Find useful Link headers [fail]! No useful agent discovery Link headers were found.INFOFind useful Link headersINFOParse response Link header linkCount=0FAILCompare registered agent-useful relation count actual=0 expected="> 0"FAILCompare community relation count actual=0 expected="accepted as weaker evidence"FAILNo useful agent discovery Link headers were found.Fetch same-origin Link header targets [fail]! Link headers did not expose any same-origin targets to validate.INFOFetch same-origin Link header targetsINFOFetch same-origin Link header targets and record external skipsFAILCompare same-origin Link target failures actual=1 expected=0FAILLink headers did not expose any same-origin targets to validate.

Fetch a sitemap candidate [fail]! No sitemap candidate returned a successful HTTP response.INFOFetch sitemap candidateINFOTrying sitemap candidates in discovery order candidateCount=4INFOTrying to fetch /sitemap.xml url="https://shop.lululemon.com/sitemap.xml"FAIL/sitemap.xml did not return a successful response url="https://shop.lululemon.com/sitemap.xml" statusCode=403INFOTrying to fetch /sitemap.txt url="https://shop.lululemon.com/sitemap.txt"FAIL/sitemap.txt did not return a successful response url="https://shop.lululemon.com/sitemap.txt" statusCode=404INFOTrying to fetch /sitemap_index.xml url="https://shop.lululemon.com/sitemap_index.xml"FAIL/sitemap_index.xml did not return a successful response url="https://shop.lululemon.com/sitemap_index.xml" statusCode=403INFOTrying to fetch /sitemap-index.xml url="https://shop.lululemon.com/sitemap-index.xml"FAIL/sitemap-index.xml did not return a successful response url="https://shop.lululemon.com/sitemap-index.xml" statusCode=403FAILNo sitemap candidate returned HTTP 2xxParse sitemap [fail]! Fetched sitemap content was not a valid sitemap with absolute HTTP(S) URL entries.INFOParse sitemapINFOInspecting fetched sitemap content url="https://shop.lululemon.com/sitemap.xml" contentType="text/html" statusCode=403FAILCheck sitemap contains at least one URL entry or child sitemap entry actual=0 expected="> 0"PASSCheck loc values are absolute HTTP(S) URLs actual=0 expected=0 invalidLocs=[]FAILFetched content was not a valid sitemap format="unknown"Validate sitemap field quality [fail]! No valid sitemap was available for field-quality validation.INFOValidate sitemap field qualitySKIPSkipped field-quality checks because no valid sitemap was availableValidate URL scope [fail]! No valid sitemap was available for URL scope validation.INFOValidate URL scope origin="https://shop.lululemon.com"INFOChecking listed URLs against the scanned origin hostSKIPSkipped URL-scope checks because no valid sitemap was available

Discover MCP server card [warning]! No MCP server card was found at current, transitional, or linked discovery paths.INFODiscover MCP server card candidateCount=5INFOBuild MCP server-card candidate list currentPath="/.well-known/mcp-server-card" transitionalPaths=["/.well-known/mcp/server-card.json","/.well-known/mcp/server-cards.json","/mcp.json","/.well-known/mcp.json"] linkedPaths=[]PASSCheck whether page claims MCP support actual=false expected="true only when HTML or Link headers mention MCP" textMatches=[] headerLinkCount=0INFOTrying to fetch /.well-known/mcp-server-card url="https://shop.lululemon.com/.well-known/mcp-server-card" source="current"FAIL/.well-known/mcp-server-card did not return a usable server card statusCode=403 contentType="text/html"INFOTrying to fetch /.well-known/mcp/server-card.json url="https://shop.lululemon.com/.well-known/mcp/server-card.json" source="transitional"FAIL/.well-known/mcp/server-card.json did not return a usable server card statusCode=403 contentType="text/html"INFOTrying to fetch /.well-known/mcp/server-cards.json url="https://shop.lululemon.com/.well-known/mcp/server-cards.json" source="transitional"FAIL/.well-known/mcp/server-cards.json did not return a usable server card statusCode=403 contentType="text/html"INFOTrying to fetch /mcp.json url="https://shop.lululemon.com/mcp.json" source="transitional"FAIL/mcp.json did not return a usable server card statusCode=403 contentType="text/html"INFOTrying to fetch /.well-known/mcp.json url="https://shop.lululemon.com/.well-known/mcp.json" source="transitional"FAIL/.well-known/mcp.json did not return a usable server card statusCode=403 contentType="text/html"WARNNo MCP server card was found reason="No MCP server card was found at current, transitional, or linked discovery paths."

