🦊StackFox
bathandbodyworks.com logo

bathandbodyworks.com

Detected Technologies

Visit Site
AI Policy
Tech
InfraStatus
26 technologies5 categories

bathandbodyworks.com is built on Chakra UI with Fastly and PerimeterX. It ranks #7,847 globally.

Analytics are handled by Cloudflare Browser Insights and Tealium. Infrastructure includes Fastly and Azure DNS.

Tech Stack Highlights

chakra-ui.com logoChakra UIUI frameworksconstructor.io logoConstructor.ioSearch engines
M
Microsoft 365Emailreactrouter.com logoReact RouterJavaScript frameworksreact.dev logoReactJavaScript frameworks

Core Platform1

constructor.io logo
Constructor.io
Search engines
75%
1 evidence signal
JS GlobalConstructorioClient → function

Frameworks & Languages3

chakra-ui.com logo
Chakra UI
UI frameworks
100%
3 evidence signals
HTMLchakra-
css--chakra-
DOMchakra-class
react.dev logo
React
JavaScript frameworks
75%
1 evidence signal
HTMLdata-react
reactrouter.com logo
React Router
JavaScript frameworks
75%
1 evidence signal
JS Global__reactRouterVersion → string

Analytics & Marketing4

M
Microsoft 365
Email
100%
1 evidence signal
dnsMX: bathandbodyworks-com.mail.protection.outlook.com
www.cloudflare.com logo
Cloudflare Browser Insights
Analytics
75%
1 evidence signal
Scripthttps://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
tealium.com logo
Tealium
Tag managers
75%
2 evidence signals
Scripthttps://tags.tiqcdn.com/utag/bbw/new/prod/utag.sync.js
Scripthttps://tags.tiqcdn.com/utag/bbw/new/prod/utag.js
www.yottaa.com logo
Yottaa
Tag managers
75%
1 evidence signal
Scripthttps://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Infrastructure & Security11

