What does StackOptic analyze?

StackOptic runs 18 analysis modules on any public website from a single URL. It detects 7,000+ technologies (CMS, frameworks, analytics, payments, CDN, hosting), evaluates SSL certificates and HTTP security headers with grades from A+ to F, measures Core Web Vitals (LCP, CLS, TBT, FCP), audits SEO meta tags and structured data, checks email security (SPF, DKIM, DMARC), analyzes AI & LLM readiness including bot access and llms.txt validation, extracts color palettes and typography, estimates carbon footprint, and generates permanent shareable reports.

Does it work on sites behind Cloudflare or bot protection?

Yes. StackOptic uses a real browser engine that loads pages exactly like a human visitor — executing JavaScript, rendering CSS, and handling redirects. This allows it to bypass Cloudflare, LiteSpeed, Sucuri, and other bot protection systems where traditional crawlers and HTTP-only tools fail.

What do I get on the free plan?

The free plan includes 5 analyses per day with access to all 18 modules, full scores, technology detection, and security grades. Every report is permanently accessible via a unique shareable URL — no login required to view. No credit card needed. AI-powered insights, re-analysis, PDF/JSON export, and comparison features are available on Pro ($24/mo) and Agency ($99/mo) plans.

What is AI & LLM readiness analysis?

This module evaluates how visible and citable your website is to AI search engines like ChatGPT, Perplexity, Google AI Overviews, and Claude. It audits access permissions for 8 major AI bots, validates llms.txt and llms-full.txt files, scores citation-ready content structure, and analyzes structured data (JSON-LD) for GEO readiness — helping you rank in the next generation of search.

How long does an analysis take?

Most analyses complete in under 10 seconds. StackOptic runs all 18 modules in parallel using a real browser session, so you get technology detection, security audit, performance metrics, SEO analysis, and AI readiness scoring simultaneously.

How accurate are the results?

Detection is based on real browser execution — DOM inspection, JavaScript runtime analysis, HTTP headers, and DNS records. With 7,000+ technology signatures and Lighthouse-calibrated performance scoring, StackOptic achieves high accuracy for mainstream technologies.

What security checks are performed?

The security module evaluates SSL/TLS certificates, 12+ HTTP security headers (HSTS, CSP, X-Frame-Options, Permissions-Policy, Referrer-Policy), HTTPS enforcement, and email authentication (SPF, DKIM, DMARC). Each site receives a letter grade from A+ to F with specific remediation steps.

Do you store the websites I analyze?

StackOptic only stores publicly available information that any visitor to a website would see — HTML content, HTTP headers, DNS records, and screenshots. We do not access private data, log in to websites, or perform any intrusive testing.

What technologies does paddle.com use?

paddle.com utilizes a modern technology stack, including Next.js for the frontend, Tailwind CSS for styling, and Google Analytics for tracking. It also leverages Netlify and Amazon Web Services (AWS) for hosting and Cloudflare as a CDN for optimized content delivery.

Who hosts paddle.com?

paddle.com is hosted on Amazon Web Services (AWS), a leading cloud computing platform known for its reliability and scalability. It uses Netlify as server software. This suggests a commitment to high availability and the ability to handle significant traffic volumes.

Is paddle.com secure?

paddle.com uses an SSL certificate issued by Let's Encrypt, and enforces a strict DMARC policy for email security, indicating a proactive approach to protecting user data. However, a more comprehensive security assessment would be needed to fully evaluate the website's security posture.

Back to Search

paddle.com

https://paddle.com· First analyzed 18 Feb 2026· Updated 18 Mar 2026

Export

paddle.com

Mobile

Sponsored

Hosting Provider

Amazon Web Services (AWS)

aws.amazon.com

IP Address

3.33.186.135

Server Location

🇨🇦 Montreal, Canada

ASN

AS16509

Organization

AWS Global Accelerator (GLOBAL)

Server

Netlify

CDN

Cloudflare

WAF

Cloudflare

Nameservers

jean.ns.cloudflare.com.hank.ns.cloudflare.com.