Detect WebMCP runtime API [informational]INFODetect WebMCP runtime API status="informational"INFOProbe rendered browser for WebMCP runtime objects SKIPCheck current W3C runtime API actual="not detected" expected="document.modelContext/registerTool available"INFOWebMCP evidence was recorded for context. status="informational"Probe WebMCP operability [warning]! No WebMCP surface was found to probe.INFOProbe WebMCP operability status="warning"INFORun safe WebMCP operability checks safeProbeOnly=trueWARNCheck usable WebMCP evidence actual=0 expected="at least 1 usable runtime, declarative, annotation, or static manifest signal"WARNWebMCP operability warning warning="No WebMCP surface was found to probe."WARNNo WebMCP surface was found to probe.Validate declarative WebMCP form tools [informational]! No W3C-style declarative WebMCP form attributes were found.INFOValidate declarative WebMCP form tools status="informational"INFOInspect visible forms and controls for current declarative WebMCP attributes annotatedElements=0 formsWithAttributes=0 controlsWithAttributes=0SKIPValidate declarative WebMCP attribute quality actual=0 expected=0INFONo W3C-style declarative WebMCP form attributes were found. status="informational"Validate MCP-aware HTML annotations [informational]! No data-mcp-tool or hyphenated WebMCP compatibility annotations were found.INFOValidate MCP-aware HTML annotations status="informational"INFOInspect HTML for MCP compatibility annotations compatibilityAttributeCount=0 dataMcpToolCount=0 examples=[]SKIPValidate compatibility annotation quality actual=0 expected=0INFONo data-mcp-tool or hyphenated WebMCP compatibility annotations were found. status="informational"Validate static WebMCP JSON compatibility [warning]! No static WebMCP JSON manifest or WMCP interaction graph was found.INFOValidate static WebMCP JSON compatibility status="warning"INFODiscover static WebMCP manifest candidates conventionalPaths=["/.well-known/webmcp.json","/webmcp.json"] checkedCount=2 profileCounts={}INFOWebMCP manifest candidate checked source="path" path="/.well-known/webmcp.json" url="https://shop.lululemon.com/.well-known/webmcp.json" statusCode=403 contentType="text/html"INFOWebMCP manifest candidate checked source="path" path="/webmcp.json" url="https://shop.lululemon.com/webmcp.json" statusCode=403 contentType="text/html"WARNValidate discovered static WebMCP metadata actual={"validManifestCount":0,"invalidManifestCount":0,"toolCount":0,"wmcpActionCount":0} expected="at least 1 valid tools[] manifest or WMCP graph when static metadata is present"WARNNo static WebMCP JSON manifest or WMCP interaction graph was found.Validate WebMCP tool metadata quality [informational]INFOValidate WebMCP tool metadata quality status="informational"INFOInspect WebMCP tool names, descriptions, schemas, and safety hints toolCount=0SKIPCheck tool metadata findings actual={"issueCount":0,"warningCount":0} expected="0 issues and 0 warnings"INFOWebMCP evidence was recorded for context. status="informational"Review WebMCP security and policy signals [informational]INFOReview WebMCP security and policy signals status="informational"INFOInspect WebMCP security and policy signals permissionsPolicy="(missing)" failureCount=0 warningCount=0PASSCheck security findings actual={"failures":0,"warnings":0} expected="0 failures and 0 warnings"INFOWebMCP evidence was recorded for context. status="informational"

Find Referrer-Policy header [fail]! Referrer-Policy header is missing.INFOFind Referrer-Policy headerINFORead Referrer-Policy delivery header="referrer-policy" value="missing" metaReferrerPolicyCount=0 browserDefault="strict-origin-when-cross-origin"FAILRequire explicit HTTP Referrer-Policy header actual="missing" expected="HTTP response header present" issue="Referrer-Policy header is missing."FAILReferrer-Policy header is missing.Review observed browser responses [warning]! One or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy.INFOReview observed browser responsesINFOSample Chrome-observed same-origin responses observedResponseCount=120 sameOriginCount=87 htmlDocumentCount=1WARNCompare observed Referrer-Policy coverage actual={"missingPolicyCount":1,"unsafeOrInvalidPolicyCount":0,"weakPolicyCount":0,"affected":[{"url":"https://shop.lululemon.com/","status":200,"resourceType":"document","contentType":"text/html; charset=utf-8","referrerPolicy":null,"classification":"invalid"}]} expected="0 missing, unsafe, invalid, or weak same-origin HTML responses" issue="One or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy."WARNOne or more same-origin HTML documents observed by Chrome did not emit Referrer-Policy.

