🦊StackFox
bbw.com logo

bbw.com

Detected Technologies

Visit Site
AI Policy
Tech
InfraStatus
31 technologies5 categories

bbw.com is built on Chakra UI with PerimeterX and Microsoft 365.

Analytics are handled by Cloudflare Browser Insights and Google Tag Manager. Infrastructure includes Cloudflare DNS and Cloudflare.

Tech Stack Highlights

chakra-ui.com logoChakra UIUI frameworksconstructor.io logoConstructor.ioSearch engines
S
SendGridEmail
M
Microsoft 365Emailreactrouter.com logoReact RouterJavaScript frameworks

Core Platform1

constructor.io logo
Constructor.io
Search engines
75%
1 evidence signal
JS GlobalConstructorioClient → function

Frameworks & Languages3

chakra-ui.com logo
Chakra UI
UI frameworks
100%
3 evidence signals
HTMLchakra-
css--chakra-
DOMchakra-class
react.dev logo
React
JavaScript frameworks
75%
1 evidence signal
HTMLdata-react
reactrouter.com logo
React Router
JavaScript frameworks
75%
1 evidence signal
JS Global__reactRouterVersion → string

Analytics & Marketing7

M
Microsoft 365
Email
100%
1 evidence signal
dnsMX: bbw-com.mail.protection.outlook.com
S
SendGrid
Email
100%
1 evidence signal
dnsDKIM selector: s1
www.cloudflare.com logo
Cloudflare Browser Insights
Analytics
75%
1 evidence signal
Scripthttps://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
tagmanager.google.com logo
Google Tag Manager
Tag managers
75%
1 evidence signal
JS GlobaldataLayer → object
www.datadoghq.com logo
Datadogv6.25.4
RUM
75%
2 evidence signals
JS GlobalDD_LOGS → object(v6.25.4)
JS GlobalDD_RUM → object(v6.25.4)
tealium.com logo
Tealium
Tag managers
75%
2 evidence signals
Scripthttps://tags.tiqcdn.com/utag/bbw/new/prod/utag.sync.js
Scripthttps://tags.tiqcdn.com/utag/bbw/new/prod/utag.js
www.yottaa.com logo
Yottaa
Tag managers
75%
1 evidence signal
Scripthttps://rapid-cdn.yottaa.com/rapid/lib/wI9DjgjWFD_TGA.js

