ScanMalware.com

Security Scan Report: orangetheory.com

Redirected to:
https://www.orangetheory.com/de-de
Site favicon
Submitted: May 15, 2026, 10:05:21 PMCompleted: May 15, 2026, 10:07:07 PMpubliccompleted
Loading additional data...

Summary

This website contacted 16 IPs in 3 countries across 16 domains to perform 105 HTTP transactions. The main domain is orangetheory.com and was registered NaN years ago.

Submitted URL: https://orangetheory.com

Effective URL: https://www.orangetheory.com/de-deRedirected

The Cisco Umbrella rank of the primary domain is #211,896 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

Site shows strong indicators of malware activity (C2 beacon, data exfiltration) despite being an old domain; treat as high‑risk and report.

Risk Factors
Critical network IDS alerts indicating C2 beacon and data exfiltration
Low domain reputation rank for a major brand
Numerous external domains referenced (potential exfiltration endpoints)
No visible legitimate content or functional forms
Domain age information unavailable

Details

Page Title

Group Fitness Classes & Heart Rate-Based Interval Training

Scan Type

public

Language

🇩🇪

German

(80% confidence)

Category

healthcare medical

(36%)

Domain Information

The domain 'orangetheory.com' uses the commercial generic top-level domain (.com) while skipping any subdomain. Its registrable label 'orangetheory' stretches across 12 characters split between five vowels and 7 consonants. Splitting it apart reveals 2 words: orange, theory. Average segment length settles at six characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://orangetheory.com

Page Load Overview

10.51s
Total Load Time
134
HTTP Requests
21
Domains
2.3 MB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:de-DE
Text Length:8,799 chars
Detector Agreement:80%

Website Classification

Primary Category

healthcare medical36% confidence
Type: spa
Method: ml+structural

All Detected Categories

healthcare medical
36%
corporate
35%
news/blog
20%

Detected Features

Search
OG: website
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
14146.75.122.132Frankfurt am Main, Hesse, Germany
AS54113Fastly, Inc.
834.248.248.91Dublin, Leinster, Ireland
AS16509Amazon.com, Inc.
818.245.86.94United States
AS16509Amazon.com, Inc.
8151.101.193.229United States
AS54113Fastly, Inc.
8104.18.160.117United States
AS13335Cloudflare, Inc.
852.222.136.24United States
AS16509Amazon.com, Inc.
813.226.247.220United States
AS16509Amazon.com, Inc.
8104.18.86.42United States
AS13335Cloudflare, Inc.
813.226.244.58United States
AS16509Amazon.com, Inc.
8108.138.26.7United States
AS16509Amazon.com, Inc.
13416--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T11514F772A5B00077061742DFB2F7770D61D3928BDD46D884FBBC87441FABEA9ACA2158

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:OtT9tYoDR/QPCZXsLnESBZbg+DkbED/fC+t414V56ILy2H3fZMqE0Q57qTapdn9R:i7pVSW4V56ILyq3aqG7t9LOs

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:198646:CBABgHdXJMASQYDwRQlDVegRRihcDkUAxALA3AJw5PEyCFCViVJII9EEEAiYMZ0QwcgVATQZwRgvIgDvKMiaKYAC4okwh4LQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff818787878781f9
Perceptual Hash:be97c994c133163c
Difference Hash:c13f3d0d2d3d3f33
Wavelet Hash:ff818785858781f9
Color Hash:#80bf40

Other Hashes

Crop Resistant:c13f3d0d2d3d3f33,d2dc9ac4c6c6c4d2,c0c6c6be1cccfcfc,b4b69ecee6b6b6b4,414202022222062a

Scan History

Scan history not available

Unable to load historical scan data