We launched an empty website. Here’s who showed up.
In June we put a brand-new site on the open internet — 12 original articles and nothing else. No inbound links, no marketing, no social posts, and we never submitted it to a single search engine. Then we watched for 14 days, in observe-only mode, to see who would find it. The first verified AI crawler arrived in about 40 minutes.
- June 13–27, 2026
- 12 pages
- zero inbound links
- never submitted to any search engine
- observe-only — nothing was blocked
Three AI crawlers. Three completely different jobs.
Here’s the part a hit counter can’t show you. Three big AI crawlers visited, all three verified against their operators’ own published IP ranges — and Frenemy recorded not just that they came, but what kind of thing each one fetched: articles, page scripts, or the rules files (robots.txt and the sitemap).
Same word — “bot” — in every analytics dashboard. Three completely different relationships with your site:
Anthropic’s ClaudeBot — the rule-watcher
frenemy255 requestsThe most active visitor on the site — and 93% of what it did was re-read robots.txt and the sitemap, over and over, every single day. It barely touched the articles. The crawler that looks most aggressive in a hit counter was mostly standing at the door, re-reading the house rules.
OpenAI’s GPTBot — the reader
frenemy53 requestsFar fewer visits, but it spent them on content — and it pulled the page scripts too, which is what a crawler does when it actually renders your pages instead of just scraping the text. If ClaudeBot watched the rules, GPTBot did the homework.
OpenAI’s OAI-SearchBot — the scout
friend20 requestsEvery single request was a rules file — zero content fetched. The crawler behind ChatGPT’s search answers behaved exactly like a polite search engine should: check what it’s allowed to do, and nothing else.
| Crawler | Requests | Articles | Page scripts | Rules files (robots.txt + sitemap) |
|---|---|---|---|---|
| ClaudeBot | 255 | 5% | 2% | 93% |
| GPTBot | 53 | 53% | 19% | 28% |
| OAI-SearchBot | 20 | 0% | 0% | 100% |
A search scout that checks the rules is not a training crawler that reads everything, and neither is a rule-watcher that reads almost nothing. You can’t decide how to treat visitors you can’t tell apart — and by name alone, you can’t.
One in eight visitors wore no name at all
About one in eight requests — from 31 different IPs, spread across the whole two weeks — arrived with no user-agent string whatsoever, probing for /wp-includes/wlwmanifest.xml, /actuator/env, /graphql/api, and other classic break-in paths. Stripping your identity is how you dodge tools that identify traffic by name. So the “unknown” slice of traffic isn’t a blind spot — it’s a category: the visitors actively trying not to be seen.
Alongside them, plain old curl hammered PHPUnit and Laravel remote-code-execution URLs within hours of launch. Nobody was told this site existed. The scanners found it anyway — that’s the background radiation of the internet, and it hits every address, including yours.
Everyone’s writing llms.txt. On our site, almost nobody read it
We published an llms.txt — the proposed “rules for AI” file the AI-search world is busy telling everyone to add. In 14 days it was fetched twice, both times by an agent we couldn’t verify. Over the same window, robots.txt and the sitemap were fetched hundreds of times, led by the biggest AI crawlers in the world.
One small site is one data point, not a verdict on the standard. But if you’re prioritizing where your crawler-facing effort goes, our data says the files the big crawlers actually poll — obsessively — are the boring old ones: robots.txt and your sitemap.
The one caught wearing someone else’s name
On day four, a request arrived wearing CCBot’s name — Common Crawl’s crawler — from an IP address that failed verification against Common Crawl’s published ranges. We didn’t block it; this site observes. We named it: a claimed identity that didn’t check out, on the record.
One catch in two weeks on a tiny site is about what you’d expect — the point isn’t volume. The point is that the name in a user-agent is just text anyone can type, and the only way to trust it is to check the connecting IP against the operator’s own published ranges. (The honest caveat, which we’ll keep making: a single unmatched hit can’t be perfectly distinguished from a legitimate crawler using an address its operator hasn’t published yet — which is exactly why the safe move is to name and record it, not reflexively block it.)
Five weeks on, the pattern is holding
The site is still up, still unannounced, and we kept watching after the 14-day window closed. Three more weeks brought roughly 390 more crawler requests — and the three crawlers stayed perfectly in character. ClaudeBot made 90 requests: every single one was robots.txt or the sitemap, zero content. GPTBot kept reading — about half its requests were articles, and it still pulled the page scripts. OAI-SearchBot stayed at 100% rules files.
No new impostors. The nameless scanners never stopped. And five weeks in, Google and Bing have still never visited — we still haven’t told them we exist, and unlike the AI crawlers, they apparently wait for an invitation.
What this means for your site
If a 12-page site nobody linked to drew 700+ crawler requests, full content coverage, a verified impostor, and a steady stream of nameless scanners in two weeks — your real site is being read, trained on, scouted, and probed right now. The question was never whether bots visit. It’s whether you can tell the friend (the search scout that can send you customers) from the frenemy (the training crawler taking your work) from the foe (the scanner, the impostor) — when every one of them files under “bot” in the tools you already have.
That’s what Frenemy does: every visitor named, every claimed identity verified against the operator’s own published ranges, each crawler’s real behavior on your site made visible — and, when you’re ready, a safe way to act on it.
Methodology & receipts
- Every figure comes from the lab site’s edge adapter, which sees each crawler’s real connecting IP — the highest-fidelity vantage Frenemy has.
- “Verified” means the connecting IP matched the operator’s own published IP ranges for that crawler — not just the name in the user-agent.
- Our own test traffic (arming checks and one 35-request synthetic batch) is excluded from every number above.
- The site ran in observe-only mode the entire time: every visitor, including the impostor and the exploit scanners, was served normally. Nothing was blocked.
- Counts are rounded down or reported exactly — never up. The per-crawler percentages are engine output over all 706 organic requests in the window.
The Frenemy Report is published from live traffic data. Future editions will draw on more sites as the fleet grows — same rules: real numbers, named caveats, nothing invented.