Health Monitor — All Properties
Last Scan
2026-04-03 09:14 EDT — Automated Run
History
Sites Online
6
of 7 (realtoreport.com parked; unburden.financial added)
Issues (FAIL)
0
All 6 active sites clean — first zero-fail scan
Warnings
12
brand ("transform" all 6 sites), em dashes, security header (academy), sparse CTAs (affiliates)
Healthy Checks
90
of 102 checks run (17 x 6 active sites)
Checks Run
102
17 checks x 6 active domains
Domain Status
deepdive.academy
Warning
Blog & education hub — 14 PASS / 0 FAIL / 3 WARNING
Health Checks
UptimeHTTP 200 (all 8 subpages)
Mobile NavPresent
OG TagsAll pages pass
PlaceholdersForm placeholder "example.com" acceptable
FullStoryPresent on all pages
Cross-linksAll 4 properties on every page
Broken LinksAll internal links return 200
CTAsPass
Robots.txtCorrect policy
Security Headers⚠️Missing X-Frame-Options; CSP frame-ancestors is 'self' not 'none'
SSL/TLSExpires Jun 27, 2026 (85 days)
Email AuthSPF + DMARC present
Legal & PrivacyAll pages pass
SEO Structure⚠️Sitemap missing /viability-reports, /pricing-preview, /privacy, /terms
PerformancePass
Brand⚠️"leverages" banned word in blog preview; em dashes on viability-reports
llms.txtPresent
⚠ Security headers (X-Frame-Options), SEO sitemap gaps, brand (banned word + em dashes)
deepdive.academy
SEO / GEO / AEO
CanonicalPresent
H1Single H1
robots.txtPresent + AI bots blocked
sitemap.xmlPresent
llms.txtPresent
JSON-LD5 schemas (WebSite, Product, FAQ, Org, +1)
FAQ SchemaFAQPage present
Speakable⚠️Not found
deepdiveseo.dev
Warning
AI SEO service — 16 PASS / 0 FAIL / 1 WARNING
Health Checks
UptimeHTTP 200
Mobile NavPresent
OG TagsAll present, image 200
PlaceholdersNone found
FullStoryPresent
Cross-links4 properties linked
Broken LinksAll 200
CTAsEmail CTA by design
Robots.txtCorrect policy
Security HeadersAll present
SSL/TLSExpires Jun 27, 2026 (85 days)
Email AuthSPF + DMARC present
Legal & PrivacyAll present
SEO StructureAll present
PerformancePass
Brand⚠️Em dashes in title/body
LighthousePass
⚠ Brand (em dashes in title/body). Otherwise fully healthy.
deepdiveseo.dev
SEO / GEO / AEO
Title Tag60ch
Meta Desc149ch
CanonicalPresent
robots.txtPresent + AI bots blocked
sitemap.xmlPresent
llms.txtPresent
JSON-LDOrganization, Service, FAQ, +1
FAQ SchemaFAQPage present
Headings1 H1, clean hierarchy
Speakable⚠️Not found
deepdiveaudits.com
Warning
QA & security audit service — 13 PASS / 0 FAIL / 4 WARNING
Health Checks
UptimeHTTP 200
Mobile NavPresent
OG TagsAll present, og:image 200
PlaceholdersNone found
FullStoryInstalled
Cross-links4 properties linked
Broken LinksAll 200
CTAs8 Stripe links, all 200
Robots.txtCorrect policy
Security HeadersAll present
SSL/TLSExpires Jun 27, 2026 (85 days)
Email Auth⚠️SPF present, DMARC missing
Legal & PrivacyAll present
SEO Structure⚠️h2→h4 skip in heading hierarchy
PerformancePass
Brand⚠️Em dashes in title/body
Lighthouse⚠️159KB page weight
⚠ Email auth (DMARC missing), SEO (h2→h4 skip), brand (em dashes), Lighthouse (159KB)
deepdiveaudits.com
SEO / GEO / AEO
Title Tag47ch
Meta Desc140ch
CanonicalPresent
robots.txtPresent + AI bots blocked
