merchandise.creativeidentity.com.au has critical failures across all four pillars. Over 1,000 product images have no alt text - a Level A WCAG violation and Australian DDA exposure. Zero structured data means search engines and AI systems cannot understand the catalogue. No cookie consent, no ABN, no security headers. The site functions as a product browser but fails as a commercial web presence. The robots.txt actively blocks most crawlers while pointing to a sitemap on a different domain. Remediation should begin with the five quick wins below, then move to the image accessibility pipeline which is the single largest liability.
| Domain | Score | Weight | Status |
|---|---|---|---|
| Crawlability | 28 | 7% | Critical |
| Markup | 12 | 6% | Critical |
| Performance | 35 | 12% | Warn |
| Tech Stack | 52 | 5% | Caution |
| Domain | Score | Weight | Status |
|---|---|---|---|
| Accessibility | 28 | 12% | Critical |
| UX | 62 | 8% | Caution |
| Brand | 45 | 3% | Warn |
| Mobile | 71 | 6% | Caution |
| Images | 8 | 3% | Critical |
| Social | 15 | 4% | Critical |
| Domain | Score | Weight | Status |
|---|---|---|---|
| Security | 22 | 9% | Critical |
| Privacy | 18 | 6% | Critical |
| Infrastructure | 63 | 4% | Caution |
| Governance | 14 | 8% | Critical |
| Domain | Score | Weight | Status |
|---|---|---|---|
| Internationalisation | 20 | 2% | Critical |
| AI Readiness | 5 | 5% | Critical |
Cross-domain issues where multiple failures compound into a single, higher-impact exposure.
1,000+ product images without alt text - legal liability
Every product image lacks alt text. This is a Level A WCAG 2.2 failure (SC 1.1.1), the most fundamental accessibility requirement. Under the Australian DDA 1992, this constitutes a barrier to access for visually impaired users across the entire product catalogue. Combined with no accessibility statement (GOV), this represents the site's single largest legal and ethical exposure.
Search engines and AI cannot understand this site
No sitemap at this domain (404). Robots.txt sitemap reference points to logoline.com.au (wrong domain). Zero JSON-LD structured data - no Organization, no Product schema, no BreadcrumbList despite visible breadcrumbs. No OG tags for social sharing. AI crawlers (GPTBot, ClaudeBot, Google-Extended) blocked by robots.txt catch-all rule. The site is structurally invisible.
E-commerce site with no security posture
GTM tracking deployed without cookie consent (ePrivacy Art 5(3) violation). No Content Security Policy header. No security.txt. Privacy policy has no last-updated date and no data subject rights section. No ABN displayed despite being an Australian business. No refund policy despite selling products. For an e-commerce site handling customer data and payments, this is a compound compliance failure.
Zero social presence, broken sharing
No OG tags means every social share produces a blank preview - no title, no image, no description. No social media links on the site. No favicon detected. No copyright notice. No schema.org sameAs. The site has no external identity beyond its URL.
Five changes with the highest impact-to-effort ratio. All achievable within a single sprint.
| # | Action | Refs | Impact / Effort | Why |
|---|---|---|---|---|
| 1 | Add lang="en-AU" to <html> element |
I18-001, ACC-003 | 5 / 1 | One attribute on every page. Fixes a Level A WCAG violation and a baseline HTML requirement. |
| 2 | Add OG and Twitter Card meta tags | SOC-001, MRK-003 | 5 / 2 | og:title, og:description, og:image on every page. Fixes broken social sharing across all platforms. |
| 3 | Create sitemap.xml for this domain | CRW-001 | 5 / 1 | The existing sitemap on logoline.com.au references the wrong domain. Create a sitemap at merchandise.creativeidentity.com.au/sitemap.xml. |
| 4 | Fix robots.txt | CRW-002 | 5 / 1 | Remove catch-all Disallow. Update sitemap reference to this domain. Allow AI crawlers. |
| 5 | Add cookie consent banner | PRI-003 | 5 / 2 | GTM tracking deployed without consent. Required by ePrivacy Directive Art 5(3) and good practice under Privacy Act 1988. |
No sitemap.xml at this domain. Reference in robots.txt points to logoline.com.au.
Robots.txt catch-all blocks all unrecognised crawlers. Only Google, Bing, Yahoo, DuckDuckBot allowed.
No canonical tags detected.
Zero JSON-LD structured data. No Organization, Product, BreadcrumbList, or any schema.
No meta descriptions on any page.
No OG tags, no Twitter Cards.
Missing H1 tags on category pages.
jQuery + Bootstrap dual-loaded. Page weight inflated.
Product images served as JPEG from Azure CDN without compression optimisation. No WebP.
Pace.js loading indicator adds unnecessary JS overhead in production.
jQuery version unknown - potential CVE exposure.
Bootstrap 4/5 conditional loading suggests incomplete migration.
