84c81a482421eddfe57dd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "cae09f3e3a1dd1c7cdc152e1f2446b86:1729087352.371959"
expires: Fri, 18 Oct 2024 05:37:21 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 126767
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/x-javascript
last-modified: Wed, 16 Oct 2024 14:02:32 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H3 200 quantum-bbw.js Show response
cdn.quantummetric.com/qscripts/ 285 KB
96 KB 117ms
39ms Script
text/javascript 104.18.11.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.213 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16c6386d43422b2d0e52c071b150cd8d70d07d34ce24102453d69a05e9402238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	no-sniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

x-robots-tag: noindex
content-encoding: gzip
cf-cache-status: HIT
etag: W/"172770301012417291779530211729152001937"
age: 277
x-content-type-options: no-sniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-ray: 8d45d5291829ac46-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H2 200 utag.64.js Show response
tags.tiqcdn.com/utag/bbw/new/prod/ 12 KB
3 KB 38ms
37ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbw/new/prod/utag.64.js?utv=ut4.49.202402201649
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c74e9f8110a040cde8f6f9a8a605f8aab1b5f95cbbe3b1ffe921378c286cd93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"ea6ab30c7ae21ef558f6218fa24fa06a"
x-amz-version-id: OCSeBX8YmttaFzs9TQGRzynExyZPtp4b
age: 264
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Jd1goZNoc620yJYrZH1WIwUHqfL49EgDidxczKdPpn8HFDSpARK_zw==
date: Fri, 18 Oct 2024 04:32:58 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:24:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H2 200 utag.110.js Show response
tags.tiqcdn.com/utag/bbw/new/prod/ 2 KB
1 KB 38ms
38ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbw/new/prod/utag.110.js?utv=ut4.49.202010141435
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3ef0238e7060b0c445265b414d6f8481f06591ca8502f2bd0aa2f7d17f7440b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"ef3840e603793de87c5a54ac0f9ab6ab"
x-amz-version-id: UX0d0yLQ9WqU808UCPnNLSaWHe6q1ANo
age: 264
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: FG6PrC-cJgWP8klxPtn-bL_x37TnLhRLGQmhi6m2Wt36x78niQXRaQ==
date: Fri, 18 Oct 2024 04:32:58 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:24:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H2 200 utag.237.js Show response
tags.tiqcdn.com/utag/bbw/new/prod/ 4 KB
2 KB 39ms
38ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbw/new/prod/utag.237.js?utv=ut4.49.202409041403
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5551e6b16ed998e1835c8fd45e5590114586ab4b7865327ae2cdc60f7bef7d41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"a7166f759ba060a05ce6cd3981515c6e"
x-amz-version-id: kxEPPggDT94js5LveDclMAw24M.aYjUr
age: 264
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: CNK399BUZM_N5GNT9XpMU0RSDYrZXeHxvUeaSNGUL6Er6TQH7HruxA==
date: Fri, 18 Oct 2024 04:32:58 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:24:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H2 200 utag.197.js Show response
tags.tiqcdn.com/utag/bbw/new/prod/ 21 KB
6 KB 40ms
40ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbw/new/prod/utag.197.js?utv=ut4.49.202409121423
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fa28c98e129dd11fec8ba7c39b9ed0e05f42bc4c28eae660c5e09decb69468b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"aa1510b239189f28c7d668e045a74525"
x-amz-version-id: WjV8NP4FoMuPhhMh8ci8Co1wbdJvWcqw
age: 264
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: c6gAyGq9dD6NrvTmadDzkAp43tgQ5fkX0KPgqOSY0ywMWTuCdR7JEw==
date: Fri, 18 Oct 2024 04:32:58 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:24:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H2 200 utag.247.js Show response
tags.tiqcdn.com/utag/bbw/new/prod/ 13 KB
4 KB 41ms
41ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbw/new/prod/utag.247.js?utv=ut4.49.202408211401
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4670b50c42d9c6512e13aed334c772b3279aeddd71951889f5c8f587d8ef9c1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"1c26f779ce7b139e13550051731e6874"
x-amz-version-id: caeHgrPgfp7__UHoqz.5qmskLUyvv4bw
age: 226
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: u1mFfz_xLKMO9uFedWVe5yWoHePh5T31a9FDu8d99bIe65tyd_2T8Q==
date: Fri, 18 Oct 2024 04:33:36 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:24:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H2 200 utag.283.js Show response
tags.tiqcdn.com/utag/bbw/new/prod/ 13 KB
4 KB 42ms
42ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbw/new/prod/utag.283.js?utv=ut4.49.202409241736
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c823a60a6f59e635d8eaa9d9b87d33c2c457f23cb2f0b9a90669f12edd6fee5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"692f73982ea9d29ea23428d8ab7685db"
x-amz-version-id: 9ZY.OLo8uCGft20pQ_MQNBmrMjajU7x0
age: 264
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: BBaINprvcIi_y25CAFX6FMvwtc_CM7Sq0XLM_jCP0b6NN_Pupg3zVw==
date: Fri, 18 Oct 2024 04:32:58 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:24:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H2 200 utag.288.js Show response
tags.tiqcdn.com/utag/bbw/new/prod/ 11 KB
4 KB 42ms
42ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbw/new/prod/utag.288.js?utv=ut4.49.202410161355
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb08f5fb5439e51fd65763b6850edebfc5ec1d75ac64517863d458f116ae9cda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"aed8fd696e939fef9ff8a9fef3cbfef0"
x-amz-version-id: nZ_Ky6FoMY9mT.A2Ag5E.tWOKK2Fs.wt
age: 264
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: DERJEGALqilCKkvYA00Ho6d_1XWuj-QfqbFX0S13fe74sloc3e3E2g==
date: Fri, 18 Oct 2024 04:32:58 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 14:24:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H2 200 __Analytics-Start
www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/ 35 B
1 KB 98ms
97ms Image
image/gif 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bathandbodyworks.com/on/demandware.store/Sites-BathAndBodyWorks-Site/en_US/__Analytics-Start?url=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&res=1600x1200&cookie=1&ref=&title=Loyalty%20Rewards%20%7C%20Bath%20%26%20Body%20Works&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&dwac=0.1985704011977416&cmpn=&tz=US/Eastern&pcc=USD&pct=&pcat=&dw_dnt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

cf-cache-status: DYNAMIC
x-dw-request-base-id: oFHn6wHmEWcBAAB_
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CuPhITT4X%2Fz17vqk8ACM6AunjhngNkZo6RcPD1nMmkx%2FO1X6OLPby%2BdffURUBuHU4GNNMorGurQRgCZj8cHTo5l%2B2X%2BymWmiuhYvzFpOk3hNCqsmDm%2FOHVawGkCJEyTwyYpiTthf%2BWQEDA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: MISS, MISS, MISS
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: image/gif
x-served-by: cache-iad-kjyo7100112-IAD, cache-iad-kjyo7100148-IAD, cache-yyz4534-YYZ
x-cache-hits: 0, 0, 0
strict-transport-security: max-age=300
cache-control: no-cache, no-store, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
x-timer: S1729226241.385099,VS0,VE74
via: 1.1 varnish, 1.1 varnish
cf-ray: 8d45d528dc0b6ff7-IAD
accept-ranges: bytes
content-length: 35
server: cloudflare

GET
H2 200 1.js Show response
mi.bathandbodyworks.com/p/js/ 46 KB
16 KB 250ms
47ms Script
text/javascript 13.226.34.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mi.bathandbodyworks.com/p/js/1.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-2.ewr53.r.cloudfront.net
Software: /
Resource Hash: 8a34e2650adc6c879db57aa4a11822804927f1174ac93fdbff5a75b879833d23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: no-cache max-age=0
timing-allow-origin: https://www.bathandbodyworks.com
content-encoding: gzip
pragma: no-cache
via: 1.1 aa7679f2d01b23d9a66bfa6e92991b04.cloudfront.net (CloudFront)
expires: Thu, 01 Dec 1994 16:00:00 GMT
x-cache: Miss from cloudfront
p3p: policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
x-amz-cf-id: tovOUzszKkjVWTMuKgRP7V-_YyR0dbCYbydYBGX9E0ZzazaSlbrfWQ==
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: text/javascript
vary: Accept-Encoding
x-uuid: 90547a15-118a-4d95-8c78-2a4f5a0871cd
x-amz-cf-pop: EWR53-C2

GET
H2 200 1_0 Show response
www.bathandbodyworks.com/profile/profile/visit/js/ 19 B
288 B 179ms
178ms Script
application/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bathandbodyworks.com/profile/profile/visit/js/1_0?dtm_fid=101&dtm_cid=60847&dtm_cmagic=48be96&cachebuster=0161985162461631&cli_promo_id=0&dtmc_ref=undefined&dtmc_loc=https%3A//www.bathandbodyworks.com/loyalty-rewards&dtm_user_token=

