87
B
Alert
No urgent crawler access problem was found in this audit.
Advise
Your most important bots appear to be reaching the site normally, so the main opportunities are lower-priority hardening and polish.
Action Step
Keep monitoring crawler access and focus next on response headers, caching, and small technical improvements.
Key Findingswhat failed first
Warnings
ETag is missing.
Passed
HTTPS is enabled.
HSTS is valid.
robots.txt is present.
Fix Priorityrecommended next steps
1Add ETag or validator headers for better cache revalidation.
2Review tracking flags and confirm only intended analytics scripts are loaded.
3Review the detailed sections below for lower-priority hardening opportunities.
4Review the detailed sections below for lower-priority hardening opportunities.
Speed
83
Excellent response path
Security
100
core protections are present
SEO
100
crawl assets are discoverable
Bot Access
46
bot responses need attention
Result Integrity98% measurement confidence · 1 conflict
LOWCSP contains 'unsafe-inline' — inline script execution is permitted, which is the most common CSP bypass vector
Replace 'unsafe-inline' with nonce-based or hash-based script allowlisting. This single change has more XSS-protection impact than any other CSP improvement.
Main fetch: ok
Security: ok
SEO: ok
20/20 bot probes succeeded
Bot Importance Hierarchy
1 ranked bot issue
Ranks crawlers by practical impact so users can tell whether a failure is mission-critical, growth-related, or lower-priority.
Tier 1
Mission Critical
Search and AI discovery bots that most directly affect visibility and retrieval.
1 issue
Perplexity
Blocked
Google
Stable
OAI Search
Stable
GPTBot
Stable
Vertex AI
Stable
ChatGPT
Stable
Claude
Stable
Tier 2
Growth & Distribution
Bots that influence secondary reach, ecosystem visibility, and social preview distribution.
stable tier
Bing
Stable
Meta AI
Stable
Amazon
Stable
Mistral
Stable
Apple
Stable
Facebook
Stable
Twitter
Stable
LinkedIn
Stable
Tier 3
Reference & Baseline
Supportive or baseline agents useful for comparison and lower-priority monitoring.
2 issues
ByteDance
Blocked
CommonCrawl
Blocked
DuckDuck
Stable
Chrome
Stable
BotWatcher
Stable
consistent access caution anomaly / blocked
Anomaly Detection
peak Bot/Crawl spike
Asset Discovery
6/8 public assets visible
HTTPS
TLS active
Cloudflare
DYNAMIC
Compression
none
robots.txt
crawl rules live
Sitemap
8 URLs
llms.txt
AI crawler guide
Structured Data
2 schema blocks
Analytics
none detected
Map routes are derived from bot simulation responses and compliance checks. This board is audit-driven, not global telemetry.
Bot Access & Consistency46▾
✕
Bot Access & Consistency 46
Your site appears to respond differently to some crawlers, which can reduce AI search visibility and trigger cloaking concerns.
ℹ
Why this matters
AI search visibility, social previews, and crawler trust can drop when some agents receive different responses or are blocked.
✕
Different bots received different responses
Mixed status code classes: 2xx, 4xx
✕
Status codes stayed consistent
Mixed status code classes detected
✓
AI crawler guidance
llms.txt present
Bot Status Strip
Google
Bing
DuckDuck
Apple
GPTBot
Claude
Perplexity
Facebook
Twitter
LinkedIn
Chrome
BotWatcher
amazonbot
bytespider
ccbot
chatgptuser
oaisearchbot
mistralaiuser
googlevertexbot
metaexternalagent
| Bot | Result | HTTP | robots.txt | Notes |
|---|---|---|---|---|
| PerplexityBot | Review | 403 | unspecified | HTTP 403 |
| bytespider | Review | 403 | unspecified | HTTP 403 |
| ccbot | Review | 403 | unspecified | HTTP 403 |
| Googlebot 2.1 | Accessible | 200 | allowed | 19ms |
| Bingbot 2.0 | Accessible | 200 | allowed | 22ms |
| DuckDuckBot | Accessible | 200 | unspecified | 23ms |
| Applebot | Accessible | 200 | unspecified | 23ms |
| GPTBot (OpenAI) | Accessible | 200 | allowed | 20ms |
| ClaudeBot (Anthropic) | Accessible | 200 | allowed | 22ms |
| Facebook External Hit | Accessible | 200 | unspecified | 42ms |
| Twitterbot | Accessible | 200 | unspecified | 42ms |
| LinkedInBot | Accessible | 200 | unspecified | 43ms |
| Chrome (baseline) | Accessible | 200 | unspecified | 43ms |
| BotWatcherAudit/1.0 | Accessible | 200 | unspecified | 43ms |
| amazonbot | Accessible | 200 | unspecified | 43ms |
| chatgptuser | Accessible | 200 | unspecified | 60ms |
| oaisearchbot | Accessible | 200 | unspecified | 60ms |
| mistralaiuser | Accessible | 200 | unspecified | 60ms |
| googlevertexbot | Accessible | 200 | unspecified | 60ms |
| metaexternalagent | Accessible | 200 | unspecified | 61ms |
Performance83▾
TTFB
109ms
Total Time
109ms
Body Size
4.7 KB
Status
200
Compression
none
CF Cache
DYNAMIC
✓
HTTPS
Secure TLS
✓
TTFB: 109ms
Excellent
✓
HTTP 200
OK
✕
Compression
Enable gzip or Brotli
Note 1: Uncompressed responses waste bandwidth and slow down page load times for all visitors.