Validate RFC 9309 core syntax [fail]! robots.txt was found but did not contain a valid, parseable User-agent group.INFOValidate RFC 9309 core syntaxINFOParsing robots.txt into User-agent groups and Allow/Disallow recordsPASSCheck User-agent group count actual=2 expected=">= 1 parseable group" parsedUserAgents=["*","meta-externalagent"]FAILCheck malformed lines and orphan Allow/Disallow records actual={"invalidLines":0,"orphanRecords":10} expected={"invalidLines":0,"orphanRecords":0}FAILAllow/Disallow records appeared before any User-agent group orphanRecords=[{"directive":"disallow","value":"*/search?Ntt=*","line":3},{"directive":"disallow","value":"/shop/gadgets/","line":4},{"directive":"disallow","value":"/cartridges/FeaturesResultsList/","line":5},{"directive":"disallow","value":"/search/","line":6},{"directive":"disallow","value":"/*?Ns=price*","line":7}]

Fetch discovery metadata [fail]! OAuth/OIDC was claimed or referenced, but no registered OAuth/OIDC discovery document was found.INFOFetch discovery metadataINFOTrying OAuth/OIDC well-known metadata candidates checkedCount=2INFOChecked discovery candidate path="/.well-known/openid-configuration" statusCode=403 contentType="text/html" length=420INFOChecked discovery candidate path="/.well-known/oauth-authorization-server" statusCode=403 contentType="text/html" length=430FAILCheck discovery metadata fetch succeeded actual=2 expected="HTTP 2xx JSON metadata document"FAILFetch discovery metadata failed issue="OAuth/OIDC was claimed or referenced, but no registered OAuth/OIDC discovery document was found."

Warn when auth surface lacks Auth.md [warning]! The site appears to support login, signup, account access, or credentials but does not publish /auth.md.INFOWarn when auth surface lacks Auth.mdWARNThe site appears to support login, signup, account access, or credentials but does not publish /auth.md.

Validate declared usage preferences [warning]! No Content-Usage or Content-Signal declarations were found.INFOValidate declared usage preferencesINFOParsing declared preferences into terms and values recordCount=0SKIPSkipping declaration validation because no Content-Usage or Content-Signal records were declared.SKIPCompare declared records to validation requirement actual=0 expected="No validation needed when no records are declared"WARNNo Content-Usage or Content-Signal declarations were present.

Detect protected-resource applicability [warning]! Generic authentication signals were found, but no OAuth Protected Resource metadata signal was detected.INFODetect protected-resource applicabilityINFOInspecting auth headers, MCP/OAuth claims, and protected-resource hints applies=false requiresAuthorizationServers=false signalsCount=0 genericAuthSignalsCount=3 checkedCount=1WARNCheck protected-resource metadata applicability actual=false expected="true when RFC 9728 metadata exists or support is claimed" checked=[{"url":"https://shop.lululemon.com/.well-known/oauth-protected-resource","path":"/.well-known/oauth-protected-resource","source":"root-well-known","resourceIdentifier":"https://shop.lululemon.com","statusCode":403,"contentType":"text/html","length":428}]WARNDetect protected-resource applicability completed with warnings issue="Generic authentication signals were found, but no OAuth Protected Resource metadata signal was detected."

Discover RSL declarations [warning]! No RSL declarations were found.INFODiscover RSL declarationsINFOChecking robots.txt License records, HTTP Link rel=license headers, HTML license links, and inline RSL XML robotsFound=trueSKIPCount discovered RSL declarations actual=0 expected=">= 1 when RSL licensing terms are published" sources={}WARNNo RSL declarations were found on any supported discovery surface.

Fetch /.well-known/tdmrep.json [warning]! No TDMRep declaration was found at /.well-known/tdmrep.json.INFOFetch /.well-known/tdmrep.jsonINFORequesting origin-level TDMRep declaration at /.well-known/tdmrep.jsonWARNCompare TDMRep file response actual=403 expected="2xx with JSON array when origin-level TDMRep is published" contentType="text/html" length=411WARNNo TDMRep declaration was found at /.well-known/tdmrep.json. 

Validate Last-Modified header [fail]! No valid Last-Modified HTTP header was found.INFOValidate Last-Modified headerINFOReading Last-Modified response headerFAILCheck Last-Modified header is present and parseable actual="missing" expected="valid" alternateDates=[]FAILLast-Modified header is missing or invalidValidate structured freshness dates [fail]! No Schema.org freshness dates were found.INFOValidate structured freshness datesINFOCollecting Schema.org freshness dates from JSON-LD, Microdata, and RDFaFAILCheck structured freshness date count actual=0 expected="> 0" invalidDateCount=0 formats={} alternateDates=[]FAILNo structured freshness dates foundValidate metadata freshness dates [fail]! No Open Graph, Dublin Core, or generic meta freshness date was found.INFOValidate metadata freshness datesINFOCollecting Open Graph, Dublin Core, and generic meta freshness datesFAILCheck metadata freshness date count actual=0 expected="> 0" metaDateCount=0 invalidDateCount=0 alternateDates=[]FAILNo metadata freshness dates foundCorroborate with sitemap lastmod [warning]INFOCorroborate with sitemap lastmodINFODiscovering sitemap candidates and matching the scanned page URL candidateCount=1 attempts=1WARNCheck matching sitemap lastmod actual="no match" expected="valid match when available" robotsStatusCode=200WARNNo matching sitemap lastmod found after sitemap attempts attempts=1

