futureautomotive.com — AI Site Grade

Analysis

The Entire Domain Returns 403 For Every Request

Every single URL on futureautomotive.com — the homepage, /robots.txt, /sitemap.xml, /llms.txt, /contact, /about, /cars, /vehicles — returns a 403 Forbidden response with no content beyond a bare HTML error page. The server header is awselb/2.0 (AWS Elastic Load Balancer), and no CDN, WAF, or security header is present. No bot or browser user-agent can reach any content.

Crawler Access

All 11 tested AI crawlers — GPTBot, ClaudeBot, PerplexityBot, Google-Extended, ChatGPT-User, OAI-SearchBot, Applebot-Extended, Bytespider, and others — receive the identical 403 response with a 118-byte body. There is no robots.txt file to parse (it 403s), no llms.txt, and no sitemap. The site is effectively invisible to every AI crawler and search engine spider. No JS-rendering risk exists because no page loads at all.

Cold-Knowledge Gap

The LLM model describes Future Automotive as a UK-based franchised dealer group for BMW, MINI, and Toyota, operating for over 30 years with multiple locations in the South East and Midlands. This knowledge is entirely unsupported by the live domain — no dealership locations, no brand affiliations, no inventory, no contact information, and no content of any kind is accessible. The gap between what AI models "know" and what the site actually serves is total: the model describes a real business, but the domain presents a blank wall.

External Signals

No external mentions of futureautomotive.com appear in web search results. No Trustpilot reviews, no LinkedIn presence, no Facebook page, no news articles, and no Wayback Machine snapshots exist for this domain. The brand name "Future Automotive" returns zero search results across multiple query variations. The domain has no discoverable off-domain footprint whatsoever.

Infrastructure Anomaly

The domain resolves to three AWS IP addresses (34.212.218.243, 35.162.229.195, 52.89.149.43) behind an ELB, with GoDaddy nameservers and Microsoft 365 mail. The 403 is served at the load balancer level, not by application code — no cookies, no redirects, no security headers. This suggests either a misconfigured WAF rule blocking all traffic, an empty origin behind the ELB, or a domain parked with no application deployed.

Findings

1. Entire domain returns 403 Forbidden for all URLs High

   Every URL on futureautomotive.com, including the homepage, robots.txt, sitemap.xml, and all subpages, returns a 403 Forbidden response with no content. The server header indicates AWS ELB, suggesting a misconfiguration at the load balancer level.

   What to change: Investigate the AWS ELB configuration to allow traffic to the origin server. Ensure the application is deployed and serving content. Remove any overly restrictive WAF rules or correct the load balancer target group.

2. All AI crawlers receive 403 Forbidden High

   All 11 tested AI crawler user-agents, including GPTBot, ClaudeBot, and PerplexityBot, receive a 403 Forbidden response. No content is accessible to any crawler.

   What to change: Allow AI crawlers and search engine bots to access the site by correcting the server configuration. Ensure the load balancer or WAF does not block legitimate bot traffic.

3. Robots.txt returns 403 and is inaccessible High

   The robots.txt file returns a 403 Forbidden response, preventing crawlers from reading any directives. No crawl rules are available.

   What to change: Serve a valid robots.txt file that allows appropriate crawler access. Ensure the file is publicly accessible and returns a 200 status.

4. Sitemap returns 403 and is inaccessible High

   The sitemap.xml returns a 403 Forbidden response, preventing search engines from discovering the site's URL structure.

   What to change: Generate and serve a valid sitemap.xml that lists all public URLs. Ensure it returns a 200 status and is referenced in robots.txt.

5. LLMs.txt returns 403 and is inaccessible Medium

   The llms.txt file returns a 403 Forbidden response, preventing AI crawlers from discovering guidance for LLM consumption.

   What to change: Create and serve an llms.txt file with guidance for AI crawlers, and ensure it is publicly accessible.

6. Zero external web presence or backlinks High

   No external mentions of futureautomotive.com appear in web search results. No Trustpilot reviews, LinkedIn, Facebook, news articles, or Wayback Machine snapshots exist. The domain has no discoverable off-domain footprint.

   What to change: Build an off-domain presence through social media, business listings, and PR. Encourage customer reviews on platforms like Trustpilot. Ensure the website is accessible first.

7. LLM knowledge describes a real business but domain serves no content High

   LLM knowledge describes Future Automotive as a UK-based franchised dealer group for BMW, MINI, and Toyota with multiple locations. However, the live domain provides no content to support this, creating a total disconnect between AI knowledge and the actual site.

   What to change: Ensure the website serves content that matches the business description, including dealership locations, brand affiliations, and inventory. Use structured data to reinforce this information.

8. No content accessible on any page High

   All tested URLs return only a 118-byte 403 Forbidden page with no meaningful content. No inventory, contact information, or business details are available.

   What to change: Deploy the website application and ensure it serves content for all public URLs. Verify that the origin server is healthy and reachable from the load balancer.

9. No structured data present on any page High

   Because no page content is served, there is no structured data (JSON-LD, Microdata, etc.) on the site. This prevents AI crawlers from understanding the business, inventory, or location.

   What to change: Implement structured data markup (e.g., LocalBusiness, Product, Vehicle) on all relevant pages once the site is accessible.

10. AWS ELB misconfiguration blocks all traffic High

    The 403 Forbidden is served at the AWS ELB level, not by application code. No cookies, redirects, or security headers are present. This suggests a misconfigured WAF rule, empty origin, or parked domain with no application.

    What to change: Review the AWS ELB and WAF configuration. Ensure the target group points to a healthy origin server and that security rules allow HTTP/HTTPS traffic.