Performance

Core Web Vitals

Weight

First Contentful Paint

1.1 s10%

Speed Index

1.4 s10%

Largest Contentful Paint

—25%

Total Blocking Time

0.0 ms30%

Cumulative Layout Shift

0.00025%

1.4 MB

90 requests

Image Optimization

Lazy LoadWebPResponsiveVercel Image Optimization

0–49

50–89

90–100

Architecture Stack

JAMstack

🔀 Hybrid

Decoupled

Frontend

Framework

Next.js

API

Data Source

Headless CMS

Prismic

Infrastructure

Hosting

Amazon Web Services (AWS)

CDN

Cloudflare

Detected API Sources

https://images.prismic.io/padd...

Technology Stack

8 Technologies Detected

Analytics

Meta Frameworks

CSS Frameworks

Tag Managers

Advertising

Microsoft Advertising

Other

VWO

Platforms

Netlify

SEO Analysis

C67/100

paddle.compaddle.com

Paddle - Subscriptions, Payments & Tax for SaaS & Apps

The revenue engine powering payments for n8n, Letterboxd & AdGuard. One platform that handles subscription billing, payments and compliance.

Title Length54 chars

Recommended: 50-60 chars (~351px / 580px)

Description Length140 chars

Recommended: 120-160 chars

Issues (1)

• Very thin content (0 words). Search engines prefer substantial content (300+ words).

6 issues found

Upgrade to view details

Crawlability

Sitemap

Type: standard

1,229 URLs

robots.txt

3 rules

Sitemap reference found

Allows all crawlers

Local SEO

Local Search Readiness

3/100

Poor

1 14 2

This site doesn't appear to be a local business. Local SEO signals are optional for non-local websites.

Sponsored

AI & LLM Readiness

F29/100

Bot Access

20/25

Machine Read.

7/25

Schema Data

0/25

Citation

2/25

AI Bot Access

14/14 accessible

AI Search

OAI-SearchBot

PerplexityBot

Claude-SearchBot

Gemini-Deep-Research

DuckAssistBot

Training

GPTBot

ClaudeBot

Google-Extended

Meta-ExternalAgent

Bytespiderinfo

Amazonbot

Applebot-Extended

CCBotinfo

Fetch

ChatGPT-User

Machine Readability

llms.txt

llms-full.txt

Semantic HTML

Heading Hierarchy

Text ratio:1%

Words:1,406

Token eff.:Optimal

Structured Data

No Schema

Citation Readiness

Opening Summary

Descriptive Headings

Canonical URL

Open Graph0/3

Twitter Card0/3

Language Tag

Publish Date

Author Info

Lists

Tables

TL;DR / Summary

About Page Link

Recommendations (12)

AI readiness recommendation preview...

Upgrade to view recommendations

Sponsored

Accessibility

WCAG 2.1 Compliance

Evaluates how accessible your website is for users with disabilities, based on WCAG 2.1 guidelines. Checks images, forms, keyboard navigation, ARIA roles, and color contrast.

67/100

Passed

Critical

Warnings

Images & Alt Text

20/20

Checks if images have descriptive alt text for screen readers and visually impaired users.

Semantic Structure

6/20

Evaluates proper use of HTML5 semantic elements (header, nav, main, footer) and heading hierarchy.

Forms & Inputs

15/15

Verifies form fields have labels, error messages are clear, and inputs are properly associated.

Color & Contrast

14/15

Tests text-to-background color contrast ratios against WCAG AA/AAA minimum requirements.

Keyboard & Focus

11/15

Ensures all interactive elements are reachable and operable via keyboard (tab, enter, escape).

ARIA & Roles

1/15

Checks correct use of WAI-ARIA attributes (roles, states, properties) for assistive technologies.

2 recommendations

•Accessibility recommendation preview...

Upgrade to view recommendations

Carbon Footprint

SWDM v4 · Eco-Score

Carbon emissions estimated using the Sustainable Web Design Model v4 (SWDM v4). Factors in data center, network, and device energy across new and returning visitors. Grade thresholds based on HTTP Archive percentiles.