Pace.js in production is unusual.
~1,000+ product images without alt text. This is the largest single finding in the entire assessment.
No lang attribute on html element.
No skip-to-content link.
Carousel likely auto-plays without pause control.
B2B login barrier - cart requires account. No guest browse-to-enquire path.
Placeholder images on ~30% of products.
No FAQ or help page.
Bootstrap default styling with no unique design system.
No copyright notice.
Placeholder images undermine professional credibility.
Touch target sizing on filter buttons and product cards unverified.
Carousel auto-play on mobile may be disruptive.
ALL product images missing alt text.
No width/height attributes on images. CLS risk.
All images JPEG, no WebP/AVIF.
Placeholder images on ~30% of products.
Zero OG tags.
Zero Twitter Card tags.
No social media links anywhere.
No favicon in HTML head.
No web app manifest.
No Content Security Policy.
No HSTS header detected.
No SRI on jQuery, Bootstrap, or GTM scripts.
No security.txt.
No cookie consent mechanism. GTM tracking without consent.
Privacy policy has no last-updated date.
No data subject access/deletion rights documented.
No ABN displayed despite being an Australian business.
SPF/DKIM/DMARC status unknown.
No custom 404 error page tested.
No ABN displayed.
No refund/returns policy.
No terms of service.
No accessibility statement.
Pricing shown ex-GST without clear disclosure.
Threshold: Australian e-commerce entity. PCI DSS not triggered (Stripe/payment processor likely handles checkout behind login).
No lang attribute on html element. This is a baseline HTML requirement regardless of market scope.
Single-market site. All other i18n checks N/A.
Robots.txt catch-all blocks AI crawlers (GPTBot, ClaudeBot, Google-Extended, PerplexityBot, CCBot, meta-externalagent).
No llms.txt (returns 500 error).
Zero structured data means AI systems cannot build entity understanding.
No sameAs links.
No entity-first content. Homepage opens with carousel, not a declarative statement.
Sequenced by impact and effort. Week 1 items are quick wins that address critical gaps with minimal development.
| Action | Ref | Severity | Effort |
|---|---|---|---|
| Week 1 | |||
| Add lang="en-AU" to html element | I18-001 | Critical | 5 min |
| Fix robots.txt | CRW-002 | Critical | 15 min |
| Create sitemap.xml for this domain | CRW-001 | Critical | 30 min |
| Add OG + Twitter Card tags to templates | SOC-001 | Critical | 2 hrs |
| Add cookie consent banner | PRI-001 | Critical | 2 hrs |
| Add copyright notice to footer | BRD-002 | Low | 5 min |
| Add privacy policy effective date | PRI-002 | High | 5 min |
| Month 1 | |||
| Build product alt text pipeline | ACC-001 | Critical | 1-2 days |
| Add Product JSON-LD schema to product pages | MRK-001 | Critical | 1 day |
| Add meta descriptions to category/product pages | MRK-002 | Critical | 1 day |
| Deploy CSP and security headers | SEC-001 | Critical | 4 hrs |
| Register and display ABN | GOV-001 | Critical | 1 hr |
| Publish refund policy | GOV-002 | Critical | 2 hrs |
| Publish terms of service | GOV-003 | Critical | 4 hrs |
| Create llms.txt | AIR-002 | High | 30 min |
| Add skip-to-content link | ACC-003 | High | 15 min |
| Configure SPF/DKIM/DMARC | INF-001 | High | 2 hrs |
| Quarter 1 | |||
| Complete Bootstrap 5 migration | TSQ-002 | Medium | 1-2 weeks |
| Replace placeholder product images | IMG-004 | Medium | Ongoing |
| Convert images to WebP | IMG-003 | Medium | 1 day |
| Add width/height to all images | IMG-002 | Medium | 1 day |
| Create web app manifest | SOC-005 | Medium | 30 min |
| Add social media profiles + links | SOC-003 | Medium | 2 hrs |
| Add FAQ page | UXI-003 | Medium | 4 hrs |
| Build brand design system | BRD-001 | Medium | 1-2 weeks |
This site requires significant remediation across all four pillars before qualifying for the Taussig Site Health Verified badge (threshold: 80). The Week 1 quick wins will address the most critical gaps. The Month 1 roadmap targets a score of 55-65.
This assessment crawled all discoverable pages via sitemap reference and link discovery, then ran 16 specialist analyses in parallel against international standards including WCAG 2.2 Level AA, OWASP Top 10, Core Web Vitals, and Australian Privacy Act 1988. Each domain was scored independently and grouped into four pillars. Cross-domain correlation identified 4 compound findings. Assessment performed by Taussig on 11/04/2026.
Own the Signal ($630) covers keyword targeting, content strategy, E-E-A-T depth assessment, AI search readiness, and competitive benchmarking. taussig.ai/services/own-the-signal