Fetch root llms.txt [fail]! /llms.txt was not found or could not be fetched.INFOFetch root llms.txt path="/llms.txt"INFOTrying to fetch /llms.txt url="https://shop.lululemon.com/llms.txt"FAIL/llms.txt was not found or could not be fetched statusCode=404FAILFetch root llms.txt failed reason="/llms.txt is required for this check."Inspect optional llms-full.txt [informational]INFOInspect optional llms-full.txtINFOTrying to fetch /llms-full.txt url="https://shop.lululemon.com/llms-full.txt"SKIP/llms-full.txt is not present statusCode=404

Markdown representation [fail]! No usable Markdown representation was found through negotiation, advertised alternates, or conservative .md mirror checks.INFOMarkdown representationFAILCheck usable Markdown representation was selected actual={"source":"negotiated","url":"https://shop.lululemon.com/","statusCode":403,"contentType":"text/html","mediaType":"text/html","vary":"","requireVaryAccept":true,"contentTypeStatus":"fail","cacheStatus":"fail","bodyStatus":"fail","pass":false,"quality":{"valid":false,"formatStatus":"fail","dialect":"mdx-like","hasHeading":false,"headingCount":0,"wordCount":45,"features":{"markdownLinks":0,"referenceLinks":0,"listItems":0,"tables":0,"taskListItems":0,"fencedCodeBlocks":0,"yamlFrontmatter":false,"jsonLdFencedBlocks":0,"admonitions":0,"strikethrough":0,"autolinks":0,"rawHtmlTags":11,"jsxOrMdxSignals":7},"issues":["missing-heading","raw-html-heavy","mdx-jsx-source-leakage","plain-text-like"],"excerpt":"<HTML><HEAD>\n<TITLE>Access Denied</TITLE>\n</HEAD><BODY>\n<H1>Access Denied</H1>\n \nYou don't have permission to access \"http&#58;&#47;&#47;shop&#46;lululemon&#46;com&#47;\" on this server.<P>\nReference&#32;&#35;18&#46;8cd70b17&#46;1781745628&#","issue":"Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown."}} expected="negotiated, advertised alternate, or conventional mirror" selected={"source":"negotiated","url":"https://shop.lululemon.com/","statusCode":403,"contentType":"text/html","mediaType":"text/html","vary":"","requireVaryAccept":true,"contentTypeStatus":"fail","cacheStatus":"fail","bodyStatus":"fail","pass":false,"quality":{"valid":false,"formatStatus":"fail","dialect":"mdx-like","hasHeading":false,"headingCount":0,"wordCount":45,"features":{"markdownLinks":0,"referenceLinks":0,"listItems":0,"tables":0,"taskListItems":0,"fencedCodeBlocks":0,"yamlFrontmatter":false,"jsonLdFencedBlocks":0,"admonitions":0,"strikethrough":0,"autolinks":0,"rawHtmlTags":11,"jsxOrMdxSignals":7},"issues":["missing-heading","raw-html-heavy","mdx-jsx-source-leakage","plain-text-like"],"excerpt":"<HTML><HEAD>\n<TITLE>Access Denied</TITLE>\n</HEAD><BODY>\n<H1>Access Denied</H1>\n \nYou don't have permission to access \"http&#58;&#47;&#47;shop&#46;lululemon&#46;com&#47;\" on this server.<P>\nReference&#32;&#35;18&#46;8cd70b17&#46;1781745628&#","issue":"Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown."}} candidatesChecked=2FAILMarkdown representation failed issue="No usable Markdown representation was found through negotiation, advertised alternates, or conservative .md mirror checks."Same-URL negotiation [fail]! Same-URL Accept: text/markdown did not return a valid Markdown representation.INFOSame-URL negotiationFAILCheck negotiated Markdown response actual={"statusCode":403,"mediaType":"text/html","vary":""} expected="HTTP 2xx text/markdown with Vary: Accept" url="https://shop.lululemon.com/" statusCode=403 mediaType="text/html"FAILSame-URL negotiation failed issue="Same-URL Accept: text/markdown did not return a valid Markdown representation."Markdown format validation [fail]! Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown.INFOMarkdown format validationFAILCheck Markdown body quality actual={"valid":false,"wordCount":45,"headingCount":0,"dialect":"mdx-like"} expected="valid Markdown with substantive text and headings" valid=false dialect="mdx-like" wordCount=45 headingCount=0FAILMarkdown format validation failed issue="Markdown response appears to expose MDX/JSX source rather than rendered agent-facing Markdown."Advertised Markdown alternate [warning]! No Link or HTML rel=alternate text/markdown URL was advertised.INFOAdvertised Markdown alternateWARNCheck advertised Markdown alternate candidates actual=0 expected="> 0 when HTML advertises a Markdown alternate" advertisedUrls=[] candidateCount=0WARNAdvertised Markdown alternate has a warning issue="No Link or HTML rel=alternate text/markdown URL was advertised."Conventional .md mirror [fail]! Conventional .md mirror candidates did not return valid Markdown.INFOConventional .md mirrorFAILCheck conventional Markdown mirror candidates actual=1 expected="> 0 when a conventional mirror is discoverable" conventionalUrls=["https://shop.lululemon.com/index.html.md"] candidateCount=1FAILConventional .md mirror failed issue="Conventional .md mirror candidates did not return valid Markdown."