Infrastructure & Security10

www.perimeterx.com logo
PerimeterX
Security
100%
2 evidence signals
Cookie_pxvid
JS Global_pxAppId → string
C
Cloudflare DNS
PaaS
100%
1 evidence signal
dnsNS: josephine.ns.cloudflare.com
cloudflare.com logo
Cloudflare
CDN
75%
2 evidence signals
Headera07adfdcde87a249-SJC
Headercloudflare: cloudflare
www.onetrust.com logo
OneTrust
Cookie compliance
75%
3 evidence signals
Scripthttps://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Scripthttps://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Scripthttps://cdn.cookielaw.org/scripttemplates/otSDKStub.js
www.rfc-editor.org logo
HSTS
Security
75%
1 evidence signal
Headermax-age=31557600
aws.amazon.com logo
Amazon CloudFront
CDN
75%
1 evidence signal
Headeru7fEaKFasuxhVAInr5a87u6mb8XXpdd4D5T2WGaDroIZnsFAgRuFhA==
aws.amazon.com logo
Amazon S3
CDN
75%
1 evidence signal
Headers3[^ ]*amazonaws\.com: img-src 'self' *.commercecloud.salesforce.com *.bathandbodyworks.com *.bathandbodyworks.ca data: *.yottaa.net bat.bing.com *.google.com *.tealiumiq.com *.smaato.net *.pubmatic.com *.rubiconproject.com *.doubleclick.net *.casalemedia.com *.3lift.com *.ads.audio.thisisdax.com *.analytics.yahoo.com *.bazaarvoice.com *.brightcove.com *.brightcovecdn.com *.brsrvr.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.mountain.com *.omtrdc.net *.onetrust.com *.openx.net *.paypalobjects.com *.pinterest.com *.zineone.com *.datadoghq.com ads.stickyadstv.com agentcore.s3.amazonaws.com aivo-assets.s3.amazonaws.com ap.lijit.com assets-qelplatam.s3.amazonaws.com bathandbodyworkscc.zendesk.com bh.contextweb.com cdn.cookielaw.org cdn.jsdelivr.net cm.everesttech.net contextual.media.net crb.kargo.com cs.openwebmp.com dpm.demdex.net exchange-match.mediaplex.com https://www.googletagmanager.com/td ib.adnxs.com idsync.live.streamtheworld.com idsync.rlcdn.com match.adsrvr.org match.sharethrough.com mountain.com omtrdc.net partners.tremorhub.com pinterest.com ps.eyeota.net sync.1rx.io sync.bfmio.com sync.ipredictive.com sync.mathtag.com sync.targeting.unrulymedia.com tags.bluekai.com us.ck-ie.com v2assets.zopim.io https://sync.inmobi.com https://sync.crwdcntrl.net https://f.monetate.net https://csync.loopme.me https://www.googleadservices.com https://pixel.adsafeprotected.com https://www.facebook.com/ https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com https://personalization-api.us-west-2.prod.tealiumapis.com *.207.net *.rlcdn.com *.smartadserver.com *.attn.tv *.attentivemobile.com *.fwmrm.net *.googletagmanager.com *.medallia.com *.kampyle.com https://pixel.tapad.com;script-src 'self' 'unsafe-inline' blob: storage.googleapis.com localhost:3000 code.jquery.com tags.tiqcdn.com *.yottaa.net *.attn.tv bbwi-us.attn.tv events.attentivemobile.com www.googletagmanager.com *.doubleclick.net *.bathandbodyworks.com *.bathandbodyworks.ca bat.bing.com sc-static.net *.agentbot.net *.attentivemobile.com *.bazaarvoice.com *.brcdn.com *.brightcove.net *.brightcovecdn.com *.byspotify.com *.cdn-apple.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.kampyle.com *.monetate.net *.mpsnare.iesnare.com *.onetrust.com *.ordergroove.com *.paypal.com *.pepperjam.com *.pinterest.com *.privacymanager.io *.smaato.net *.tealiumiq.com *.zineone.com *.snapchat.com *.tiktok.com *.datadoghq.com 7316103.collect.igodigital.com api.tnapplications.com assets.adobedtm.com bathbodyworks-pixel.netlify.app cdn.cookielaw.org cdn.quantummetric.com cnstrc.com connect.facebook.net dev.zopim.com engine-global.monetate.net github.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.com https://*.yottaa.net https://s.pinimg.com https://www.google.com/recaptcha/ https://analytics.tiktok.com https://www.gstatic.com/recaptcha/ https://www.onelink-edge.com https://widget-mediator.zopim.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com https://personalization-api.us-west-2.prod.tealiumapis.com objects.githubusercontent.com privacyportal-cdn.onetrust.com rdf.radial.com static.zdassets.com tst-rdf.radial.com https://dx.mountain.com https://px.mountain.com external.quantummetric.com https://www.googleadservices.com *.medallia.com https://google.com https://cognigy-bucket.s3.eu-west-3.amazonaws.com release-assets.githubusercontent.com *.radial.