F
Fastly
CDN
100%
1 evidence signal
dnsCNAME: t.sni.global.fastly.net
www.perimeterx.com logo
PerimeterX
Security
100%
2 evidence signals
Cookie_pxvid
JS Global_pxAppId → string
A
Azure DNS
PaaS
100%
1 evidence signal
dnsNS: ns4-32.azure-dns.info
cloudflare.com logo
Cloudflare
CDN
75%
2 evidence signals
Header9ca8e0a479472ed1-SJC
Headercloudflare: cloudflare
www.onetrust.com logo
OneTrust
Cookie compliance
75%
3 evidence signals
Scripthttps://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Scripthttps://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Scripthttps://cdn.cookielaw.org/scripttemplates/otSDKStub.js
www.rfc-editor.org logo
HSTS
Security
75%
1 evidence signal
Headermax-age=300
aws.amazon.com logo
Amazon CloudFront
CDN
75%
1 evidence signal
Header7EpeYe2GFwEdMtKpnPNgI84NITCxv7NYNMK5LTD3CvgSmwva1EPOXg==
aws.amazon.com logo
Amazon S3
CDN
75%
1 evidence signal
Headers3[^ ]*amazonaws\.com: img-src 'self' *.commercecloud.salesforce.com *.bathandbodyworks.com *.bathandbodyworks.ca data: *.yottaa.net bat.bing.com *.google.com *.tealiumiq.com *.smaato.net *.pubmatic.com *.rubiconproject.com *.doubleclick.net *.casalemedia.com *.3lift.com *.ads.audio.thisisdax.com *.analytics.yahoo.com *.bazaarvoice.com *.brightcove.com *.brightcovecdn.com *.brsrvr.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.mountain.com *.omtrdc.net *.onetrust.com *.openx.net *.paypalobjects.com *.pinterest.com *.zineone.com ads.stickyadstv.com agentcore.s3.amazonaws.com aivo-assets.s3.amazonaws.com ap.lijit.com assets-qelplatam.s3.amazonaws.com bathandbodyworkscc.zendesk.com bh.contextweb.com cdn.cookielaw.org cdn.jsdelivr.net cm.everesttech.net contextual.media.net crb.kargo.com cs.openwebmp.com dpm.demdex.net exchange-match.mediaplex.com https://www.googletagmanager.com/td ib.adnxs.com idsync.live.streamtheworld.com idsync.rlcdn.com match.adsrvr.org match.sharethrough.com mountain.com omtrdc.net partners.tremorhub.com pinterest.com ps.eyeota.net sync.1rx.io sync.bfmio.com sync.ipredictive.com sync.mathtag.com sync.targeting.unrulymedia.com tags.bluekai.com us.ck-ie.com v2assets.zopim.io https://sync.inmobi.com https://sync.crwdcntrl.net https://f.monetate.net https://csync.loopme.me https://www.googleadservices.com https://pixel.adsafeprotected.com https://www.facebook.com/ https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com *.207.net *.rlcdn.com *.smartadserver.com *.attn.tv *.attentivemobile.com *.fwmrm.net *.googletagmanager.com *.medallia.com *.kampyle.com;script-src 'self' 'unsafe-inline' blob: storage.googleapis.com localhost:3000 code.jquery.com tags.tiqcdn.com *.yottaa.net *.attn.tv bbwi-us.attn.tv events.attentivemobile.com www.googletagmanager.com *.doubleclick.net *.bathandbodyworks.com *.bathandbodyworks.ca bat.bing.com sc-static.net *.agentbot.net *.attentivemobile.com *.bazaarvoice.com *.brcdn.com *.brightcove.net *.brightcovecdn.com *.byspotify.com *.cdn-apple.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.kampyle.com *.monetate.net *.mpsnare.iesnare.com *.onetrust.com *.ordergroove.com *.paypal.com *.pepperjam.com *.pinterest.com *.privacymanager.io *.smaato.net *.tealiumiq.com *.zineone.com *.snapchat.com *.tiktok.com 7316103.collect.igodigital.com api.tnapplications.com assets.adobedtm.com bathbodyworks-pixel.netlify.app cdn.cookielaw.org cdn.quantummetric.com cnstrc.com connect.facebook.net dev.zopim.com engine-global.monetate.net github.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.com https://*.yottaa.net https://s.pinimg.com https://www.google.com/recaptcha/ https://analytics.tiktok.com https://www.gstatic.com/recaptcha/ https://www.onelink-edge.com https://widget-mediator.zopim.