/ / d / amazon.com
amazon.com
49 / 100
overall · band: low
Categories
Security53/ 100 · 9 measured
Performance61/ 100 · 9 measured
SEO21/ 100 · 7 measured
AI-readiness10/ 100 · 4 measured
Privacy27/ 100 · 6 measured
Accessibility81/ 100 · 6 measured
Brand presence32/ 100 · 16 measured
Email health54/ 100 · 16 measured
Site facts
- Snapshot date
- 2026-04-26
- Factors scored
- 73 / 86
- Composite score
- 49/100
- Method version
- v0.1 — 2026-04-25
Security· 53/100
| # | Factor | Verdict | Score | Evidence |
|---|---|---|---|---|
| 4 | Security headers (HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy, X-Content-Type-Options) | pass | 80 | security_headers_score=80, missing=Referrer-Policy|Permissions-Policy |
| 5 | SSL certificate validity & expiration window | n/a | — | Scoring not yet implemented |
| 6 | WordPress REST API user enumeration exposure | pass | 100 | not_wordpress |
| 7 | Sensitive path exposure (.git, .env, /admin, xmlrpc.php, wp-login.php) | pass | 100 | total_checked=6 |
| 22 | DNSSEC validation | fail | 0 | ds_present=false, ad_bit=false |
| 23 | CAA records | fail | 0 | has_issue=false, has_iodef=false |
| 26 | HSTS preload list inclusion | fail | 30 | hsts_header=max-age=47474747; includeSubDomains; preload, preload_status=unknown |
| 27 | TLS minimum version & cipher suite quality | warn | 70 | status=READY, grades=B|B, worst=B |
| 28 | Subdomain takeover surface | pass | 100 | findings={"subdomain":"www.amazon.com","cname":"tp.47cf2c8c9-frontier.amazon.com.","dangling":false}|{"subdomain":"shop.amazon.com","cname":"s1.amazon.com.","dangling":false}, dangling_count=0 |
| 29 | Spam / phishing blocklist presence | fail | 0 | listed=true, response_code=0, answers=127.255.255.254 |
Performance· 61/100
| # | Factor | Verdict | Score | Evidence |
|---|---|---|---|---|
| 8 | Mobile PageSpeed score + Core Web Vitals (LCP, FCP, CLS) | warn | 60 | performance_score=56, lcp_ms=9068.49648060205, cls=0, components={"perf":56,"lcp":30,"cls":100} |
| 9 | HTTP/2 support | pass | 100 | perf_http2=true |
| 10 | Compression (Brotli / gzip) | pass | 80 | perf_compression=gzip |
| 30 | HTTP/3 support | pass | 100 | source=alt_svc, alt_svc=h3=":443"; ma=86400, supports_h3=true |
| 31 | IPv6 support | fail | 0 | aaaa_count=0 |
| 32 | Image optimization (WebP/AVIF) | warn | 70 | id=image-delivery-insight, lighthouse_score=0.5, displayValue=Est savings of 214 KiB |
| 33 | Desktop PageSpeed score | n/a | — | Scoring not yet implemented |
| 34 | Core Web Vitals from CrUX (Real User Monitoring) | n/a | — | Scoring not yet implemented |
| 35 | Lazy loading on below-fold images | fail | 40 | id=image-delivery-insight, lighthouse_score=0.5, displayValue=Est savings of 214 KiB |
| 36 | Font loading strategy (FOUT/FOIT/swap) | fail | 0 | id=font-display-insight, lighthouse_score=0 |
| 37 | Total homepage byte weight | pass | 100 | html_bytes=512000, subresource_bytes=0, total_bytes=512000, total_kb=500, sampled=0, total_refs=0 |
| 38 | Largest unused JavaScript bundle | n/a | — | Scoring not yet implemented |
SEO· 21/100
| # | Factor | Verdict | Score | Evidence |
|---|---|---|---|---|
| 11 | Title, meta description, OG, Twitter cards, canonical | fail | 0 | title=false, description=false, og=false, twitter=false, canonical=false |
| 12 | Schema.org structured data presence | fail | 0 | structured_data_absent |
| 13 | H1 tag presence | fail | 0 | h1_count=0 |
| 14 | Sitemap.xml + robots.txt presence | warn | 50 | has_robots_txt=true, has_sitemap=false |
| 39 | Schema.org type validity (parsed JSON-LD) | n/a | — | Scoring not yet implemented |
| 40 | Breadcrumb schema | fail | 0 | present=false |
| 41 | FAQ / HowTo schema (where applicable) | n/a | — | n/a — not_applicable |
| 42 | hreflang for multi-language sites | n/a | — | n/a — single_language |
| 43 | Internal link depth (clicks from homepage to deepest content) | pass | 100 | max_depth=1, pages_fetched=50, pages_seen=247, capped_at=50 |
| 61 | Better Business Bureau accreditation | fail | 0 | no_link_on_site |
AI-readiness· 10/100
| # | Factor | Verdict | Score | Evidence |