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net *.riskified.com beacon.riskified.com 'unsafe-eval' https://runtime.commercecloud.com *.site.com;connect-src 'self' api.cquotient.com localhost:3000 dpm.demdex.net bbwi-us.attn.tv events.attentivemobile.com aa.bathandbodyworks.com *.tealiumiq.com *.bathandbodyworks.com *.bathandbodyworks.ca *.restapi.ordergroove.com *.bazaarvoice.com *.googleapis.com *.gstatic.com *.cookielaw.org *.zineone.com *.onetrust.com *.aivo.co *.boltdns.net *.brightcove.com *.brightcovecdn.com *.cognigy.ai *.curalate.com *.mountain.com *.omtrdc.net *.ordergroove.com *.paypal.com *.pinterest.com *.salesforce.com *.zdassets.com *.snapchat.com *.doubleclick.net *.datadoghq.com *.tiktok.com browser-intake-datadoghq.com browser-http-intake.logs.datadoghq.com rum-http-intake.logs.datadoghq.com api.tnapplications.com https://auth-dev.bathandbodyworks.com https://auth-qa.bathandbodyworks.com https://auth.bathandbodyworks.com https://auth-perf.bathandbodyworks.com https://personalization-api.us-west-2.prod.tealiumapis.com bathandbodyworkscc.zendesk.com cdn.cookielaw.org connect.facebook.net crcldu.com endpoint-foundever.cognigy.cloud engine-global.monetate.net engine.monetate.net geo.privacymanager.io geolocation.onetrust.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.net https://www.google.com https://www.google.com/ccm https://www.google.com/ccm/collect https://analytics.tiktok.com https://analytics-ipv6.tiktokw.us https://www.onelink-edge.com https://auth.pingone.com https://www.facebook.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com ingest.quantummetric.com mountain.com objects.githubusercontent.com omtrdc.net pinterest.com rdf.radial.com rl.quantummetric.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com tst-rdf.radial.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud wss://widget-mediator.zopim.com zendesk-eu.my.sentry.io *.cnstrc.com/ https://pixels.spotify.com wss://cloud.zineone.com https://google.com https://restapi.ordergroove.com https://www.googleadservices.com https://api.rlcdn.com bbw.quantummetric.com https://id.zopim.com/authenticated/web/jwt *.radial.com *.attn.tv *.attentivemobile.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net *.medallia.com *.kampyle.com *.riskified.com beacon.riskified.com https://runtime.commercecloud.com *.salesforce-scrt.com;frame-src https://applepay.cdn-apple.com/ *.aivo.co *.cookielaw.org *.curalate.com *.googleapis.com *.gstatic.com *.onetrust.com *.ordergroove.com *.paypal.com *.pcipal.cloud *.pcipalstaging.cloud *.pinterest.com *.zineone.com *.snapchat.com *.doubleclick.net bathandbody.demdex.net https://recaptcha.google.com/recaptcha/ https://td.doubleclick.net https://analytics.tiktok.com https://www.google.com/recaptcha/ https://www.googletagmanager.com https://www.googleadservices.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com https://personalization-api.us-west-2.prod.tealiumapis.com ingest.quantummetric.com jqtmdiy716.execute-api.us-east-1.amazonaws.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud http://t.pepperjamnetwork.com cdn.quantummetric.com bbw.quantummetric.com *.radial.com *.auruspay.com/ *.aurusepay.com/ *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com *.site.com;media-src *.boltdns.net *.brightcovecdn.com *.curalate.com agentcore.s3.amazonaws.com blob: data: static.zdassets.com *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self' https://runtime.commercecloud.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
www.varnish-cache.org logo
Varnish
Caching
75%
1 evidence signal
Headervarnish(?: \(Varnish/([\d.]+)\))?\;version:\1: 1.1 6f6a165c08693865e338cdda8c008806.cloudfront.net (CloudFront), 1.1 varnish
code.jquery.com logo
jQuery CDN
CDN
75%
1 evidence signal
Scripthttps://code.jquery.com/jquery-3.7.1.slim.js
aws.amazon.com logo
Amazon Web Services
PaaS
50%
1 evidence signal
HTMLimplied by Amazon CloudFront