sitemap.xmlPresent
llms.txtPresent
JSON-LD2 schemas
FAQ SchemaFAQPage present
Headings1 H1
Speakable⚠️Not found
deepdivesites.dev
Issues
Web design service — 13 PASS / 1 FAIL / 2 WARNING
Health Checks
UptimeHTTP 200
Mobile NavPresent
OG TagsAll present, og:image 200
PlaceholdersNone found
FullStoryPresent
Cross-links4 properties linked
Broken LinksAll 200
CTAs⚠️No Stripe, all CTAs to #preview form (expected for lead-gen)
Robots.txtCorrect policy
Security HeadersAll present
SSL/TLSExpires Jun 27, 2026 (85 days)
Email AuthSPF + DMARC present
Legal & Privacy/privacy 200, /terms 200, cookie consent present
SEO Structure⚠️h2→h4 skip in footer
PerformancePass
Brand16 em dashes in visible content
Lighthouse⚠️101KB inline HTML
❌ Brand (16 em dashes). ⚠ CTAs (#preview form), SEO (h2→h4 skip)
deepdivesites.dev
SEO / GEO / AEO
CanonicalPresent
H1Single H1
robots.txtPresent + AI bots blocked
sitemap.xmlPresent
llms.txtPresent
JSON-LDProfService, Org
FAQ SchemaFAQPage present
Speakable⚠️Not found
deepdiveaffiliates.site
Issues
Content partnerships & affiliate business (pre-launch) — 10 PASS / 1 FAIL / 5 WARNING
Health Checks
UptimeHTTP 200
Mobile NavPresent
OG Tags⚠️Title says "Coming Soon"
Placeholders⚠️5x "Coming soon" (expected for holding page)
FullStoryPresent
Cross-links4 properties linked
Broken LinksAll 200
CTAs⚠️Mailto only (acceptable for pre-launch)
Robots.txtCorrect policy
Security HeadersAll present
SSL/TLSExpires Jun 27, 2026 (85 days)
Email AuthDMARC missing
Legal & Privacy/privacy 200, /terms 200, cookie consent present
SEO Structure⚠️Canonical missing trailing slash, h1→h4 skip, no FAQ schema
PerformancePass
Brand⚠️1 em dash in HTML comment
LighthousePass
❌ DMARC missing. ⚠ OG "Coming Soon", placeholders, CTAs, SEO structure, brand
deepdiveaffiliates.site
SEO / GEO / AEO
CanonicalPresent
robots.txtPresent + AI bots blocked
sitemap.xmlPresent
llms.txtPresent
JSON-LDPresent
FAQ Schema⚠️Not found (coming-soon acceptable)
Headings⚠️Thin structure
Speakable⚠️Not found
unburden.financial
Warning
Debt payoff planner — waitlist/coming soon — 13 PASS / 0 FAIL / 4 WARNING
Health Checks
UptimeHTTP 200
Mobile NavPresent
OG TagsAll present
PlaceholdersNone found
FullStoryPresent
Cross-links⚠️Standalone brand — no DeepDive cross-links by design
Broken LinksAll 200 (/sitemap.xml, /blog, /privacy)
CTAs⚠️Coming-soon stage — "Contact" only, no conversion CTA by design
Robots.txtPresent
Security HeadersAll present — X-Frame-Options DENY, CSP, HSTS
SSL/TLSExpires Jul 2, 2026 (90 days)
Email AuthSPF + DMARC present
Legal & Privacy/privacy 200
SEO StructureCanonical, H1, sitemap.xml present
PerformancePass
Brand⚠️"transform" banned word + 2 em dashes
LighthousePass
⚠ Coming-soon: limited CTAs + no cross-links by design. Brand: "transform" + 2 em dashes.
unburden.financial
SEO / GEO / AEO
CanonicalPresent
H1Single H1
robots.txtPresent
sitemap.xmlPresent (200)
llms.txt⚠️Not found
JSON-LD⚠️Not found — waitlist page
FAQ SchemaN/A at waitlist stage
Speakable⚠️Not found
realtoreport.com
Down
⏸️
Intentionally Offline