Discover A2A Agent Card [warning]! No A2A Agent Card was found at the current, legacy, or fallback discovery paths.INFODiscover A2A Agent CardINFOTry A2A discovery paths in priority order paths=["/.well-known/agent-card.json","/.well-known/agent.json","/agent-card.json","/.well-known/a2a/agent-card.json"]WARNA2A candidate path did not return a usable card path="/.well-known/agent-card.json" statusCode=403 contentType="text/html"WARNA2A candidate path did not return a usable card path="/.well-known/agent.json" statusCode=403 contentType="text/html"WARNA2A candidate path did not return a usable card path="/agent-card.json" statusCode=403 contentType="text/html"WARNA2A candidate path did not return a usable card path="/.well-known/a2a/agent-card.json" statusCode=403 contentType="text/html"WARNNo A2A Agent Card candidate was selectedWARNNo A2A Agent Card was found at the current, legacy, or fallback discovery paths.

Discover Agent Skills index [warning]! No Agent Skills discovery index was found at the canonical or legacy path.INFODiscover Agent Skills indexINFOTry Agent Skills index paths in priority order paths=["/.well-known/agent-skills/index.json","/.well-known/skills/index.json"]WARNAgent Skills index candidate was not usable path="/.well-known/agent-skills/index.json" url="https://shop.lululemon.com/.well-known/agent-skills/index.json" statusCode=403WARNAgent Skills index candidate was not usable path="/.well-known/skills/index.json" url="https://shop.lululemon.com/.well-known/skills/index.json" statusCode=403WARNNo Agent Skills discovery index was found at the canonical or legacy path.

Discover agents.json [warning]! No Wildcard-style agents.json file was found.INFODiscover agents.jsonINFOTry agents.json discovery paths in priority order paths=["/.well-known/agents.json","/agents.json"]WARNagents.json candidate path did not return a usable contract path="/.well-known/agents.json" statusCode=403 contentType="text/html"WARNagents.json candidate path did not return a usable contract path="/agents.json" statusCode=403 contentType="text/html"WARNNo agents.json candidate was selectedWARNNo Wildcard-style agents.json file was found.

Query DNS-AID records [warning]! No DNS-AID HTTPS/SVCB records were found under _agents.INFOQuery DNS-AID recordsINFOBuild DNS-AID query names from hostname hostname="shop.lululemon.com" labels=["_index._agents.shop.lululemon.com","_a2a._agents.shop.lululemon.com"] claimedOnPage=falseWARNDNS query returned no DNS-AID answers name="_index._agents.shop.lululemon.com" rrtype="HTTPS" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_index._agents.shop.lululemon.com" rrtype="SVCB" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_index._agents.shop.lululemon.com" rrtype="ANY" resolver="node-resolveAny-fallback" answerCount=0 error="queryAny ETIMEOUT _index._agents.shop.lululemon.com"WARNDNS query returned no DNS-AID answers name="_a2a._agents.shop.lululemon.com" rrtype="HTTPS" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_a2a._agents.shop.lululemon.com" rrtype="SVCB" resolver="cloudflare-doh-json" rcode=3 ad=false answerCount=0WARNDNS query returned no DNS-AID answers name="_a2a._agents.shop.lululemon.com" rrtype="ANY" resolver="node-resolveAny-fallback" answerCount=0 error="queryAny ETIMEOUT _a2a._agents.shop.lululemon.com"WARNCompare total DNS-AID answer count actual=0 expected="> 0"WARNNo DNS-AID HTTPS/SVCB records were found under _agents.Check DNSSEC authentication evidence [warning]! DNSSEC authentication evidence was not visible for the DNS-AID labels or hostname.INFOCheck DNSSEC authentication evidenceWARNCompare DNSSEC authenticated-data flag actual=false expected=trueWARNCompare visible DNSSEC material actual=false expected=trueWARNResolver did not confirm authenticated DNSSEC data name="_index._agents.shop.lululemon.com" rrtype="HTTPS" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.shop.lululemon.com" rrtype="SVCB" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.shop.lululemon.com" rrtype="ANY" resolver="node-resolveAny-fallback" dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.shop.lululemon.com" rrtype="HTTPS" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.shop.lululemon.com" rrtype="SVCB" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.shop.lululemon.com" rrtype="ANY" resolver="node-resolveAny-fallback" dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_index._agents.shop.lululemon.com" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="_a2a._agents.shop.lululemon.com" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="shop.lululemon.com" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNResolver did not confirm authenticated DNSSEC data name="lululemon.com" rrtype="DNSKEY" resolver="cloudflare-doh-json" ad=false dnssecTypes=[]WARNDNSSEC authentication evidence was not visible for the DNS-AID labels or hostname.