36/100

2.60 g

CO₂e / view

7.4 MB

Page Weight

Cleaner Than

Resource Breakdown

JavaScript

1.4 MB

Images

3.8 MB

CSS

288.0 KB

Fonts

1.0 MB

HTML

850.3 KB

Other

29.3 KB

Green Hosting Not Verified

Amazon Web Services (AWS)

6 recommendations

•Carbon footprint recommendation preview...

Upgrade to view recommendations

A+

Security Score

98%Excellent

Static / Informational

HTTPS

No WAF

57d

Certificate Details

Type

Domain Validated (DV)

Certificate Authority

Let's Encrypt

Key Algorithm

ECDSA (secp256r1) (256 bit)

Signature

ECDSA with SHA-384

TLS Version

TLSv1.3

HTTP Protocol

HTTP/2

Valid From

13.02.2026

Valid Until

14.05.2026

Subject Alternative Names (3)

learn.profitwell.compaddle.comwww.paddle.com

SHA-256 Fingerprint

7A:C8:57:76:1B:53:E5:80:A0:07:1E:51:58:C5:A3:47:75:A8:1E:6A...

Upgrade to view header details

HTTP Headers

Developer Console

age

2506

cache-control

🟡 0s(public,max-age=0,must-revalidate)

cache-status

"Netlify Durable"; hit; ttl=31533493, "Next.js"; hit, "Netli...

content-encoding

⚡ Brotli(br)

content-security-policy

base-uri 'self'; default-src 'self' blob: data: https: ; ...

content-type

text/html; charset=utf-8

Good Warning Issue

Email Infrastructure

Custom Mail Server

Score

SPF

DKIM

DMARC

DMARC Policy

Reject (Strictest)

MX Records (4)

mailstream-central.mxrecord.mx

mailstream-east.mxrecord.io

mailstream-west.mxrecord.io

mailstream-eu1.mxrecord.io

Domain Information

paddle.com

Domain Age

27y 10m

Created

22.05.1998

Expires

21.05.2031

Last Updated

26.02.2026

Registrar

MarkMonitor Inc.

DNSSEC

Not Enabled

Privacy & Compliance

iubenda

Cookie Consent Banner

iubenda

GDPR Indicators

Cookie consent banner detected

CMP: iubenda

Mobile Compatibility

Viewport & Responsive Test

Tests how well your website works on mobile devices. Checks viewport configuration, responsive layout, touch targets, font readability, and simulates rendering across different screen sizes.

76/100

Mobile Friendly366 breakpoints

Viewport Meta

The viewport meta tag tells mobile browsers how to scale the page. Without it, mobile devices render at desktop width.

Responsive Design

Uses CSS media queries or flexible layouts to adapt content to different screen sizes automatically.

Touch Icons

Apple touch icons and favicons displayed when users add the site to their home screen on mobile devices.

Readable Font Size

Base font size should be at least 16px on mobile to ensure text is readable without zooming.

Relative Units

Using em, rem, %, or vw instead of fixed px values allows content to scale properly across screen sizes.

No H-Scroll Risk

No elements wider than the viewport that would cause horizontal scrolling on mobile devices.

Tap Targets OK

Interactive elements (buttons, links) are at least 48x48px with enough spacing to prevent accidental taps.

No Fixed Widths

No elements with fixed pixel widths that could overflow on smaller screens and break the layout.

Viewport

width=device-width, initial-scale=1, maximum-scale=5

2 recommendations

•Mobile compatibility recommendation preview...

Upgrade to view recommendations

Typography & Readability

abcFavorit + -apple-system

80/100

Readability

/30

32/40

14px · LH 1.40

Hierarchy

/20

21/25

5.14x ratio

WCAG

/25

15/15

Contrast: undefined

Performance

/25

17/20

System fonts

Heading Font

abcFavorit

Sans72px

Body Font

-apple-system

Sans14px

Contrast Ratio

Reading Comfort

~38 CPL

Needs attention

72px

48px

40px

24px

14px

⚠️ Small text: 14px may be hard to read on mobile. Consider 16px+.