Libraries & Utilities10

Z
Zendesk
Documentation
95%
1 evidence signal
dnsSPF includes zendesk.com
github.com logo
core-js
JavaScript libraries
75%
1 evidence signal
JS Global__core-js_shared__ → object
github.com logo
Loadable-Components
JavaScript libraries
75%
1 evidence signal
JS Global__LOADABLE_LOADED_CHUNKS__ → object
paypal.com logo
PayPal
Payment processors
75%
1 evidence signal
Header\.paypal\.com: img-src 'self' *.commercecloud.salesforce.com *.bathandbodyworks.com *.bathandbodyworks.ca data: *.yottaa.net bat.bing.com *.google.com *.tealiumiq.com *.smaato.net *.pubmatic.com *.rubiconproject.com *.doubleclick.net *.casalemedia.com *.3lift.com *.ads.audio.thisisdax.com *.analytics.yahoo.com *.bazaarvoice.com *.brightcove.com *.brightcovecdn.com *.brsrvr.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.mountain.com *.omtrdc.net *.onetrust.com *.openx.net *.paypalobjects.com *.pinterest.com *.zineone.com *.datadoghq.com ads.stickyadstv.com agentcore.s3.amazonaws.com aivo-assets.s3.amazonaws.com ap.lijit.com assets-qelplatam.s3.amazonaws.com bathandbodyworkscc.zendesk.com bh.contextweb.com cdn.cookielaw.org cdn.jsdelivr.net cm.everesttech.net contextual.media.net crb.kargo.com cs.openwebmp.com dpm.demdex.net exchange-match.mediaplex.com https://www.googletagmanager.com/td ib.adnxs.com idsync.live.streamtheworld.com idsync.rlcdn.com match.adsrvr.org match.sharethrough.com mountain.com omtrdc.net partners.tremorhub.com pinterest.com ps.eyeota.net sync.1rx.io sync.bfmio.com sync.ipredictive.com sync.mathtag.com sync.targeting.unrulymedia.com tags.bluekai.com us.ck-ie.com v2assets.zopim.io https://sync.inmobi.com https://sync.crwdcntrl.net https://f.monetate.net https://csync.loopme.me https://www.googleadservices.com https://pixel.adsafeprotected.com https://www.facebook.com/ https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com https://personalization-api.us-west-2.prod.tealiumapis.com *.207.net *.rlcdn.com *.smartadserver.com *.attn.tv *.attentivemobile.com *.fwmrm.net *.googletagmanager.com *.medallia.com *.kampyle.com https://pixel.tapad.com;script-src 'self' 'unsafe-inline' blob: storage.googleapis.com localhost:3000 code.jquery.com tags.tiqcdn.com *.yottaa.net *.attn.tv bbwi-us.attn.tv events.attentivemobile.com www.googletagmanager.com *.doubleclick.net *.bathandbodyworks.com *.bathandbodyworks.ca bat.bing.com sc-static.net *.agentbot.net *.attentivemobile.com *.bazaarvoice.com *.brcdn.com *.brightcove.net *.brightcovecdn.com *.byspotify.com *.cdn-apple.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.kampyle.com *.monetate.net *.mpsnare.iesnare.com *.onetrust.com *.ordergroove.com *.paypal.com *.pepperjam.com *.pinterest.com *.privacymanager.io *.smaato.net *.tealiumiq.com *.zineone.com *.snapchat.com *.tiktok.com *.datadoghq.com 7316103.collect.igodigital.com api.tnapplications.com assets.adobedtm.com bathbodyworks-pixel.netlify.app cdn.cookielaw.org cdn.quantummetric.com cnstrc.com connect.facebook.net dev.zopim.com engine-global.monetate.net github.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.com https://*.yottaa.net https://s.pinimg.com https://www.google.com/recaptcha/ https://analytics.tiktok.com https://www.gstatic.com/recaptcha/ https://www.onelink-edge.com https://widget-mediator.zopim.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com https://personalization-api.us-west-2.prod.tealiumapis.com objects.githubusercontent.com privacyportal-cdn.onetrust.com rdf.radial.com static.zdassets.com tst-rdf.radial.com https://dx.mountain.com https://px.mountain.com external.quantummetric.com https://www.googleadservices.com *.medallia.com https://google.com https://cognigy-bucket.s3.eu-west-3.amazonaws.com release-assets.githubusercontent.com *.radial.