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com objects.githubusercontent.com privacyportal-cdn.onetrust.com rdf.radial.com static.zdassets.com tst-rdf.radial.com https://dx.mountain.com https://px.mountain.com external.quantummetric.com https://www.googleadservices.com *.medallia.com https://google.com https://cognigy-bucket.s3.eu-west-3.amazonaws.com release-assets.githubusercontent.com *.radial.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net 'unsafe-eval' https://runtime.commercecloud.com *.site.com;connect-src 'self' api.cquotient.com localhost:3000 dpm.demdex.net bbwi-us.attn.tv events.attentivemobile.com aa.bathandbodyworks.com *.tealiumiq.com *.bathandbodyworks.com *.bathandbodyworks.ca *.restapi.ordergroove.com *.bazaarvoice.com *.googleapis.com *.gstatic.com *.cookielaw.org *.zineone.com *.onetrust.com *.aivo.co *.boltdns.net *.brightcove.com *.brightcovecdn.com *.cognigy.ai *.curalate.com *.mountain.com *.omtrdc.net *.ordergroove.com *.paypal.com *.pinterest.com *.salesforce.com *.zdassets.com *.snapchat.com *.doubleclick.net api.tnapplications.com https://auth-dev.bathandbodyworks.com https://auth-qa.bathandbodyworks.com https://auth.bathandbodyworks.com https://auth-perf.bathandbodyworks.com bathandbodyworkscc.zendesk.com cdn.cookielaw.org connect.facebook.net crcldu.com endpoint-foundever.cognigy.cloud engine-global.monetate.net engine.monetate.net geo.privacymanager.io geolocation.onetrust.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.net https://www.google.com https://www.google.com/ccm https://www.google.com/ccm/collect https://analytics.tiktok.com https://analytics-ipv6.tiktokw.us https://www.onelink-edge.com https://auth.pingone.com https://www.facebook.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com ingest.quantummetric.com mountain.com objects.githubusercontent.com omtrdc.net pinterest.com rdf.radial.com rl.quantummetric.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com tst-rdf.radial.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud wss://widget-mediator.zopim.com zendesk-eu.my.sentry.io *.cnstrc.com/ https://pixels.spotify.com wss://cloud.zineone.com https://google.com https://restapi.ordergroove.com https://www.googleadservices.com https://api.rlcdn.com bbw.quantummetric.com https://id.zopim.com/authenticated/web/jwt *.radial.com *.attn.tv *.attentivemobile.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net *.medallia.com *.kampyle.com https://runtime.commercecloud.com *.salesforce-scrt.com;frame-src https://applepay.cdn-apple.com/ *.aivo.co *.cookielaw.org *.curalate.com *.googleapis.com *.gstatic.com *.onetrust.com *.ordergroove.com *.paypal.com *.pcipal.cloud *.pcipalstaging.cloud *.pinterest.com *.zineone.com *.snapchat.com *.doubleclick.net bathandbody.demdex.net https://recaptcha.google.com/recaptcha/ https://td.doubleclick.net https://analytics.tiktok.com https://www.google.com/recaptcha/ https://www.googletagmanager.com https://www.googleadservices.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com ingest.quantummetric.com jqtmdiy716.execute-api.us-east-1.amazonaws.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud http://t.pepperjamnetwork.com cdn.quantummetric.com bbw.quantummetric.com *.radial.com *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com *.site.com;media-src *.boltdns.net *.brightcovecdn.com *.curalate.com agentcore.s3.amazonaws.com blob: data: static.zdassets.com *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self' https://runtime.commercecloud.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
www.varnish-cache.org logo
Varnish
Caching
75%
1 evidence signal
Headervarnish(?: \(Varnish/([\d.]+)\))?\;version:\1: 1.1 4aba7ea5aadcfe6838cddf2c73cd245a.cloudfront.net (CloudFront), 1.1 varnish
code.jquery.com logo
jQuery CDN
CDN
75%
1 evidence signal
Scripthttps://code.jquery.com/jquery-3.7.1.slim.js
aws.amazon.com logo
Amazon Web Services
PaaS
50%
1 evidence signal
HTMLimplied by Amazon CloudFront

