Back
https://projectmanagerpro.ai/
Thu, 16 Apr 2026 02:37:25 GMT
Site Audited
projectmanagerpro.ai
https://projectmanagerpro.ai/
Completed
Thu, 16 Apr 2026 02:37:25 GMT
Duration
256ms
Overall
93 · A
93
A
A score
projectmanagerpro.ai
Audit completed
Strong technical setup overall. COEP is not set.
Main issue: COEP is not set.
↺ Run again ⬇ Export Excel View fixes 🏅 View Leaderboard
Edge/network/header analysis · bot simulation · crawlability evidence
Alert
No urgent crawler access problem was found in this audit.
Advise
Your most important bots appear to be reaching the site normally, so the main opportunities are lower-priority hardening and polish.
Action Step
Keep monitoring crawler access and focus next on response headers, caching, and small technical improvements.
Key Findingswhat failed first
Warnings
COEP is not set.
ETag is missing.
Passed
HTTPS is enabled.
HSTS is valid.
robots.txt is present.
Fix Priorityrecommended next steps
1Add a COEP header if cross-origin isolation is needed.
2Add ETag or validator headers for better cache revalidation.
3Review tracking flags and confirm only intended analytics scripts are loaded.
4Review the detailed sections below for lower-priority hardening opportunities.
Speed
83
Exceptional response path
Security
95
core protections are present
SEO
100
crawl assets are discoverable
Bot Access
100
bot responses are aligned
Result Integrity98% measurement confidence · 1 conflict
Speed Confidence
100%
Security Confidence
94%
SEO Confidence
100%
Bot Confidence
100%
LOWCSP contains 'unsafe-inline' — inline script execution is permitted, which is the most common CSP bypass vector
Replace 'unsafe-inline' with nonce-based or hash-based script allowlisting. This single change has more XSS-protection impact than any other CSP improvement.
Main fetch: ok
Security: ok
SEO: ok
20/20 bot probes succeeded
Bot Importance Hierarchy all ranked bots stable
Ranks crawlers by practical impact so users can tell whether a failure is mission-critical, growth-related, or lower-priority.
Tier 1
Mission Critical
Search and AI discovery bots that most directly affect visibility and retrieval.
stable tier
Google
Stable
11ms / no crawler override
OAI Search
Stable
40ms / no crawler override
GPTBot
Stable
13ms / no crawler override
Vertex AI
Stable
48ms / no crawler override
ChatGPT
Stable
38ms / no crawler override
Perplexity
Stable
24ms / no crawler override
Claude
Stable
17ms / no crawler override
Tier 2
Growth & Distribution
Bots that influence secondary reach, ecosystem visibility, and social preview distribution.
stable tier
Bing
Stable
15ms / no crawler override
Meta AI
Stable
50ms / no crawler override
Amazon
Stable
38ms / no crawler override
Mistral
Stable
42ms / no crawler override
Apple
Stable
14ms / no crawler override
Facebook
Stable
24ms / no crawler override
Twitter
Stable
25ms / no crawler override
LinkedIn
Stable
25ms / no crawler override
Tier 3
Reference & Baseline
Supportive or baseline agents useful for comparison and lower-priority monitoring.
stable tier
ByteDance
Stable
36ms / no crawler override
CommonCrawl
Stable
39ms / no crawler override
DuckDuck
Stable
17ms / no crawler override
Chrome
Stable
31ms / no crawler override
BotWatcher
Stable
29ms / no crawler override
consistent access caution anomaly / blocked
Anomaly Detection peak low drift
Asset Discovery 6/8 public assets visible
HTTPS
TLS active
Cloudflare
DYNAMIC
Compression
none
robots.txt
crawl rules live
Sitemap
1 URLs
llms.txt
AI crawler guide
Structured Data
2 schema blocks
Analytics
none detected
Map routes are derived from bot simulation responses and compliance checks. This board is audit-driven, not global telemetry.
Bot Access & Consistency100
Bot Access & Consistency 100
Major tested bots were treated consistently in this audit.
Why this matters
AI search visibility, social previews, and crawler trust can drop when some agents receive different responses or are blocked.
Different bots received different responses
No response divergence detected
Status codes stayed consistent
All tested agents received the same response class
AI crawler guidance
llms.txt present
Bot Status Strip
Google
Bing
DuckDuck
Apple
GPTBot
Claude
Perplexity
Facebook
Twitter
LinkedIn
Chrome
BotWatcher
amazonbot
bytespider
ccbot
chatgptuser
oaisearchbot
mistralaiuser
googlevertexbot
metaexternalagent
BotResultHTTProbots.txtNotes
Googlebot 2.1Accessible200allowed11ms
Bingbot 2.0Accessible200allowed15ms
DuckDuckBotAccessible200unspecified17ms
ApplebotAccessible200unspecified14ms
GPTBot (OpenAI)Accessible200allowed13ms
ClaudeBot (Anthropic)Accessible200allowed17ms
PerplexityBotAccessible200unspecified24ms
Facebook External HitAccessible200unspecified24ms
TwitterbotAccessible200unspecified25ms
LinkedInBotAccessible200unspecified25ms
Chrome (baseline)Accessible200unspecified31ms
BotWatcherAudit/1.0Accessible200unspecified29ms
amazonbotAccessible200unspecified38ms
bytespiderAccessible200unspecified36ms
ccbotAccessible200unspecified39ms
chatgptuserAccessible200unspecified38ms
oaisearchbotAccessible200unspecified40ms
mistralaiuserAccessible200unspecified42ms
googlevertexbotAccessible200unspecified48ms
metaexternalagentAccessible200unspecified50ms
Performance83
TTFB
99ms
Total Time
103ms
Body Size
362.4 KB
Status
200
Compression
none
CF Cache
DYNAMIC
HTTPS
Secure TLS
TTFB: 99ms
Exceptional
HTTP 200
OK
Compression
Enable gzip or Brotli
Note 1: Uncompressed responses waste bandwidth and slow down page load times for all visitors.
Note 2: Crawlers see increased latency and may deprioritize your site in crawl schedules.
Note 3: Enable gzip or Brotli compression in your web server config (nginx: gzip on; Apache: mod_deflate).
Cache-Control
public, max-age=0, must-revalidate
ETag
Consider adding ETag
Redirects: 0
No redirects
Cloudflare CDN
CF-Cache-Status: DYNAMIC
Security Headers95
HTTPS / TLS
Secure
HSTS
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://…
X-Content-Type-Options
nosniff
Clickjacking protection
Via CSP frame-ancestors
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Permissions-Policy
camera=(), microphone=(), geolocation=(), payment=(), usb=(), interest-cohort=()
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
Not set
SEO & Crawlability100
Meta title
Project Manager Pro | Office Furniture Boston | Haworth
Meta description
ProjectManagerPro.ai — Brent Girolimon, Director of Special Projects. New office furniture Boston. H…
Canonical URL
https://projectmanagerpro.ai/
Viewport meta
width=device-width, initial-scale=1.0
robots.txt
1 sitemap(s)
Googlebot access
Allowed
Sitemap.xml
1 URL(s)
Open Graph
og:title = "Project Manager Pro | Office Furniture Boston"
JSON-LD Structured Data
@graph, @graph
llms.txt (AI compliance)
Present - AI-era ready
Third-Party & Privacy