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net *.riskified.com beacon.riskified.com 'unsafe-eval' https://runtime.commercecloud.com *.site.com;connect-src 'self' api.cquotient.com localhost:3000 dpm.demdex.net bbwi-us.attn.tv events.attentivemobile.com aa.bathandbodyworks.com *.tealiumiq.com *.bathandbodyworks.com *.bathandbodyworks.ca *.restapi.ordergroove.com *.bazaarvoice.com *.googleapis.com *.gstatic.com *.cookielaw.org *.zineone.com *.onetrust.com *.aivo.co *.boltdns.net *.brightcove.com *.brightcovecdn.com *.cognigy.ai *.curalate.com *.mountain.com *.omtrdc.net *.ordergroove.com *.paypal.com *.pinterest.com *.salesforce.com *.zdassets.com *.snapchat.com *.doubleclick.net *.datadoghq.com *.tiktok.com browser-intake-datadoghq.com browser-http-intake.logs.datadoghq.com rum-http-intake.logs.datadoghq.com api.tnapplications.com https://auth-dev.bathandbodyworks.com https://auth-qa.bathandbodyworks.com https://auth.bathandbodyworks.com https://auth-perf.bathandbodyworks.com https://personalization-api.us-west-2.prod.tealiumapis.com bathandbodyworkscc.zendesk.com cdn.cookielaw.org connect.facebook.net crcldu.com endpoint-foundever.cognigy.cloud engine-global.monetate.net engine.monetate.net geo.privacymanager.io geolocation.onetrust.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.net https://www.google.com https://www.google.com/ccm https://www.google.com/ccm/collect https://analytics.tiktok.com https://analytics-ipv6.tiktokw.us https://www.onelink-edge.com https://auth.pingone.com https://www.facebook.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com ingest.quantummetric.com mountain.com objects.githubusercontent.com omtrdc.net pinterest.com rdf.radial.com rl.quantummetric.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com tst-rdf.radial.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud wss://widget-mediator.zopim.com zendesk-eu.my.sentry.io *.cnstrc.com/ https://pixels.spotify.com wss://cloud.zineone.com https://google.com https://restapi.ordergroove.com https://www.googleadservices.com https://api.rlcdn.com bbw.quantummetric.com https://id.zopim.com/authenticated/web/jwt *.radial.com *.attn.tv *.attentivemobile.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net *.medallia.com *.kampyle.com *.riskified.com beacon.riskified.com https://runtime.commercecloud.com *.salesforce-scrt.com;frame-src https://applepay.cdn-apple.com/ *.aivo.co *.cookielaw.org *.curalate.com *.googleapis.com *.gstatic.com *.onetrust.com *.ordergroove.com *.paypal.com *.pcipal.cloud *.pcipalstaging.cloud *.pinterest.com *.zineone.com *.snapchat.com *.doubleclick.net bathandbody.demdex.net https://recaptcha.google.com/recaptcha/ https://td.doubleclick.net https://analytics.tiktok.com https://www.google.com/recaptcha/ https://www.googletagmanager.com https://www.googleadservices.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com https://personalization-api.us-west-2.prod.tealiumapis.com ingest.quantummetric.com jqtmdiy716.execute-api.us-east-1.amazonaws.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud http://t.pepperjamnetwork.com cdn.quantummetric.com bbw.quantummetric.com *.radial.com *.auruspay.com/ *.aurusepay.com/ *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com *.site.com;media-src *.boltdns.net *.brightcovecdn.com *.curalate.com agentcore.s3.amazonaws.com blob: data: static.zdassets.com *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self' https://runtime.commercecloud.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
videojs.com logo
VideoJSv8.23.7
Video players
75%
1 evidence signal
JS Globalvideojs → function(v8.23.7)
www.brightcove.com logo
Brightcove
Video players
75%
1 evidence signal
Scripthttps://players.brightcove.net/6311996242001/default_default/index.min.js
maps.google.com logo
Google Maps
Maps
75%
1 evidence signal