Libraries & Utilities7

github.com logo
Loadable-Components
JavaScript libraries
75%
1 evidence signal
JS Global__LOADABLE_LOADED_CHUNKS__ → object
paypal.com logo
PayPal
Payment processors
75%
1 evidence signal
Header\.paypal\.com: img-src 'self' *.commercecloud.salesforce.com *.bathandbodyworks.com *.bathandbodyworks.ca data: *.yottaa.net bat.bing.com *.google.com *.tealiumiq.com *.smaato.net *.pubmatic.com *.rubiconproject.com *.doubleclick.net *.casalemedia.com *.3lift.com *.ads.audio.thisisdax.com *.analytics.yahoo.com *.bazaarvoice.com *.brightcove.com *.brightcovecdn.com *.brsrvr.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.mountain.com *.omtrdc.net *.onetrust.com *.openx.net *.paypalobjects.com *.pinterest.com *.zineone.com ads.stickyadstv.com agentcore.s3.amazonaws.com aivo-assets.s3.amazonaws.com ap.lijit.com assets-qelplatam.s3.amazonaws.com bathandbodyworkscc.zendesk.com bh.contextweb.com cdn.cookielaw.org cdn.jsdelivr.net cm.everesttech.net contextual.media.net crb.kargo.com cs.openwebmp.com dpm.demdex.net exchange-match.mediaplex.com https://www.googletagmanager.com/td ib.adnxs.com idsync.live.streamtheworld.com idsync.rlcdn.com match.adsrvr.org match.sharethrough.com mountain.com omtrdc.net partners.tremorhub.com pinterest.com ps.eyeota.net sync.1rx.io sync.bfmio.com sync.ipredictive.com sync.mathtag.com sync.targeting.unrulymedia.com tags.bluekai.com us.ck-ie.com v2assets.zopim.io https://sync.inmobi.com https://sync.crwdcntrl.net https://f.monetate.net https://csync.loopme.me https://www.googleadservices.com https://pixel.adsafeprotected.com https://www.facebook.com/ https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com *.207.net *.rlcdn.com *.smartadserver.com *.attn.tv *.attentivemobile.com *.fwmrm.net *.googletagmanager.com *.medallia.com *.kampyle.com;script-src 'self' 'unsafe-inline' blob: storage.googleapis.com localhost:3000 code.jquery.com tags.tiqcdn.com *.yottaa.net *.attn.tv bbwi-us.attn.tv events.attentivemobile.com www.googletagmanager.com *.doubleclick.net *.bathandbodyworks.com *.bathandbodyworks.ca bat.bing.com sc-static.net *.agentbot.net *.attentivemobile.com *.bazaarvoice.com *.brcdn.com *.brightcove.net *.brightcovecdn.com *.byspotify.com *.cdn-apple.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.kampyle.com *.monetate.net *.mpsnare.iesnare.com *.onetrust.com *.ordergroove.com *.paypal.com *.pepperjam.com *.pinterest.com *.privacymanager.io *.smaato.net *.tealiumiq.com *.zineone.com *.snapchat.com *.tiktok.com 7316103.collect.igodigital.com api.tnapplications.com assets.adobedtm.com bathbodyworks-pixel.netlify.app cdn.cookielaw.org cdn.quantummetric.com cnstrc.com connect.facebook.net dev.zopim.com engine-global.monetate.net github.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.com https://*.yottaa.net https://s.pinimg.com https://www.google.com/recaptcha/ https://analytics.tiktok.com https://www.gstatic.com/recaptcha/ https://www.onelink-edge.com https://widget-mediator.zopim.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com objects.githubusercontent.com privacyportal-cdn.onetrust.com rdf.radial.com static.zdassets.com tst-rdf.radial.com https://dx.mountain.com https://px.mountain.com external.quantummetric.com https://www.googleadservices.com *.medallia.com https://google.com https://cognigy-bucket.s3.eu-west-3.amazonaws.com release-assets.githubusercontent.com *.radial.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net 'unsafe-eval' https://runtime.commercecloud.com *.site.com;connect-src 'self' api.cquotient.com localhost:3000 dpm.demdex.net bbwi-us.attn.tv events.attentivemobile.com aa.bathandbodyworks.com *.tealiumiq.com *.bathandbodyworks.com *.bathandbodyworks.ca *.restapi.ordergroove.com *.bazaarvoice.com *.googleapis.com *.gstatic.com *.cookielaw.org *.zineone.com *.onetrust.com *.aivo.co *.boltdns.net *.brightcove.com *.brightcovecdn.com *.cognigy.ai *.curalate.com *.mountain.com *.omtrdc.net *.ordergroove.com *.paypal.com *.pinterest.com *.salesforce.com *.zdassets.com *.snapchat.com *.doubleclick.net api.tnapplications.com https://auth-dev.bathandbodyworks.com https://auth-qa.bathandbodyworks.com https://auth.bathandbodyworks.com https://auth-perf.bathandbodyworks.com bathandbodyworkscc.zendesk.com cdn.cookielaw.org connect.facebook.net crcldu.com endpoint-foundever.cognigy.cloud engine-global.monetate.net engine.monetate.net geo.privacymanager.io geolocation.onetrust.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.net https://www.google.com https://www.google.com/ccm https://www.google.com/ccm/collect https://analytics.tiktok.com https://analytics-ipv6.tiktokw.us https://www.onelink-edge.com https://auth.pingone.com https://www.facebook.