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbw/new/prod/utag.64.js?utv=ut4.49.202402201649

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/loyalty-rewards

Response headers

x-robots-tag: noindex, nofollow
x-forwarded-request-path: /profile
rp-host: www.bathandbodyworks.com
expires: 0
x-cache: MISS, MISS
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/javascript
x-served-by: cache-yyz4531-YYZ, cache-yyz4534-YYZ
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=300
cache-control: no-cache, private, max-age=0, no-store
pragma: no-cache
x-timer: S1729226241.428717,VS0,VE156
via: 1.1 varnish
accept-ranges: bytes
content-length: 19
server: nginx

GET
H2 200 custom.js Show response
se.monetate.net/js/2/a-07003273/p/bathandbodyworks.com/ 182 KB
61 KB 239ms
54ms Script
application/x-javascript 104.94.118.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se.monetate.net/js/2/a-07003273/p/bathandbodyworks.com/custom.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.94.118.174 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-118-174.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ad929bbe172ee09ee9d897be2e812a553f835284cbbe73be7891b77a5bf2227e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "f58b73317ed364d191264bae8f533b4b:1729125023.175232"
accept-ranges: bytes
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/x-javascript
last-modified: Thu, 17 Oct 2024 00:30:23 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

POST
H2 200 i.gif Show response
collect.tealiumiq.com/bbw/main/2/ 43 B
752 B 175ms
44ms XHR
image/gif 52.202.176.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/bbw/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbw/new/prod/utag.197.js?utv=ut4.49.202409121423
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.202.176.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-176-11.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryUlr79UkJOYm50Mwv
Referer: https://www.bathandbodyworks.com/

Response headers

access-control-expose-headers: X-Region
expires: Fri, 18 Oct 2024 04:37:21 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-serverid: uconnect_i-076cb248d208a93ce
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: image/gif
vary: Origin
x-uuid: ea6f753d-7f67-4962-9211-32ca4224945f
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
pragma: no-cache
access-control-allow-credentials: true
x-tid: 01929dea74880031472e1d0f307e05065003005d00b08
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 43
x-acc: bbw:main:2:datacloud
x-ulver: 7923a65c0262dece38cc3fed1cfea676cc0381d1-SNAPSHOT
x-did: 01929dea74880031472e1d0f307e05065003005d00b08
x-region: us-east-1

GET
H/1.1 200
OK z1m.js Show response
cdn.zineone.com/cloud/latest/ 91 KB
24 KB 228ms
42ms Script
application/javascript 108.139.29.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zineone.com/cloud/latest/z1m.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-36.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70023f63069b2e145d7e7fa0459389d2bc534d276ff3ffeed5f6e370658f98a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

Content-Encoding: gzip
ETag: "90d1eeded272fb37f53f86368bff6dd2"
Age: 1551973
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: B3SEBD8eebRtjILW_KcKpHGtEAzo9b6j9em0FLYTIhNyzfnGJh37oA==
Date: Mon, 30 Sep 2024 05:31:09 GMT
Content-Type: application/javascript
Vary: Origin
Last-Modified: Mon, 08 Jul 2024 05:31:05 GMT
Connection: keep-alive
Via: 1.1 8cdf4e2d4f4070992665477c4dbca0c0.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 24291
X-Amz-Cf-Pop: JFK50-P2
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
93 KB 144ms
59ms Script
application/javascript 142.250.31.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16654458344

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

09504dc2050b37bfdd11f0b76d3da87ee29c16e6cedd06b07decce27792d7d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 18 Oct 2024 04:37:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 18 Oct 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94534
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

0b1951ed-f63c-4644-a5f5-a1e036d7ea00 Show response
objects.githubusercontent.com/github-production-release-asset-2e65be/838377826/
Redirect Chain

https://github.com/Cognigy/Webchat/releases/latest/download/webchat.js
https://github.com/Cognigy/Webchat/releases/download/v3.6.0/webchat.js
https://objects.githubusercontent.com/github-production-release-asset-2e65be/838377826/0b1951ed-f63c-4644-a5f5-a1e036d7ea00?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%...

2 MB
2 MB

171ms
97ms

Script
application/octet-stream

185.199.110.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://objects.githubusercontent.com/github-production-release-asset-2e65be/838377826/0b1951ed-f63c-4644-a5f5-a1e036d7ea00?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241018%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241018T043638Z&X-Amz-Expires=300&X-Amz-Signature=99d476d83dd200775d1dda952de5b9f4235aee81172ebbc4c5de10b0dfffd3d3&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dwebchat.js&response-content-type=application%2Foctet-stream
Protocol: H2
Server: 185.199.110.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-110-133.github.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 27c0c03ef343c2bed6196361a802a31b273fa622d91f01a5513527a95d95d946

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

x-ms-server-encrypted: true
x-ms-version: 2023-11-03
x-ms-lease-status: unlocked
etag: "0x8DCE453947D07CE"
age: 5263
x-ms-lease-state: available
x-ms-blob-content-md5: pxe4TcWM9xmR5Bi5bbREcA==
x-cache: HIT, HIT
date: Fri, 18 Oct 2024 04:37:21 GMT
content-disposition: attachment; filename=webchat.js
content-type: application/octet-stream
x-served-by: cache-iad-kcgs7200118-IAD, cache-yyz4546-YYZ
last-modified: Fri, 04 Oct 2024 09:04:40 GMT
x-cache-hits: 26, 2
x-ms-creation-time: Fri, 04 Oct 2024 09:04:40 GMT
x-timer: S1729226242.775984,VS0,VE0
x-ms-request-id: 7889f2ab-b01e-003f-373d-1629f6000000
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 2520427
x-ms-blob-type: BlockBlob
fastly-restarts: 1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

Redirect headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
cache-control: no-cache
location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/838377826/0b1951ed-f63c-4644-a5f5-a1e036d7ea00?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241018%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241018T043638Z&X-Amz-Expires=300&X-Amz-Signature=99d476d83dd200775d1dda952de5b9f4235aee81172ebbc4c5de10b0dfffd3d3&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dwebchat.js&response-content-type=application%2Foctet-stream
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-github-request-id: C5DA:26F4FC:79FCFE:A6026F:6711E601
content-length: 0
date: Fri, 18 Oct 2024 04:36:38 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
server: GitHub.com
x-frame-options: deny

GET
H2 200 web-sdk.js Show response
dev.zopim.com/web-sdk/latest/ 122 KB
38 KB 132ms
34ms Script
application/javascript 104.17.99.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.zopim.com/web-sdk/latest/web-sdk.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.99.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03c5d2faf14c9e50cdfa9c7b87fca210f317dc2cc170c6c2895de45dfc2d4764

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5ea149af-1e68c"
age: 4877
cf-ray: 8d45d529ac7e36c8-YYZ
expires: Fri, 18 Oct 2024 08:37:21 GMT
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 23 Apr 2020 07:54:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
431 B 38ms
38ms Script
application/javascript 18.164.116.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbw/new/202410161423&cb=1729226241434
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-77.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
etag: "7bc0ee636b3b83484fc3b9348863bd22"
age: 151
x-cache: Hit from cloudfront
x-amz-cf-id: DtZH5bsVESWL0KqooigsGG_olPlMv1l33JLK9qbldvgcI94jXcCHKw==
date: Fri, 18 Oct 2024 04:34:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
cache-control: max-age=300
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2
x-amz-cf-pop: JFK50-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 / Show response
bbwi.attn.tv/d/ 5 B
271 B 246ms
110ms Fetch
application/json 172.64.144.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbwi.attn.tv/d/?attn_vid=196b500d7cdc4c39b07b1a470ad32a7a
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_302cdc2011
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.121 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 4
cf-ray: 8d45d52a18d2ac76-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/json
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: cloudflare

POST
H3 200 e
events.attentivemobile.com/ 0
0 173ms
50ms Ping
text/plain 172.64.148.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events.attentivemobile.com/e?v=4.37.33_7859b1ee84&pd=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&u=196b500d7cdc4c39b07b1a470ad32a7a&c=bbwi&ceid=Rsv&lt=1729226241451&tag=modern&cs=3664592866&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1729226241468&evs=%5B%7B%22vendor%22%3A9%2C%22id%22%3A%22abiaVfgEqzik0qmOSclVk9LbmC%22%7D%5D
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_302cdc2011
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.148.35 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

GET
H2 200 Rsv.js Show response
cdn.attn.tv/growth-tag-assets/client-configs/ 0
382 B 70ms
70ms Script
text/javascript 13.225.63.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/growth-tag-assets/client-configs/Rsv.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-126.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-encoding
x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 2292
via: 1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Error from cloudfront
content-length: 0
x-amz-cf-id: qLerYB6k3P0mnZaOFwZ1nxQvj-2-kbTlPrRdghpf9FUhwKrgf_Aaag==
date: Fri, 18 Oct 2024 03:59:11 GMT
content-type: text/javascript
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
vary: Accept-Encoding