Evaluate script execution [fail]! default-src allows dangerous script schemes: blob:, data:.INFOEvaluate script executionINFOInspect effective script directive effectiveDirective="default-src" sources=["'self'","blob:","data:","'unsafe-inline'","'unsafe-eval'","https://amt.adeptmind.ai","https://analytics-ipv6.tiktokw.us","https://1ed92c59f6b0.6a312f71.us-east-1.captcha.awswaf.com","https://1ed92c59f6b0.6a312f71.us-east-1.token.awswaf.com","https://1ed92c59f6b0.us-east-1.captcha-sdk.awswaf.com","https://unq3b64663bf52f407fb93ae5c5d0ccd-crm.omnichannelengagementhub.com","https://api.cash.app","https://cash.app","https://emperia.digital","https://reporting.findmine.com","https://api.findmine.com","https://lit.findmine.com","https://pdimg-prod-fmv3.findmine.com","https://js.findmine.com","https://google.com","https://shopstylecollective.com","https://collectivevoice.com","https://d2hrivdxn8ekm8.cloudfront.net","https://d1lu3pmaz2ilpx.cloudfront.net","https://dvqigh9b7wa32.cloudfront.net","https://d330aiyvva2oww.cloudfront.net","https://geolocation.onetrust.com","https://view.seekxr.com","https://lantern.roeye.com","https://cdn.cookielaw.org","https://app.collectivevoice.com","https://lantern.roeyecdn.com","https://tr6.snapchat.com","https://www.awin1.com","https://www.zenaps.com","https://the.sciencebehindecommerce.com","https://lululemoncanada.us-4.evergage.com","https://www.dwin1.com","https://region1.google-analytics.com","https://region1.analytics.google.com","https://tr.snapchat.com","https://cdn.evgnet.com","https://*.truefitcorp.com","https://privacyportal.onetrust.com","https://analytics-sg.tiktok.com","https://oc-cdn-ocprod.azureedge.net","https://cdn.jsdelivr.net","https://offers.sheerid.com","https://insight.adsrvr.org","https://sc-static.net","https://romeo.liveclicker.com","https://analytics.tiktok.com","https://seal.digicert.com","https://www.pinterest.com","https://*.romeo.liveclicker.com","https://*.doubleclick.net","https://pubads.g.doubleclick.net","https://h.online-metrix.net","https://s7mbrstream.scene7.com","https://socialladder.rkiapps.com","https://us-central1-adaptive-growth.cloudfunctions.net","https://p11.techlab-cdn.com","https://www.onelink-edge.com","https://cdn.pdst.fm","https://js.afterpay.com","https://klarna-payments-na.klarna.com","https://cdn.honey.io","https://ws1.postescanada-canadapost.ca","https://js.klarna.com","https://na.klarnaevt.com","https://x.klarnacdn.net","https://na-library.klarnaservices.com","https://static.quiq-cdn.com","https://lululemon.quiq-api.com","https://portal.afterpay.com","https://static-us.afterpay.com","https://static.afterpay.com","https://graphql.contentful.com","https://*.medallia.com","https://cdn.contentful.com","https://preview.contentful.com","https://www.shopstylecollective.com/","https://tracking.shopstylecollective.com/","https://beta.shopstylecollective.com/","https://test.shopstylecollective.com/","https://optimize.google.com","https://*.kampyle.com","https://functions62d2bb65.azurewebsites.net","https://omny.fm","https://*.braintreegateway.com","https://*.braintree-api.com","https://cdnjs.cloudflare.com","https://*.btttag.com","https://*.demdex.net","https://*.sentry.io","https://sentry.io","https://*.lululemon.com","https://adobedtm.com","https://assets.adobedtm.com","https://scripts.agileone.com","https://cx.atdmt.com","https://static.atgsvcs.com","https://rules.atgsvcs.com","https://bat.bing.com","https://lululemonspna.btttag.com","https://d.btttag.com","https://cache-ssl.celtra.com","https://celtraidentity.com","https://custhelp.com","https://widget.custhelp.com","https://lululemon.custhelp.com","https://lululemonfr.custhelp.com","https://lululemon.widget.custhelp.com","https://www.facebook.com","https://connect.facebook.net","https://clientstream.launchdarkly.com","https://app.launchdarkly.com","https://*.lllapps.com","https://*.lllapi.com","https://www.googletagmanager.com","https://www.google-analytics.com","https://www.googleadservices.com","https://www.google.com","https://maps.gstatic.com","https://fonts.gstatic.com","https://www.gstatic.com","https://adservice.google.com","https://adservice.google.ca","https://www.google.ca","https://fonts.googleapis.com","https://maps.googleapis.com","https://googleads.g.doubleclick.net","https://