Note 2: Crawlers see increased latency and may deprioritize your site in crawl schedules.
Note 3: Enable gzip or Brotli compression in your web server config (nginx: gzip on; Apache: mod_deflate).
✓
Cache-Control
public, max-age=0, must-revalidate
ℹ
ETag
Consider adding ETag
✓
Redirects: 0
No redirects
✓
Cloudflare CDN
CF-Cache-Status: DYNAMIC
Security Headers100▾
✓
HTTPS / TLS
Secure
✓
HSTS
max-age=31536000; includeSubDomains; preload
✓
Content-Security-Policy
default-src 'self' https:; script-src 'self' https://utt.impactcdn.com https://s…
✓
X-Content-Type-Options
nosniff
✓
Clickjacking protection
Via CSP frame-ancestors
✓
Referrer-Policy
strict-origin-when-cross-origin
✓
Permissions-Policy
camera=(), microphone=(), geolocation=()
✓
Cross-Origin-Opener-Policy
same-origin
✓
Cross-Origin-Embedder-Policy
'require-corp'
SEO & Crawlability100▾
✓
Meta title
Independent Website and SaaS Reviews - LLMAdvisor.review
✓
Meta description
Independent website and SaaS reviews covering security headers, pricing clarity, onboarding friction…
✓
Canonical URL
https://llmadvisor.review/
✓
Viewport meta
width=device-width, initial-scale=1.0
✓
robots.txt
1 sitemap(s)
✓
Googlebot access
Allowed
✓
Sitemap.xml
8 URL(s)
✓
Open Graph
og:title = "Independent Website and SaaS Reviews - LLMAdvisor.…"
✓
JSON-LD Structured Data
@graph, WebSite
✓
llms.txt (AI compliance)
Present - AI-era ready
Third-Party & Privacy▾
Analyzes raw HTML source for third-party domains, consent tooling, render-blocking scripts, and tracking pixels. Tools injected at the edge (Cloudflare Zaraz, CF Web Analytics) or loaded dynamically via JS after page load will not appear here — use your browser's Network tab for a complete runtime picture. Results are informational and do not affect your score.
1 third-party domain
·
0 render-blocking scripts
·
✗ No consent tool
No analytics detected — you may be flying blind on traffic data
Third-Party Domains in Source
| llmadvisor.review |
Platforms Detected in Source
○ Google Analytics 4○ Universal Analytics (UA)○ Google Tag Manager○ Cloudflare Web Analytics○ Cloudflare Zaraz○ Plausible○ Fathom○ Matomo / Piwik○ Hotjar○ Microsoft Clarity○ Segment○ Mixpanel○ Heap○ Amplitude○ HubSpot○ Intercom○ Adobe Analytics○ Meta (Facebook) Pixel○ TikTok Pixel○ Crisp Chat
Domain Surface▾
Probes common subdomains and non-standard HTTP/HTTPS ports to map the visible attack surface of this domain. Results are based on network-layer responses only. Informational — does not affect your score.
!
Wildcard DNS detected — subdomain results are not meaningful
A probe of a guaranteed-nonexistent subdomain (
wildcardtestconfirmationbotwatcherai.llmadvisor.review) returned HTTP 530, definitively confirming a wildcard DNS record (*.llmadvisor.review) is active and answering all subdomain requests. Individual subdomain scan results are unreliable when wildcard DNS is present and have been suppressed.Non-standard Ports
| Port | Status | HTTP | TTFB |
|---|---|---|---|
| http:8080 | Responded | 301 | 66ms |
| https:8443 | Responded | 200 | 85ms |
| http:3000 | Responded | 301 | 69ms |
| http:8000 | Responded | 301 | 70ms |