Scripthttps://maps.googleapis.com/maps/api/js?key=AIzaSyBl_gA4R2RUJFJ4Z4DmEtBQoHNmmtirUgY&solution_channel=GMP_visgl_rgmlibrary_v1_default&loading=async&callback=__googleMapsCallback__
ecovium.com logo
Ecovium
Shipping carriers
75%
1 evidence signal
Textmhp
www.ordergroove.com logo
Ordergroove
Payment processors
75%
1 evidence signal
Header\.ordergroove\.com: img-src 'self' *.commercecloud.salesforce.com *.bathandbodyworks.com *.bathandbodyworks.ca data: *.yottaa.net bat.bing.com *.google.com *.tealiumiq.com *.smaato.net *.pubmatic.com *.rubiconproject.com *.doubleclick.net *.casalemedia.com *.3lift.com *.ads.audio.thisisdax.com *.analytics.yahoo.com *.bazaarvoice.com *.brightcove.com *.brightcovecdn.com *.brsrvr.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.mountain.com *.omtrdc.net *.onetrust.com *.openx.net *.paypalobjects.com *.pinterest.com *.zineone.com *.datadoghq.com ads.stickyadstv.com agentcore.s3.amazonaws.com aivo-assets.s3.amazonaws.com ap.lijit.com assets-qelplatam.s3.amazonaws.com bathandbodyworkscc.zendesk.com bh.contextweb.com cdn.cookielaw.org cdn.jsdelivr.net cm.everesttech.net contextual.media.net crb.kargo.com cs.openwebmp.com dpm.demdex.net exchange-match.mediaplex.com https://www.googletagmanager.com/td ib.adnxs.com idsync.live.streamtheworld.com idsync.rlcdn.com match.adsrvr.org match.sharethrough.com mountain.com omtrdc.net partners.tremorhub.com pinterest.com ps.eyeota.net sync.1rx.io sync.bfmio.com sync.ipredictive.com sync.mathtag.com sync.targeting.unrulymedia.com tags.bluekai.com us.ck-ie.com v2assets.zopim.io https://sync.inmobi.com https://sync.crwdcntrl.net https://f.monetate.net https://csync.loopme.me https://www.googleadservices.com https://pixel.adsafeprotected.com https://www.facebook.com/ https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com https://personalization-api.us-west-2.prod.tealiumapis.com *.207.net *.rlcdn.com *.smartadserver.com *.attn.tv *.attentivemobile.com *.fwmrm.net *.googletagmanager.com *.medallia.com *.kampyle.com https://pixel.tapad.com;script-src 'self' 'unsafe-inline' blob: storage.googleapis.com localhost:3000 code.jquery.com tags.tiqcdn.com *.yottaa.net *.attn.tv bbwi-us.attn.tv events.attentivemobile.com www.googletagmanager.com *.doubleclick.net *.bathandbodyworks.com *.bathandbodyworks.ca bat.bing.com sc-static.net *.agentbot.net *.attentivemobile.com *.bazaarvoice.com *.brcdn.com *.brightcove.net *.brightcovecdn.com *.byspotify.com *.cdn-apple.com *.cookielaw.org *.curalate.com *.dotomi.com *.googleapis.com *.gstatic.com *.kampyle.com *.monetate.net *.mpsnare.iesnare.com *.onetrust.com *.ordergroove.com *.paypal.com *.pepperjam.com *.pinterest.com *.privacymanager.io *.smaato.net *.tealiumiq.com *.zineone.com *.snapchat.com *.tiktok.com *.datadoghq.com 7316103.collect.igodigital.com api.tnapplications.com assets.adobedtm.com bathbodyworks-pixel.netlify.app cdn.cookielaw.org cdn.quantummetric.com cnstrc.com connect.facebook.net dev.zopim.com engine-global.monetate.net github.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.com https://*.yottaa.net https://s.pinimg.com https://www.google.com/recaptcha/ https://analytics.tiktok.com https://www.gstatic.com/recaptcha/ https://www.onelink-edge.com https://widget-mediator.zopim.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com https://personalization-api.us-west-2.prod.tealiumapis.com objects.githubusercontent.com privacyportal-cdn.onetrust.com rdf.radial.com static.zdassets.com tst-rdf.radial.com https://dx.mountain.com https://px.mountain.com external.quantummetric.com https://www.googleadservices.com *.medallia.com https://google.com https://cognigy-bucket.s3.eu-west-3.amazonaws.com release-assets.githubusercontent.com *.radial.