POST
H3 204 unrenderedCreative
bbwi.attn.tv/ 0
0 161ms
119ms Fetch 172.64.144.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bbwi.attn.tv/unrenderedCreative?v=4.37.33&r=&id=196b500d7cdc4c39b07b1a470ad32a7a&pv=1&l=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&w=1600&h=1200&ss_ref=ORGANIC&f=2
Requested by: Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_302cdc2011
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.144.121 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 14
cf-ray: 8d45d52a18d0ac76-YYZ
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 04:37:21 GMT
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: cloudflare

GET
H2 200 01929dea74880031472e1d0f307e05065003005d00b08 Show response
visitor-service-us-east-1.tealiumiq.com/bbw/main/ 27 B
240 B 158ms
42ms Script
application/javascript 52.71.188.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-us-east-1.tealiumiq.com/bbw/main/01929dea74880031472e1d0f307e05065003005d00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1729226241620

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.71.188.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-188-88.compute-1.amazonaws.com

Software

Resource Hash

e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

x-nodeid: i-0075323ea6c16ced1
strict-transport-security: max-age=31536000; includeSubdomains
x-version: 0aad5464491e65a810989564a13cc52c019301a9-SNAPSHOT
content-length: 27
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/javascript; charset=utf-8
x-region: us-east-1

OPTIONS
H2 200 connect
cloud.zineone.com/c3/api/v1/ Frame 0
0 591ms
96ms Preflight 34.210.204.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.zineone.com/c3/api/v1/connect

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.204.137 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-204-137.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: apikey
Access-Control-Request-Method: POST
Origin: https://www.bathandbodyworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: apikey, accesstoken
access-control-allow-origin: *
allow: GET, HEAD, POST, TRACE, OPTIONS
cache-control: no-store
content-length: 0
content-security-policy: default-src 'self';
date: Fri, 18 Oct 2024 04:37:22 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 connect Show response
cloud.zineone.com/c3/api/v1/ 59 KB
60 KB 210ms
208ms XHR
text/plain 34.210.204.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.zineone.com/c3/api/v1/connect

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.204.137 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-204-137.us-west-2.compute.amazonaws.com

Software

Resource Hash

ae0ae3cedee1ea4767e07eb9ca0e45e5aacc70f5eb7a0b3565fe3401e7e93e77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bathandbodyworks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
apikey: cloud@d6dbca8d-a028-45a6-a58d-f7fe45533aaeZ15316533866845070716

Response headers

access-control-allow-headers: apikey, accesstoken
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';
cache-control: no-store
pragma: no-cache
x-content-type-options: nosniff
access-control-allow-origin: *
date: Fri, 18 Oct 2024 04:37:22 GMT
x-xss-protection: 1; mode=block
content-type: text/plain;charset=utf-8
x-frame-options: DENY

GET
H2 200 track.gif
mi.bathandbodyworks.com/p/cp/-1/ 42 B
444 B 171ms
170ms Image
image/gif 13.226.34.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mi.bathandbodyworks.com/p/cp/-1/track.gif?t=1729226241749&mi_u=anon-1729226241744-6878208453&mi_cid=6906&page_title=Loyalty%20Rewards%20%7C%20Bath%20%26%20Body%20Works&timezone_offset=420&event_type=pageview&cdate=1729226241744&anon=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-2.ewr53.r.cloudfront.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

access-control-expose-headers: X-Error
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
pragma: no-cache
via: 1.1 aa7679f2d01b23d9a66bfa6e92991b04.cloudfront.net (CloudFront)
access-control-allow-origin: https://app.movableink.com
x-cache: Miss from cloudfront
content-length: 42
x-amz-cf-id: d1P3V4YkbBCDS1lRm-IObHT9fD4qMMI6fgEAN2biorg7VcqxEu4iHA==
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: image/gif
x-uuid: 2c139a96-1cb0-400b-a597-b5a0298b5c00
x-amz-cf-pop: EWR53-C2

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16654458344/ 5 KB
2 KB 156ms
57ms Script
text/javascript 209.85.144.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16654458344/?random=1729226241769&cv=11&fst=1729226241769&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836705&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&hn=www.googleadservices.com&frm=0&tiba=Loyalty%20Rewards%20%7C%20Bath%20%26%20Body%20Works&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=150753589.1729226242&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.156 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f156.1e100.net

Software

cafe /

Resource Hash

603bb81e8f0710943450f4ceabb0169a376b576a09678cafa05543bad882f089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2359
date: Fri, 18 Oct 2024 04:37:21 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16654458344
td.doubleclick.net/td/rul/ Frame F342 0
0 409ms
58ms Document
text/html 74.125.192.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16654458344?random=1729226241769&cv=11&fst=1729226241769&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836705&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&hn=www.googleadservices.com&frm=0&tiba=Loyalty%20Rewards%20%7C%20Bath%20%26%20Body%20Works&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=150753589.1729226242&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.192.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bathandbodyworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Oct 2024 04:37:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 id Show response
dpm.demdex.net/ 365 B
918 B 213ms
57ms XHR
application/json 44.198.30.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=20037F735F3103A10A495CE9%40AdobeOrg&d_nsid=0&d_mid=22950394212916367332717757260971159103&ts=1729226241802

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.198.30.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-198-30-96.compute-1.amazonaws.com

Software

Resource Hash

a5642ee56ccb2f9f62f86cad354f455dbb6abfc1ba5ca28df7df38aba13b40fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.bathandbodyworks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-2-v066-073544a7c.edge-va6.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: RgThQyltTz4=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 308
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/json;charset=utf-8
vary: Origin

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 33 KB
12 KB 41ms
41ms Script
application/x-javascript 23.220.124.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement.min.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.124.232 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-124-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "85722a02b6a7feb74d08ac7875516bee:1642630706.903013"
expires: Fri, 18 Oct 2024 05:37:21 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 12243
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/x-javascript
last-modified: Wed, 19 Jan 2022 22:18:26 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 3 KB
2 KB 43ms
43ms Script
application/x-javascript 23.220.124.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.124.232 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-124-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "9355415074dbdbd216a19b61ce931ab2:1642630707.219535"
expires: Fri, 18 Oct 2024 05:37:21 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 1599
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/x-javascript
last-modified: Wed, 19 Jan 2022 22:18:27 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H/1.1 200
OK 841904837-0 Show response
f.monetate.net/trk/4/s/a-07003273/p/bathandbodyworks.com/ 460 B
638 B 227ms
54ms Script
application/x-javascript 54.161.222.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://f.monetate.net/trk/4/s/a-07003273/p/bathandbodyworks.com/841904837-0?mr=t1630594553&mi=%272.677068836.1729226241842%27&cs=!t&e=!(viewPage,gt)&pt=Account&r=%27%27&sw=1600&sh=1200&sc=24&j=!f&u=%27https://www.bathandbodyworks.com/loyalty-rewards%27&fl=!f&hvc=!t&eoq=!t
Requested by: Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.161.222.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-222-185.compute-1.amazonaws.com
Software: Monetate /
Resource Hash: 50d7d9ddf38998f12319b73c44300963ac03ced104e14f8c7830124873388266

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Timing-Allow-Origin: *
Content-Encoding: gzip
Pragma: no-cache
Expires: Thu, 19 Oct 2023 04:37:22 GMT
Server-Timing: total;dur=6.7
Content-Length: 269
Date: Fri, 18 Oct 2024 04:37:22 GMT
Content-Type: application/x-javascript; charset=utf-8
Vary: Accept-Encoding
Server: Monetate

POST
H2 200 delivery Show response
bathandbody.tt.omtrdc.net/rest/v1/ 603 B
1002 B 278ms
61ms XHR
application/json 63.140.39.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bathandbody.tt.omtrdc.net/rest/v1/delivery?client=bathandbody&sessionId=a3f3150c2f11420eaef4f6b1cae947d4&version=2.10.0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.82 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-82.data.adobedc.net

Software

jag /

Resource Hash

7fa7de891fb4ae28cb365f5f6386a2cd5683cf9812c78be21f494227011a621d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.bathandbodyworks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 68759e92-1dbe-4d71-936a-5633c49ce581
cache-control: no-cache, no-store, max-age=0, no-transform, private
timing-allow-origin: *
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
access-control-allow-origin: https://www.bathandbodyworks.com
date: Fri, 18 Oct 2024 04:37:22 GMT
x-xss-protection: 1; mode=block
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
server: jag