cdn.ravenjs.com","https://*.bazaarvoice.com","https://*.akamaihd.net","https://cm.everesttech.net","https://cm.g.doubleclick.net","https://stats.g.doubleclick.net","https://bid.g.doubleclick.net","https://ads.celtra.com","https://scripts.agilone.com","https://vsvipmw01.rightnowtech.com","https://*.quantummetric.com","https://ad.doubleclick.net","https://events.launchdarkly.com","https://track.celtra.com","https://ads-twitter.com","https://www.youtube.com","https://*.paypal.com","https://www.paypalobjects.com","https://rlcdn.com","https://di.rlcdn.com","https://s.pinimg.com","https://yimg.com","https://analytics.yahoo.com","https://static.ads-twitter.com","https://analytics.twitter.com","https://t.co","https://ct.pinterest.com","https://beacon.lynx.cognitivlabs.com","https://scene7.com","https://s.ytimg.com","https://s.yimg.com","https://prf.hn","https://ln-rules.rewardstyle.com","https://*.curalate.com","https://d28m5bx785ox17.cloudfront.net","https://d2i1u3dt4wjv23.cloudfront.net","https://sp.analytics.yahoo.com","https://analytics.google.com","https://mpsnare.iesnare.com","https://shopstylecollective.com","https://flex.cybersource.com","https://*.browser-intake-datadoghq.com","https://www.datadoghq-browser-agent.com","https://browser-intake-datadoghq.com","https://lululemon.my.site.com","https://lululemon.my.salesforce-scrt.com","https://login.klarna.com","https://mgln.ai","https://cdn.mgln.ai","https://us.mgln.ai","https://eu.mgln.ai","https://lululemon-com.dlp.retail.adeptmind.net","https://raven.adeptmind.ai","https://pixel.tapad.com","https://www.redditstatic.com","https://alb.reddit.com","https://pixel-config.reddit.com","https://ade.googlesyndication.com","https://pagead2.googlesyndication.com","https://dwin1.com","https://awin1.com","https://zenaps.com","https://www.wepowerconnections.com","https://rts.persado.com","https://cdn.persa.do","https://cdn.persado.com","https://web.btncdn.com","https://api.usebutton.com","https://web.usebutton.com","https://*.kameleoon.com","https://*.kameleoon.io","https://*.kameleoon.eu","https://ecommwidget.trurating.com","https://fonts.googleapis.com","https://ecommapi.trurating.com","https://fonts.gstatic.com","https://amazon-adsystem.com","https://*.amazon-adsystem.com","https://paa-reporting-advertising.amazon","https://*.paa-reporting-advertising.amazon","https://m.media-amazon.com","https://fls-na.amazon.com","https://us.engage.app","https://eu.engage.app","https://talkative-cdn.com","https://sockjs-us2.pusher.com","https://pixel.byspotify.com","https://pixels.spotify.com","https://sockjs-eu.pusher.com","https://*.daily.co","https://osm.klarnaservices.com","https://onelinksmartscript.appsflyer.com","https://impressions.onelink.me","https://lululemon.onelink.me","https://static.experimentation.dev","https://sdk-config.experimentation.dev","https://eu-data.experiment.dev","wss://ws-us2.pusher.com","wss://ws-eu.pusher.com","wss://*.wss.daily.co"]FAILCompare script execution posture actual={"hasNonce":false,"hasHash":false,"hasStrictDynamic":false,"hasUnsafeInline":true,"hasUnsafeEval":true,"hasWildcardHost":false,"hasBroadScheme":false,"dangerousSchemes":["blob:","data:"]} expected="constrained script sources without unsafe execution allowances" issue="default-src allows dangerous script schemes: blob:, data:."FAILdefault-src allows dangerous script schemes: blob:, data:.Review hardening directives [warning]! CSP is missing recommended hardening directives: form-action.INFOReview hardening directivesINFOInspect CSP hardening directives objectSrc=["'none'"] baseUri=["'self'"] frameAncestors=["'self'"] formCount=2WARNCompare recommended hardening coverage actual=["form-action"] expected="no missing object-src/base-uri/form-action requirements" issue="CSP is missing recommended hardening directives: form-action."WARNCSP is missing recommended hardening directives: form-action.Review CSP reporting [warning]! CSP does not define a reporting endpoint.INFOReview CSP reportingINFOInspect CSP reporting directives reportOnlyHeaderPresent=false reportOnlyDirectives=[]WARNCompare violation reporting configuration actual="no reporting endpoint" expected="report-to or report-uri present" issue="CSP does not define a reporting endpoint."WARNCSP does not define a reporting endpoint.