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net *.riskified.com beacon.riskified.com 'unsafe-eval' https://runtime.commercecloud.com *.site.com;connect-src 'self' api.cquotient.com localhost:3000 dpm.demdex.net bbwi-us.attn.tv events.attentivemobile.com aa.bathandbodyworks.com *.tealiumiq.com *.bathandbodyworks.com *.bathandbodyworks.ca *.restapi.ordergroove.com *.bazaarvoice.com *.googleapis.com *.gstatic.com *.cookielaw.org *.zineone.com *.onetrust.com *.aivo.co *.boltdns.net *.brightcove.com *.brightcovecdn.com *.cognigy.ai *.curalate.com *.mountain.com *.omtrdc.net *.ordergroove.com *.paypal.com *.pinterest.com *.salesforce.com *.zdassets.com *.snapchat.com *.doubleclick.net *.datadoghq.com *.tiktok.com browser-intake-datadoghq.com browser-http-intake.logs.datadoghq.com rum-http-intake.logs.datadoghq.com api.tnapplications.com https://auth-dev.bathandbodyworks.com https://auth-qa.bathandbodyworks.com https://auth.bathandbodyworks.com https://auth-perf.bathandbodyworks.com https://personalization-api.us-west-2.prod.tealiumapis.com bathandbodyworkscc.zendesk.com cdn.cookielaw.org connect.facebook.net crcldu.com endpoint-foundever.cognigy.cloud engine-global.monetate.net engine.monetate.net geo.privacymanager.io geolocation.onetrust.com https://*.px-cdn.net https://*.px-cloud.net https://*.yottaa.net https://www.google.com https://www.google.com/ccm https://www.google.com/ccm/collect https://analytics.tiktok.com https://analytics-ipv6.tiktokw.us https://www.onelink-edge.com https://auth.pingone.com https://www.facebook.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com ingest.quantummetric.com mountain.com objects.githubusercontent.com omtrdc.net pinterest.com rdf.radial.com rl.quantummetric.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com tst-rdf.radial.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud wss://widget-mediator.zopim.com zendesk-eu.my.sentry.io *.cnstrc.com/ https://pixels.spotify.com wss://cloud.zineone.com https://google.com https://restapi.ordergroove.com https://www.googleadservices.com https://api.rlcdn.com bbw.quantummetric.com https://id.zopim.com/authenticated/web/jwt *.radial.com *.attn.tv *.attentivemobile.com *.queue-it.net https://*.queue-it.net https://static.queue-it.net *.medallia.com *.kampyle.com *.riskified.com beacon.riskified.com https://runtime.commercecloud.com *.salesforce-scrt.com;frame-src https://applepay.cdn-apple.com/ *.aivo.co *.cookielaw.org *.curalate.com *.googleapis.com *.gstatic.com *.onetrust.com *.ordergroove.com *.paypal.com *.pcipal.cloud *.pcipalstaging.cloud *.pinterest.com *.zineone.com *.snapchat.com *.doubleclick.net bathandbody.demdex.net https://recaptcha.google.com/recaptcha/ https://td.doubleclick.net https://analytics.tiktok.com https://www.google.com/recaptcha/ https://www.googletagmanager.com https://www.googleadservices.com https://cdn.contentstack.io https://azure-na-images.contentstack.com https://azure-na-cdn.contentstack.com https://personalization-api.us-west-2.prod.tealiumapis.com ingest.quantummetric.com jqtmdiy716.execute-api.us-east-1.amazonaws.com telemetry.partners.prod.minionplatform.com public.prod.minionplatform.com wss://csb.zineone.com wss://endpoint-foundever.cognigy.cloud http://t.pepperjamnetwork.com cdn.quantummetric.com bbw.quantummetric.com *.radial.com *.auruspay.com/ *.aurusepay.com/ *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com *.site.com;media-src *.boltdns.net *.brightcovecdn.com *.curalate.com agentcore.s3.amazonaws.com blob: data: static.zdassets.com *.attentivemobile.com *.attn.tv *.medallia.com *.kampyle.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self' https://runtime.commercecloud.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
jquery.com logo
jQuery
JavaScript libraries
50%
1 evidence signal
HTMLimplied by jQuery CDN

Want to see AI crawler policies?

Check which AI bots can access this site.

View AI Policy →