POST
H3 200 collector Show response
collector-pxlsxlyya5.px-cloud.net/api/v2/ 32 B
49 B 94ms
93ms XHR
application/json 34.120.53.196
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxlsxlyya5.px-cloud.net/api/v2/collector
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.53.196 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 196.53.120.34.bc.googleusercontent.com
Software: /
Resource Hash: da6268d3e4ffd8edd34230feca29fa5a83e1562bd9cf623c05737ec3eea36871

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.bathandbodyworks.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.bathandbodyworks.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
date: Fri, 18 Oct 2024 04:37:21 GMT
content-type: application/json; charset=utf-8

GET
H3 200 /
www.google.com/pagead/1p-user-list/16654458344/ 42 B
64 B 59ms
59ms Image
image/gif 173.194.175.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16654458344/?random=1729226241769&cv=11&fst=1729224000000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836705&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&hn=www.googleadservices.com&frm=0&tiba=Loyalty%20Rewards%20%7C%20Bath%20%26%20Body%20Works&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=150753589.1729226242&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf2TQN8OkKl1qDeo8zZ8VmJFOCSFERqg&random=3057368851&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 18 Oct 2024 04:37:21 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/16654458344/ 42 B
64 B 129ms
74ms Image
image/gif 172.217.222.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/16654458344/?random=1729226241769&cv=11&fst=1729224000000&bg=ffffff&guid=ON&async=1&gtm=45be4ah0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101686685~101823847~101836705&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&hn=www.googleadservices.com&frm=0&tiba=Loyalty%20Rewards%20%7C%20Bath%20%26%20Body%20Works&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=150753589.1729226242&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf2TQN8OkKl1qDeo8zZ8VmJFOCSFERqg&random=3057368851&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 18 Oct 2024 04:37:22 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 dest5.html
bathandbody.demdex.net/ Frame 1005 0
0 185ms
42ms Document
text/html 18.206.129.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bathandbody.demdex.net/dest5.html?d_nsid=0

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.206.129.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-206-129-203.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bathandbodyworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 18 Oct 2024 04:37:22 GMT
dcs: dcs-prod-va6-1-v066-0fe3f4afb.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 16 Oct 2024 08:54:08 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: HUKQTaZSR+k=

GET
H2

200

ibs:dpid=411&dpuuid=ZxHmAgAAALkYYwOF
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=13045020657298498292915080557121552423
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxHmAgAAALkYYwOF

42 B
713 B

47ms
46ms

Image
image/gif

44.198.30.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxHmAgAAALkYYwOF

Protocol

Server

44.198.30.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-198-30-96.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-1-v066-08cb32604.edge-va6.demdex.com 3 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: 2xco/r7QQ9A=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Fri, 18 Oct 2024 04:37:22 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZxHmAgAAALkYYwOF
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Fri, 18 Oct 2024 04:37:22 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

GET
H2 200 s35382684722408
aa.bathandbodyworks.com/b/ss/bathandbodyprod/1/JS-2.22.4-LEWM/ 43 B
372 B 239ms
51ms Image
image/gif 63.140.39.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aa.bathandbodyworks.com/b/ss/bathandbodyprod/1/JS-2.22.4-LEWM/s35382684722408?AQB=1&ndh=1&pf=1&t=17%2F9%2F2024%2021%3A37%3A22%204%20420&sdid=588181B04E429A5C-2F578AE83820371A&mid=22950394212916367332717757260971159103&aamlh=7&ce=UTF-8&cl=SESSION&pageName=D%3Dv7&g=D%3Dv9&c.&apl=4.0&inList=3.0&getQueryParam=4.0&pt=3.0&getTimeParting=6.3&.c&cc=USD&ch=D%3Dv8&server=www.bathandbodyworks.com&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&v1=N&v2=22950394212916367332717757260971159103&v3=false&v4=y&v7=rewards&v8=rewards&v9=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&v13=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&c14=rewards&c15=D%3Dv9&v20=1600x1200&v27=149.88.16.235&v44=new&v110=Test_platinum_shop%3Btest_sessionAI&v111=DC_1011_Shoppable_Content%3BSession%20AI%20A%2FB%20testing%20BBWDP%3A9510&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=20037F735F3103A10A495CE9%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-248.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3713485079664820224-4618534085821303108
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 04:37:22 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 18 Oct 2024 04:37:22 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Oct 2024 04:37:22 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 3a9998aab54d875823355a15b5115573570dbe51c11d75951e6a63c2d673190c Show response
endpoint-foundever.cognigy.cloud/ 4 KB
4 KB 788ms
237ms Fetch
application/json 3.74.118.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://endpoint-foundever.cognigy.cloud/3a9998aab54d875823355a15b5115573570dbe51c11d75951e6a63c2d673190c

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.74.118.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-118-225.eu-central-1.compute.amazonaws.com

Software

Resource Hash

fbee735812ba475b226442afb482c07def0a64f5ac390fc77a9f8a4b829cba9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
x-dns-prefetch-control: off
x-content-type-options: nosniff
x-download-options: noopen
x-cognigy-trace-id: endpoint-httpIncomingMessage-99c85f2e-142c-4348-8d13-c705971d7b0e
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 3669
date: Fri, 18 Oct 2024 04:37:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 c6aa4944-5724-4447-9874-a0c812d5f143
cloud.zineone.com/c3/api/v1/connectwebsocket/ Frame 0
0 96ms
95ms Preflight 34.210.204.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.zineone.com/c3/api/v1/connectwebsocket/c6aa4944-5724-4447-9874-a0c812d5f143

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.204.137 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-204-137.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: apikey
Access-Control-Request-Method: GET
Origin: https://www.bathandbodyworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: apikey, accesstoken
access-control-allow-origin: *
allow: GET, HEAD, POST, TRACE, OPTIONS
cache-control: no-store
content-length: 0
content-security-policy: default-src 'self';
date: Fri, 18 Oct 2024 04:37:22 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 c6aa4944-5724-4447-9874-a0c812d5f143 Show response
cloud.zineone.com/c3/api/v1/connectwebsocket/ 31 B
1 KB 112ms
111ms XHR
text/plain 34.210.204.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.zineone.com/c3/api/v1/connectwebsocket/c6aa4944-5724-4447-9874-a0c812d5f143

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.204.137 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-204-137.us-west-2.compute.amazonaws.com

Software

Resource Hash

c36ec7371f6bf1d0826e486311181413031e21325f1e6a3795c45b3bd9d3837b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bathandbodyworks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
apikey: cloud@d6dbca8d-a028-45a6-a58d-f7fe45533aaeZ15316533866845070716

Response headers

access-control-allow-headers: apikey, accesstoken
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';
cache-control: no-store
pragma: no-cache
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 31
date: Fri, 18 Oct 2024 04:37:22 GMT
x-xss-protection: 1; mode=block
content-type: text/plain;charset=utf-8
x-frame-options: DENY

GET
H2 200 s38863285791734
aa.bathandbodyworks.com/b/ss/bathandbodyprod/1/JS-2.22.4-LEWM/ 43 B
121 B 49ms
48ms Image
image/gif 63.140.39.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aa.bathandbodyworks.com/b/ss/bathandbodyprod/1/JS-2.22.4-LEWM/s38863285791734?AQB=1&ndh=1&pf=1&t=17%2F9%2F2024%2021%3A37%3A22%204%20420&mid=22950394212916367332717757260971159103&aamlh=7&ce=UTF-8&cl=SESSION&pageName=D%3Dv7&g=D%3Dv9&cc=USD&events=event85&v1=N&v2=22950394212916367332717757260971159103&v7=rewards&v8=rewards&c14=rewards&v21=en&pe=lnk_o&pev2=Direct%20Call%20-%20Canada%20Intercept&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=20037F735F3103A10A495CE9%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.39.248 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-39-248.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3713485078757310464-4618588666152656427
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 04:37:22 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Fri, 18 Oct 2024 04:37:22 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 19 Oct 2024 04:37:22 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

POST
H2 200 bbw Show response
ingest.quantummetric.com/horizon/ Frame F911 90 B
254 B 171ms
66ms Fetch
application/json 35.239.153.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ingest.quantummetric.com/horizon/bbw?T=B&u=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&t=1729226241909&v=1729226242783&S=0&N=0&P=0&z=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.239.153.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.153.239.35.bc.googleusercontent.com

Software

Resource Hash

26dc5539e2690cf0f2c53173aa9c6611ffdc9cceb25b6fa1e7e5e3201a543049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 90
date: Fri, 18 Oct 2024 04:37:22 GMT
content-type: application/json
access-control-allow-credentials: true