✅ Optimal line spacing: 1.40 ratio ensures comfortable reading.

✅ Strong hierarchy: Headlines are 5.1x larger than body text.

✅ Excellent performance: System fonts eliminate font loading delays (better LCP).

✅ Smart font loading: Using font-display: swap prevents invisible text during load.

✅ Protected text on images: Using gradient for readability.

Buy on MyFonts

Color Palette

7 unique colors

6.74:1 AA Light

#f7f7f7

Background· 16%

#53594f

Other· 4.9%

#0e1414

Primary· 56.10000000000001%

#2c3127

Secondary· 7.6%

Business & Marketing Stack

6 Tools Detected

Enterprise

CRM Systems

HubSpotMid-Market

Customer Relationship Management platforms

Behavior Analytics

Google Tag ManagerFree

Google AnalyticsFree

User behavior and product analytics

Advertising

Microsoft AdsEnterprise

Ad platforms and retargeting pixels

Privacy & Cookies

IubendaSMB

Cookie consent and privacy compliance tools

A/B Testing & Optimization

VWO (Visual Website Optimizer)Mid-Market

Experimentation and conversion optimization

Sponsored

Scripts & Styles

20 Resources

Scripts

Styles

Async

Defer

Top Script Sources

local(8)cdn.iubenda.com(3)googletagmanager.com(3)bat.bing.com(2)cs.iubenda.com(1)

Website Identity

X (Twitter)LinkedIn

Sponsored

Last analyzed: 18 Mar 2026 at 00:01

AI-Powered Analysis

Technical Deep Dive

Executive Summary

StackOptic's comprehensive analysis of paddle.com reveals a modern and robust technology stack geared towards performance and scalability. The platform leverages Amazon Web Services (AWS) for hosting, with Cloudflare as its Content Delivery Network (CDN) for optimized content delivery. Built on Next.js, a React framework, the frontend benefits from the styling capabilities of Tailwind CSS. Analytics are managed through Google Analytics and Google Analytics 4, while experimentation is facilitated by VWO. The platform also utilizes Google Tag Manager and Microsoft Advertising. Security is prioritized with a valid SSL certificate issued by Let's Encrypt, and a strict DMARC policy is in place for email security. Image optimization is handled through Vercel Image Optimization, employing techniques like lazy loading and WebP format. Paddle.com also employs Iubenda for cookie consent and has a clear privacy policy, demonstrating a commitment to user privacy and data protection.

Technology Stack Deep Dive

Frontend Technologies

The frontend of paddle.com is built using a modern JavaScript stack. The analysis reveals the use of Next.js, a React-based framework that enables server-side rendering and static site generation. This choice likely contributes to improved SEO and initial page load times. Tailwind CSS is employed for styling, providing a utility-first approach that allows for rapid UI development and customization. The use of these frameworks indicates a focus on maintainability, scalability, and a component-based architecture.

Backend & Server Infrastructure

The server infrastructure relies on Netlify which is also listed as the server software. Netlify is a platform known for its seamless deployment and hosting capabilities, particularly for modern web applications. This suggests a streamlined development workflow and a focus on continuous integration and continuous deployment (CI/CD) practices.

Content Management & Frameworks

The scan identifies the CMS as "Paddle", likely indicating a custom solution or a highly tailored implementation of a framework. This could mean Paddle utilizes its own proprietary system for managing content and site structure, or a headless CMS approach. The lack of a common CMS like WordPress or Drupal suggests a preference for greater control over the platform and a tighter integration with its core business functions. Further investigation would be needed to fully understand the architecture of this custom CMS.

Hosting & Infrastructure Analysis

Hosting Provider Profile

paddle.com is hosted on Amazon Web Services (AWS), a leading cloud computing platform known for its reliability, scalability, and extensive suite of services. AWS provides a wide range of infrastructure solutions, allowing paddle.com to tailor its hosting environment to its specific needs. This choice suggests a commitment to high availability and the ability to handle significant traffic volumes. AWS is frequently used by enterprise-level businesses needing robust and flexible infrastructure.