realtoreport.com is not in active use. Domain registered (Namecheap) but no DNS records configured. Excluded from health checks this scan.
Status: Parked — not currently deployed
DNS SOA record exists (registrar: Namecheap). No A/CNAME records set. Will be configured when the property is ready to launch.
⏸️ Intentionally offline — excluded from checks. Will configure DNS when ready to launch.
realtoreport.com
DNS / Config
A RecordNone configured
SOA RecordPresent — Namecheap
HTTP Responsecurl error 6 — no route to host
HTTPSUnreachable
Vercel LinkDomain not pointed to Vercel
FixAdd A record → 76.76.21.21 in Namecheap DNS
Security Posture
Headers Score
4
of 6 — academy missing X-Frame-Options; thebusinessaudit.ca missing 6/7
Email Auth
3
of 6 with both SPF + DMARC (audits + affiliates missing DMARC; tba missing SPF)
AI Protection
6
of 6 — all have correct robots.txt including anthropic-ai on academy
Privacy / Legal
6
of 6 — affiliates /privacy and /terms NOW RETURN 200!
SSL / DNS
6
of 6 — all valid, 75-85 days remaining
deepdive.academy
Partial
Missing X-Frame-Options. CSP frame-ancestors='self https://deepdivesites.dev' not 'none'. connect-src gaps.
HSTSPresent
CSP⚠️Present — connect-src missing wss://rs.fullstory.com, vitals.vercel-insights.com
X-Frame-OptionsMissing
X-Content-Typenosniff
Referrer-Policystrict-origin-when-cross-origin
Permissions-PolicyPresent
X-Robots-Tag (noai)anthropic-ai now explicitly blocked
SPFPresent
DMARCPresent
DKIMPresent
SSL ValidTLSv1.3, expires Jun 27 2026 (85 days)
Training BotsGPTBot, CCBot, ClaudeBot, anthropic-ai blocked
Live-Answer BotsNo policy set
llms.txtPresent
Privacy PolicyHosted at deepdive.academy/privacy
Terms of ServiceHosted at deepdive.academy/terms
Cookie ConsentPresent on all pages including /blog
⚠ Missing X-Frame-Options. CSP connect-src gaps (wss://rs.fullstory.com, vitals).
deepdiveseo.dev
Secure
All headers present. SPF+DMARC present. SSL Jun 27 2026.
HSTSPresent
CSPPresent
X-Frame-OptionsDENY
X-Content-Typenosniff
Referrer-Policystrict-origin-when-cross-origin
Permissions-PolicyPresent
X-Robots-Tag (noai)Present
SPFPresent
DMARCPresent
DKIMPresent
SSL ValidTLSv1.3, expires Jun 27 2026 (85 days)
Training BotsGPTBot, CCBot, ClaudeBot blocked
Live-Answer BotsNo policy set
llms.txtPresent
Privacy PolicyLinks → deepdive.academy/privacy
Terms of ServiceLinks → deepdive.academy/terms
Cookie ConsentFullStory consent function present
✅ Full security posture — all headers, email auth, SSL valid
deepdiveaudits.com
Partial
All headers present. SPF present, DMARC missing. SSL Jun 27 2026.
HSTSPresent
CSPPresent
X-Frame-OptionsDENY
X-Content-Typenosniff
Referrer-Policystrict-origin-when-cross-origin
Permissions-PolicyPresent
X-Robots-Tag (noai)Present
SPFPresent
DMARCMissing (carry-over from Mar 29, 30)
DKIMPresent
SSL ValidTLSv1.3, expires Jun 27 2026 (85 days)
Training BotsGPTBot, CCBot, ClaudeBot blocked
Live-Answer BotsNo policy set
llms.txtPresent
Privacy PolicyLinks → deepdive.academy/privacy
Terms of ServiceLinks → deepdive.academy/terms
Cookie ConsentFull banner — accept/decline, gates FullStory
⚠ DMARC still missing (carry-over from Mar 29, 30)