POST
H2 200 bbw
ingest.quantummetric.com/horizon/ Frame F911 0
0 142ms
135ms Fetch
application/json 35.239.153.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ingest.quantummetric.com/horizon/bbw?T=B&u=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&t=1729226241909&v=1729226242961&H=02e61167b7acdd70d393f8cd&s=243e1ae57d6327dbac9bb23072b1c3a1&Q=1&Y=1&X=f2571f97c7064d01fdec92b7f80b886d&z=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.239.153.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.153.239.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 0
date: Fri, 18 Oct 2024 04:37:23 GMT
content-type: application/json
access-control-allow-credentials: true

POST
H2 200 bbw
ingest.quantummetric.com/horizon/ Frame F911 0
0 117ms
117ms Fetch
application/json 35.239.153.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ingest.quantummetric.com/horizon/bbw?T=B&u=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&t=1729226241909&v=1729226242976&H=02e61167b7acdd70d393f8cd&s=243e1ae57d6327dbac9bb23072b1c3a1&U=7bb0f5f2da6539e036359c8d7e9a7298&Q=2&S=0&N=0&z=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.239.153.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.153.239.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 0
date: Fri, 18 Oct 2024 04:37:23 GMT
content-type: application/json
access-control-allow-credentials: true

POST
H2 200 bbw
ingest.quantummetric.com/horizon/ Frame F911 0
0 127ms
77ms Fetch
application/json 35.239.153.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ingest.quantummetric.com/horizon/bbw?T=B&u=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&t=1729226241909&v=1729226243112&H=02e61167b7acdd70d393f8cd&s=243e1ae57d6327dbac9bb23072b1c3a1&S=2112&N=12&P=1&z=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.239.153.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.153.239.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 0
date: Fri, 18 Oct 2024 04:37:23 GMT
content-type: application/json
access-control-allow-credentials: true

OPTIONS
H2 200 originId
cloud.zineone.com/c3/api/v1/ Frame 0
0 96ms
95ms Preflight 34.210.204.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.zineone.com/c3/api/v1/originId?originId=47697122-7a41-4061-ea89-b582beaece83&profileId=bfe75181-bbad-4d85-88d5-aad5f4ead878

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.204.137 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-204-137.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: apikey
Access-Control-Request-Method: POST
Origin: https://www.bathandbodyworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: apikey, accesstoken
access-control-allow-origin: *
allow: GET, HEAD, POST, TRACE, OPTIONS
cache-control: no-store
content-length: 0
content-security-policy: default-src 'self';
date: Fri, 18 Oct 2024 04:37:23 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 originId Show response
cloud.zineone.com/c3/api/v1/ 0
1 KB 225ms
223ms XHR
text/plain 34.210.204.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.zineone.com/c3/api/v1/originId?originId=47697122-7a41-4061-ea89-b582beaece83&profileId=bfe75181-bbad-4d85-88d5-aad5f4ead878

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.204.137 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-204-137.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bathandbodyworks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
apikey: cloud@d6dbca8d-a028-45a6-a58d-f7fe45533aaeZ15316533866845070716

Response headers

access-control-allow-headers: apikey, accesstoken
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';
cache-control: no-store
pragma: no-cache
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 0
date: Fri, 18 Oct 2024 04:37:23 GMT
x-xss-protection: 1; mode=block
content-type: text/plain;charset=utf-8
x-frame-options: DENY

OPTIONS
H2 200 event
cloud.zineone.com/c3/api/v1/ Frame 0
0 96ms
95ms Preflight 34.210.204.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.zineone.com/c3/api/v1/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.204.137 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-204-137.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: apikey
Access-Control-Request-Method: POST
Origin: https://www.bathandbodyworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: apikey, accesstoken
access-control-allow-origin: *
allow: GET, HEAD, POST, TRACE, OPTIONS
cache-control: no-store
content-length: 0
content-security-policy: default-src 'self';
date: Fri, 18 Oct 2024 04:37:23 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 event Show response
cloud.zineone.com/c3/api/v1/ 0
1 KB 98ms
98ms XHR
text/plain 34.210.204.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.zineone.com/c3/api/v1/event

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.210.204.137 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-210-204-137.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bathandbodyworks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
apikey: cloud@d6dbca8d-a028-45a6-a58d-f7fe45533aaeZ15316533866845070716

Response headers

access-control-allow-headers: apikey, accesstoken
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';
cache-control: no-store
pragma: no-cache
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 0
date: Fri, 18 Oct 2024 04:37:23 GMT
x-xss-protection: 1; mode=block
content-type: text/plain;charset=utf-8
x-frame-options: DENY

POST
H3 200 collector Show response
collector-pxlsxlyya5.px-cloud.net/api/v2/ 32 B
49 B 109ms
107ms XHR
application/json 34.120.53.196
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxlsxlyya5.px-cloud.net/api/v2/collector
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.53.196 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 196.53.120.34.bc.googleusercontent.com
Software: /
Resource Hash: da6268d3e4ffd8edd34230feca29fa5a83e1562bd9cf623c05737ec3eea36871

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.bathandbodyworks.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.bathandbodyworks.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
date: Fri, 18 Oct 2024 04:37:22 GMT
content-type: application/json; charset=utf-8

POST
H2 200 hash-check Show response
rl.quantummetric.com/bbw/ Frame F911 2 B
233 B 47ms
45ms Fetch
text/plain 34.66.3.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/bbw/hash-check

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.3.66.34.bc.googleusercontent.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 2
date: Fri, 18 Oct 2024 04:37:24 GMT
content-type: text/plain; charset=utf-8
vary: Origin

OPTIONS
H2 204 hash-check
rl.quantummetric.com/bbw/ Frame 0
0 187ms
43ms Preflight 34.66.3.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/bbw/hash-check

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.3.66.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.bathandbodyworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: *
access-control-allow-origin: https://www.bathandbodyworks.com
date: Fri, 18 Oct 2024 04:37:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H3 200 collector Show response
collector-pxlsxlyya5.px-cloud.net/api/v2/ 32 B
49 B 143ms
142ms XHR
application/json 34.120.53.196
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxlsxlyya5.px-cloud.net/api/v2/collector
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.53.196 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 196.53.120.34.bc.googleusercontent.com
Software: /
Resource Hash: da6268d3e4ffd8edd34230feca29fa5a83e1562bd9cf623c05737ec3eea36871

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.bathandbodyworks.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.bathandbodyworks.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
date: Fri, 18 Oct 2024 04:37:23 GMT
content-type: application/json; charset=utf-8

GET
H2 200 common.js Show response
maps.google.com/maps-api-v3/api/js/57/13/ 294 KB
64 KB 43ms
42ms Script
text/javascript 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/57/13/common.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

sffe /

Resource Hash

22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-encoding: br
age: 124446
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 18:03:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 18:03:18 GMT
last-modified: Tue, 06 Aug 2024 18:37:13 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 65163
x-xss-protection: 0
server: sffe

GET
H2 200 util.js Show response
maps.google.com/maps-api-v3/api/js/57/13/ 180 KB
55 KB 70ms
70ms Script
text/javascript 142.251.163.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/57/13/util.js

Requested by

Host: rapid-cdn.yottaa.com
URL: https://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f139.1e100.net

Software

sffe /

Resource Hash

fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.bathandbodyworks.com/

Response headers

content-encoding: br
age: 108966
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 22:21:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 22:21:18 GMT
last-modified: Tue, 06 Aug 2024 18:37:13 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56099
x-xss-protection: 0
server: sffe

POST
H3 200 collector Show response
collector-pxlsxlyya5.px-cloud.net/api/v2/ 32 B
49 B 106ms
104ms XHR
application/json 34.120.53.196
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxlsxlyya5.px-cloud.net/api/v2/collector
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.53.196 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 196.53.120.34.bc.googleusercontent.com
Software: /
Resource Hash: da6268d3e4ffd8edd34230feca29fa5a83e1562bd9cf623c05737ec3eea36871

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.bathandbodyworks.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.bathandbodyworks.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
date: Fri, 18 Oct 2024 04:37:24 GMT
content-type: application/json; charset=utf-8

POST
H3 200 collector Show response
collector-pxlsxlyya5.px-cloud.net/api/v2/ 32 B
49 B 103ms
102ms XHR
application/json 34.120.53.196
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxlsxlyya5.px-cloud.net/api/v2/collector
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.53.196 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 196.53.120.34.bc.googleusercontent.com
Software: /
Resource Hash: da6268d3e4ffd8edd34230feca29fa5a83e1562bd9cf623c05737ec3eea36871

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.bathandbodyworks.com/

Response headers

timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
via: 1.1 google
access-control-allow-origin: https://www.bathandbodyworks.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
date: Fri, 18 Oct 2024 04:37:25 GMT
content-type: application/json; charset=utf-8