|---|---|---|---|---|
| 15 | llms.txt presence | fail | 0 | has_llms_txt=false |
| 16 | AI crawler robots.txt directives | fail | 40 | robots_ai_blocked_count=10, blocked_names=GPTBot (OpenAI)|ChatGPT-User (OpenAI browsing)|ClaudeBot (Anthropic)|Google-Extended (Gemini training)|PerplexityBot|Bytespider (ByteDance/TikTok)|Meta-ExternalAgent|CCBot (CommonCrawl — feeds most LLMs)|coh… |
| 44 | AI plugin manifest (.well-known/ai-plugin.json) | fail | 0 | status=404 |
| 45 | JSON-LD richness score for LLMs | fail | 0 | org_complete=false, has_address=false, has_contact_point=false, has_same_as=false, has_content_type=false, breakdown={"coreOrg":0,"contact":0,"sameAs":0,"contentType":0} |
Privacy· 27/100
| # | Factor | Verdict | Score | Evidence |
|---|---|---|---|---|
| 46 | Cookie banner presence + CMP detection | fail | 0 | banner_detected=false |
| 47 | Privacy policy page presence | fail | 0 | found=false |
| 48 | Terms of service page presence | fail | 0 | found=false |
| 49 | Third-party tracker count | pass | 80 | count=2, hosts=images-na.ssl-images-amazon.com|m.media-amazon.com |
| 50 | CCPA "Do Not Sell or Share My Personal Information" link | fail | 0 | found=false |
| 51 | Cookie scan — actual cookies set on first load | pass | 80 | count=1, names=skin, with_cmp=false |
Accessibility· 81/100
| # | Factor | Verdict | Score | Evidence |
|---|---|---|---|---|
| 52 | Accessibility statement page | fail | 0 | found=false |
| 53 | axe-core / WAVE accessibility scan | pass | 93 | accessibility_category=0.93 |
| 54 | Image alt text coverage | pass | 100 | lighthouse_score=1, failing_count=0 |
| 55 | Heading hierarchy validity | pass | 100 | lighthouse_score=1 |
| 56 | Color contrast (WCAG AA) | pass | 100 | lighthouse_score=1, failing_count=0 |
| 57 | ARIA labels presence and validity | pass | 92 | total_aria_audits=22, applicable=12, passing=11, failing=aria-allowed-attr |
| 58 | Skip-to-content link | n/a | — | Scoring not yet implemented |
Brand presence· 32/100
Email health· 54/100
| # | Factor | Verdict | Score | Evidence |
|---|---|---|---|---|
| 1 | DMARC enforcement | fail | 0 | present=true |
| 2 | DKIM signing | fail | 0 | present=false |
| 3 | SPF record present and valid | pass | 100 | present=true, raw="v=spf1 include:spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all", qualifier=hardfail |
| 24 | MTA-STS & TLS-RPT | fail | 0 | policy_ok=false |
| 25 | BIMI + VMC | pass | 100 | record=v=BIMI1;l=https://d3frv9g52qce38.cloudfront.net/amazondefault/order_1424920778_logo.svg;a=https://d3frv9g52qce38.cloudfront.net/amazondefault/amazon_web_services_inc_2026.pem, logo_url=https://d3frv9g52qce38.cloudfront.net/amazondefault/order… |
| 75 | Branded domain email address (vs free Gmail/Yahoo) | pass | 100 | branded=true, provider=generic |
| 76 | Email provider class (Workspace / 365 / Zoho / self-hosted / shared) | warn | 70 | provider=unclassified_enterprise, mx=amazon-smtp.amazon.com, source=mx_classifier |
| 77 | DMARC aggregate reporting enabled (rua=) | pass | 100 | has_dmarc_reporting=true, audit_flag=true, derived_from_raw=true, source=derived_from_raw, dmarc_raw="v=DMARC1;" "p=quarantine;" "pct=100;" "rua=mailto:report@dmarc.amazon.com;" "ruf=mailto:report@dmarc.amazon.com" |
| 78 | Free-email exposure on contact page (gmail/yahoo/outlook visible) | pass | 100 | Scored |
| 79 | Newsletter signup form detected | fail | 0 | detected=false |
| 80 | Email Service Provider (ESP) detected | fail | 0 | Scored |
| 81 | Transactional email provider detected (from SPF includes) | pass | 100 | providers=Amazon SES |
| 82 | SPF lookup count (10-limit deliverability check) | pass | 100 | lookups=4, limit=10 |
| 84 | Mailto: direct contact link present | fail | 0 | Scored |
| 85 | Email forwarding service detected (improvmx, forwardemail, etc.) | pass | 100 | hosts=amazon-smtp.amazon.com, kind=unknown |
| 86 | Lead magnet / signup incentive detected (free download, ebook, etc.) | fail | 0 | detected=false |
Scores are computed under method v0.1 — 2026-04-25. See the methodology for the full factor list and per-factor specifications.