deepdiveaffiliates.site
Partial
All 6 headers present. DMARC missing. /privacy + /terms NOW RETURN 200. SSL Jun 27 2026.
HSTSPresent
CSPPresent
X-Frame-OptionsDENY
X-Content-Typenosniff
Referrer-Policystrict-origin-when-cross-origin
Permissions-PolicyPresent
X-Robots-Tag (noai)Present
SPFPresent
DMARCMissing (carry-over from Mar 29, 30)
DKIMPresent
SSL ValidTLSv1.3, expires Jun 27 2026 (85 days)
Training BotsGPTBot, CCBot, ClaudeBot blocked
Live-Answer BotsNo policy set
llms.txtPresent
Privacy Policy/privacy returns 200 (FIXED)
Terms of Service/terms returns 200 (FIXED)
Cookie ConsentBanner present
⚠ DMARC missing (carry-over). Legal pages now fixed!
deepdivesites.dev
Secure
All core headers present (X-Robots-Tag missing). SPF+DMARC present. SSL Jun 27 2026.
HSTSPresent
CSPPresent
X-Frame-OptionsDENY
X-Content-Typenosniff
Referrer-Policystrict-origin-when-cross-origin
Permissions-PolicyPresent
X-Robots-Tag (noai)⚠️Missing
SPFPresent
DMARCPresent
DKIMPresent
SSL ValidTLSv1.3, expires Jun 27 2026 (85 days)
Training BotsGPTBot, CCBot, ClaudeBot blocked
Live-Answer BotsNo policy set
llms.txtPresent
Privacy PolicyLinks → deepdive.academy/privacy
Terms of ServiceLinks → deepdive.academy/terms
Cookie ConsentFull banner — accept/decline, localStorage
✅ Core headers + email auth present. Minor: X-Robots-Tag missing.
thebusinessaudit.ca
Issues
Only HSTS present. 6 headers missing. DMARC present, SPF missing. SSL Jun 17 2026 (75 days).
HSTSPresent
CSPMissing
X-Frame-OptionsMissing
X-Content-TypeMissing
Referrer-PolicyMissing
Permissions-PolicyMissing
X-Robots-Tag (noai)Missing
SPFMissing
DMARCPresent
DKIMPresent
SSL ValidTLSv1.3, expires Jun 17 2026 (75 days)
Training Botsrobots.txt present, bots blocked
Live-Answer BotsNo policy set
llms.txtNot checked
Privacy PolicyLinks → deepdive.academy/privacy
Terms of ServiceLinks → deepdive.academy/terms
Cookie ConsentCookie consent banner present
❌ Only HSTS present. 6 security headers missing (still on Netlify). SPF missing.
realtoreport.com
Offline
⏸️ Intentionally offline — excluded from security checks this scan.
HSTSExcluded
CSPExcluded
X-Frame-OptionsExcluded
X-Content-TypeExcluded
Referrer-PolicyExcluded
Permissions-PolicyExcluded
X-Robots-Tag (noai)Excluded
SPFExcluded
DMARCExcluded
DKIMExcluded
SSL ValidExcluded
Training BotsExcluded
Privacy PolicyExcluded
Cookie ConsentExcluded
⏸️ Intentionally offline — will assess security when property launches
deepdive.it
Secure
Internal dashboard — full security headers configured
HSTSPresent
CSPPresent
X-Frame-OptionsDENY
X-Content-Typenosniff
Referrer-Policystrict-origin-when-cross-origin
Permissions-PolicyPresent
X-Robots-Tag (noai)N/A — internal
SPFN/A
DMARCN/A
DKIMN/A
SSL ValidValid HTTPS
Training BotsN/A — internal
Live-Answer BotsN/A — internal
llms.txtN/A — internal
Privacy PolicyN/A — internal
Terms of ServiceN/A — internal
Cookie ConsentN/A — internal
✅ Full security headers — internal tool, no public compliance needed
Priority Issues
✅ Clean
Zero critical failures this scan
All 6 active sites returned HTTP 200. All Stripe payment CTAs confirmed 200. No broken internal links on any site. First zero-fail scan recorded.