POST
H2 200 bbw
ingest.quantummetric.com/horizon/ Frame F911 0
0 69ms
66ms Fetch
application/json 35.239.153.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ingest.quantummetric.com/horizon/bbw?T=B&u=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&t=1729226241909&v=1729226247784&H=02e61167b7acdd70d393f8cd&s=243e1ae57d6327dbac9bb23072b1c3a1&S=118874&N=28&P=2&z=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.239.153.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.153.239.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 0
date: Fri, 18 Oct 2024 04:37:27 GMT
content-type: application/json
access-control-allow-credentials: true

POST
H2 200 bbw
ingest.quantummetric.com/horizon/ Frame F911 0
0 65ms
64ms Fetch
application/json 35.239.153.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ingest.quantummetric.com/horizon/bbw?T=B&u=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&t=1729226241909&v=1729226247857&H=02e61167b7acdd70d393f8cd&s=243e1ae57d6327dbac9bb23072b1c3a1&Q=2&S=906&N=1&z=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-bbw.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.239.153.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.153.239.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.bathandbodyworks.com
content-length: 0
date: Fri, 18 Oct 2024 04:37:27 GMT
content-type: application/json
access-control-allow-credentials: true

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mybbwapp.io/	1970-01-21 09:06:02	Name: _s Value: i9YAvhOMXHhKF9uu8Vz8srM41Jf37cCS%2F252tZJwXMc%2BqVCt4WbquX1qwKu1Hbd1
www.bathandbodyworks.com/	1969-12-31 23:59:59	Name: sid Value: Z5Zi7why5MVxd5OknFR6nGNdFDOdfRCwQj8
www.bathandbodyworks.com/	1970-01-21 00:20:26	Name: AMCV_20037F735F3103A10A495CE9%40AdobeOrg Value: MCMID\|22950394212916367332717757260971159103
www.bathandbodyworks.com/	1970-01-21 01:03:38	Name: BopisStoreIdCookie Value: BBW02251
www.bathandbodyworks.com/	1970-01-21 01:03:38	Name: BopisStoreNameCookie Value: "FASHION OUTLETS OF NIAGARA FALLS"
www.bathandbodyworks.com/	1970-01-21 04:39:38	Name: dwanonymous_3ca1c1eaa8cb6f7cdb78c17b8163592f Value: abiaVfgEqzik0qmOSclVk9LbmC
www.bathandbodyworks.com/	1969-12-31 23:59:59	Name: dwsid Value: NB37heE3uUrFEoZl65-6lTDWjVl0OE0_9lroXpEsU7lWh8GqUHjvBKbhamtZ6LKhc8cSNO0qsOq2-dw1V8dopw==
www.bathandbodyworks.com/	1970-01-21 09:06:02	Name: _pxhd Value: 4TxaQsJu-2OZN0LekMi2gHAmIqyRlbpc6jbHU74iawTvEyWFoBxAMRz3sD7mWYo9ExYQmhvicnFMyA-fsbxy6Q==:KUQvxGkqiFMB9SSDVopOOap7QpDaf7zCkC2XW/qVVAbNGrQ2xlMImYmAh1cIZfspcZyA8IZ5Ub709QpPqEzgMH6-pIJrBqb3lj/voGxhuE0=
www.bathandbodyworks.com/	1969-12-31 23:59:59	Name: dw Value: 1
.bathandbodyworks.com/	1969-12-31 23:59:59	Name: pxcts Value: a94c714d-8d0a-11ef-82d7-c8cd213f60ba
.bathandbodyworks.com/	1970-01-21 09:06:02	Name: _pxvid Value: a8620e10-8d0a-11ef-ab2b-44f35f40e79b
.bathandbodyworks.com/	1970-01-21 09:06:02	Name: CONSENTMGR Value: consent:true%7Cts:1729226240306
.bathandbodyworks.com/	1970-01-21 09:07:28	Name: __pxvid Value: a9727fc5-8d0a-11ef-8298-0242ac120003
.bathandbodyworks.com/	1970-01-21 01:03:38	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Oct+17+2024+21%3A37%3A21+GMT-0700+(Pacific+Daylight+Time)&version=202409.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=a3d8ebce-8e98-4763-9d58-834e580e7d83&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.bathandbodyworks.com%2Floyalty-rewards&groups=C0001%3A1%2CC0017%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
.bathandbodyworks.com/	1970-01-21 00:20:26	Name: _px2 Value: eyJ1IjoiYTkyZjhkNzAtOGQwYS0xMWVmLWFjOGUtMGY5YWVhODZlMGMxIiwidiI6ImE4NjIwZTEwLThkMGEtMTFlZi1hYjJiLTQ0ZjM1ZjQwZTc5YiIsInQiOjE3MjkyMjY1NDExMDksImgiOiJkOWE0MjRkMzgzZTk2ZWJjYTk5MTU4YmM5OTI0NWNmMDcxMjg1ZTBhOTQwMjM0NmE0NDQ3OWQ2NGQ0MmE3MzFiIn0=
.bathandbodyworks.com/	1970-01-21 09:56:26	Name: fbp_id Value: fb.1.1729226241364.0161985162461631
www.bathandbodyworks.com/	1969-12-31 23:59:59	Name: __cq_dnt Value: 1
www.bathandbodyworks.com/	1969-12-31 23:59:59	Name: dw_dnt Value: 1
.cquotient.com/	1970-01-21 09:49:14	Name: uuid Value: abiaVfgEqzik0qmOSclVk9LbmC
.bathandbodyworks.com/	1970-01-21 09:49:14	Name: __cq_uuid Value: abiaVfgEqzik0qmOSclVk9LbmC
.bathandbodyworks.com/	1970-01-21 01:03:38	Name: __cq_seg Value: 0~0.00!1~0.00!2~0.00!3~0.00!4~0.00!5~0.00!6~0.00!7~0.00!8~0.00!9~0.00
.bathandbodyworks.com/	1970-01-21 09:56:26	Name: __attentive_id Value: 196b500d7cdc4c39b07b1a470ad32a7a
.bathandbodyworks.com/	1970-01-21 09:56:26	Name: _attn_ Value: eyJ1Ijoie1wiY29cIjoxNzI5MjI2MjQxNDU5LFwidW9cIjoxNzI5MjI2MjQxNDU5LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjE5NmI1MDBkN2NkYzRjMzliMDdiMWE0NzBhZDMyYTdhXCJ9In0=
www.bathandbodyworks.com/	1970-01-21 09:56:26	Name: __attentive_cco Value: 1729226241462
.bathandbodyworks.com/	1970-01-21 00:20:28	Name: __attentive_pv Value: 1
.bathandbodyworks.com/	1970-01-21 00:20:28	Name: __attentive_ss_referrer Value: ORGANIC
.tealiumiq.com/	1970-01-21 09:06:02	Name: TAPID Value: bbw/main>01929dea74880031472e1d0f307e05065003005d00b08\|
.bathandbodyworks.com/	1970-01-21 09:06:02	Name: utag_main Value: v_id:01929dea74880031472e1d0f307e05065003005d00b08$_sn:1$_se:1$_ss:1$_st:1729228041160$ses_id:1729226241160%3Bexp-session$_pn:1%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$dc_region:us-east-1%3Bexp-session
www.bathandbodyworks.com/	1970-01-21 09:06:02	Name: _mibhv Value: anon-1729226241744-6878208453_6906
.bathandbodyworks.com/	1970-01-21 02:30:02	Name: _gcl_au Value: 1.1.150753589.1729226242
.bathandbodyworks.com/	1970-01-21 09:56:26	Name: mt.v Value: 2.677068836.1729226241842
.bathandbodyworks.com/	1970-01-21 00:21:52	Name: __attentive_dv Value: 1
.bathandbodyworks.com/	1969-12-31 23:59:59	Name: at_check Value: true
.doubleclick.net/	1970-01-21 00:20:27	Name: test_cookie Value: CheckForPermission
.demdex.net/	1970-01-21 04:39:38	Name: demdex Value: 13045020657298498292915080557121552423
.bathandbodyworks.com/	1969-12-31 23:59:59	Name: AMCVS_20037F735F3103A10A495CE9%40AdobeOrg Value: 1
.bathandbodyworks.com/	1970-01-21 09:56:26	Name: mbox Value: session#a3f3150c2f11420eaef4f6b1cae947d4#1729228103\|PC#a3f3150c2f11420eaef4f6b1cae947d4.34_0#1792471043
www.bathandbodyworks.com/	1969-12-31 23:59:59	Name: userinfo Value: repeat%20hit
www.bathandbodyworks.com/	1969-12-31 23:59:59	Name: previousPageURL Value: https://www.bathandbodyworks.com/loyalty-rewards
.bathandbodyworks.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-21 04:39:38	Name: dpm Value: 13045020657298498292915080557121552423
.bathandbodyworks.com/	1970-01-21 09:56:26	Name: AMCV_20037F735F3103A10A495CE9%40AdobeOrg Value: -2121179033%7CMCMID%7C22950394212916367332717757260971159103%7CMCIDTS%7C20015%7CMCAAMLH-1729831042%7C7%7CMCAAMB-1729831042%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCOPTOUT-1729233442s%7CNONE%7CMCSYNCSOP%7C411-20022%7CvVersion%7C5.3.0
.bathandbodyworks.com/	1970-01-21 00:20:28	Name: QuantumMetricSessionID Value: 243e1ae57d6327dbac9bb23072b1c3a1
.bathandbodyworks.com/	1970-01-21 09:06:02	Name: QuantumMetricUserID Value: 7bb0f5f2da6539e036359c8d7e9a7298
cloud.zineone.com/	1970-01-21 00:30:31	Name: AWSALBTGCORS Value: v7I9ujXSON67CXNdt3BAj2uf17aOQ5sVNxMF8sL1++elr+Bx9Y9JvA3K/CuDoSf5KnWvn7s5ecvD8nc/Ah7h3AVhvyrayECg2MMb2+a6n8rtbYdrydlwHAm/NEwrv4ng0NrEB1Jybc4PogHbomxlN3yieQkPkZAoS3M1qEfzYP3rQ1hkg9M=
cloud.zineone.com/	1970-01-21 00:30:31	Name: AWSALBCORS Value: LMCNEmd/hexSBLhz3QPM1bDMgPX7logD6jg6GXpAq9pe0Kvu+/Wc97xG51p2MrYzH7Zv5hEZHU+dfEv8YkqEgsG/nSG1xLiqnRuELN3/3XEmWRhh/c8VRpdb8WUy

