shoporangetheory.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 2417 ms crawled 2026-05-19

US · 172.66.1.35 · AS13335 Cloudflare, Inc.

Reputation 100/100

Classifying

HTML metadata

Title: OTF Homepage
Description: Welcome to Shop Orangetheory, your online source for premium officially licensed Orangetheory Fitness Merchandise.
Language: en

Technology

CDN: Cloudflare
CMS: Gatsby

Analytics

Cloudflare Insights
Google Tag Manager

Cookie consent

OneTrust

Fonts

Adobe Fonts

Third-party hosts loaded (7)

bdainc.my.site.com×1
cdn.cookielaw.org×1
connect.punchout2go.com×1
static.cloudflareinsights.com×1
static.klaviyo.com×1
use.typekit.net×1
www.googletagmanager.com×1

Social

Contact

Phone

24377686570667

Registration

Registrar

Marcaria International LLC

Created

2017-06-15

Expires

2027-06-15 390 days left

Updated

2026-05-17

Name servers

ns01.trademarkarea.com
ns02.trademarkarea.com
ns03.trademarkarea.com

DNS records live

NS

ns01.trademarkarea.com
ns02.trademarkarea.com
ns03.trademarkarea.com

TXT

klaviyo-site-verification=UAJiNH
bl1bkpc0mck7yc87my4mdbkzd1d145s4

Email authentication no MX

SPF

not published

DMARC

v=DMARC1; p=none; rua=mailto:dmarc-reports@bdainc.com;

policy: none (monitoring only)

DKIM

s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA100F19APRgM/1hx1lDA4dJ3k92U9/QMk98O0CkzLQAmMSHfARD2m1/RdLt2kZ9k202OXSWMgViN/X7bcOZ…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3dgOI3DPVjDleIoIwts5qVDSN3Df11pG6DdcaSJ9j9hc8sXpbBV4Gir+AILK5c0WCn/ZVEtjl+Yjk0n5h…

selectors probed

Certificate (current)

WE1

from 2026-05-09 to 2026-08-07

Expires in 78 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.shoporangetheory.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options

findings

CSP uses wildcard sources
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: connect-src 'self' bam.nr-data.net https://www.googletagmanager.com in.hotjar.com https://cdn.acsbapp.com *.my.salesforce-scrt.com *.my.site.com surveystats.hotjar.io metrics.hotjar.io ask.hotjar.io https://vc.hotjar.io *.bdashops.com *.fullstory.com *.google-analytics.com *.klaviyo.com *.onetrust.com https://www.google.com analytics.google.com api.addressy.com cdn.cookielaw.org stats.g.doubleclick.net translate.googleapis.com *.postcodeanywhere.co.uk *.salesforce-sites.com wss://ws.hotjar.com https://content.hotjar.io https://in.hotjar.com *.googleapis.com *.facebook.com events.attentivemobile.com *.shortbread.aws.dev *.amazon.com dpm.demdex.net amazonwebservices.d2.sc.omtrdc.net *.attn.tv *.analytics.google.com https://region1.analytics.google.com https://www.google.com/measurement/ https://www.google.com/recaptcha/; default-src 'self' *.bdashops.com; font-src 'self' *.bdashops.com https://pabstblueribbon.com script.hotjar.com https://www.rocketmortgage.com *.typekit.net *.cloudfront
strict-transport-security: max-age=31536000; includeSubDomains

Links to (4)

Linked from (1)

orangetheory.com×3