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com ingest.quantummetric.com mountain.com objects.githubusercontent.com omtrdc.net pinterest.com rdf.radial.com rl.quantummetric.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com tst-rdf.radial.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud wss://widget-mediator.zopim.com zendesk-eu.my.sentry.io *.cnstrc.com/ https://pixels.spotify.com wss://cloud.zineone.com https://google.com https://restapi.ordergroove.com https://www.googleadservices.com https://api.rlcdn.com bbw.quantummetric.com https://id.zopim.com/authenticated/web/jwt *.radial.com *.attn.tv *.attentivemobile.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net *.medallia.com *.kampyle.com https://runtime.commercecloud.com *.salesforce-scrt.com;frame-src https://applepay.cdn-apple.com/ *.aivo.co *.cookielaw.org *.curalate.com *.googleapis.com *.gstatic.com *.onetrust.com *.ordergroove.com *.paypal.com *.pcipal.cloud *.pcipalstaging.cloud *.pinterest.com *.zineone.com *.snapchat.com *.doubleclick.net bathandbody.demdex.net https://recaptcha.google.com/recaptcha/ https://td.doubleclick.net https://analytics.tiktok.com https://www.google.com/recaptcha/ https://www.googletagmanager.com https://www.googleadservices.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com ingest.quantummetric.com jqtmdiy716.execute-api.us-east-1.amazonaws.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud http://t.pepperjamnetwork.com cdn.quantummetric.com bbw.quantummetric.com *.radial.com *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com *.site.com;media-src *.boltdns.net *.brightcovecdn.com *.curalate.com agentcore.s3.amazonaws.com blob: data: static.zdassets.com *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self' https://runtime.commercecloud.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
videojs.com logo
VideoJSv8.23.4
Video players
75%
1 evidence signal
JS Globalvideojs → function(v8.23.4)
www.brightcove.com logo
Brightcove
Video players
75%
2 evidence signals
Scripthttps://players.brightcove.net/6311996242001/default_default/index.min.js
Scripthttps://players.brightcove.net/6311996242001/default_default/index.min.js
maps.google.com logo
Google Maps
Maps
75%
1 evidence signal
Scripthttps://maps.googleapis.com/maps/api/js?key=AIzaSyBl_gA4R2RUJFJ4Z4DmEtBQoHNmmtirUgY&solution_channel=GMP_visgl_rgmlibrary_v1_default&loading=async&callback=__googleMapsCallback__
www.ordergroove.com logo
Ordergroove
Payment processors
75%
1 evidence signal
Header\.ordergroove\.com: img-src 'self' *.commercecloud.salesforce.com *.bathandbodyworks.com *.bathandbodyworks.ca data: *.yottaa.net bat.bing.com *.google.com *.tealiumiq.com *.smaato.net *.pubmatic.com *.rubiconproject.com *.doubleclick.net *.casalemedia.com *.3lift.com *.ads.audio.thisisdax.com *.analytics.yahoo.com *.bazaarvoice.com *.brightcove.com *.brightcovecdn.com *.brsrvr.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.mountain.com *.omtrdc.net *.onetrust.com *.openx.net *.paypalobjects.com *.pinterest.com *.zineone.com ads.stickyadstv.com agentcore.s3.amazonaws.com aivo-assets.s3.amazonaws.com ap.lijit.com assets-qelplatam.s3.amazonaws.com bathandbodyworkscc.zendesk.com bh.contextweb.com cdn.cookielaw.org cdn.jsdelivr.net cm.everesttech.net contextual.media.net crb.kargo.com cs.openwebmp.com dpm.demdex.net exchange-match.mediaplex.com https://www.googletagmanager.com/td ib.adnxs.com idsync.live.streamtheworld.com idsync.rlcdn.com match.adsrvr.org match.sharethrough.com mountain.com omtrdc.net partners.tremorhub.com pinterest.com ps.eyeota.net sync.1rx.io sync.bfmio.com sync.ipredictive.com sync.mathtag.com sync.targeting.unrulymedia.com tags.bluekai.com us.ck-ie.com v2assets.zopim.io https://sync.inmobi.com https://sync.crwdcntrl.net https://f.monetate.net https://csync.loopme.me https://www.googleadservices.com https://pixel.adsafeprotected.com https://www.facebook.com/ https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com *.207.net *.rlcdn.com *.smartadserver.com *.attn.tv *.attentivemobile.com *.fwmrm.net *.googletagmanager.com *.medallia.com *.kampyle.com;script-src 'self' 'unsafe-inline' blob: storage.googleapis.com localhost:3000 code.jquery.com tags.tiqcdn.com *.yottaa.net *.attn.tv bbwi-us.attn.tv events.attentivemobile.com www.googletagmanager.com *.doubleclick.net *.bathandbodyworks.com *.bathandbodyworks.ca bat.bing.com sc-static.net *.agentbot.net *.attentivemobile.com *.bazaarvoice.com *.brcdn.com *.brightcove.net *.brightcovecdn.com *.byspotify.com *.cdn-apple.