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.bathandbodyworks.com
assets.adobedtm.com
b.px-cdn.net
bathandbody.demdex.net
bathandbody.tt.omtrdc.net
bbwi.attn.tv
cdn.attn.tv
cdn.cookielaw.org
cdn.cquotient.com
cdn.quantummetric.com
cdn.zineone.com
cloud.zineone.com
cm.everesttech.net
collect.tealiumiq.com
collector-pxlsxlyya5.px-cloud.net
crcldu.com
dev.zopim.com
dpm.demdex.net
endpoint-foundever.cognigy.cloud
events.attentivemobile.com
f.monetate.net
fonts.googleapis.com
geolocation.onetrust.com
github.com
googleads.g.doubleclick.net
ingest.quantummetric.com
maps.google.com
maps.googleapis.com
mi.bathandbodyworks.com
mybbwapp.io
objects.githubusercontent.com
p.cquotient.com
qoe-1.yottaa.net
rapid-1.yottaa.net
rapid-cdn.yottaa.com
rl.quantummetric.com
se.monetate.net
static.ordergroove.com
stk.px-cloud.net
tags.tiqcdn.com
td.doubleclick.net
use.fontawesome.com
visitor-service-us-east-1.tealiumiq.com
www.bathandbodyworks.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.99.195
104.18.0.150
104.18.11.213
104.18.86.42
104.94.118.174
108.139.29.174
108.139.29.36
13.225.63.126
13.226.34.2
140.82.114.4
142.250.31.97
142.251.163.139
151.101.130.133
151.101.67.52
172.217.197.94
172.217.222.94
172.64.144.121
172.64.148.35
172.64.155.119
172.67.142.245
173.194.175.104
173.194.175.95
173.194.68.95
18.164.116.77
18.206.129.203
185.199.110.133
209.85.144.156
23.220.124.232
23.47.22.7
3.74.118.225
34.107.199.61
34.120.53.196
34.120.92.56
34.210.204.137
34.66.3.160
35.239.153.217
44.198.30.96
50.18.77.146
52.202.176.11
52.21.79.130
52.71.188.88
54.161.222.185
54.191.62.149
63.140.39.248
63.140.39.82
74.125.192.157
99.83.183.198
99.83.184.193
02f7b85d86339fec3fb7d0777596037f60706d9eb3195ac9e3521484d51135e9
03674129f5c1bd6de2bd1fd299d063e2fff4cce966cfacadb5c42e708a0a2203
03c5d2faf14c9e50cdfa9c7b87fca210f317dc2cc170c6c2895de45dfc2d4764
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873
057c0e5a4da887254142ac11ef0a70ff90266bc18d84c81a482421eddfe57dd8
09504dc2050b37bfdd11f0b76d3da87ee29c16e6cedd06b07decce27792d7d10
09dda96dd56458b6578d974fd1fa8bce03fa8c2f60e227d381c05617a545da31
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
0a994dc1f72298f4dcaaf0a3e99c181a9d1598c7fd98e911ea6929ba437796b9
0ca4bec846573e3c520e88f7d43c7794ff30a96ecc28d29f619d84232ea1147d
0e67db4805fc45b386bdedbbe733526afeb5adb550a177f66d13bdd9c3154bc7
0eba165fd2b459702b63269b57dc3f3dabeadb6f7cbf512a772f0d14b7460576
0fac54975325a14b4c035468b44e5e2d73c308d811c69e0b754ed8fcf3032580
142e1db1c695c307aab4a9a63c1894b8afc862500baa48e15b87e727964ae48a
1471739a6a5f72701dde94d022c3ea03fd633fc6cf5ecac678e043c92e8cfbf1
16c6386d43422b2d0e52c071b150cd8d70d07d34ce24102453d69a05e9402238
1a1fe37f48d30170cd955836ee8671e13b7413f10e0b21847949a4f6ace0c042
223945b53510064dd2f32eeabd1c7cb173aade83db577ffe6dece694bb289dba
22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69
2412849a81c3463933d0a224f695a2f7803a3f06f8a4f1b057288f72f393d04a
25bdd9e67ce44b3fbc66abc107bc42c583ca7131603eade4f767c82c1ab43be5
26dc5539e2690cf0f2c53173aa9c6611ffdc9cceb25b6fa1e7e5e3201a543049
27c0c03ef343c2bed6196361a802a31b273fa622d91f01a5513527a95d95d946
2ab82ada2f038f4b45cce3713271d46f3233e27ecfa91d135dd2c6d6a7957893
2ce0822dc2752951296219fbf38e8a336c2aea09115397c4cf5fa292fd69af69
2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228
366be11d36cd718b75dd4ab5d458ab54ffd5e06a9068f52589dd66f471a67755
369ae154eab37b7ada7776b934833183bb053ebd1d0255f70ef8944f65cabb0c
375b712cb2bc6a76fa4455a62ab6462a92d8221287524be152828bbaab7579ad
3d3eb1c114a7cfcc1f524407e4e2e7e6dac97f9c323a1bc74b7627abfae34d11
3e7938fd5c17bb1b600de328beb4372fd16d07ef78ec200436f4b683d465ffa0
3fa28c98e129dd11fec8ba7c39b9ed0e05f42bc4c28eae660c5e09decb69468b
4533d7cd597783cdb170601e2950836bbe1abf16884592806fb23eaa84aff324
4670b50c42d9c6512e13aed334c772b3279aeddd71951889f5c8f587d8ef9c1c
4b18104691a615a849aa62481691db343ba0f4be29c32361afca060990971788
4d4bf810214ff93e96392cc3bce8e980fc677a2c538d56287a3abf83c0600a0f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50d7d9ddf38998f12319b73c44300963ac03ced104e14f8c7830124873388266
50f182f8656a0c2d390a230c456fa7d80648f26cd2a416dff2e670cc25693d24
53b65a1425a35ce88832a27ac2aecc747e15cc8a35bc2b68927d3ed50e5dd24a
5551e6b16ed998e1835c8fd45e5590114586ab4b7865327ae2cdc60f7bef7d41
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577a6af637b1663fa80362c9f9b5fac48c5499d8c019705a65f62327879abbcb
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fe207c63c0fa674adccf29a50d13e737ea96e32dd8e67445484127e63e1f29a
603bb81e8f0710943450f4ceabb0169a376b576a09678cafa05543bad882f089
61293c47c7f385f8a8afac510933f8c25e99db950e8bcf4dc822baf461fd4b02
61721c8ccac413f9c55dede65a99c739ff8bf68c423fdbb918bd80d9bc4c9fa3
633f77a0b7ab44fe76da77ccf64e255cbae5a81f6ef63df9ad0f0d73a3eae64b
666ed777606d78970477efd07030521ab3d003853f3e94a0985e7da4a2c923b7
66f0aa8e9800d58bb49d5324da9f5a3573d393a14b408f149756273f05718efe
685b4f9763e89bb3e54a2f90c589c1b0598f952119232a0074f8f66e500c508b
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a58760a6a66b6056d0935178a3a042cd9d842cad9d1ffa38bb939de3dd1d1ce
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6efbd8ec0b243519334f0aeb6f8608590f2ae211fc7f1ffb7c3876a4b10589f4
70023f63069b2e145d7e7fa0459389d2bc534d276ff3ffeed5f6e370658f98a2
721ace35999fe5d443fbe4311b11f903139cd8fdf1632d1efc2fde48e06df712
732050a6a6b72b7be59e2e281501669c3979591cead01e52fc365ef2dd6a49aa
7987a699ff7c1bfa3f4fceac4baa9f7db3be559bf5cecd42b39f6251ed39d8fd
7ab17d7c830048456601619d3a6422eb5e419b1d0bfef58d8b1c533435d2e054
7c823a60a6f59e635d8eaa9d9b87d33c2c457f23cb2f0b9a90669f12edd6fee5
7d9c9ad349c47e81a545ff3e3bdb0a8df5ebe959da9b52cadd9440d92f7ef359
7e99cc5a31b155e485956043be15754c4e22680934ba07e5b83d6d3752961e5d