CDN & Performance Infrastructure

To further enhance performance, paddle.com utilizes Cloudflare as its Content Delivery Network (CDN). Cloudflare caches website content across a globally distributed network of servers, reducing latency and improving page load times for users around the world. This is especially important for a company with a global customer base like Paddle. The use of a CDN is a best practice for improving website performance and user experience.

Geographic & Network Analysis

The server location is identified as Canada. While this doesn't necessarily indicate the primary target audience, it does suggest that the initial server infrastructure might have been set up with North American users in mind. The use of Cloudflare as a CDN mitigates any potential latency issues for users in other geographic regions by caching content closer to them.

Security Assessment

SSL/TLS Configuration

paddle.com uses an SSL certificate issued by Let's Encrypt - E7, a widely trusted Certificate Authority (CA) that provides free SSL certificates. The certificate type is DV (Domain Validated), confirming that Paddle owns and controls the domain. The key algorithm is ECDSA (secp256r1), a modern and efficient encryption algorithm. The use of HTTP/2 also contributes to faster loading times and improved security. While the TLS version is not explicitly stated, the presence of HTTP/2 suggests a relatively modern TLS configuration.

Security Headers Analysis

This data point was not publicly exposed during the scan.

Overall Security Posture

Based on the available data, paddle.com demonstrates a reasonable commitment to security. The use of a valid SSL certificate, combined with a strict DMARC policy for email security, indicates a proactive approach to protecting user data and preventing phishing attacks. However, a more comprehensive security assessment, including analysis of security headers and penetration testing, would be needed to fully evaluate the website's security posture.

SEO & Technical Health

Meta Tags & Structure

This data point was not publicly exposed during the scan.

Indexability & Crawlability

paddle.com has both a robots.txt file and a sitemap, indicating that the website is designed to be easily crawled and indexed by search engines. The presence of a sitemap helps search engines discover and prioritize the pages on the website, while the robots.txt file allows Paddle to control which pages are crawled and indexed. This is a fundamental aspect of technical SEO.

Email Infrastructure & Domain

The email security configuration shows that paddle.com has implemented SPF (Sender Policy Framework) and DMARC (Domain-based Message Authentication, Reporting & Conformance). The DMARC policy is set to "reject", which is the strongest level of protection against email spoofing and phishing attacks. The email security score is 75, indicating a relatively strong email security posture. The domain is quite old, created on 1998-05-22, and registered with MarkMonitor Inc., a registrar known for brand protection services. The domain is set to expire on 2031-05-21. DNSSEC is not enabled.

Privacy & Compliance

paddle.com uses iubenda as its cookie consent platform and has a cookie banner displayed on the website. This indicates a commitment to complying with GDPR and other privacy regulations. The website also has a privacy policy, further demonstrating a commitment to transparency and user privacy. Google Analytics is listed as a tracking script, so care must be taken to ensure compliance with privacy regulations regarding data collection and usage.

Image Optimization & Performance

paddle.com leverages Vercel Image Optimization for image delivery. This indicates use of an image CDN, allowing for transformations and optimized delivery depending on the user's device. The site employs lazy loading, improving initial page load times by deferring the loading of images until they are visible in the viewport. The use of WebP format is present, a modern image format that provides superior compression and quality compared to JPEG. The website also uses responsive images, ensuring that images are appropriately sized for different screen sizes and resolutions. No ad networks were detected.

Professional Verdict

paddle.com exhibits a technically sound and well-optimized web presence. The use of modern frameworks like Next.js and Tailwind CSS, combined with a robust hosting infrastructure on AWS and Cloudflare, demonstrates a commitment to performance, scalability, and security. The website's SEO fundamentals are in place with a sitemap and robots.txt file. While email security is strong with a "reject" DMARC policy, a deeper analysis of security headers could further strengthen the security posture. Overall, paddle.com demonstrates a high level of technical maturity.

Analysis by StackOptic AIMar 18, 2026

AI-Powered Insights

Historical Analysis & Change Tracking