Schema.org attribution [warning]! Schema.org attribution is incomplete or relies only on publisher/fallback evidence.INFOSchema.org attributionINFOChecking structured data for author, creator, and publisher contributorsWARNCheck named Schema.org author count actual=0 expected="> 0" authorCount=0 publisherCount=0 namedContributors=0 authors=[] publishers=[] formats=[]WARNSchema.org attribution is incomplete or fallback-only authorCount=0 publisherCount=0 authors=[] publishers=[]Author identity quality [fail]! No named author or publisher identity could be extracted.INFOAuthor identity qualityINFOChecking contributors for stable identity signalsFAILCheck identified contributor count actual=0 expected="> 0" namedContributors=0 identifiedContributors=[] unidentifiedContributors=[]FAILNo named contributor identity could be extracted

Page-relevant schema family [fail]! The page has specific visible content intent, but structured data does not include a matching primary schema family.INFOPage-relevant schema familyINFOInferring specific page intent and comparing it with detected Schema.org typesFAILCheck schema types matching specific visible page intent actual=0 expected="> 0" inferredIntents=["local-business"] expectedTypes=["LocalBusiness"] matchingTypes=[] observedTypes=["Organization","WebSite"]FAILNo primary schema family matches the inferred page intent expectedTypes=["LocalBusiness"] primaryTypes=[]

Form labels and autocomplete [fail]! 2 user-fillable form controls are missing labels.INFOForm labels and autocompleteFAILCheck form labels and autocomplete evidence actual={"counts":{"formControls":2,"unlabeledFormControls":2,"autocompleteInputs":0,"inputsWithAutocomplete":0,"missingAutocompleteInputs":0},"formLabelCoverage":false} expected="semantic HTML evidence for this step"FAILForm labels and autocomplete failed issue="2 user-fillable form controls are missing labels."

WebSite publisher linkage [fail]! WebSite.publisher is missing.INFOWebSite publisher linkageINFOChecking whether WebSite.publisher points to the Organization entity websiteFormat="json-ld" organizationFormat="json-ld"FAILCheck publisher presence actual=false expected=true publisher={"present":false,"matchesOrganization":false} website={"name":"lululemon","url":"https://shop.lululemon.com/"} organization={"name":"lululemon","url":"https://shop.lululemon.com/"}FAILCheck publisher matches Organization actual=false expected=trueFAILWebSite publisher is missing

Review subdomain scope [warning]! HSTS is valid, but includeSubDomains is absent.INFOReview subdomain scopeINFOInspect subdomain enforcement scope includeSubDomains=falseWARNCompare includeSubDomains coverage actual="absent" expected="included after subdomains are HTTPS-ready" issue="HSTS is valid, but includeSubDomains is absent."WARNHSTS is valid, but includeSubDomains is absent.

Fetch API catalog [informational]! No API catalog was found and no public API signal was detected.INFOFetch API catalogINFOFetch /.well-known/api-catalog requestedUrl="https://shop.lululemon.com/.well-known/api-catalog"PASSCompare API catalog HTTP status actual=403 expected="2xx/3xx"WARNNo API catalog was found and no public API signal was detected. status="informational"

Find advertised IndexNow key location [informational]! No IndexNow key location was advertised in HTML, Link headers, or robots.txt.INFOFind advertised IndexNow key locationINFOLook for IndexNow key hints in HTML, Link headers, and robots.txt supportedHints=["robots.txt IndexNow-Key","rel=indexnow-key","meta name=indexnow-key-location"]PASSCompare advertised key location count actual=0 expected="> 0"WARNNo IndexNow key location was advertised in HTML, Link headers, or robots.txt.Fetch and validate IndexNow key file [informational]! No discoverable IndexNow key file was found.INFOFetch and validate IndexNow key fileINFOLook for IndexNow key hints in HTML, Link headers, and robots.txt supportedHints=["robots.txt IndexNow-Key","rel=indexnow-key","meta name=indexnow-key-location"]PASSCompare advertised key location count actual=0 expected="> 0"INFOFetch each advertised same-origin key file and validate filename/body matchFAILCompare valid IndexNow key file count actual=0 expected="> 0"WARNNo discoverable IndexNow key file was found.