Analyzes raw HTML source for third-party domains, consent tooling, render-blocking scripts, and tracking pixels. Tools injected at the edge (Cloudflare Zaraz, CF Web Analytics) or loaded dynamically via JS after page load will not appear here — use your browser's Network tab for a complete runtime picture. Results are informational and do not affect your score.

31 third-party domains · 0 render-blocking scripts · ✗ No consent tool
No analytics detected — you may be flying blind on traffic data
Third-Party Domains in Source
amboss.space
atworkcollaborative.com
avisonyoung.com
bisnow.com
bizjournals.com
boma.org
btcminergpt.ai
cbre.com
chatgpt.com
claude.ai
commercialobserver.com
connectcre.com
cursor.com
cushmanwakefield.com
deepseek.com
+ 16 more
Platforms Detected in Source
○ Google Analytics 4○ Universal Analytics (UA)○ Google Tag Manager○ Cloudflare Web Analytics○ Cloudflare Zaraz○ Plausible○ Fathom○ Matomo / Piwik○ Hotjar○ Microsoft Clarity○ Segment○ Mixpanel○ Heap○ Amplitude○ HubSpot○ Intercom○ Adobe Analytics○ Meta (Facebook) Pixel○ TikTok Pixel○ Crisp Chat
Domain Surface

Probes common subdomains and non-standard HTTP/HTTPS ports to map the visible attack surface of this domain. Results are based on network-layer responses only. Informational — does not affect your score.

!
Wildcard DNS detected — subdomain results are not meaningful
A probe of a guaranteed-nonexistent subdomain (wildcardtestconfirmationbotwatcherai.projectmanagerpro.ai) returned HTTP 530, definitively confirming a wildcard DNS record (*.projectmanagerpro.ai) is active and answering all subdomain requests. Individual subdomain scan results are unreliable when wildcard DNS is present and have been suppressed.
Non-standard Ports
PortStatusHTTPTTFB
http:8080Responded30146ms
https:8443Responded20058ms
http:3000Responded30150ms
http:8000Responded30153ms