7fa7de891fb4ae28cb365f5f6386a2cd5683cf9812c78be21f494227011a621d
80afe80e3a51fae16f5652f8131c557d28cc6c60dd7c8aa7bc43ac6f851ea473
86e295245a570ed55e2436e015d89a091a0355ad81b7ada48db72ce53f08caf8
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88c705305a17067922621b88cb097d2f50434f472877741a20639eb4d342fc5e
8a34e2650adc6c879db57aa4a11822804927f1174ac93fdbff5a75b879833d23
918f6ad98bc4530aa3f47ac2c18770fb02b8734d7033f6759993fb282310d807
92df12fd61057f0910f2ca341a524bd1a66a90b51523d393fb3f5974dc5ca990
93e5062a715eeead8aea9413daddb8918219d84023fd55a3e302857c392ec423
9ababe65ca927b421be2729010feaa88ced1b20778b5f8ab34c39aa9417764fe
9c74e9f8110a040cde8f6f9a8a605f8aab1b5f95cbbe3b1ffe921378c286cd93
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a18c6fff4564db83b1886dbcb3799b76c5fe1bfb17920383e640de1a069ee8b2
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a5642ee56ccb2f9f62f86cad354f455dbb6abfc1ba5ca28df7df38aba13b40fd
a5ae2a61172356dd0090131c57944c7057b73367b34c75fd1fd0bd1998591b10
a64f799b2116f3da8ceabfee50a26fbcbc7950ee4be81780174e738843a03e24
a6a0ef546db01b7277a719f916d50b58b7b0b9f0cf8de6ccd31f907ca3dcba7d
a7d87091d363393cdfb559f44f41e447f70b67917b9dedb3e97c2a8d476e1ea8
a9b2a97b95ecaab1920aba84b26169c23a38e0513c2d4423ab9c0102b96cb195
a9ee3aa47b7484badbf014d9661d42280bd93a6ef48a6ef16d2e9145265eead5
acad6da73c196f8f1ba5a687eb99c1a7bb6149429fe2c9d6ff87d04b5da3d81b
ad32c102130945ea2992849fc47e7d455b83441223b89e9ee721d423441bc9c8
ad929bbe172ee09ee9d897be2e812a553f835284cbbe73be7891b77a5bf2227e
ad9fa4dd0927f94f0e0d88a262951a31e2abc00928f3a7faef3661a22f78e7a0
ae066cabac38e54944c9eb1ddd305181ee43bf2f3bd19033e9db22893d720f29
ae0ae3cedee1ea4767e07eb9ca0e45e5aacc70f5eb7a0b3565fe3401e7e93e77
b0424e19e18520daef3b68fa4d3d99a4a3da6aef379eaa3d652cbfcebfed64c0
b1d8c0e46c1064d4c6e8da01ff267ef14f8323175e2707dd2cc537b69e2f73ec
b2f3613f5566759a959c0cea6a44eabef5db99a5e21c147789c94d318775c2d0
b35ab455f4919d7ed9e21ac5b5842b622ab39dae5a56742563299faef418f872
b4e082da88143ac514c7f34d09031290e965b65139b31978f20989d82275dd44
b6b3557cbc2e419e9370da89389a4c3b943f5e0c53b051c7cd5902dde8dd75d5
b8001db7a6455aade1ad4e56f7aec7c9470766fcac6f50f59aea1b650961611f
bddac624dfa52f684140434101e4615cc3a2cf9fe14fb45bbd69309a111907fb
c084a4f2bccc4893c42cd75570e00a972e659951376b3d07c49ac22bb5c7ab15
c23aa657d186b077e78898406c306f59d9d0cd1c82247ff97f90f33f64560494
c263e4612b3cf54dc5ba91c086e10aa60756fe6cda2cdf2494ed616124452eae
c2a526a3e819baa836015a5dac51f4927d8dc4f8a565ce09ab583c0cea3ef7c9
c36ec7371f6bf1d0826e486311181413031e21325f1e6a3795c45b3bd9d3837b
c4e8ba7a75b42ea780c492692d96b2d74570001e0ef8fc13c583284b2c9ea26e
c5f8fcc96153880f57cb501646dca91ab644f972b43a851e3b087ce4339e5079
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca4a8ac37d52ee0b7e4c09b000bdbeff886e08a725e9d7249e651bedd76dc0cc
cdfa9a147ae8d8357855515bab5291b8c9342eeed9d638b47103c19d9d9aaf36
d0be2d1f0886a7f72a9f955ede7126aff1d577664c55ecc240ac272b326b3206
d0f52eb1626ff3d0a363dd44a42c8b0b1754c69380d47fd48e1d3c903c27f45d
d1aa4f30baa91fec91f86e3ef81014f0e80a70080749cb52ee5e9ee96d7a14de
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4
d557524fc12233b0133d19b5bcf50185084478099a81debe593daa88a7ed0b25
d7aed44055560e921eba8d4eb34f82f4d1c4792f1078184ace3978e68f06749c
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
d8ba6e00e79f5d4ffc5e3f634123c36823648e601c5d6465d27c65e7797d2807
d8fed37e594ed1fb4a87dc58bec1deb3a5fd48026389e20755827cb43d44fca4
d9d8449276da292331260174451895f697e29fee3fb46887b03466260924fa28
da6268d3e4ffd8edd34230feca29fa5a83e1562bd9cf623c05737ec3eea36871
da7e8d58b91c317cde05bf290a7c303f4877f81967ff97b155e9756762d57f11
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
e0acaced3f5686390c4c2ed8d3b447c725660252d1a20a71fdab5110a435c463
e1849c53461c18ad393d74cf01d3b9b3ec98cbab29880c853ab1d04d7dfd75f2
e2afa04c9a3e080712c94d68b9c1d33587fddcbaeaba9dfcaf1d53d19f6a280a
e2d0472665714417a910975af8ec76749b3b3b368a5ed606a4d27c734e3ac584
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ef0238e7060b0c445265b414d6f8481f06591ca8502f2bd0aa2f7d17f7440b
e44a3a582c36208a1c8844e3723b43f47cac2497259a7b9a3b0404329a48cda0
e5e65869b76b93c58e1f99486162ba505c552af489da92ef645ebc5bd3952663
eb08f5fb5439e51fd65763b6850edebfc5ec1d75ac64517863d458f116ae9cda
ed427ca840aaa428a8afed89bc2eb5768d28dc8d6a4e59dec45df050416beba8
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
eec8b61ef9f55b209633b652509dc5a294e8e753480b0e3cdadf7f8d499daa60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2
f144613596e58679556b86c8341fb149d5f85e9f05d6f9b61985ed2d58288cf0
f36e2622b2967951f6833f84358b177ce7f8b4d0201a58b7be9e54c33d56a07d
f43679f3b992b1d232dfed6411d9e0975badcbf23f88166914f7d41877d1d219
f45869e02f1743f1e7cc1f0007f197843e12600cc356a64b8811d56b1e4fdccb
fb178d0a551b045b17f8876b0cedaa4cedfd253c4de00150469b776666226d45
fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506
fbee735812ba475b226442afb482c07def0a64f5ac390fc77a9f8a4b829cba9d
fc61b42136e7d39283c7d01abc5c2cfabc32b95e04b5e900a69b4c2dd5b2470a
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fe138ca7ce10c04a9eb859f6b337c61bd12115d0b61136f4437bf5e80a0eb5df

www.bathandbodyworks.com Open in urlscan Pro 151.101.67.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

98 %HTTPS

0 %IPv6

33 Domains

48 Subdomains

46 IPs

3 Countries

5813 kBTransfer

11669 kBSize

46 Cookies

21 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bathandbodyworks.com Open in urlscan Pro
151.101.67.52 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

98 %
HTTPS

0 %
IPv6

33
Domains

48
Subdomains

46
IPs

3
Countries

5813 kB
Transfer

11669 kB
Size

46
Cookies

182 HTTP transactions
1 data transactions