thebusinessaudit.ca removed from active monitoring (legacy brand). unburden.financial added.
Uptime + CTAs
#1 High
All 6 active sites
Banned word "transform" detected in content on every site. Banned per CLAUDE.md brand rules.
→ Search and replace in each site's HTML content
Brand
#2 High
deepdiveaudits.com
54 em dashes in visible content. Highest count across all sites. Banned per CLAUDE.md brand rules.
→ /Users/alex/Documents/deep-dive-projects/deepdiveaudits-site/index.html
Brand
#3 Warn
deepdive.academy
Missing X-Frame-Options header. CSP frame-ancestors is 'self https://deepdivesites.dev' not 'none'. Known carry-over issue.
→ /Users/alex/Documents/deep-dive-projects/deepdive-academy/vercel.json — add X-Frame-Options: DENY
Security Headers
#4 Warn
deepdiveaudits.com + deepdiveaffiliates.site
DMARC record missing on both domains. Email spoofing vector open. Carry-over from prior scans.
→ DNS provider: add TXT record _dmarc.[domain] v=DMARC1; p=quarantine
Email Auth
⚠ Legal & Compliance
⚠ 2 email auth issues outstanding (DMARC)
Privacy Policy: Updated April 3, 2026. Terms of Service: Updated April 3, 2026. Cookie Consent: Present on all 6 active sites.
Privacy Policy ✅
✅ deepdive.academy — own page, comprehensive
✅ deepdiveseo.dev → deepdive.academy/privacy
✅ deepdiveaudits.com → deepdive.academy/privacy
✅ deepdivesites.dev → deepdive.academy/privacy
✅ deepdiveaffiliates.site — /privacy returns 200
✅ unburden.financial — /privacy returns 200
Updated April 3, 2026. PIPEDA + GDPR + CCPA compliant.
Terms of Service ✅
✅ deepdive.academy — own page
✅ deepdiveseo.dev → deepdive.academy/terms
✅ deepdiveaudits.com → deepdive.academy/terms
✅ deepdivesites.dev → deepdive.academy/terms
✅ deepdiveaffiliates.site — /terms returns 200
✅ unburden.financial — /privacy covers terms
Updated April 3, 2026. Ontario governing law.
Cookie / Consent Banner ✅
✅ deepdive.academy — gates FullStory (all pages)
✅ deepdiveseo.dev — FullStory consent function
✅ deepdiveaudits.com — full accept/decline banner
✅ deepdivesites.dev — full accept/decline, localStorage
✅ deepdiveaffiliates.site — cookie consent present
✅ unburden.financial — FullStory consent present
Present on all 6 active sites. GDPR/ePrivacy compliant.
Email Auth Issues ⚠
❌ deepdiveaudits.com — DMARC missing
❌ deepdiveaffiliates.site — DMARC missing
✅ All others: SPF + DMARC present
Missing DMARC records leave email spoofing vectors open. Add TXT records at DNS provider.
All 6 active sites on Vercel ✅
thebusinessaudit.ca removed from active monitoring (legacy brand, on Netlify). All 6 active DeepDive properties are on Vercel with full security headers deployed.
Claude Fix Brief
Paste this into Claude to fix all issues
Contains every error, local file path, and action needed
# DeepDive Ecosystem — Fix Brief
# Scan date: 2026-04-03 09:14 EDT
# 17 checks per domain, 6 active domains, 102 checks total.
# realtoreport.com excluded (parked/offline). thebusinessaudit.ca removed from monitoring.
# 0 FAIL, 12 WARNING, 90 PASS. FIRST ZERO-FAIL SCAN.