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.kampyle.com *.monetate.net *.mpsnare.iesnare.com *.onetrust.com *.ordergroove.com *.paypal.com *.pepperjam.com *.pinterest.com *.privacymanager.io *.smaato.net *.tealiumiq.com *.zineone.com *.snapchat.com *.tiktok.com 7316103.collect.igodigital.com api.tnapplications.com assets.adobedtm.com bathbodyworks-pixel.netlify.app cdn.cookielaw.org cdn.quantummetric.com cnstrc.com connect.facebook.net dev.zopim.com engine-global.monetate.net github.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.com https://*.yottaa.net https://s.pinimg.com https://www.google.com/recaptcha/ https://analytics.tiktok.com https://www.gstatic.com/recaptcha/ https://www.onelink-edge.com https://widget-mediator.zopim.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com objects.githubusercontent.com privacyportal-cdn.onetrust.com rdf.radial.com static.zdassets.com tst-rdf.radial.com https://dx.mountain.com https://px.mountain.com external.quantummetric.com https://www.googleadservices.com *.medallia.com https://google.com https://cognigy-bucket.s3.eu-west-3.amazonaws.com release-assets.githubusercontent.com *.radial.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net 'unsafe-eval' https://runtime.commercecloud.com *.site.com;connect-src 'self' api.cquotient.com localhost:3000 dpm.demdex.net bbwi-us.attn.tv events.attentivemobile.com aa.bathandbodyworks.com *.tealiumiq.com *.bathandbodyworks.com *.bathandbodyworks.ca *.restapi.ordergroove.com *.bazaarvoice.com *.googleapis.com *.gstatic.com *.cookielaw.org *.zineone.com *.onetrust.com *.aivo.co *.boltdns.net *.brightcove.com *.brightcovecdn.com *.cognigy.ai *.curalate.com *.mountain.com *.omtrdc.net *.ordergroove.com *.paypal.com *.pinterest.com *.salesforce.com *.zdassets.com *.snapchat.com *.doubleclick.net api.tnapplications.com https://auth-dev.bathandbodyworks.com https://auth-qa.bathandbodyworks.com https://auth.bathandbodyworks.com https://auth-perf.bathandbodyworks.com bathandbodyworkscc.zendesk.com cdn.cookielaw.org connect.facebook.net crcldu.com endpoint-foundever.cognigy.cloud engine-global.monetate.net engine.monetate.net geo.privacymanager.io geolocation.onetrust.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.net https://www.google.com https://www.google.com/ccm https://www.google.com/ccm/collect https://analytics.tiktok.com https://analytics-ipv6.tiktokw.us https://www.onelink-edge.com https://auth.pingone.com https://www.facebook.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com ingest.quantummetric.com mountain.com objects.githubusercontent.com omtrdc.net pinterest.com rdf.radial.com rl.quantummetric.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com tst-rdf.radial.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud wss://widget-mediator.zopim.com zendesk-eu.my.sentry.io *.cnstrc.com/ https://pixels.spotify.com wss://cloud.zineone.com https://google.com https://restapi.ordergroove.com https://www.googleadservices.com https://api.rlcdn.com bbw.quantummetric.com https://id.zopim.com/authenticated/web/jwt *.radial.com *.attn.tv *.attentivemobile.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net *.medallia.com *.kampyle.com https://runtime.commercecloud.com *.salesforce-scrt.com;frame-src https://applepay.cdn-apple.com/ *.aivo.co *.cookielaw.org *.curalate.com *.googleapis.com *.gstatic.com *.onetrust.com *.ordergroove.com *.paypal.com *.pcipal.cloud *.pcipalstaging.cloud *.pinterest.com *.zineone.com *.snapchat.com *.doubleclick.net bathandbody.demdex.net https://recaptcha.google.com/recaptcha/ https://td.doubleclick.net https://analytics.tiktok.com https://www.google.com/recaptcha/ https://www.googletagmanager.com https://www.googleadservices.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com ingest.quantummetric.com jqtmdiy716.execute-api.us-east-1.amazonaws.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud http://t.pepperjamnetwork.com cdn.quantummetric.com bbw.quantummetric.com *.radial.com *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com *.site.com;media-src *.boltdns.net *.brightcovecdn.com *.curalate.com agentcore.s3.amazonaws.com blob: data: static.zdassets.com *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self' https://runtime.commercecloud.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
jquery.com logo
jQuery
JavaScript libraries
50%
1 evidence signal
HTMLimplied by jQuery CDN

Want to see AI crawler policies?

Check which AI bots can access this site.

View AI Policy →