---

## [#1 HIGH] All 6 active sites — Banned word "transform"
Detected on: deepdive.academy, deepdiveseo.dev, deepdivesites.dev,
             deepdiveaudits.com, deepdiveaffiliates.site, unburden.financial
Banned per CLAUDE.md brand rules.
Fix: Search each site's HTML for "transform" and replace with approved alternatives.

---

## [#2 HIGH] deepdiveaudits.com — Em dashes (54 instances)
Highest em dash count across all sites.
Banned per CLAUDE.md brand rules.
Fix: /Users/alex/Documents/deep-dive-projects/deepdiveaudits-site/index.html

---

## [#3 WARN] deepdive.academy — Security Header
Missing X-Frame-Options. CSP frame-ancestors is 'self https://deepdivesites.dev' not 'none'.
Fix: /Users/alex/Documents/deep-dive-projects/deepdive-academy/vercel.json
Action: Add X-Frame-Options: DENY header

---

## [#4 WARN] deepdiveaudits.com — DMARC missing
Missing _dmarc.deepdiveaudits.com TXT record.
Fix: DNS provider — add TXT: v=DMARC1; p=quarantine; pct=100

---

## [#5 WARN] deepdiveaffiliates.site — DMARC missing
Missing _dmarc.deepdiveaffiliates.site TXT record.
Fix: DNS provider — add TXT: v=DMARC1; p=quarantine; pct=100

---

## Confirmed Working (do not touch)
- All Stripe payment CTAs on deepdiveaudits.com: HTTP 200 confirmed
- All internal links on all 6 sites: no broken links
- All cross-site DeepDive links: all return 200
- SSL certificates: all 85-90+ days remaining (expiry Jun-Jul 2026)
- FullStory tracking: present on all 6 sites
- Mobile nav: present on all 6 sites
- OG tags: all present on all 6 sites

---

## SSL Certificate Status (as of 2026-04-03)
| Domain                 | Expires      | Days Left |
| deepdive.academy       | Jun 27, 2026 | 85        |
| deepdiveseo.dev        | Jun 27, 2026 | 85        |
| deepdiveaudits.com     | Jun 27, 2026 | 85        |
| deepdivesites.dev      | Jun 27, 2026 | 85        |
| deepdiveaffiliates     | Jun 27, 2026 | 85        |
| unburden.financial     | Jul 2, 2026  | 90        |
| realtoreport.com       | N/A — parked/offline |
Check Legend
1. Uptime
Live URL returns HTTP 200 (follows redirects)
2. Mobile Nav
Hamburger/toggle element present in HTML
3. OG Tags
og:title, og:description, og:image, og:url present; image URL returns 200
4. Placeholders
"Lorem ipsum", TODO, FIXME, example.com, "Coming soon" not in visible content
5. FullStory
FullStory tracking snippet present (fullstory.com / _fs_script)
6. Cross-links
Links to 2+ other DeepDive ecosystem properties in page HTML
7. Broken Links
All internal hrefs checked — none return non-200 status
8. Lighthouse
Performance / Accessibility / Best Practices / SEO — threshold ≥80 each
9. CTAs & Payments
All CTA buttons link to valid destinations; Stripe payment links resolve; no dead href="#" buttons
10. Robots.txt
robots.txt returns 200, contains AI training bot blocks (GPTBot, CCBot, ClaudeBot)
11. Security Headers
HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, X-Robots-Tag
12. SSL/TLS
Valid HTTPS certificate with TLS 1.2+, not expired or expiring within 30 days
13. Email Auth
SPF + DMARC DNS records present — prevents email spoofing
14. Legal & Privacy
Privacy Policy, Terms of Service, and Cookie Consent banner present and linked
15. SEO Structure
Canonical tag, single H1, JSON-LD structured data, sitemap.xml, llms.txt
16. Performance Signals
Page weight <200KB, hero fetchpriority, self-hosted or preconnected fonts, no framework CDN bloat
17. Brand Consistency
No banned words, no em dashes, correct brand colors/fonts/favicon per CLAUDE.md rules